IEEE Symposium on Security and Privacy 2026

Cycle 1
Cycle 2

Bridge: High-Order Taint Vulnerabilities Detection in Linux-based IoT Firmware

Jiaqian Peng^1,2, Puzhuo Liu³, Yicheng Zeng^1,2, Kai Cheng¹, Yongji Liu¹, Yun Yang¹, Hongsong Zhu^1,2
¹: Institute of Information Engineering, Chinese Academy of Sciences, China, ²: School of Cyber Security, University of Chinese Academy of Sciences, China, ³: Ant Group & Tsinghua University, China

Camveil: Unveiling Security Camera Vulnerabilities through Multi-Protocol Coordinated Fuzzing

Fuchen Ma¹, Yuqiao Yang², Yuanliang Chen¹, Yanyang Zhao¹, Ting Chen², Yu Jiang¹
¹: Tsinghua University, ²: University of Electronic Science and Technology of China

Agentic Concolic Execution

Zhengxiong Luo¹, Huan Zhao¹, Dylan Wolff¹, Cristian Cadar², Abhik Roychoudhury¹
¹: National University of Singapore, ²: Imperial College London

Concretely-Efficient Multi-Key Homomorphic Secret Sharing and Applications

Kaiwen He¹, Sacha Servan-Schreiber², Geoffroy Couteau³, Srinivas Devadas¹
¹: MIT, ²: Tinfoil, ³: Université Paris Cité, CNRS, IRIF

"I Wonder if These Warnings Are Accurate": Security and Privacy Advice in Nine Majority World Countries

Collins W. Munyendo¹, Veronica A. Rivera², Jackie Hu³, Emmanuel Tweneboah⁴, Amna Shahnawaz⁵, Karen Sowon⁶, Dilara Keküllüoğlu⁷, Marcos Silva⁴, Yue Deng⁴, Mercy Omeiza⁸, Gayatri Priyadarsini Kancherla⁹, Maria Rosario Niniz Silva¹⁰, Maryam Mustafa⁵, Abhishek Bichhawat⁹, Francisco Marmolejo-Cossio¹¹, Elissa M. Redmiles¹², Yixin Zou⁴
¹: The George Washington University, ²: Stanford University, ³: University of Michigan, ⁴: Max Planck Institute for Security and Privacy, ⁵: Lahore University of Management Sciences, ⁶: Indiana University, ⁷: Sabanci University, ⁸: University of Ibadan, ⁹: Indian Institute of Technology Gandhinagar, ¹⁰: The College of Michoacán, ¹¹: Boston College, ¹²: Georgetown University

Practical Multi-party Private Set Intersection with Reducible Zero-sharing

Yewei Guan¹, Hua Guo^1,2, Man Ho Au³, Jiarong Huo¹, Jin Tan⁴, Zhenyu Guan¹
¹: Beihang University, ²: The State Key Laboratory of Blockchain and Data Security, Zhejiang University, ³: The Hong Kong Polytechnic University, ⁴: Independent Researcher

One Char to Rule Them All: Systematically Exploring and Exploiting DNS Silent Vulnerabilities in Domain Name Resolution

Fasheng Miao¹, Xiang Li², Changqing An¹, Wenbin Xu³, Jilong Wang⁴
¹: Tsinghua University, ²: Nankai University, ³: Beihang University, ⁴: Quan Cheng Laboratory, Tsinghua University

Resolve the Unresolved: Systematic Work Profiling for DNS Resolvers

Liwen Xu¹, Huayi Duan², Zechao Cai¹, Adrian Perrig¹
¹: ETH Zürich, ²: HKUST(GZ)

Leafblower: a Leakage Attack Against TEE-Based Encrypted Databases

Zachary Espiritu¹, Seny Kamara^1,2, Tarik Moataz¹, Valentin Ogier³
¹: MongoDB Research, ²: Brown University, ³: NetApp

Mechanized Safety and Liveness Proofs for the Mysticeti Consensus Protocol under the LiDO-DAG Framework

Longfei Qiu¹, Jingqi Xiao², Zhong Shao¹
¹: Yale University, ²: Shanghai Jiao Tong University

Beyond the Control Plane: Understanding and Formal Verifying the Cross-Service Flaws in Cloud Identity Service

Zhen Chen, Ze Jin, Le Gong, Kexin Chen, Xiangyi Zeng, Qixu Liu
Institute of Information Engineering, Chinese Academy of Sciences

SmuFuzz: Enable Deep System Management Mode Fuzzing in Fully Featured UEFI Runtime Environment

jianqiang wang¹, yi xiang^2,3, meng wang¹, Qinying Wang^2,3, Ali Abbasi¹, Thorsten Holz⁴
¹: CISPA Helmholtz Center for Information Security, ²: Zhejiang University, ³: EPFL, ⁴: Max Planck Institute for Security and Privacy

Audience Injection Attacks: A New Class of Attacks on Web-Based Authorization and Authentication Standards

Pedram Hosseyni, Ralf Küsters, Tim Würtele
University of Stuttgart

The Threat Landscape of IP Leasing in the RPKI Era

Weitong Li, Yongzhe Xu, Tijay Chung
Virginia Tech

Efficient Fine-Grained Kernel Auditing using Augmented Reference Behavior Analysis and Virtualized Selective Tracing

Chuqi Zhang¹, Spencer Faith², Feras Al-Qassas², Theodorus Wensan Februanto², Zhenkai Liang¹, Adil Ahmad²
¹: National University of Singapore, ²: Arizona State University

Privacy Perspectives and Practices of Chinese Smart Home Product Teams

Shijing He¹, Yaxiong Lei², Xiao Zhan¹, Chi Zhang², Juan Ye², Ruba Abu-Salma¹, Jose Such¹
¹: King's College London, ²: University of St Andrews

Defeating Transient Execution Attacks by Limiting Secret Reachability through Register Hiding and ShadowCFI

Daniël Trujillo¹, Jagadish Kotra², David Kaplan², Mengjia Yan¹
¹: Massachusetts Institute of Technology, ²: Advanced Micro Devices

APIEcho: Training-less Anomaly Detection via Intra-API Behavioral Comparison for Web Applications

Yihao Peng¹, Yiming Wu¹, Du Wu¹, Shouling Ji², Hai Wan¹, Xibin Zhao¹
¹: Tsinghua University, ²: Zhejiang University

Searching for a Farang: Collective Security among Women in Pattaya, Thailand

Taylor Robinson, Rikke Bjerg Jensen
Royal Holloway, University of London

Towards Automating Data Access Permissions in AI Agents

Yuhao Wu¹, Ke Yang², Franziska Roesner³, Tadayoshi Kohno⁴, Ning Zhang¹, Umar Iqbal¹
¹: Washington University in St. Louis, ²: University of California, Irvine, ³: University of Washington, ⁴: Georgetown University

Single-server Stateful PIR with Verifiability and Balanced Efficiency

Pranav Shriram Arunachalaramanan, Ling Ren
University of Illinois Urbana-Champaign

Parasol Compiler: Pushing the Boundaries of FHE Program Efficiency

Rick Weber¹, Ryan Orendorff¹, Ghada Almashaqbeh², Ravital Solomon¹
¹: Sunscreen, ²: University of Connecticut

Zelda: Efficient Multi-server Preprocessing PIR with Unconditional Security

Bo Peng¹, Ashrujit Ghoshal², Mingxun Zhou³, Elaine Shi⁴
¹: Peking University, ²: Indian Institute of Technology Madras, ³: The Hong Kong University of Science and Technology, ⁴: Carnegie Mellon University

No Password, No Problem? A Large-Scale Field Study of Passkey Adoption and Usage

Tobias Reittinger, Günther Pernul
University of Regensburg

Usable Anonymity in Reproductive Health Privacy

Qiurong Song¹, Yanlai Wu², Rie Helene (Lindy) Hernandez¹, Yao Li³, Yubo Kou¹, Xinning Gui¹
¹: The Pennsylvania State University, ²: Texas A&M University, ³: University of Central Florida

Verifiable PIR with Small Client Storage

Mayank Rathee^1,2, Keewoo Lee¹, Raluca Ada Popa^1,3
¹: UC Berkeley, ²: Amazon Web Services, ³: Google DeepMind

WebCloak: Characterizing and Mitigating Threats from LLM-Driven Web Agents as Intelligent Scrapers

Xinfeng Li¹, Tianze Qiu¹, Yingbin Jin², Lixu Wang¹, Hanqing Guo³, Xiaojun Jia¹, XiaoFeng Wang¹, Wei Dong¹
¹: Nanyang Technological University, ²: Hong Kong Polytechnic University, ³: University of Hawaii at Manoa

The Secrets Must Not Flow: Scaling Security Verification to Large Codebases

Linard Arquint¹, Samarth Kishor², Jason R. Koenig², Joey Dodds², Daniel Kroening², Peter Müller¹
¹: ETH Zurich, ²: Amazon Web Services

Toward Inclusive Security and Privacy for Deaf and Hard-of-Hearing People: A Community-Based Interview Study

Mindy Tran¹, Xinru Tang², Adryana Hutchinson³, Adam J. Aviv³, Yixin Zou¹
¹: Max Planck Institute for Security and Privacy, ²: UC Irvine, ³: The George Washington University

VerfCNN, Optimal Complexity zkSNARK for Convolutional Neural Networks

Wenjie Qu, Yanpei Guo, Yue Ying, Jiaheng Zhang
National University of Singapore

Scalable Accountable Byzantine Agreement and Beyond

Pierre Civit¹, Daniel Collins², Vincent Gramoli^3,4, Rachid Guerraoui¹, Jovan Komatovic¹, Manuel Vidigueira¹, Pouriya Zarbafian³
¹: EPFL, ²: Texas A&M University, ³: University of Sydney, ⁴: Redbelly Network

Revelio: Blurred Images Can Still Disclose Your Identity

Haoyu Zhai, Shuo Wang, Pirouz Naghavi, Qingying Hao, Gang Wang
University of Illinois Urbana-Champaign

RIS-CLA: Reviving CSI-Based Continuous Location Authentication with Reconfigurable Intelligent Surfaces

Yan Zhang¹, Jiawei Li¹, Yizhou Wang¹, Dianqi Han², Yanchao Zhang¹, Aditya Shekhawat¹, Georgios Trichopoulos¹
¹: Arizona State University, ²: University of Texas at Arlington

Blinding Post-Quantum Hash-and-Sign Signatures

Charles Bouillaguet¹, Thibauld Feneuil², Jules Maire³, Matthieu Rivain², Julia Sauvage¹, Damien Vergnaud¹
¹: Sorbonne University, ²: CryptoExperts, ³: École Normale Supérieure - PSL

Practical Asynchronous Distributed Key Reconfiguration and Its Applications

Hanwen Feng¹, Yingzi Gao², Yuan Lu², Qiang Tang¹, Jing Xu²
¹: University of Sydney, ²: Institute of Software Chinese Academy of Sciences; State Key Laboratory of Cryptology; University of Chinese Academy of Sciences

PORTGPT: Towards Automated Backporting Using Large Language Models

Zhaoyang Li¹, Zheng Yu², Jingyi Song¹, Meng Xu³, Yuxuan Luo⁴, Dongliang Mu¹
¹: Huazhong University of Science and Technology, ²: Northwestern University, ³: University of Waterloo, ⁴: Canonical Ltd.

AEX-NStep: Probabilistic Interrupt Counting Attacks on Intel SGX

Nicolas Dutly, Friederike Groschupp, Ivan Puddu, Kari Kostiainen, Srdjan Čapkun
ETH Zurich

Behind the Curtain: How Shared Hosting Providers Respond to Vulnerability Notifications

Giada Stivala, Rafael Mrowczynski, Maria Hellenthal, Giancarlo Pellegrino
CISPA Helmholtz Center for Information Security

LLM Unlearning Should Be Form-Independent

Xiaotian Ye^1,2, Mengqi Zhang³, Shu Wu¹
¹: Institute of Automation, Chinese Academy of Sciences, ²: Beijing University of Posts and Telecommunications, ³: Shandong University

Generate-then-Verify: Reconstructing Data from Limited Published Statistics

Terrance Liu¹, Eileen Xiao¹, Adam Smith², Pratiksha Thaker¹, Steven Wu¹
¹: Carnegie Mellon University, ²: Boston University

MusicShield: Protection for Musicians in the Era of Generative AI

Syed Irfan Ali Meerza, Jian Liu
University of Tennessee, Knoxville

Breaking the Illusion: Automated Reasoning of GDPR Consent Violations

Ying Li¹, Wenjun Qiu², Faysal Hossain Shezan³, Kunlin Cai¹, Michelangelo van Dam⁴, Lisa Austin², David Lie², Yuan Tian¹
¹: University of California, Los Angeles, ²: University of Toronto, ³: University of Texas at Arlington, ⁴: in2it

Towards Practical Zero-Knowledge Proof for PSPACE

Ashwin Karthikeyan¹, Hengyu Liu², Kuldeep S. Meel^1,3, Ning Luo²
¹: University of Toronto, ²: University of Illinois Urbana-Champaign, ³: Georgia Institute of Technology

Investigating the Impact of Dark Patterns on LLM-Based Web Agents

Devin Ersoy¹, Brandon Lee¹, Ananth Shreekumar¹, Arjun Arunasalam², Muhammad Ibrahim³, Antonio Bianchi¹, Z. Berkay Celik¹
¹: Purdue University, ²: Florida International University, ³: Georgia Institute of Technology

Ensemble Conformal Predictor (EnCP): A New Conformal Predictor with Robustness Guarantees against Data Poisoning Attacks

Yuxin Yang^1,2, Qiang Li¹, Runyang Feng³, Liren Shan⁴, Binghui Wang²
¹: College of Computer Science and Technology, Jilin University, ²: Department of Computer Science, Illinois Institute of Technology, ³: School of Artificial Intelligence, Jilin University, ⁴: Toyota Technological Institute at Chicago

Exploiting Leaderboards for Large-Scale Distribution of Poisoned Models

Anshuman Suri¹, Harsh Chaudhari¹, Yuefeng Peng², Ali Naseh², Amir Houmansadr², Alina Oprea¹
¹: Northeastern University, ²: University of Massachusetts Amherst

PromoGuardian: Detecting Promotion Abuse Fraud with Multi-Relation Fused Graph Neural Networks

Shaofei Li¹, Xiao Han², Ziqi Zhang³, Zhenkai Liang⁴, Yao Guo¹, Xiangqun Chen¹, Ding Li¹, Shuli Gao⁵, Minyao Hua⁵
¹: Key Laboratory of High-Confidence Software Technologies (MOE), School of Computer Science, Peking University, ²: School of Electronics Engineering and Computer Science, Peking University, ³: University of Illinois Urbana-Champaign, ⁴: National University of Singapore, ⁵: Meituan

VMSCAPE: Exposing and Exploiting Incomplete Branch Predictor Isolation in Cloud Environments

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, Kaveh Razavi
ETH Zurich

GHost in the SHELL: A GPU-to-Host Memory Attack and Its Mitigation

Sihyun Roh, Woohyuk Choi, Jaeyoung Chung, Yoochan Lee, Suhwan Song, Byoungyoung Lee
Seoul National University

Euston: Efficient and User-Friendly Secure Transfomer Inference with Non-Interactivity

Xinwen Gao¹, Shaojing Fu¹, Lin Liu¹, Zhuotao Liu², Yuchuan Luo¹, Yongjun Wang¹
¹: National University of Defense Technology, ²: Tsinghua University

zkFuzz: Foundation and Framework for Effective Fuzzing of Zero-Knowledge Circuits

Hideaki Takahashi, Jihwan Kim, Suman Jana, Junfeng Yang
Columbia University

No Honor Among Crooks: Non-transferable Anonymous Tokens from Betrayability

David Kretzler, Yong Li
Huawei Technologies Düsseldorf

Setting the Course, but Forgetting to Steer: Analyzing Compliance with GDPR's Right of Access to Data by Instagram, TikTok, and YouTube

Sai Keerthana Karnam¹, Abhisek Dash², Antariksh Das¹, Sepehr Mousavi², Stefan Bechtold³, Krishna Gummadi², Animesh Mukherjee¹, Ingmar Weber⁴, Savvas Zannettou⁵
¹: Indian Institute of Technology, Kharagpur, ²: Max Planck Institute for Software Systems, ³: ETH Zürich, ⁴: Saarland University, ⁵: Delft University of Technology

Battering RAM: Low-Cost Interposer Attacks on Confidential Computing via Dynamic Memory Aliasing

Jesse De Meulemeester¹, David Oswald², Ingrid Verbauwhede¹, Jo Van Bulck³
¹: COSIC, KU Leuven, ²: University of Birmingham, ³: DistriNet, KU Leuven

Who Taught the Lie? Responsibility Attribution for Poisoned Knowledge in Retrieval-Augmented Generation

Baolei Zhang¹, Haoran Xin¹, Yuxi Chen², Zhuqing Liu³, Biao Yi¹, Tong Li¹, Lihai Nie¹, Zheli Liu¹, Minghong Fang⁴
¹: Nankai University, ²: Guilin Institute of Information Technology, ³: University of North Texas, ⁴: University of Louisville

Consistent Estimation of Numerical Distributions under Local Differential Privacy by Wavelet Expansion

Puning Zhao¹, Zhikun Zhang², Bo Sun², Li Shen¹, Liang Zhang¹, Shaowei Wang³, Zhe Liu⁴
¹: Sun Yat-sen University, ²: Zhejiang University, ³: Guangzhou University, ⁴: Zhejiang Lab

The Passkey Promise: A Comparative Usability Study of MFA Methods

Erwin Kupris, Thomas Schreck
Munich University of Applied Sciences

SFA-Miner: Mining Path-Sensitive API Usage Patterns via Symbolic Finite Automata

Jiasheng Jiang¹, Mingwei Zheng¹, Qingkai Shi², Xiangyu Zhang³
¹: Purdue University, ²: Nanjing Unviersity, ³: Purdue Univerisity

Revisiting PQ WireGuard: A Comprehensive Security Analysis With a New Design Using Reinforced KEMs

Keitaro Hashimoto¹, Shuichi Katsumata^1,2, Guilhem Niot^2,3, Thom Wiggers²
¹: AIST, ²: PQShield, ³: Univ Rennes, CNRS, IRISA

CBUE: Conclusion Based Utility Evaluation for Differentially Private Categorical Data

Furkan Sarikaya, Shaohua Lu, Johes Bater, Mark Hempstead
Tufts University

Coral: Fast Succinct Non-Interactive Zero-Knowledge CFG Proofs

Sebastian Angel¹, Sofia Celi², Elizabeth Margolin¹, Pratyush Mishra¹, Martin Sander¹, Jess Woods¹
¹: University of Pennsylvania, ²: Brave, University of Bristol

deepSURF: Detecting Memory Safety Vulnerabilities in Rust Through Fuzzing LLM-Augmented Harnesses

Georgios Androutsopoulos, Antonio Bianchi
Purdue University

InsPIRe: Communication-Efficient PIR with Server-side Preprocessing

Rasoul Akhavan Mahdavi^1,2, Sarvar Patel¹, Joon Young Seo¹, Kevin Yeo^1,3
¹: Google, ²: University of Waterloo, ³: Columbia University

When AI Meets the Web: Prompt Injection Risks in Third-Party AI Chatbot Plugins

Yigitcan Kaya, Anton Landerer, Stijn Pletinckx, Michelle Zimmermann, Christopher Kruegel, Giovanni Vigna
University of California, Santa Barbara

Rain: Transiently Leaking Data from Public Clouds Using Old Vulnerabilities

Mathé Hertogh¹, Dave Quakkelaar¹, Thijs Raymakers¹, Mahesh Hari Sarma¹, Marius Muench², Herbert Bos¹, Erik van der Kouwe¹
¹: Vrije Universiteit Amsterdam, ²: University of Birmingham

Perceived Privacy Risk and Mitigation Post-Roe

Alan F. Luo¹, Phoebe Moh¹, Cora Sula², Michelle Mazurek¹, Nora McDonald²
¹: University of Maryland, ²: George Mason University

Shared Spotlight Meridian: Distributed Sparse Pseudorandom Functions for Scalable Federated Learning

Youlong Ding¹, Peihua Mai², Jingqi Zhang², Sherman S. M. Chow³, Minxin Du⁴, Yan Pang²
¹: The Hebrew University of Jerusalem, ²: National University of Singapore, ³: The Chinese University of Hong Kong, ⁴: The Hong Kong Polytechnic University

Transient Architectural Execution: From Weird Gates to Weird Programs

Ping-Lun Wang¹, Fraser Brown¹, Riccardo Paccagnella¹, Eyal Ronen², Riad S. Wahby¹, Yuval Yarom³
¹: Carnegie Mellon University, ²: Tel Aviv University, ³: Ruhr University Bochum

Cosseter: GitHub Actions Permission Reduction Using Demand-Driven Static Analysis

Greg Tystahl¹, Jonah Ghebremichael¹, Siddharth Muralee², Sourag Cherupattamoolayil², Antonio Bianchi², Aravind Machiry², Alexandros Kapravelos¹, William Enck¹
¹: North Carolina State University, ²: Purdue University

SaTor: Exploring Satellite Routing in Tor to Reduce Latency

Haozhi Li¹, Tariq Elahi²
¹: Beijing Institute of Technology, ²: University of Edinburgh

Understanding and Analyzing Privacy Risks in Mobile Consent-Management Platforms

Jingzhou Ye¹, Fares Alharbi², Luyi Xing^2,3, Xueqiang Wang¹
¹: University of Central Florida, ²: Indiana University Bloomington, ³: University of Illinois Urbana-Champaign

Practical Covert Channel across Isolated Browser Instances via GPU Command Queue Contention

Jinhong Liu¹, Zifeng Kang², Song Li¹, Yinzhi Cao³
¹: The State Key Laboratory of Blockchain and Data Security, Zhejiang University; Hangzhou High-Tech Zone (Bin jiang) Institute of Blockchain and Data Security, ²: Beijing University of Posts and Telecommunications, ³: Johns Hopkins University

GraphRAG under Fire

Jiacheng Liang¹, Yuhui Wang¹, Changjiang Li¹, Rongyi Zhu¹, Tanqiu Jiang¹, Neil Gong², Ting Wang¹
¹: Stony Brook University, ²: Duke University

Descriptors of Exposure: Undermining Tor Anonymity through Exploiting Descriptor Flood

chumian wang¹, Junzhou Luo¹, Zhen Ling¹, Yue Zhang², Shan Wang¹, Ming Yang¹, Guangchi Liu¹, Xinwen Fu³
¹: Southeast University, ²: Shandong University, ³: University of Massachusetts Lowell

EnchTable: Unified Safety Alignment Transfer in Fine-tuned Large Language Models

Jialin Wu¹, Kecen Li¹, Zhicong Huang¹, Xinfeng Li², Xiaofeng Wang², Cheng Hong¹
¹: Ant Group, ²: Nanyang Technological University

SeqAss: Using Sequential Associative Caches to Mitigate Conflict-Based Cache Attacks With Reduced Cache Misses and Performance Overhead

Wei Song¹, Zhidong Wang¹, Jinchi Han¹, Da Xie¹, Hao Ma¹, Peng Liu²
¹: Institute of Information Engineering at the Chinese Academy of Sciences, ²: Pennsylvania State University

Convenience at a Cost: The Security Risks of Template-based Development in the App-in-App Ecosystem

Yizhe Shi, Zhemin Yang, Yifan Yang, Yunteng Yang, Min Yang
Fudan University

LatORAM: ORAMs from Lateral Stashes and Delayed Shuffling

Sarvar Patel¹, Giuseppe Persiano^1,2, Joon Young Seo¹, Kevin Yeo^1,3
¹: Google, ²: U. Salerno, ³: Columbia University

SoK: Evaluating Jailbreak Guardrails for Large Language Models

Xunguang Wang¹, Zhenlan Ji¹, Wenxuan Wang², Zongjie Li¹, Daoyuan Wu³, Shuai Wang¹
¹: The Hong Kong University of Science and Technology, ²: Renmin University of China, ³: Lingnan University

Breaking the Barrier for Asynchronous MPC with a Friend

Banashri Karmakar¹, Aniket Kate², Shravani Patil¹, Arpita Patra¹, Sikhar Patranabis³, Protik Paul⁴, Divya Ravi⁵
¹: IISc Bangalore, ²: Supra Research / Purdue University, ³: IBM Research India, ⁴: TU Darmstadt, ⁵: University of Amsterdam

Demystifying and Exploiting ASLR on NVIDIA GPUs

Ruofan Zhu¹, Ganhao Chen¹, Wenbo Shen¹, Lyuye Zhang², Dakun Shen¹, Rui Chang¹, Yanan Guo³
¹: Zhejiang University, ²: Nanyang Technological University, ³: University of Rochester

Dory: Streaming PCG with Small Memory

Xiaojie Guo^1,2, Hanlin Liu³, Zhicong Huang⁴, Hongrui Cui⁵, Wenhao Zhang³, Cheng Hong⁴, Xiao Wang³, Kang Yang², Yu Yu^1,5
¹: Shanghai Qi Zhi Institute, ²: State Key Laboratory of Cryptology, ³: Northwestern University, ⁴: Ant Group, ⁵: Shanghai Jiao Tong University

Designing Transport-Level Encryption for Datacenter Networks

Tianyi Gao, Xinshu Ma, Suhas Narreddy, Eugenio Luo, Steven W.D. Chien, Michio Honda
University of Edinburgh

MAYA: Addressing Inconsistencies in Generative Password Guessing through a Unified Benchmark

William Corrias, Fabio De Gaspari, Dorjan Hitaj, Luigi V. Mancini
Sapienza University of Rome

URLcoat: Exploiting Web Search Capability to Jailbreak Large Language Models

Yiheng Sun, Linkang Du, Zhou Su, Yuntao Wang, Han Liu
Xi'an Jiaotong University

Phoenix: Rowhammer Attacks on DDR5 with Self-Correcting Synchronization

Diego Meyer¹, Patrick Jattke¹, Michele Marazzi¹, Salman Qazi², Daniel Moghimi², Kaveh Razavi¹
¹: ETH Zurich, ²: Google

Practical Anonymous Two-Party Gradient Boosting Decision Tree

Chenyu Huang¹, Fan Zhang¹, Minxin Du², Sherman S. M. Chow³, Huangxun Chen⁴, Huaming Rao¹, Danqing Huang¹, Bo Qian¹, Peng Chen¹
¹: Tencent, ²: The Hong Kong Polytechnic University, ³: The Chinese University of Hong Kong, ⁴: Hong Kong University of Science and Technology (Guangzhou)

QuickSafe: Targeted Hardening Against Memory Corruption

Johannes Blaser, Floris Gorter, Klaus v. Gleissenthall, Herbert Bos
VU Amsterdam

VIA: Communication-Efficient Single-Server Private Information Retrieval

Chenyang Liu, Xukun Wang, Zhifang Zhang
Key Laboratory of Mathematical Sciences AMSS, Chinese Academy of Sciences

2FiA: Towards WiFi Sensing-Based Authentication with Unique Biometrics

Bofan Li¹, Zhankai Ye¹, Weikuan Yu¹, Yongning Tang², Xin Liu¹
¹: Florida State University, ²: Illinois State University

AI Wrote My Paper and All I Got Was This False Negative:* Measuring the Efficacy of Commercial AI Text Detectors

Seth Layton, Bernardo B. P. Medeiros, Kevin Butler, Patrick Traynor
University of Florida

Cavern: Efficient Honest-Majority Maliciously Secure $(2+1)$ -PC for $\mathbb{Z}_{2^n}$ via DPFs

Yang Liu, Liang Feng Zhang
ShanghaiTech University

Chypnosis: Undervolting-based Static Side-channel Attacks

Kyle Mitard¹, Saleh Khalaj Monfared¹, Fatemeh Khojasteh Dana¹, Robert Dumitru^2,3, Yuval Yarom², Shahin Tajik¹
¹: Worcester Polytechnic Institute, ²: Ruhr University Bochum, ³: The University of Adelaide

Fizzle: A Framework for Deterministic and Reproducible Network Fuzzing

Nathaniel Bennett¹, Tyler Tucker¹, Carson Stillman¹, William Enck², Patrick Traynor¹, Kevin Butler¹
¹: University of Florida, ²: North Carolina State University

Sealing the Window: Efficient Tamper Protection for Provenance Logs

sagar mishra, R Sekar
STONY BROOK UNIVERSITY

STIR/SHAKEN: A Cocktail of Cryptographic Clumsiness

Josh Brown¹, Matthew Hardeman², Paul Grubbs¹
¹: University of Michigan, ²: Low Latency Communications

International Students and Scams: At Risk Abroad

Katherine Zhang¹, Arjun Arunasalam², Pubali Datta³, Z. Berkay Celik⁴
¹: University of Massachusetts Amherst, ²: Florida International University, ³: University of Massachuetts Amherst, ⁴: Purdue University

MetaBreak: Jailbreaking Online LLM Services via Special Token Manipulation

Wentian Zhu, Zhen Xiang, Wei Niu, Le Guan
University of Georgia

State of Browser Process-Isolation: The Same-Site Weakness

Fabian Kilger, Hannah Fischer, Adrian Staeves, Robin Marchart, Josef Schönberger, Fabian Franzen
Technical University of Munich

Your Compiler is Backdooring Your Model: Understanding and Exploiting Compilation Inconsistency Vulnerabilities in Deep Learning Compilers

Simin Chen¹, Jinjun Peng¹, Yixin He², Junfeng Yang¹, Baishakhi Ray¹
¹: Columbia University, ²: University of Southern California

CenRL: A Framework for Performing Intelligent Censorship Measurements

Hieu Le¹, Armin Huremagic¹, Kevin Wang¹, Roya Ensafi¹, Ram Sundara Raman²
¹: University of Michigan, ²: University of California Santa Cruz

Nebula: Proving machine executions via folding schemes

Arasu Arun¹, Srinath Setty²
¹: New York University, ²: Microsoft Research

New Constructions of Functional Adaptor Signatures : Broader Functions and Improved Efficiency

Nikhil Vanjani¹, Garrett Greiner², Sri AravindaKrishnan Thyagarajan³, Pratik Soni²
¹: Carnegie Mellon University, ²: University of Utah, ³: University of Sydney

Transparent Domain eXtensions: Breaking Intel TEE Implementations via DDR5 Memory Bus Interposition

Jalen Chuang¹, Alex Seto², Nicolas Berrios^1,3, Stephan van Schaik⁴, Christina Garman², Daniel Genkin¹
¹: Georgia Tech, ²: Purdue University, ³: Northeastern University, ⁴: None

Fast Deterministically Safe Proof-of-Work Consensus

Ali Farahbakhsh¹, Giuliano Losa², Youer Pu¹, Lorenzo Alvisi¹
¹: Cornell University, ²: Stellar Foundation

Credential Extraction Attacks Against Compromised Credential Checking Services of Password Managers

Yihe Duan, Ding Wang, Yutong Li
Nankai University

Consumer Beware! Exploring Data Brokers’ CCPA Compliance

Elina van Kempen, Isita Bagayatkar, Pavel Frolikov, Chloe Georgiou, Gene Tsudik
University of California, Irvine

PromptLocate: Localizing Prompt Injection Attacks

Yuqi Jia¹, Yupei Liu², Zedian Shao¹, Jinyuan Jia², Neil Gong¹
¹: Duke University, ²: The Pennsylvania State University

KeyTAR: Practical Keystroke Timing Attacks and Input Reconstruction

Mufan Qiu, Lihsuan Chuang, Dohhyun Kim, Huaizhi Qu, Tianlong Chen, Andrew Kwong
UNC Chapel Hill

SoK: Robustness in Large Language Models against Jailbreak Attacks

Feiyue Xu¹, Hongsheng Hu¹, Chaoxiang He¹, Sheng Hang¹, Hanqing Hu¹, Xiuming Liu¹, Yubo Zhao¹, Zhengyan Zhou¹, Bin Benjamin Zhu², Shi-Feng Sun¹, Dawu Gu¹, Shuo Wang¹
¹: Shanghai Jiao Tong University, ²: Microsoft

The First Large-Scale Systematic Study of Python Class Pollution Vulnerability

Zhengyu Liu, Jiacheng Zhong, Jianjia Yu, Muxi Lyu, Zifeng Kang, Yinzhi Cao
Johns Hopkins University

Jigsaw: Doubly Private Smart Contracts

Sanjam Garg¹, Aarushi Goel², Dimitris Kolonelos¹, Rohit Sinha³
¹: UC Berkeley, ²: Rutgers University, ³: Swirlds Labs

Cottontail: Large Language Model-Driven Concolic Execution for Highly Structured Test Input Generation

Haoxin Tu¹, Seongmin Lee², Yuxian Li¹, Peng Chen³, Lingxiao Jiang¹, Marcel Böhme⁴
¹: Singapore Management University, ²: University of California, Los Angeles, ³: Independant, ⁴: Max Planck Institute for Security and Privacy

LLMs in the SOC: An Empirical Study of Human-AI Collaboration in Security Operations Centres

Ronal Singh¹, Shahroz Tariq¹, Fatemeh Jalalvand¹, Mohan Baruwal Chhetri¹, Surya Nepal¹, Cecile Paris¹, Martin Lochner²
¹: Data61, CSIRO, ²: eSentire Inc

DREAM: Scalable Red Teaming for Text-to-Image Generative Systems via Distribution Modeling

Boheng Li¹, Junjie Wang², Yiming Li¹, Zhiyang Hu², Leyi Qi³, Jianshuo Dong⁴, Run Wang², Han Qiu⁴, Zhan Qin³, Tianwei Zhang¹
¹: Nanyang Technological University, ²: Wuhan University, ³: Zhejiang University, ⁴: Tsinghua University

Sort, Sweep, Mirror: Batch Private Interval Lookup with Logarithmic Cost

Andes Y. L. Kei¹, Lucien K. L. Ng², Jack P. K. Ma¹, Sherman S. M. Chow¹
¹: The Chinese University of Hong Kong, ²: Georgia Institute of Technology

SoK: Systematizing a Decade of Architectural RowHammer Defenses Through the Lens of Streaming Algorithms

Michael Jaemin Kim¹, Seungmin Baek², Jumin Kim², Hwayong Nam², Nam Sung Kim³, Jung Ho Ahn²
¹: Meta, ²: Seoul National University, ³: UIUC

Best of Both Worlds: Effective Foreign Bridge Identification in V8 Embedders for Security Analysis

Georgios Alexopoulos¹, Thodoris Sotiropoulos², Zhendong Su², Dimitris Mitropoulos¹
¹: University of Athens, ²: ETH Zurich

When VR Meets BCI: (Un)Observable Brainwave-aware Privacy Reconstruction in the Metaverse via Unrestricted Inbuilt Motion Sensors

Tao Ni¹, Zehua Sun², Qingchuan Zhao³, Wei-Bin Lee⁴, Cong Wang³
¹: King Abdullah University of Science and Technology, ²: National University of Singapore, ³: City University of Hong Kong, ⁴: Information Security Center, Hon Hai Research Institute

Lattice-based Threshold Blind Signatures

Sebastian Faller^1,2, Guilhem Niot³, Michael Reichle²
¹: IBM Research, ²: ETH Zurich, ³: PQShield, Univ Rennes, CNRS, IRISA

PrintSpy: Pixel-Level Eavesdropping on Commodity Laser Printers via Electromagnetic Side Channels

Wenhao Li¹, Jiarong Yang², Mingda Han², Xiuzhen Cheng², Pengfei Hu², Cong Wang¹
¹: City University of Hong Kong, ²: Shandong University

Automated formal analysis of Signal's Double Ratchet: attacks, fixes and security proofs

Vincent Cheval¹, Charlie Jacomme², Jessica Richards¹
¹: University of Oxford, ²: Université de Lorraine, CNRS, Inria, LORIA

Detecting Privilege Escalation in Polyglot Microservices via Agentic Program Analysis

Penghui Li¹, Hong Yau Chong¹, Yinzhi Cao², Junfeng Yang¹
¹: Columbia University, ²: Johns Hopkins University

Hadal: Centralized Label DP without a Trusted Party

James Choncholas¹, Stanislav Peceny², Amit Agarwal³, Mariana Raykova¹, Baiyu Li¹, Karn Seth¹
¹: Google, ²: Stealth Software Technologies, ³: Category Labs

On the (In)Security of Loading Machine Learning Models

Gabriele Digregorio, Marco Di Gennaro, Stefano Zanero, Stefano Longari, Michele Carminati
Politecnico di Milano

StepStone: LLM-Based GPU Kernel Driver Fuzzing via User-Space Libraries

Xiaochen Zou, Juefei Pu, Arrdya Srivastav, Jonathan Cox, Zhengchuan Liang, Yuan Tan, Xingyu Li, Yilin Zhu, Zhiyun Qian
University of California, Riverside

Evaluating Concept Filtering Defenses against Child Sexual Abuse Material Generation by Text-to-Image Models

Ana-Maria Cretu¹, Klim Kireev^1,2, Amro Abdalla³, Wisdom Obinna³, Raphael Meier⁴, Sarah Adel Bargal³, Elissa M. Redmiles³, Carmela Troncoso^1,2
¹: EPFL, ²: MPI-SP, ³: Georgetown University, ⁴: armasuisse S+T

Secret State Leakage Attacks and their Impacts on EMV Contactless Payment Apps

Jesse Chen¹, Rubin Yuchan Yang¹, Ahmad Musa¹, Syed Rafiul Hussain², Omar Chowdhury³, Sazzadur Rahaman¹
¹: University of Arizona, ²: Pennsylvania State University, ³: Stony Brook University

Navigating Developers’ Quagmire: LLM-Enabled Privacy Compliance Analysis for SDK Integrations

Zhaojie Hu, Xueqiang Wang
University of Central Florida

Private Data Imputation

Abdelkarim Kati¹, Florian Kerschbaum¹, Marina Blanton²
¹: University of Waterloo, ²: University at Buffalo

Demystifying the (In)Security of OAuth-based Account Linking in Connector Ecosystems

Kaixuan Luo¹, Xianbo Wang¹, Pui Ho Adonis Fung², Wing Cheong Lau¹
¹: The Chinese University of Hong Kong, ²: Samsung Research America

Acoustic Hijacking Attacks on Gimbal-Stabilized Visual Tracking Systems

Jiarui Li¹, Joseph Brewington¹, Qingzhao Zhang², Z. Morley Mao¹
¹: The University of Michigan, Ann Arbor, ²: The University of Arizona

LeakyLinks: Measuring the Security and Privacy Risks of URL Scanning Services

Ali Mustafa¹, Jannis Rautenstrauch¹, Florian Hantke¹, Shubham Agarwal², Stefano Calzavara³, Ben Stock¹
¹: CISPA Helmholtz Center for Information Security, ²: Max Planck Institute for Security and Privacy, ³: Università Ca' Foscari Venezia

When Designers Meet GenAI: Understanding the Role of Prompt-to-Design Generators in Privacy Dark Patterns

Jingzhou Ye, Zhaojie Hu, Yao Li, Xueqiang Wang
University of Central Florida

Anon: An Autonomous LLM-assisted System for Red Teaming Multi-Host Networks

Brian Singer¹, Keane Lucas², Lakshmi Adiga¹, Meghna Jain¹, Lujo Bauer¹, Vyas Sekar¹
¹: Carnegie Mellon University, ²: Anthropic

Can I Get More? An Incremental Inference Attack on Encrypted SQL

Xiaoqian Sun¹, Ruiqi He², Yang Zhang¹, Siyi Lv², Guiyun Qin², Fangzhou Yi², Zheli Liu¹, Xiaofeng Chen³
¹: Nankai University, ²: CS, DISSec, Nankai University, China, ³: Xidian University

Jazzer: Coverage-Guided Fuzzing for Semantic Vulnerabilities in the Java Ecosystem

Sergej Dechand^1,2, Tobias Wienand³, Fabian Meumertzheim², Peter Samarin², Simon Resch², Khaled Yakdan², Thorsten Holz¹, Flavio Toffalini³
¹: Max Planck Institute for Security and Privacy, ²: Code Intelligence, ³: Ruhr University Bochum

TREVEX: A Black-Box Detection Framework For Data-Flow Transient Execution Vulnerabilities

Daniel Weber, Fabian Thomas, Leon Trampert, Ruiyi Zhang, Michael Schwarz
CISPA Helmholtz Center for Information Security

Prrr: Personal Random Rewards for Blockchain Reporting

Hongyin Chen¹, Yubin Ke², Xiaotie Deng², Ittay Eyal¹
¹: Technion, ²: Peking University

SoK: Critical Evaluation of Quantum Machine Learning for Adversarial Robustness

Saeefa Rubaiyet Nowmi¹, Jesus Lopez¹, Md Mahmudul Alam Imon¹, Shahrooz Pouryousef², Mohammad Saidur Rahman¹
¹: University of Texas at El Paso, ²: University of Massachusetts Amherst

AESpoly: Symmetric-Key Cryptographic Designs Using Instruction-Level Parallelism between AES and Polynomial Hash

Yukito Hiraga¹, Yusuke Naito², Yu Sasaki³, Takeshi Sugawara¹
¹: The University of Electro-Communications, ²: Mitsubishi Electric Corporation, ³: NTT Social Informatics Laboratories and NIST Associate

TÄMU: Emulating Trusted Applications at the (GlobalPlatform)-API Layer

Philipp Mao¹, Li Shi², Marcel Busch¹, Mathias Payer¹
¹: EPFL, ²: Independent

xDup: Privacy-Preserving Deduplication for Humanitarian Organizations using Fuzzy PSI

Tim Rausch, Sylvain Chatel, Wouter Lueks
CISPA Helmholtz Center for Information Security

Fractal: An Operating System Designed for Microarchitecture Reverse Engineering

Joseph Ravichandran, Mengjia Yan
Massachusetts Institute of Technology

PromptCOS: Towards Content-only System Prompt Copyright Auditing for LLMs

Yuchen Yang¹, Yiming Li², Hongwei Yao³, Enhao Huang¹, Shuo Shao¹, Yuyi Wang⁴, Zhibo Wang¹, Dacheng Tao², Zhan Qin¹
¹: Zhejiang University, ²: Nanyang Technological University, ³: City University of Hong Kong, ⁴: CRRC Zhuzhou Institute & Tengen Intelligence Institude

Starfighters—On the General Applicability of X-Wing

Deirdre Connolly¹, Kathrin Hövelmanns², Andreas Hülsing^1,2, Stavros Kousidis³, Matthias Meijers²
¹: SandboxAQ, ²: Eindhoven University of Technology, ³: Federal Office for Information Security

Human-Centered Threat Modeling in Practice: Lessons, Challenges, and Paths Forward

Warda Usman¹, Yixin Zou², Daniel Zappala¹
¹: Brigham Young University, ²: Max Planck Institute for Security and Privacy

EyeSpy: Inferring Eye Gaze via Side-Channel Attacks Against Foveated Rendering

Paul Maynard, Harris Amjad, Camila Molinares, Bo Ji, Brendan David-John
Virginia Tech

CiRCLE: Recovering Complex Data Structures in Binaries beyond Rigid Patterns

Zeyu Gao¹, Junlin Zhou², Songtao Yang³, Chao Zhang¹
¹: Tsinghua University, ²: Sichuan University, ³: Zhongguancun Laboratory

Privacy-Conscious Algorithm Design via PAC Privacy

Mayuri Sridhar, Xiaochen Zhu, Srinivas Devadas
MIT

It’s a Feature, Not a Bug: Secure and Auditable State Rollback for Confidential Cloud Applications

Quinn Burke¹, Anjo Vahldiek-Oberwagner², Michael Swift¹, Patrick McDaniel¹
¹: University of Wisconsin-Madison, ²: Intel Labs

Chorus: Secret Recovery with Ephemeral Client Committees

Deevashwer Rathee¹, Emma Dauterman², Allison Li³, Raluca Ada Popa¹
¹: UC Berkeley, ²: Stanford University, ³: Okta

The Person Behind the Sound: Demystifying Audio Private Attribute Profiling via Multimodal Large Language Models

Lixu Wang¹, Kaixiang Yao², Xinfeng Li¹, Dong Yang³, Haoyang Li⁴, XiaoFeng Wang¹, Wei Dong¹
¹: Nanyang Technological University, ²: Duke University, ³: The University of Tokyo, ⁴: The Hong Kong Polytechnic University

Decomposition-Based Optimal Bounds for Privacy Amplification via Shuffling

Pengcheng Su, Haibo Cheng, Ping Wang
Peking University

BACHunter: Detecting Broken Access Control Vulnerabilities in Intelligent Connected Vehicles

Yanbang Sun¹, Xiaohong Li¹, Quanzhou Wang², Hebo Leng², Guangzheng Yao², Zhihua Xie¹, Qiang Hu¹, Junjie Wang¹
¹: Tianjin University, ²: QI-ANXIN Codesafe Team

The Battle of Metasurfaces: Understanding Security in Smart Radio Environments

Paul Staat¹, Christof Paar¹, Swarun Kumar²
¹: Max Planck Institute for Security and Privacy (MPI-SP), ²: Carnegie Mellon University

Parasites in the Toolchain: A Large-Scale Analysis of Attacks on the MCP Ecosystem

Shuli Zhao¹, Qinsheng Hou¹, Zihan Zhan¹, Yanhao Wang², Yuchong Xie³, Yu Guo¹, Libo Chen¹, Shenghong Li¹, Zhi Xue¹
¹: Shanghai Jiao Tong University, ²: Independent Researcher, ³: Hong Kong University of Science and Technology

Stop Starving or Stuffing Me: Boosting Firmware Fuzzing Efficiency with On-demand Input Delivery

Shandian Shen¹, Wei Zhou¹, Keming Zhao¹, Peng Liu², Chung Hwan Kim³, Le Guan⁴
¹: School of Cyber Science and Engineering, Huazhong University of Science and Technology, ²: Penn State University, ³: University of Texas at Dallas, ⁴: University of Georgia

TrigFuzz: Triggering Conditions Guided Directed Fuzzing

Yiyang Chen¹, Nuoqi Gui¹, Long Wang¹, Longfei Chen¹, Xuanqing Shi¹, Xi Cao², Chao Zhang¹
¹: Tsinghua University, ²: Science City (Guangzhou) Digital Technology Group Co., Ltd

Practitioners' Perspectives on a Repository of Differential Privacy Deployments

Priyanka Nanayakkara, Elena Ghazi, Salil Vadhan
Harvard University

Adversarial Hubness in Multi-Modal Retrieval

Tingwei Zhang¹, Fnu Suya², Rishi Jha¹, Collin Zhang¹, Vitaly Shmatikov¹
¹: Cornell Tech, ²: University of Tennessee

Catch Me If You Can: Detector-Resistant Evasion via Semantics-Preserving Command Re-Realization

Muhammad Shoaib¹, Hare Sudhan Muthusamy², Tareq Alkhatib³, Wajih Ul Hassan¹
¹: University of Virginia, ²: Walmart Global Tech, ³: Fortinet

RadKey: An LLM-Guided RF Backscatter System for Through-Wall Keystroke Inference

Qijun Wang, Chunqi Qian, Huacheng Zeng
Michigan State University

Papers, Please: A First Look at Age Verification on the Web

Shreyas Minocha, Isaac Sheridan, Harry Oppenheimer, Paul Pearce, Michael A. Specter
Georgia Institute of Technology

Understanding Data Collection, Brokerage, and Spam in the Lead Marketing Ecosystem

Yash Vekaria¹, Nurullah Demir², Konrad Kollnig³, Zubair Shafiq¹
¹: University of California, Davis, ²: Stanford University, ³: Maastricht University

SoK: All You Ever Wanted to Know About Bootloader Security But Were Afraid to Ask

Connor Glosner, Aravind Machiry
Purdue University

A Full Threshold NIST PQC-Compliant Framework for Distributed Trust in Federal Public Key Infrastructure

Kiarash Sedghighadikolaei¹, Changqi Sun², Thang Hoang², Bechir Hamdaoui³, Attila A. Yavuz¹
¹: University of South Florida, ²: Virginia Tech, ³: Oregon State University

Beyond Indistinguishability: Measuring Extraction Risk in LLM APIs

Ruixuan Liu¹, David Evans², Li Xiong¹
¹: Emory University, ²: University of Virginia

Poisoned by the Host: Large-Scale Measurement of Host Name Poisoning in Web Applications

Rui Yang, Haoyu Wang, Zhicheng Sun, Zhengyu Liu, Yinzhi Cao
Johns Hopkins University

Goldilocks and the Three P-States: Mitigating Hertzbleed via Adaptive Frequency Control

Inwhan Chun¹, Christine Guo², Riccardo Paccagnella¹
¹: Carnegie Mellon University, ²: Princeton University

Lost in Translation: Text Message Spoofing via Email

Sumanth Rao¹, Ye Shu¹, Stefan Savage¹, Aaron Schulman¹, Geoffrey M. Voelker¹, Enze Liu²
¹: UC San Diego, ²: CMU

Nonlocalizable Jamming with Curving Beams

Caroline Spindel, Edward Knightly
Rice University

PUFFERDOS: Efficient and Effective Attack String Generation for Regular Expression Denial of Service Vulnerabilities

Shangzhi Xu¹, Ziqi Ding², Xiao Cheng³, Yuekang Li², Nan Sun², Benjamin Turnbull², Shuangxiang Kan², Siqi Ma⁴
¹: The University of New South Wales & CSIRO, ²: The University of New South Wales, ³: Macquarie University, ⁴: The University of Wollongong

TDXRay: Microarchitectural Side-Channel Analysis of Intel TDX for Real-World Workloads

Tristan Hornetz¹, Hosein Yavarzadeh², Albert Cheu³, Adria Gascon³, Lukas Gerlach¹, Daniel Moghimi³, Phillipp Schoppmann³, Michael Schwarz¹, Ruiyi Zhang¹
¹: CISPA Helmholtz Center for Information Security, ²: UC San Diego, ³: Google

A Leakage-Free Framework for Private Set Operations

Wenhao Wu¹, Yuyue Chen¹, Bowen Shen¹, Peng Yang¹, Ximing Fu¹, Zoe Lin Jiang¹, Junbin Fang²
¹: Harbin Institute of Technology, Shenzhen, ²: Jinan University

Efficient Fuzzy Private Set Intersection from Secret-shared OPRF

Xinpeng Yang¹, Meng Hao², Chenkai Weng³, Robert H. Deng², Yonggang Wen¹, Tianwei Zhang¹
¹: Nanyang Technological University, ²: Singapore Management University, ³: Arizona State University

APEX: Accurate Parallel Expressive Homomorphic Execution for Encrypted Databases

Wei Chen, Qi Hu, Siu-Ming Yiu, Heming Cui
The University of Hong Kong

LISA: A Scale-Optimized and Psychometrically-Validated Instrument for the Lightweight Assessment of Organizational Information Security Awareness in Heterogeneous Organizations

David Langer¹, Jan Tolsdorf², Luigi Lo Iacono³
¹: Bonn-Rhein-Sieg University of Applied Sciences, ²: MPI-SP, ³: Justus Liebig University Giessen

Weighted Batched Threshold Encryption with Applications to Mempool Privacy

Amit Agarwal¹, Kushal Babel¹, Sourav Das¹, Babak Poorebrahim Gilkalaye¹, Arup Mondal², Benny Pinkas³, Peter Rindal¹, Aayush Yadav⁴
¹: Category Labs, ²: Ashoka University, ³: Bar-Ilan University, ⁴: George Mason University

MAD-DAG: Protecting Blockchain Consensus from MEV

Roi Bar-Zur, Aviv Tamar, Ittay Eyal
Technion

GPUBreach: Privilege Escalation Attacks on GPUs using Rowhammer

Chris S. Lin, Yuqin Yan, Joyce Qu, Joseph Zhu, Guozhen Ding, David Lie, Gururaj Saileshwar
University of Toronto

Toward Concise and High-fidelity Rust Decompilation

Yibo Liu¹, Zion Leonahenahe Basque¹, Arvind S Raj¹, Chavin Udomwongsa¹, Chang Zhu¹, Jie Hu¹, Changyu Zhao², Fangzhou Dong¹, Adam Doupé¹, Tiffany Bao¹, Yan Shoshitaishvili¹, Ruoyu Wang¹
¹: Arizona State University, ²: Stanford University

Fuzzing the Physical Space: Physics-Aware Testing of Black-Box Industrial Control Systems

Burak Sahin¹, David Oygenblik¹, Mingxuan Yao¹, Yizhi Huang¹, Brendan Saltaformaggio², Saman Zonouz¹
¹: Georgia Institute of Technology, ²: Georgia Tech

Can Foundation LLMs Accurately Estimate Password Strength and Provide Appropriate Password Feedback?

Madison Pickering, Garrison Hinson-Hasty, Luca Dovichi, Helena Williams, Nathaniel Kim, Aybala Esmer, Blase Ur
University of Chicago

Responsible Disclosure is a Two-Way Street: Empirically Measuring the Responsible Disclosure Contract in the Firmware Ecosystem

Hui Jun Tay, Souradip Nath, Arvind S Raj, Abhay Bhat, Ishan Bansal, Audrey Dutcher, Moritz Schloegel, Adam Doupé, Tiffany Bao, Yan Shoshitaishvili, Ruoyu Wang
Arizona State University

ARES: Scalable and Practical Gradient Inversion Attack in Federated Learning through Activation Recovery

Zirui Gong¹, Leo Yu Zhang¹, Yanjun Zhang², Viet Vo³, Tianqing Zhu⁴, Shirui Pan¹, Cong Wang⁵
¹: Griffith University, ²: University of Technology Sydney, ³: Swinburne University of Technology, ⁴: City University of Macau, ⁵: City University of Hong Kong

Vega: Low-latency zero-knowledge proofs over existing credentials

Darya Kaviani¹, Srinath Setty²
¹: UC Berkeley, ²: Microsoft Research

Weaponizing Reflectivity for Pointcloud Deception with Forged Invisible Geometries

Hengwei Chen¹, Menglan Hu², Tianyue Zheng¹
¹: Southern University of Science and Technology, ²: Huazhong University of Science and Technology

Specializing Language Models for Textual Fuzzing via Reinforcement Learning

Jiayi Lin, Liangcai Su, Junzhe Li, Chenxiong Qian
University of Hong Kong

GoSSamer: Lightweight and Linear-Communication Asynchronous (Dynamic Proactive) Secret Sharing and the Applications

Xinxin Xing¹, Yizhong Liu¹, Boyang Liao¹, Jianwei Liu¹, Bin Hu¹, Xun Lin², Yuan Lu³, Tianwei Zhang⁴
¹: Beihang University, ²: The Chinese university of Hong Kong, ³: A*STAR Institute for Infocomm Research, ⁴: Nanyang Technological University

Crucible: Retrofitting Commodity CPUs with Vulnerabilities via Transparent Software Emulation

Tristan Hornetz, Lukas Gerlach, Michael Schwarz
CISPA Helmholtz Center for Information Security

KeyChaser: Unveiling API Keys in Browser Extensions

Shijin Chen, Willy Susilo, Yudi Zhang, Fuchun Guo
University of Wollongong

Batch Me If You Can: Coverage-guided RPKI Fuzzing at Scale

Niklas Vogel, Haya Schulmann
Goethe-Universität Frankfurt, ATHENE

PLATYPUS: Restricting Cross-Module Transitions to Mitigate Code-Reuse Attacks

Apostolos Chatzianagnostou, Marcos Bajo, Christian Rossow
CISPA Helmholtz Center for Information Security

The Pipes Model for Latency and Throughput Analysis

Andrew Lewis-Pye¹, Kartik Nayak², Nibesh Shrestha³
¹: London School of Economics, ²: Duke University, ³: Supra Research

UltraProofs: Scalable Reed-Solomon Code Commitment

Yanpei Guo, Alex Luoyuan Xiong, Wenjie Qu, Jiaheng Zhang
National University of Singapore

MoPE: A Mixture of Password Experts for Improving Password Guessing

Mingjian Duan¹, Ming Xu², Shenghao Zhang¹, Weili Han¹
¹: Fudan University, ²: National University of Singapore

RISCy Cache Coherence: Timer-Free Architectural Cache Attacks via Instruction/Data Cache Incoherence

Fabian Thomas, Michael Schwarz
CISPA Helmholtz Center for Information Security

On the Detectability of Active Gradient Inversion Attacks in Federated Learning

Vincenzo Carletti, Pasquale Foggia, Carlo Mazzocca, Giuseppe Parrella, Mario Vento
University of Salerno

Single-Server Private Outsourcing of zk-SNARKs

Kasra Abbaszadeh¹, Hossein Hafezi², Jonathan Katz³, Sarah Meiklejohn^3,4
¹: University of Maryland, ²: New York University, ³: Google, ⁴: University College London

LLMThief: Evaluating Configuration Leaking Risks in Commercial LLM App Stores

Pinji Chen¹, Jinlong Jiang², Jianjun Chen¹, Feiran Qin¹, Minghao Zhang¹, Jiahe Zhang¹, Haixin Duan¹, Kaiwen Shen^1,3, Hui Jiang^1,4
¹: Tsinghua University, ²: Wuhan University, ³: Clouditera Inc, ⁴: Baidu Inc

Heap Localization: Cache Side-Channel based Linux Kernel Heap Exploit Techniques

Yoochan Lee¹, Sihyun Roh², Hyuk Kwon³, Byoungyoung Lee², Thorsten Holz¹
¹: Max Planck Institute for Security and Privacy, ²: Seoul National University, ³: Korea University

WRATH: Turning Watermark Robustness Against Itself via a Watermark-Agnostic Black-Box Invalidation Attack

Nan Jiang¹, Juan Hu¹, Bangjie Sun¹, Terence Sim¹, Jun Han²
¹: National University of Singapore, ²: KAIST

AttnTrace: Attention-based Context Traceback for Long-Context LLMs

Yanting Wang, Runpeng Geng, Ying Chen, Jinyuan Jia
The Pennsylvania State University

Scalable Registration-Based Encryption from Lattices

Michael Klooß¹, Russell W. F. Lai², Jan Niklas Siemer³, Monisha Swarnakar²
¹: Karlsruhe Institute of Technology & KASTEL, ²: Aalto University, ³: King's College London

From "Be Careful" to "Here's Why": Investigating User Reasoning with Context-Specific SMS Scam Warnings

Elijah Bouma-Sims, Enze Liu, Alexandra Xinran Li, Lorrie Faith Cranor
Carnegie Mellon University

INSIGHT: Automatic Generation of Explanations for Efficient Identification of Hardware Bugs and Underspecifications

Vincent Quentin Ulitzsch¹, Alessandro Bertani^1,2, Peter William Deutsch¹, David Langus Rodriguez^3,4, Kelly Xu¹, Aarti Gupta⁵, Sharad Malik⁵, Mengjia Yan¹
¹: Massachusetts Institute of Technology, ²: Politecnico di Milano, ³: MIT Lincoln Laboratory, ⁴: Cornell University, ⁵: Princeton University

A Context is Worth a Thousand Lies: Evading Intrusion Detectors via Intelligent Context Distortion

Magdy Nasr, Vansh Rastogi, Azadeh Tabiban
University of Manitoba

Decor: Delegated Computation on Randomness for Secure Evaluation of Nonlinear Functions

Haris Smajlović, Kyle Sheng, Timos Antonopoulos, Ruzica Piskac, Hyunghoon Cho
Yale University

The Interplay of Effective Model Checking and Secure Processor Design: From Insights to Practice

Tingzhen Dong¹, Kunpeng Wang¹, Yuheng Yang¹, Yu-Wei Fan², Qinhan Tan², Thomas Bourgeat³, Sharad Malik², Mengjia Yan¹
¹: Massachusetts Institute of Technology, ²: Princeton University, ³: EPFL

Guardians of the Air: In-Device Detection of 5G Control-Plane Threats

Tianwei Wu, Abdullah Al Ishtiaq, Tianchang Yang, Yilu Dong, Kai Tu, Zeyu Song, Ridwanul Hasan Tanvir, Md Toufikuzzaman, Shagufta Mehnaz, Syed Rafiul Hussain
The Pennsylvania State University

Hollow-LLM Attack: Computationally Trivial Weights in Zero-Knowledge Verification of LLM Inference

Chen Gong, Beijie Liu, Mengyuan Li
University of Southern California

SpecAuditor: Generating Audit Specifications for LLM-Driven Bug Detection

Miaoqian Lin¹, Hao Chen²
¹: Unaffiliated, ²: University of California, Davis

Toward Efficient Membership Inference Attacks against Federated Large Language Models: A Projection Residual Approach

Guilin Deng¹, Silong Chen¹, Yuchuan Luo¹, Yi Liu², Songlei Wang³, Zhiping Cai¹, Lin Liu¹, Xiaohua Jia², Shaojing Fu¹
¹: National University of Defense Technology, ²: City University of Hong Kong, ³: Shenzhen University

Language-Agnostic Detection of Computation-Constraint Inconsistencies in ZKP Programs via Value Inference

Arman Kolozyan¹, Bram Vandenbogaerde¹, Janwillem Swalens², Lode Hoste², Stefanos Chaliasos³, Coen De Roover¹
¹: Vrije Universiteit Brussel, ²: Nokia Bell Labs, ³: UCL Centre for Blockchain Technologies & zkSecurity

Knocking on the Front Door: An LLM-Guided Systematic Analysis of DNS Query Processing Vulnerabilities

Yuqi Qiu, Xiang Li, Zheli Liu
Nankai University

Secure Lookup Tables: Faster, Leaner, and More General

Chongrong Li¹, Pengfei Zhu², Yun Li³, Zhanpeng Guo³, Jingyu Li³, Yuncong Hu¹, Zhicong Huang³, Cheng Hong³
¹: Shanghai Jiao Tong University, ²: Tsinghua University, ³: Ant Group

One Tap to Hijack Them All: A Security Analysis of the Google Fast Pair Protocol

Sayon Duttagupta¹, Seppe Wyns², Nikola Antonijević¹, Dave Singelée², Bart Preneel¹
¹: COSIC, KU Leuven, ²: DistriNet, KU Leuven

PILOT: Command-line Interface Fuzzing via Path-Guided, Iterative Large Language Model Prompting

Momoko Shiraishi¹, Yinzhi Cao², Takahiro Shinagawa¹
¹: The University of Tokyo, ²: Johns Hopkins University

Are LLM-Enhanced Graph Neural Networks Robust against Poisoning Attacks?

Yuhang Ma, Jie Wang, Zheng Yan
Xidian University

SatBleed: Security of Commoditized Communication Modules in Satellites

Ulysse Planta¹, Julian Rederlechner¹, Martin Strohmeier², Mathias Fischer³, Ali Abbasi¹
¹: CISPA Helmholtz Center for Information Security, ²: armasuisse Science + Technology, ³: University of Hamburg

Hijacking Large Audio-Language Models via Context-Agnostic and Imperceptible Auditory Prompt Injection

Meng Chen^1,2, Kun Wang¹, Li Lu¹, Jiaheng Zhang³, Tianwei Zhang²
¹: State Key Laboratory of Blockchain and Data Security, Zhejiang University, ²: Nanyang Technological University, ³: National University of Singapore

APT to Disagree: A Comparative Analysis of Attribution in Commercial TI

Aksel Ethembabaoglu, Rolf van Wegberg, Yury Zhauniarovich, Michel van Eeten
Delft University of Technology

Crashing Through Defenses: Exploiting Segfaults and Chaining around Intel CET

Marcos Bajo¹, Ritvik Goyal², Apostolos Chatzianagnostou¹, Christian Rossow¹
¹: CISPA Helmholtz Center for Information Security, ²: Indian Institute of Technology Kanpur

Hidden Secrets in the arXiv: Discovering, Analyzing, and Preventing Unintentional Information Disclosure in Source Files of Scientific Preprints

Jan Pennekamp¹, Johannes Lohmöller¹, David Schütte¹, Joscha Loos¹, Martin Henze^1,2
¹: RWTH Aachen University, ²: Fraunhofer FKIE

MadeYouReset: Exploiting HTTP/2 Server-Side Resets for Large-Scale DoS

Gal Bar Nahum, Anat Bremler-Barr, Yaniv Harel
Tel Aviv University

Hardware Trojans from Invisible Inversions: On the Trojanizability of Standard Cell Libraries

Kolja Dorschel¹, René Walendy¹, Lukas Plätz², Thorben Moos³, Christof Paar¹, Steffen Becker^1,2
¹: Max Planck Institute for Security and Privacy, ²: Ruhr University Bochum, ³: UC Louvain

DY* Unchained: Now with Composable Security Proofs and Precise Compromise Scenarios

Théophile Wallez
CISPA Helmholtz Center for Information Security

A Maliciously-Secure Post-Quantum OPRF from Crypto Dark Matter

Diego F. Aranha, Aron van Baarsen, Adam Blatchley Hansen, Kent Nielsen, Peter Scholl
Aarhus University

Recovering and Rehosting Mobile Local LLM Conversations and Contexts via Memory Forensics

Haichuan Xu, David Oygenblik, Runze Zhang, Mingxuan Yao, Muhammad Ibrahim, Brendan Saltaformaggio
Georgia Institute of Technology

SoK: After Decades of Web Tracker Detection, What's Next?

Wolf Rieder¹, Philip Raschke¹, Thomas Cory¹, Christian René Sechting¹, Aditya Kumar², Axel Küpper¹
¹: Technische Universität Berlin, ²: Independent Researcher

Contextualizing Sink Knowledge for Java Vulnerability Discovery

Fabian Fleischer¹, Cen Zhang¹, Joonun Jang², Jeongin Cho², Meng Xu³, Taesoo Kim¹
¹: Georgia Institute of Technology, ²: Samsung Research, ³: University of Waterloo

The Fault in Our Drafts: Vulnerabilities in RPKI Specification and Software

Oliver Jacobsen^1,2, Tobias Kirsch^1,2, Haya Schulmann^1,2, Niklas Vogel^1,2, Michael Waidner^1,3,4
¹: National Research Center for Applied Cybersecurity ATHENE, ²: Goethe-Universität Frankfurt, ³: Fraunhofer Institute for Secure Information Technology SIT, ⁴: Technische Universität Darmstadt

Auditing Apple’s DifferentialPrivacy.framework: Implementation Bugs, Misconfigurations, and Practical Risks

Rishav Chourasia¹, Ergute Bao², Uzair Javaid¹, Xiaokui Xiao³
¹: Betterdata.ai, ²: Mohamed bin Zayed University of Artificial Intelligence, ³: National University of Singapore

Efficient Arithmetic-and-Comparison Homomorphic Encryption with Space Switching

Erwin Eko Wahyudi, Yan Solihin, Qian Lou
University of Central Florida

Death Is Not the End: A Longitudinal Study on the Impact of Automatic Updates on Container Vulnerability Lifespans

Simge Tekin¹, Octavian Suciu², Sungsu Kwag¹, Yonghwi Kwon¹, Tudor Dumitras¹
¹: University of Maryland, College Park, ²: Google

GDDR: Greatly Disturbing DRAM Rows — Cross-Component Rowhammer Attacks from Modern GPUs

Yichang Hu¹, Noah Brown¹, Yuhang Chen¹, Joshua Bakita², Tianlong Chen¹, Daniel Genkin³, Andrew Kwong¹
¹: University of North Carolina at Chapel Hill, ²: Mohamed bin Zayed University of Artificial Intelligence, ³: Georgia Institute of Technology

Amplifying User Voices to Rally Censorship Investigation

Aaron Ortwein¹, Anna Ablove¹, Armin Huremagic¹, Luqin Chang¹, Vinicius Fortuna², Roya Ensafi¹
¹: University of Michigan, ²: Google Jigsaw

GeForge: Hammering GDDR Memory to Forge GPU Page Tables for Fun and Profit

Junpeng Wan^1,2, Yanan Guo³, Zhi Zhang⁴, Zhuo Li⁵, Dave (Jing) Tian¹, Zhenkai Zhang²
¹: Purdue University, ²: Clemson University, ³: University of Rochester, ⁴: University of Western Australia, ⁵: HydroX AI

NanoTag: Systems Support for Efficient Byte-Granular Overflow Detection on ARM MTE

Mingkai Li¹, Hang Ye¹, Joseph Devietti², Suman Jana¹, Tanvir Ahmed Khan¹
¹: Columbia University, ²: University of Pennsylvania

Your Eyes Won't Lie: Snooping Online Voting Privacy from User Webcam

Zeyu Deng, Jingwei Zhang, Chen Wang
Southern Methodist University

Breaking Free from Ivory Tower: Evaluating and Enhancing Real-world Chinese Underground Adversarial Jargon Detection

Zhifan Jiang¹, Mingxuan Liu², Yue Qin³, Baojun Liu⁴
¹: Zhejiang University, ²: Zhongguancun Laboratory, ³: Central University of Finance and Economics, ⁴: Tsinghua University

Sparse Estimation Under Local Differential Privacy at All Privacy Levels

Puning Zhao¹, Qingqing Ye², Shaowei Wang³, Jun Feng⁴, Sheng Yue¹, Zhen Chen⁵, Xiaochun Cao¹
¹: Sun Yat-sen University, ²: Hong Kong Polytechnic University, ³: Guangzhou University, ⁴: Huazhong University of Science and Technology, ⁵: Jinan University

A Liveness Attack to Ethereum PoS with No Additional Cost

Mingfei Zhang¹, Rujia Li², Xueqian Lu³, Sisi Duan²
¹: Shandong University, ²: Tsinghua University, ³: Independent Researcher

NetPanic: The Attack Surface You Can’t Syscall

Tianshuo Han¹, Zong Cao², Zhen Dong³, Xiapu Luo⁴, Zhenyu Song¹, Jian Liu¹
¹: Institute of Information Engineering, Chinese Academy of Sciences, ²: Imperial Global Singapore, ³: Fudan University, ⁴: The Hong Kong Polytechnic University

Context-Aware Automated Vulnerability Repair for PHP Web Applications

Chenlin Wang, Wei Meng
The Chinese University of Hong Kong

Robot: Robust Threshold BBS+ in Two Rounds

Guofeng Tang¹, Tian Qiu², Bowen Jiang¹, Haiyang Xue¹, Guomin Yang¹, Man Ho Au³, Robert H. Deng¹, Kwok-Yan Lam⁴
¹: Singapore Management University, ²: Digital Trust Centre, Nanyang Technological University, ³: The Hong Kong Polytechnic University, ⁴: College of Computing and Data Science and Digital Trust Centre, Nanyang Technological University

From Perfect to Approximate Hints: Efficient LWE Secret Recovery Leveraging Low Hamming Weight

Ga Hee Hong¹, Minki Hhan², Jiseung Kim³, Jeong Hwan Lee¹, Changmin Lee¹
¹: Korea University, ²: The University of Texas at Austin, ³: Jeonbuk National University

Code-based Scalable Collaborative SNARKs

Christodoulos Pappas¹, Dimitrios Papadopoulos¹, Charalampos Papamanthou²
¹: HKUST & Lagrange Labs, ²: Yale University & Lagrange Labs

Site Isolation is Dead: How Site Isolation is Broken in Agentic Browsers and Extensions

Suyoung Lee¹, Seongho Keum¹, Changoo Lee¹, Dongwon Shin¹, Sanghyun Hong², Byoungyoung Lee³, Sooel Son¹
¹: KAIST, ²: Oregon State University, ³: Seoul National University

Beyond Nodes vs. Edges: A Multi-View Fusion Framework for Provenance-Based Intrusion Detection

Fan Yang¹, Binyan Xu¹, Di Tang², Kehuan Zhang¹
¹: The Chinese University of Hong Kong, ²: Sun Yat-Sen University

XXXXXX

Philipp Giersfeld, Benedict Schlüter, Shweta Shinde
ETH Zurich

Optimistic Asynchronous Dynamic-committee Proactive Secret Sharing

Bin Hu¹, Jianwei Liu¹, Zhenliang Lu², Qiang Tang³, Zhuolun Xiang⁴, Zongyang Zhang¹
¹: Beihang University, ²: City University of Hong Kong, ³: The University of Sydney, ⁴: Aptos Labs

Accepted Papers

Accepted Cycle 1 2025