USENIX Security '24 | "I just hated it and I want my money back": Data-driven Understanding of Mobile VPN Service Switching Preferences in The Wild | Rohit Raj, Mridul Newar, Mainack Mondal |
USENIX Security '24 | iHunter: Hunting Privacy Violations at Scale in the Software Supply Chain on iOS | Dexin Liu, Yue Xiao, Chaoqi Zhang, Kaitao Xie, Xiaolong Bai, Shikun Zhang, Luyi Xing |
USENIX Security '24 | CDN Cannon: Exploiting CDN Back-to-Origin Strategies for Amplification Attacks | Ziyu Lin, Zhiwei Lin, Ximeng Liu, Jianjun Chen, Run Guo, Cheng Chen, Shaodong Xiao |
USENIX Security '24 | Single Pass Client-Preprocessing Private Information Retrieval | Arthur Lazzaretti, Charalampos Papamanthou |
USENIX Security '24 | GhostRace: Exploiting and Mitigating Speculative Race Conditions | Hany Ragab, Andrea Mambretti, Anil Kurmus, Cristiano Giuffrida |
USENIX Security '24 | A NEW HOPE: Contextual Privacy Policies for Mobile Applications and An Approach Toward Automated Generation | Shidong Pan, Zhen Tao, Thong Hoang, Dawen Zhang, Tianshi Li, Zhenchang Xing, Xiwei Xu, Mark Staples, Thierry Rakotoarivelo, David Lo |
USENIX Security '24 | Abandon All Hope Ye Who Enter Here: A Dynamic, Longitudinal Investigation of Android's Data Safety Section | Ioannis Arkalakis, Michalis Diamantaris, Serafeim Moustakas, Sotiris Ioannidis, Jason Polakis, Panagiotis Ilia |
USENIX Security '24 | Pixel+ and Pixel++: Compact and Efficient Forward-Secure Multi-Signatures for PoS Blockchain Consensus | Jianghong Wei, Guohua Tian, Ding Wang, Fuchun Guo, Willy Susilo, Xiaofeng Chen |
USENIX Security '24 | When Threads Meet Interrupts: Effective Static Detection of Interrupt-Based Deadlocks in Linux | Chengfeng Ye, Yuandao Cai, Charles Zhang |
USENIX Security '24 | Wireless Signal Injection Attacks on VSAT Satellite Modems | Robin Bisping, Johannes Willbold, Martin Strohmeier, Vincent Lenders |
USENIX Security '24 | Prompt Stealing Attacks Against Text-to-Image Generation Models | Xinyue Shen, Yiting Qu, Michael Backes, Yang Zhang |
USENIX Security '24 | Trust Me If You Can – How Usable Is Trusted Types In Practice? | Sebastian Roth, Lea Gröber, Philipp Baus, Katharina Krombholz, Ben Stock |
USENIX Security '24 | Moderating Illicit Online Image Promotion for Unsafe User Generated Content Games Using Large Vision-Language Models | Keyan Guo, Ayush Utkarsh, Wenbo Ding, Isabelle Ondracek, Ziming Zhao, Guo Freeman, Nishant Vishwamitra, Hongxin Hu |
USENIX Security '24 | Dancer in the Dark: Synthesizing and Evaluating Polyglots for Blind Cross-Site Scripting | Robin Kirchner, Jonas Möller, Marius Musch, David Klein, Konrad Rieck, Martin Johns |
USENIX Security '24 | Opportunistic Data Flow Integrity for Real-time Cyber-physical Systems Using Worst Case Execution Time Reservation | Yujie Wang, Ao Li, Jinwen Wang, Sanjoy Baruah, Ning Zhang |
USENIX Security '24 | Spider-Scents: Grey-box Database-aware Web Scanning for Stored XSS | Eric Olsson, Benjamin Eriksson, Adam Doupé, Andrei Sabelfeld |
USENIX Security '24 | Hijacking Attacks against Neural Network by Analyzing Training Data | Yunjie Ge, Qian Wang, Huayang Huang, Qi Li, Cong Wang, Chao Shen, Lingchen Zhao, Peipei Jiang, Zheng Fang, Shenyi Zhang |
USENIX Security '24 | How Does a Deep Learning Model Architecture Impact Its Privacy? A Comprehensive Study of Privacy Attacks on CNNs and Transformers | Guangsheng Zhang, Bo Liu, Huan Tian, Tianqing Zhu, Ming Ding, Wanlei Zhou |
USENIX Security '24 | False Claims against Model Ownership Resolution | Jian Liu, Rui Zhang, Sebastian Szyller, Kui Ren, N. Asokan |
USENIX Security '24 | VOGUES: Validation of Object Guise using Estimated Components | Raymond Muller, Yanmao Man, Ming Li, Ryan Gerdes, Jonathan Petit, Z. Berkay Celik |
USENIX Security '24 | With Great Power Come Great Side Channels: Statistical Timing Side-Channel Analyses with Bounded Type-1 Errors | Martin Dunsche, Marcel Maehren, Nurullah Erinola, Robert Merget, Nicolai Bissantz, Juraj Somorovsky, Jörg Schwenk |
USENIX Security '24 | Enabling Developers, Protecting Users: Investigating Harassment and Safety in VR | Abhinaya S.B., Aafaq Sabir, Anupam Das |
USENIX Security '24 | FaceObfuscator: Defending Deep Learning-based Privacy Attacks with Gradient Descent-resistant Features in Face Recognition | Shuaifan Jin, He Wang, Zhibo Wang, Feng Xiao, Jiahui Hu, Yuan He, Wenwen Zhang, Zhongjie Ba, Weijie Fang, Shuhong Yuan, Kui Ren |
USENIX Security '24 | ENG25519: Faster TLS 1.3 handshake using optimized X25519 and Ed25519 | Jipeng Zhang, Junhao Huang, Lirui Zhao, Donglong Chen, Çetin Kaya Koç |
USENIX Security '24 | "These results must be false": A usability evaluation of constant-time analysis tools | Marcel Fourné, Daniel De Almeida Braga, Jan Jancar, Mohamed Sabt, Peter Schwabe, Gilles Barthe, Pierre-Alain Fouque, Yasemin Acar |