USENIX Security '24 | DVa: Extracting Victims and Abuse Vectors from Android Accessibility Malware | Haichuan Xu, Mingxuan Yao, Runze Zhang, Mohamed Moustafa Dawoud, Jeman Park, Brendan Saltaformaggio |
USENIX Security '24 | SoK: State of the Krawlers – Evaluating the Effectiveness of Crawling Algorithms for Web Security Measurements | Aleksei Stafeev, Giancarlo Pellegrino |
USENIX Security '24 | Web Platform Threats: Automated Detection of Web Security Issues With WPT | Pedro Bernardo, Lorenzo Veronese, Valentino Dalla Valle, Stefano Calzavara, Marco Squarcina, Pedro Adão, Matteo Maffei |
USENIX Security '24 | Fuzzing BusyBox: Leveraging LLM and Crash Reuse for Embedded Bug Unearthing | Yaroslav Oliinyk, Michael Scott, Ryan Tsang, Chongzhou Fang, Houman Homayoun |
USENIX Security '24 | SoK: The Good, The Bad, and The Unbalanced: Measuring Structural Limitations of Deepfake Media Datasets | Seth Layton, Tyler Tucker, Daniel Olszewski, Kevin Warren, Kevin Butler, Patrick Traynor |
USENIX Security '24 | GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers | Boru Chen, Yingchen Wang, Pradyumna Shome, Christopher Fletcher, David Kohlbrenner, Riccardo Paccagnella, Daniel Genkin |
USENIX Security '24 | CacheWarp: Software-based Fault Injection using Selective State Reset | Ruiyi Zhang, Lukas Gerlach, Daniel Weber, Lorenz Hetterich, Youheng Lü, Andreas Kogler, Michael Schwarz |
USENIX Security '24 | SeaK: Rethinking the Design of a Secure Allocator for OS Kernel | Zicheng Wang, Yicheng Guang, Yueqi Chen, Zhenpeng Lin, Michael Le, Dang K Le, Dan Williams, Xinyu Xing, Zhongshu Gu, Hani Jamjoom |
USENIX Security '24 | SafeFetch: Practical Double-Fetch Protection with Kernel-Fetch Caching | Victor Duta, Mitchel Josephus Aloserij, Cristiano Giuffrida |
USENIX Security '24 | Practical Data-Only Attack Generation | Brian Johannesmeyer, Asia Slowinska, Herbert Bos, Cristiano Giuffrida |
USENIX Security '24 | Two Shuffles Make a RAM: Improved Constant Overhead Zero Knowledge RAM | Yibin Yang, David Heath |
USENIX Security '24 | Notus: Dynamic Proofs of Liabilities from Zero-knowledge RSA Accumulators | Jiajun Xin, Arman Haghighi, Xiangan Tian, Dimitrios Papadopoulos |
USENIX Security '24 | SledgeHammer: Amplifying Rowhammer via Bank-level Parallelism | Ingab Kang, Walter Wang, Jason Kim, Stephan van Schaik, Youssef Tobah, Daniel Genkin, Andrew Kwong, Yuval Yarom |
USENIX Security '24 | AI Psychiatry: Forensic Investigation of Deep Learning Networks in Memory Images | David Oygenblik, Carter Yagemann, Joseph Zhang, Arianna Mastali, Jeman Park, Brendan Saltaformaggio |
USENIX Security '24 | Code is not Natural Language: Unlock the Power of Semantics-Oriented Graph Representation for Binary Code Similarity Detection | Haojie He, Xingwei Lin, Ziang Weng, Ruijie Zhao, Shuitao Gan, Libo Chen, Yuede Ji, Jiashui Wang, Zhi Xue |
USENIX Security '24 | Inference of Error Specifications and Bug Detection Using Structural Similarities | Niels Dossche, Bart Coppens |
USENIX Security '24 | Scalable Multi-Party Computation Protocols for Machine Learning in the Honest-Majority Setting | |
USENIX Security '24 | The Challenges of Bringing Cryptography from Research Papers to Products: Results from an Interview Study with Experts | Konstantin Fischer, Ivana Trummová, Phillip Gajland, Yasemin Acar, Sascha Fahl, Angela Sasse |
USENIX Security '24 | Towards More Practical Threat Models in Artificial Intelligence Security | Kathrin Grosse, Lukas Bieringer, Tarek R. Besold, Alexandre M. Alahi |
USENIX Security '24 | Unbalanced Circuit-PSI from Oblivious Key-Value Retrieval | Meng Hao, Weiran Liu, Liqiang Peng, Hongwei Li, Cong Zhang, Hanxiao Chen, Tianwei Zhang |
USENIX Security '24 | Why Aren't We Using Passkeys? Obstacles Companies Face Deploying FIDO2 Passwordless Authentication | Leona Lassak, Elleen Pan, Blase Ur, Maximilian Golla |
USENIX Security '24 | "I Don't Know If We're Doing Good. I Don't Know If We're Doing Bad": Investigating How Practitioners Scope, Motivate, and Conduct Privacy Work When Developing AI Products | Hao-Ping (Hank) Lee, Lan Gao, Stephanie Yang, Jodi Forlizzi, Sauvik Das |
USENIX Security '24 | CDN Cannon: Exploiting CDN Back-to-Origin Strategies for Amplification Attacks | Ziyu Lin, Zhiwei Lin, Ximeng Liu, Jianjun Chen, Run Guo, Cheng Chen, Shaodong Xiao |
USENIX Security '24 | EaTVul: ChatGPT-based Evasion Attack Against Software Vulnerability Detection | Shigang Liu, Di Cao, Junae Kim, Tamas Abraham, Paul Montague, Seyit Camtepe, Jun Zhang, Yang Xiang |
USENIX Security '24 | Being Transparent is Merely the Beginning: Enforcing Purpose Limitation with Polynomial Approximation | Shuofeng Liu, Zihan Wang, Minhui Xue, Long Wang, Yuanchao Zhang, Guangdong Bai |