| "All of them claim to be the best": Multi-perspective study of VPN users and VPN providers | USENIX Security '23 | Reethika Ramesh, Anjali Vyas, Roya Ensafi |
| GlitchHiker: Uncovering Vulnerabilities of Image Signal Transmission with IEMI | USENIX Security '23 | Qinhong Jiang, Xiaoyu Ji, Chen Yan, Zhixin Xie, Haina Lou, Wenyuan Xu |
| Device Tracking via Linux’s New TCP Source Port Selection Algorithm | USENIX Security '23 | Moshe Kol, Amit Klein, Yossi Gilad |
| The Writing on the Wall and 3D Digital Twins: Personal Information in (not so) Private Real Estate | USENIX Security '23 | Rachel McAmis, Tadayoshi Kohno |
| PrivTrace: Differentially Private Trajectory Synthesis by Adaptive Markov Models | USENIX Security '23 | Haiming Wang, Zhikun Zhang, Tianhao Wang, Shibo He, Michael Backes, Jiming Chen, Yang Zhang |
| Egg Hunt in Tesla Infotainment: A First Look at Reverse Engineering of Qt Binaries | USENIX Security '23 | Haohuang Wen, Zhiqiang Lin |
| Learning Normality is Enough: A Software-based Mitigation against Inaudible Voice Attacks | USENIX Security '23 | Xinfeng Li, Xiaoyu Ji, Chen Yan, Chaohao Li, Yichen Li, Zhenning Zhang, Wenyuan Xu |
| FirmSolo: Enabling dynamic analysis of binary Linux-based IoT kernel modules | USENIX Security '23 | Ioannis Angelakopoulos, Gianluca Stringhini, Manuel Egele |
| Decisions and Disruptions 2: Decide Harder | SOUPS 2023 | |
| Towards a more effective system for training tier 1 SOC analysts | SOUPS 2023 | |
| Optimizing Shoulder-Surfing Resistance in Augmented and Virtual Reality: A Replication Study Proposal in the US | SOUPS 2023 | |
| De-identification in practice: professionals as end users | SOUPS 2023 | |
| Lessons Learned in Communicating Differential Privacy to Data Subjects | SOUPS 2023 | |
| TAM is not SAM: Acceptance of Security Technology | SOUPS 2023 | |
| Getting the Message Out: Considering a Connected Products Transparency Framework | SOUPS 2023 | |
| Look before you Link: Privacy Risk Inspection of Open Data through a Visual Analytic Workflow | SOUPS 2023 | |
| Lacking the Tools and Support to Fix Friction: Results from an Interview Study with Security Managers | SOUPS 2023 | Jonas Hielscher, Markus Schöps, Uta Menges, Marco Gutfleisch, Mirko Helbling, M. Angela Sasse |
| Iterative Design of An Accessible Crypto Wallet for Blind Users | SOUPS 2023 | Zhixuan Zhou, Tanusree Sharma, Luke Emano, Sauvik Das, Yang Wang |
| Understanding the Viability of Gmail's Origin Indicator for Identifying the Sender | SOUPS 2023 | Enze Liu, Lu Sun, Alex Bellon, Grant Ho, Geoffrey M. Voelker, Stefan Savage, Imani N. S. Munyaka |
| Evolution of Password Expiry in Companies: Measuring the Adoption of Recommendations by the German Federal Office for Information Security | SOUPS 2023 | Eva Gerlitz, Maximilian Häring, Matthew Smith, Christian Tiefenau |
| Who Comes Up with this Stuff? Interviewing Authors to Understand How They Produce Security Advice | SOUPS 2023 | Lorenzo Neil, Harshini Sri Ramulu, Yasemin Acar, Bradley Reaves |
| ImageAlly: A Human-AI Hybrid Approach to Support Blind People in Detecting and Redacting Private Image Content | SOUPS 2023 | Zhuohao (Jerry) Zhang, Smirity Kaushik, JooYoung Seo, Haolin Yuan, Sauvik Das, Leah Findlater, Danna Gurari, Abigale Stangl, Yang Wang |
| Investigating Security Indicators for Hyperlinking Within the Metaverse | SOUPS 2023 | Maximiliane Windl, Anna Scheidle, Ceenu George, Sven Mayer |
| Adventures in Recovery Land: Testing the Account Recovery of Popular Websites When the Second Factor is Lost | SOUPS 2023 | Eva Gerlitz, Maximilian Häring, Charlotte Theresa Mädler, Matthew Smith, Christian Tiefenau |
| SoK: I Have the (Developer) Power! Sample Size Estimation for Fisher's Exact, Chi-Squared, McNemar's, Wilcoxon Rank-Sum, Wilcoxon Signed-Rank and t-tests in Developer-Centered Usable Security | SOUPS 2023 | Anna-Marie Ortloff, Christian Tiefenau, Matthew Smith |