USENIX Security '23 | HOLMES: Efficient Distribution Testing for Secure Collaborative Learning | Ian Chang, Katerina Sotiraki, Weikeng Chen, Murat Kantarcioglu, Raluca Popa |
USENIX Security '23 | Egg Hunt in Tesla Infotainment: A First Look at Reverse Engineering of Qt Binaries | Haohuang Wen, Zhiqiang Lin |
USENIX Security '23 | Reassembly is Hard: A Reflection on Challenges and Strategies | Hyungseok Kim, Soomin Kim, Junoh Lee, Kangkook Jee, Sang Kil Cha |
USENIX Security '23 | TRIDENT: Towards Detecting and Mitigating Web-based Social Engineering Attacks | Zheng Yang, Joey Allen, Matthew Landen, Roberto Perdisci, Wenke Lee |
USENIX Security '23 | "All of them claim to be the best": Multi-perspective study of VPN users and VPN providers | Reethika Ramesh, Anjali Vyas, Roya Ensafi |
USENIX Security '23 | Network Responses to Russia's Invasion of Ukraine in 2022: A Cautionary Tale for Internet Freedom | Reethika Ramesh, Ram Sundara Raman, Apurva Virkud, Alexandra Dirksen, Armin Huremagic, David Fifield, Dirk Rodenburg, Rod Hynes, Doug Madory, Roya Ensafi |
USENIX Security '23 | BunnyHop: Exploiting the Instruction Prefetcher | Zhiyuan Zhang, Mingtian Tao, Sioli O'Connell, Chitchanok Chuengsatiansup, Daniel Genkin, Yuval Yarom |
USENIX Security '23 | Catch You and I Can: Revealing Source Voiceprint Against Voice Conversion | Jiangyi Deng, Yanjiao Chen, Yinan Zhong, Qianhao Miao, Xueluan Gong, Wenyuan Xu |
USENIX Security '23 | V-Cloak: Intelligibility-, Naturalness- & Timbre-Preserving Real-Time Voice Anonymization | Jiangyi Deng, Fei Teng, Yanjiao Chen, Xiaofu Chen, Zhaohui Wang, Wenyuan Xu |
USENIX Security '23 | Diving into Robocall Content with SnorCall | Sathvik Prasad, Trevor Dunlap, Alexander Ross, Bradley Reaves |
USENIX Security '23 | CacheQL: Quantifying and Localizing Cache Side-Channel Vulnerabilities in Production Software | Yuanyuan Yuan, Zhibo Liu, Shuai Wang |
USENIX Security '23 | Ultimate SLH: Taking Speculative Load Hardening to the Next Level | Zhiyuan Zhang, Gilles Barthe, Chitchanok Chuengsatiansup, Peter Schwabe, Yuval Yarom |
USENIX Security '23 | Tubes Among Us: Analog Attack on Automatic Speaker Identification | Shimaa Ahmed, Yash Wani, Ali Shahin Shamsabadi, Mohammad Yaghini, Ilia Shumailov, Nicolas Papernot, Kassem Fawaz |
USENIX Security '23 | Security and Privacy Failures in Popular 2FA Apps | Conor Gilsenan, Fuzail Shakir, Noura Alomar, Serge Egelman |
USENIX Security '23 | MobileAtlas: Geographically Decoupled Measurements in Cellular Networks for Security and Privacy Research | Gabriel K. Gegenhuber, Wilfried Mayer, Edgar Weippl, Adrian Dabrowski |
USENIX Security '23 | Learning Normality is Enough: A Software-based Mitigation against Inaudible Voice Attacks | Xinfeng Li, Xiaoyu Ji, Chen Yan, Chaohao Li, Yichen Li, Zhenning Zhang, Wenyuan Xu |
USENIX Security '23 | Bleem: Packet Sequence Oriented Fuzzing for Protocol Implementations | Zhengxiong Luo, Junze Yu, Feilong Zuo, Jianzhong Liu, Yu Jiang, Ting Chen, Abhik Roychoudhury, Jiaguang Sun |
USENIX Security '23 | CipherH: Automated Detection of Ciphertext Side-channel Vulnerabilities in Cryptographic Implementations | Sen Deng, Mengyuan Li, Yining Tang, Shuai Wang, Shoumeng Yan, Yinqian Zhang |
USENIX Security '23 | Are You Spying on Me? Large-Scale Analysis on IoT Data Exposure through Companion Apps | Yuhong Nan, Xueqiang Wang, Luyi Xing, Xiaojing Liao, Ruoyu Wu, Jianliang Wu, Yifan Zhang, XiaoFeng Wang |
USENIX Security '23 | Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js | Mikhail Shcherbakov, Musard Balliu, Cristian-Alexandru Staicu |
USENIX Security '23 | Credit Karma: Understanding Security Implications of Exposed Cloud Services through Automated Capability Inference | Xueqiang Wang, Yuqiong Sun, Susanta Nanda, XiaoFeng Wang |
USENIX Security '23 | Capstone: A Capability-based Foundation for Trustless Secure Memory Access | Jason Zhijingcheng Yu, Conrad Watt, Aditya Badole, Trevor E. Carlson, Prateek Saxena |
USENIX Security '23 | Measuring Up to (Reasonable) Consumer Expectations: Providing an Empirical Basis for Holding IoT Manufacturers Legally Responsible | Lorenz Kustosch, Carlos Gañán, Mattis van 't Schip, Michel van Eeten, Simon Parkin |
USENIX Security '23 | Automated Security Analysis of Exposure Notification Systems | Kevin Morio, Ilkan Esiyok, Dennis Jackson, Robert Künnemann |
USENIX Security '23 | MINER: A Hybrid Data-Driven Approach for REST API Fuzzing | Chenyang Lyu, Jiacheng Xu, Shouling Ji, Xuhong Zhang, Qinying Wang, Binbin Zhao, Gaoning Pan, Wei Cao, Peng Chen, Raheem Beyah |