USENIX Security '22 | Branch History Injection: On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks | Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, Cristiano Giuffrida |
USENIX Security '22 | Playing for K(H)eaps: Understanding and Improving Linux Kernel Exploit Reliability | Kyle Zeng, Yueqi Chen, Haehyun Cho, Xinyu Xing, Adam Doupé, Yan Shoshitaishvili, Tiffany Bao |
USENIX Security '22 | Are Your Sensitive Attributes Private? Novel Model Inversion Attribute Inference Attacks on Classification Models | Shagufta Mehnaz, Sayanton V. Dibbo, Ehsanul Kabir, Ninghui Li, Elisa Bertino |
USENIX Security '22 | Stalloris: RPKI Downgrade Attack | Tomas Hlavacek, Philipp Jeitner, Donika Mirdita, Haya Shulman, Michael Waidner |
USENIX Security '22 | V'CER: Efficient Certificate Validation in Constrained Networks | David Koisser, Patrick Jauernig, Gene Tsudik, Ahmad-Reza Sadeghi |
USENIX Security '22 | Oops... Code Execution and Content Spoofing: The First Comprehensive Analysis of OpenDocument Signatures | Simon Rohlmann, Christian Mainka, Vladislav Mladenov, Jörg Schwenk |
USENIX Security '22 | How Machine Learning Is Solving the Binary Function Similarity Problem | Andrea Marcelli, Mariano Graziano, Xabier Ugarte-Pedrero, Yanick Fratantonio, Mohamad Mansouri, Davide Balzarotti |
USENIX Security '22 | FLAME: Taming Backdoors in Federated Learning | Thien Duc Nguyen, Phillip Rieger, Huili Chen, Hossein Yalame, Helen Möllering, Hossein Fereidooni, Samuel Marchal, Markus Miettinen, Azalia Mirhoseini, Shaza Zeitouni, Farinaz Koushanfar, Ahmad-Reza Sadeghi, Thomas Schneider |
USENIX Security '22 | CamShield: Securing Smart Cameras through Physical Replication and Isolation | Zhiwei Wang, Yihui Yan, Yueli Yan, Huangxun Chen, Zhice Yang |
USENIX Security '22 | PatchCleanser: Certifiably Robust Defense against Adversarial Patches for Any Image Classifier | Chong Xiang, Saeed Mahloujifar, Prateek Mittal |
USENIX Security '22 | Phish in Sheep's Clothing: Exploring the Authentication Pitfalls of Browser Fingerprinting | Xu Lin, Panagiotis Ilia, Saumya Solanki, Jason Polakis |
USENIX Security '22 | FreeWill: Automatically Diagnosing Use-after-free Bugs via Reference Miscounting Detection on Binaries | Liang He, Hong Hu, Purui Su, Yan Cai, Zhenkai Liang |
USENIX Security '22 | ReZone: Disarming TrustZone with TEE Privilege Reduction | David Cerdeira, José Martins, Nuno Santos, Sandro Pinto |
USENIX Security '22 | Double Trouble: Combined Heterogeneous Attacks on Non-Inclusive Cache Hierarchies | Antoon Purnal, Furkan Turan, Ingrid Verbauwhede |
USENIX Security '22 | The Dangers of Human Touch: Fingerprinting Browser Extensions through User Actions | Konstantinos Solomos, Panagiotis Ilia, Soroush Karami, Nick Nikiforakis, Jason Polakis |
USENIX Security '22 | MundoFuzz: Hypervisor Fuzzing with Statistical Coverage Testing and Grammar Inference | Cheolwoo Myung, Gwangmu Lee, Byoungyoung Lee |
USENIX Security '22 | Exploring the Security Boundary of Data Reconstruction via Neuron Exclusivity Analysis | Xudong Pan, Mi Zhang, Yifan Yan, Jiaming Zhu, Zhemin Yang |
USENIX Security '22 | SARA: Secure Android Remote Authorization | Abdullah Imran, Habiba Farrukh, Muhammad Ibrahim, Z. Berkay Celik, Antonio Bianchi |
USENIX Security '22 | Trust Dies in Darkness: Shedding Light on Samsung's TrustZone Keymaster Design | Alon Shakevsky, Eyal Ronen, Avishai Wool |
USENIX Security '22 | Counting in Regexes Considered Harmful: Exposing ReDoS Vulnerability of Nonbacktracking Matchers | Lenka Turoňová, Lukáš Holík, Ivan Homoliak, Ondřej Lengál, Margus Veanes, Tomáš Vojnar |
USENIX Security '22 | SCRAPS: Scalable Collective Remote Attestation for Pub-Sub IoT Networks with Untrusted Proxy Verifier | Lukas Petzi, Ala Eddine Ben Yahya, Alexandra Dmitrienko, Gene Tsudik, Thomas Prantl, Samuel Kounev |
USENIX Security '22 | Poisoning Attacks to Local Differential Privacy Protocols for Key-Value Data | Yongji Wu, Xiaoyu Cao, Jinyuan Jia, Neil Zhenqiang Gong |
USENIX Security '22 | Arbiter: Bridging the Static and Dynamic Divide in Vulnerability Discovery on Binary Programs | Jayakrishna Vadayath, Moritz Eckert, Kyle Zeng, Nicolaas Weideman, Gokulkrishna Praveen Menon, Yanick Fratantonio, Davide Balzarotti, Adam Doupé, Tiffany Bao, Ruoyu Wang, Christophe Hauser, Yan Shoshitaishvili |
USENIX Security '22 | Breaking Bridgefy, again: Adopting libsignal is not enough | Martin R. Albrecht, Raphael Eikenberg, Kenneth G. Paterson |
USENIX Security '22 | "The Same PIN, Just Longer": On the (In)Security of Upgrading PINs from 4 to 6 Digits | Collins W. Munyendo, Philipp Markert, Alexandra Nisenoff, Miles Grant, Elena Korkes, Blase Ur, Adam J. Aviv |