| InfinityGauntlet: Expose Smartphone Fingerprint Authentication to Brute-force Attack | USENIX Security '23 | Yu Chen, Yang Yu, Lidong Zhai |
| Multiview: Finding Blind Spots in Access-Deny Issues Diagnosis | USENIX Security '23 | Bingyu Shen, Tianyi Shan, Yuanyuan Zhou |
| A Plot is Worth a Thousand Words: Model Information Stealing Attacks via Scientific Plots | USENIX Security '23 | Boyang Zhang, Xinlei He, Yun Shen, Tianhao Wang, Yang Zhang |
| X-Adv: Physical Adversarial Object Attacks against X-ray Prohibited Item Detection | USENIX Security '23 | Aishan Liu, Jun Guo, Jiakai Wang, Siyuan Liang, Renshuai Tao, Wenbo Zhou, Cong Liu, Xianglong Liu, Dacheng Tao |
| Extending a Hand to Attackers: Browser Privilege Escalation Attacks via Extensions | USENIX Security '23 | Young Min Kim, Byoungyoung Lee |
| Hey Kimya, Is My Smart Speaker Spying on Me? Taking Control of Sensor Privacy Through Isolation and Amnesia | USENIX Security '23 | Piet De Vaere, Adrian Perrig |
| Capstone: A Capability-based Foundation for Trustless Secure Memory Access | USENIX Security '23 | Jason Zhijingcheng Yu, Conrad Watt, Aditya Badole, Trevor E. Carlson, Prateek Saxena |
| Watch your Watch: Inferring Personality Traits from Wearable Activity Trackers | USENIX Security '23 | Noé Zufferey, Mathias Humbert, Romain Tavenard, Kévin Huguenin |
| Squirrel: A Scalable Secure Two-Party Computation Framework for Training Gradient Boosting Decision Tree | USENIX Security '23 | Wen-jie Lu, Zhicong Huang, Qizhi Zhang, Yuchen Wang, Cheng Hong |
| Authenticated private information retrieval | USENIX Security '23 | Simone Colombo, Kirill Nikitin, Henry Corrigan-Gibbs, David J. Wu, Bryan Ford |
| Bug Hunters’ Perspectives on the Challenges and Benefits of the Bug Bounty Ecosystem | USENIX Security '23 | Omer Akgul, Taha Eghtesad, Amit Elazari, Omprakash Gnawali, Jens Grossklags, Michelle L. Mazurek, Daniel Votipka, Aron Laszka |
| Defining "Broken": User Experiences and Remediation Tactics When Ad-Blocking or Tracking-Protection Tools Break a Website’s User Experience | USENIX Security '23 | Alexandra Nisenoff, Arthur Borem, Madison Pickering, Grant Nakanishi, Maya Thumpasery, Blase Ur |
| Log: It’s Big, It’s Heavy, It’s Filled with Personal Data! Measuring the Logging of Sensitive Information in the Android Ecosystem | USENIX Security '23 | Allan Lyons, Julien Gamba, Austin Shawaga, Joel Reardon, Juan Tapiador, Serge Egelman, Narseo Vallina-Rodriguez |
| Fact-Saboteurs: A Taxonomy of Evidence Manipulation Attacks against Fact-Verification Systems | USENIX Security '23 | Sahar Abdelnabi, Mario Fritz |
| Meta-Sift: How to Sift Out a Clean Subset in the Presence of Data Poisoning? | USENIX Security '23 | Yi Zeng, Minzhou Pan, Himanshu Jahagirdar, Ming Jin, Lingjuan Lyu, Ruoxi Jia |
| “Employees Who Don’t Accept the Time Security Takes Are Not Aware Enough”: The CISO View of Human-Centred Security | USENIX Security '23 | Jonas Hielscher, Uta Menges, Simon Parkin, Annette Kluge, M. Angela Sasse |
| How Library IT Staff Navigate Privacy and Security Challenges and Responsibilities | USENIX Security '23 | Alan F. Luo, Noel Warford, Samuel Dooley, Rachel Greenstadt, Michelle L. Mazurek, Nora McDonald |
| Silent Bugs Matter: A Study of Compiler-Introduced Security Bugs | USENIX Security '23 | Jianhao Xu, Kangjie Lu, Zhengjie Du, Zhu Ding, Linke Li, Qiushi Wu, Mathias Payer, Bing Mao |
| IvySyn: Automated Vulnerability Discovery in Deep Learning Frameworks | USENIX Security '23 | Neophytos Christou, Di Jin, Vaggelis Atlidakis, Baishakhi Ray, Vasileios P. Kemerlis |
| Bleem: Packet Sequence Oriented Fuzzing for Protocol Implementations | USENIX Security '23 | Zhengxiong Luo, Junze Yu, Feilong Zuo, Jianzhong Liu, Yu Jiang, Ting Chen, Abhik Roychoudhury, Jiaguang Sun |
| Araña: Discovering and Characterizing Password Guessing Attacks in Practice | USENIX Security '23 | Mazharul Islam, Marina Sanusi Bohuk, Paul Chung, Thomas Ristenpart, Rahul Chatterjee |
| Eye-Shield: Real-Time Protection of Mobile Device Screen Information from Shoulder Surfing | USENIX Security '23 | Brian Jay Tang, Kang G. Shin |
| AIRS: Explanation for Deep Reinforcement Learning based Security Applications | USENIX Security '23 | Jiahao Yu, Wenbo Guo, Qi Qin, Gang Wang, Ting Wang, Xinyu Xing |
| Minimalist: Semi-automated Debloating of PHP Web Applications through Static Analysis | USENIX Security '23 | Rasoul Jahanshahi, Babak Amin Azad, Nick Nikiforakis, Manuel Egele |
| Machine-checking Multi-Round Proofs of Shuffle: Terelius-Wikstrom and Bayer-Groth | USENIX Security '23 | Thomas Haines, Rajeev Gore, Mukesh Tiwari |