2021年网络安全领域四大顶会的论文录用均已揭晓,InForSec特整理相关信息分享给网络安全学术社区。
IEEE Symposium on Security and Privacy,简称IEEE S&P , 始于1980年,每年在美国Oakland召开,至今已举办42届, 主要收录研究机构以及科技企业在计算机安全和隐私研究领域最前沿、最顶级的研究成果。
作为历史最为悠久的网络与信息安全学术会议,IEEE S&P 发表难度极高,录用率长期保持在12%,它被CCF认定为网络与信息安全领域A类国际学术会议。
过去42年里,中国大陆高校和研究机构在该会议上以第一完成单位发表的论文不超过30篇。 IEEE S&P 2021共录取论文115篇, 其中来自中国高校、科研院所和企业界的共有11篇,有华人学者参与的共有40篇。 (注:数据为人工统计,如有疏漏,还请指正。)
以下为 IEEE S&P 2021年录取论文列表:
| 论文标题 | 作者信息 | 第一作者单位 | 一作单位所在国家 |
| A Decentralized and Encrypted National Gun Registry | Seny Kamara (Brown University), Tarik Moataz (Aroki Systems), Andrew Park (Brown University), Lucy Qin (Brown University) | Brown University | 美国 |
| A First Look at Zoombombing | Chen Ling (Boston University), Utkucan Balcı (Binghamton University), Jeremy Blackburn (Binghamton University), Gianluca Stringhini (Boston University) | Boston University | 美国 |
| A Novel Dynamic Analysis Infrastructure to Instrument Untrusted Execution Flow Across User-Kernel Spaces | Jiaqi Hong (Singapore Management University), Xuhua Ding (Singapore Management University) | Singapore Management University | 新加坡 |
| A Secure and Formally Verified Linux KVM Hypervisor | Shih-Wei Li (Columbia University), Xupeng Li (Columbia University), John Hui (Columbia University), Jason Nieh (Columbia University), Ronghui Gu (Columbia University) | Columbia University | 美国 |
| A Security Model and Fully Verified Implementation for the IETF QUIC Record Layer | Antoine Delignat-Lavaud (Microsoft Research), Cedric Fournet (Microsoft Research), Bryan Parno (Carnegie Mellon University), Jonathan Protzenko (Microsoft Research), Tahina Ramananandro (Microsoft Research), Jay Bosamiya (Carnegie Mellon University), Joseph Lallemand (Loria, Inria Nancy Grand Est), Itsaka Rakotonirina (Loria, Inria Nancy Grand Est), Yi Zhou (Carnegie Mellon University), Joseph Lallemand (ETH Zürich) | Microsoft Research | 美国 |
| A2L: Anonymous Atomic Locks for Scalability in Payment Channel Hubs | Erkan Tairi (TU Wien), Pedro Moreno-Sanchez (IMDEA Software Institute), Matteo Maffei (TU Wien) | TU Wien | 奥地利 |
| ARBITRAR : User-Guided API Misuse Detection | Ziyang Li (University of Pennsylvania), Aravind Machiry (Purdue University), Binghong Chen (Georgia Institute of Technology), Ke Wang (Visa Research), Mayur Naik (University of Pennsylvania), Le Song (Georgia Institute of Technology) | University of Pennsylvania | 美国 |
| Adversarial Watermarking Transformer: Towards Tracing Text Provenance with Data Hiding | Sahar Abdelnabi (CISPA Helmholtz Center for Information Security), Mario Fritz (CISPA Helmholtz Center for Information Security) | CISPA Helmholtz Center for Information Security | 德国 |
| Adversary Instantiation: Lower bounds for differentially private machine learning | Milad Nasr (University of Massachusetts Amherst), Shuang Song (Google), Abhradeep Guha Thakurta (Google), Nicolas Papernot (Google), Nicholas Carlini (Google) | University of Massachusetts Amherst | 美国 |
| An I/O Separation Model for Formal Verification of Kernel Implementations | Miao Yu (Carnegie Mellon University), Virgil Gligor (Carnegie Mellon University), Limin Jia (Carnegie Mellon University) | Carnegie Mellon University | 美国 |
| An Interactive Prover for Protocol Verification in the Computational Model | David Baelde (LSV, CNRS, ENS Paris-Saclay, Université Paris-Saclay), Stéphanie Delaune (Univ Rennes, CNRS, IRISA), Charlie Jacomme (CISPA Helmholtz Center for Information Security), Adrien Koutsos (INRIA Paris), Solene Moreau (Univ Rennes, CNRS, IRISA), Charlie Jacomme (LSV & CNRS & ENS Paris-Saclay & INRIA & Université Paris-Saclay, Paris, France) | LSV | 法国 |
| Android Custom Permissions Demystified: From Privilege Escalation to Design Shortcomings | Rui Li (Shandong University), Wenrui Diao (Shandong University), Zhou Li (University of California, Irvine), Jianqi Du (Shandong University), Shanqing Guo (Shandong University) | Shandong University | 中国 |
| BUFFing signature schemes beyond unforgeability and the case of post-quantum signatures | Cas Cremers (CISPA Helmholtz Center for Information Security), Samed Düzlü (TU Darmstadt), Rune Fiedler (TU Darmstadt), Marc Fischlin (TU Darmstadt), Christian Janson (TU Darmstadt) | CISPA Helmholtz Center for Information Security | 德国 |
| Bitcoin-Compatible Virtual Channels | Lukas Aumayr (Technische Universität Wien), Oguzhan Ersoy (Delft University of Technology), Andreas Erwig (Technische Universität Darmstadt), Sebastian Faust (Technische Universität Darmstadt), Kristina Hostáková (ETH Zürich), Matteo Maffei (Technische Universität Wien), Pedro Moreno-Sanchez (Technische Universität Wien), Siavash Riahi (Technische Universität Darmstadt) | Technische Universität Wien | 奥地利 |
| Black Widow: Blackbox Data-driven Web Scanning | Benjamin Eriksson (Chalmers University of Technology), Giancarlo Pellegrino (CISPA Helmholtz Center for Information Security), Andrei Sabelfeld (Chalmers University of Technology) | Chalmers University of Technology | 瑞典 |
| Bomberman: Defining and Defeating Hardware Ticking Timebombs at Design-time | Timothy Trippel (University of Michigan), Kang G. Shin (University of Michigan), Kevin B. Bush (MIT Lincoln Laboratory), Matthew Hicks (Virginia Tech) | University of Michigan | 美国 |
| Bookworm Game: Automatic Discovery of LTE Vulnerabilities Through Documentation Analysis | Yi Chen (Indiana University Bloomington), Yepeng Yao (Institute of Information Engineering, CAS), XiaoFeng Wang (Indiana University Bloomington), Dandan Xu (Institute of Information Engineering, CAS), Xiaozhong Liu (Indiana University Bloomington), Chang Yue (Institute of Information Engineering, CAS), Kai Chen (Institute of Information Engineering, CAS), Haixu Tang (Indiana University Bloomington), Baoxu Liu (Institute of Information Engineering, CAS) | Indiana University Bloomington | 美国 |
| Breaking the Specification: PDF Certification | Simon Rohlmann (Ruhr University Bochum), Vladislav Mladenov (Ruhr University Bochum), Christian Mainka (Ruhr University Bochum), Jörg Schwenk (Ruhr University Bochum) | Ruhr University Bochum | 德国 |
| CANnon: Reliable and Stealthy Remote Shutdown Attacks via Unaltered Automotive Microcontrollers | Sekar Kulandaivel (Carnegie Mellon University), Shalabh Jain (Research and Technology Center, Robert Bosch LLC, USA), Jorge Guajardo (Research and Technology Center, Robert Bosch LLC, USA), Vyas Sekar (Carnegie Mellon University) | Carnegie Mellon University | 美国 |
| CRYLOGGER: Detecting Crypto Misuses Dynamically | Luca Piccolboni (Columbia University), Giuseppe Di Guglielmo (Columbia University), Luca P. Carloni (Columbia University), Simha Sethumadhavan (Columbia University) | Columbia University | 美国 |
| CacheOut: Leaking Data on Intel CPUs via Cache Evictions | Stephan van Schaik (University of Michigan), Marina Minkin (University of Michigan), Andrew Kwong (University of Michigan), Daniel Genkin (University of Michigan), Yuval Yarom (University of Adelaide and Data61) | University of Michigan | 美国 |
| CanDID: Can-Do Decentralized Identity with Legacy Compatibility, Sybil-Resistance, and Accountability | Sai Krishna Deepak Maram (Cornell Tech), Fan Zhang (Cornell Tech), Harjasleen Malvai (Cornell), Ari Juels (Cornell Tech), Alexander Frolov (Cornell), Nerla Jean-Louis (University of Illinois at Urbana-Champaign), Andrew Miller (University of Illinois at Urbana-Champaign), Tyler Kell (Cornell Tech) | Cornell Tech | 美国 |
| Co-Inflow: Coarse-Grained Information Flow Control for Java-like Languages | Jian Xiang (Harvard University), Stephen Chong (Harvard University) | Harvard University | 美国 |
| Compact Certificates of Collective Knowledge | Silvio Micali (Algorand and MIT), Leonid Reyzin (Algorand and Boston University), Georgios Vlachos (), Riad S. Wahby (Algorand and Stanford), Nickolai Zeldovich (Algorand and MIT) | Algorand and MIT | 美国 |
| Compositional Non-Interference for Fine-Grained Concurrent Programs | Dan Frumin (Radboud University), Robbert Krebbers (TU Delft), Lars Birkedal (Aarhus University) | Radboud University | 荷兰 |
| Compositional Security for Reentrant Applications | Ethan Cecchetti (Cornell University), Siqiu Yao (Cornell University), Haobin Ni (Cornell University), Andrew C. Myers (Cornell University) | Cornell University | 美国 |
| ConDySTA: Context-Aware Dynamic Supplement to Static Taint Analysis | Xueling Zhang (University of Texas at San Antonio), Xiaoyin Wang (University of Texas at San Antonio), Rocky Slavin (University of Texas at San Antonio), Jianwei Niu (University of Texas at San Antonio) | University of Texas at San Antonio | 美国 |
| CrawlPhish: Large-scale Analysis of Client-side Cloaking Techniques in Phishing | Penghui Zhang (Arizona State University), Adam Oest (Arizona State University), Haehyun Cho (Arizona State University), Zhibo Sun (Arizona State University), RC Johnson (PayPal), Brad Wardman (PayPal), Shaown Sarker (North Carolina State University), Alexandros Kapravelos (North Carolina State University), Tiffany Bao (Arizona State University), Ruoyu Wang (Arizona State University), Yan Shoshitaishvili (Arizona State University), Adam Doupé (Arizona State University), Gail-Joon Ahn (Arizona State University and Samsung Research) | Arizona State University | 美国 |
| Cross Layer Attacks and How to Use Them (for DNS Cache Poisoning, Device Tracking and More) | Amit Klein (Bar Ilan University) | Bar Ilan University | 以色列 |
| Cross-Domain Access Control Encryption — Arbitrary-policy, Constant-size, Efficient | Xiuhua Wang (The Chinese University of Hong Kong), Sherman S. M. Chow (The Chinese University of Hong Kong) | The Chinese University of Hong Kong | 中国 |
| CrossTalk: Speculative Data Leaks Across Cores Are Real | Hany Ragab (Vrije Universiteit Amsterdam), Alyssa Milburn (Vrije Universiteit Amsterdam), Kaveh Razavi (Vrije Universiteit Amsterdam), Herbert Bos (Vrije Universiteit Amsterdam), Cristiano Giuffrida (Vrije Universiteit Amsterdam), Kaveh Razavi (ETH Zurich) | Vrije Universiteit Amsterdam | 荷兰 |
| CryptGPU: Fast Privacy-Preserving Machine Learning on the GPU | Sijun Tan (University of Virginia), Brian Knott (Facebook AI Research), Yuan Tian (University of Virginia), David J. Wu (University of Virginia) | University of Virginia | 美国 |
| DIANE: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices | Nilo Redini (UC Santa Barbara), Andrea Continella (University of Twente), Dipanjan Das (UC Santa Barbara), Giulio De Pasquale (UC Santa Barbara), Noah Spahn (UC Santa Barbara), Aravind Machiry (UC Santa Barbara), Antonio Bianchi (Purdue University), Christopher Kruegel (UC Santa Barbara), Giovanni Vigna (UC Santa Barbara) | UC Santa Barbara | 美国 |
| DICE: Automatic Emulation of DMA Input Channels for Dynamic Firmware Analysis | Alejandro Mera (Northeastern University), Bo Feng (Northeastern University), Long Lu (Northeastern University), Engin Kirda (Northeastern University) | Northeastern University | 美国 |
| DIFUZZRTL: Differential Fuzz Testing to Find CPU Bugs | Jaewon Hur (Seoul National University), Suhwan Song (Seoul National University), Dongup Kwon (Seoul National University), Eunjin Baek (Seoul National University), Jangwoo Kim (Seoul National University), Byoungyoung Lee (Seoul National University) | Seoul National University | 韩国 |
| DP-Sniper: Black-Box Discovery of Differential Privacy Violations using Classifiers | Benjamin Bichsel (ETH Zurich), Samuel Steffen (ETH Zurich), Ilija Bogunovic (ETH Zurich), Martin Vechev (ETH Zurich) | ETH Zurich | 瑞士 |
| Data Privacy in Trigger-Action Systems | Yunang Chen (University of Wisconsin-Madison), Amrita Roy Chowdhury (University of Wisconsin-Madison), Ruizhe Wang (University of Wisconsin-Madison), Andrei Sabelfeld (Chalmers University of Technology), Rahul Chatterjee (University of Wisconsin-Madison), Earlence Fernandes (University of Wisconsin-Madison) | University of Wisconsin-Madison | 美国 |
| Defensive Technology Use by Political Activists During the Sudanese Revolution | Alaa Daffalla (University of Kansas), Lucy Simko (University of Washington), Tadayoshi Kohno (University of Washington), Alexandru G. Bardas (University of Kansas) | University of Kansas | 美国 |
| Detecting AI Trojans Using Meta Neural Analysis | Xiaojun Xu (University of Illinois at Urbana-Champaign), Qi Wang (University of Illinois at Urbana-Champaign), Huichen Li (University of Illinois at Urbana-Champaign), Nikita Borisov (University of Illinois at Urbana-Champaign), Carl A. Gunter (University of Illinois at Urbana-Champaign), Bo Li (University of Illinois at Urbana-Champaign) | University of Illinois at Urbana-Champaign | 美国 |
| Detecting Filter List Evasion with Event-Loop-Turn Granularity JavaScript Signatures | Quan Chen (North Carolina State University), Peter Snyder (Brave Software), Ben Livshits (Brave Software), Alexandros Kapravelos (North Carolina State University) | North Carolina State University | 美国 |
| Did you mix me? Formally Verifying Verifiable Mix Nets in Electronic Voting | Thomas Haines (Norwegian University of Science and Technology), Rajeev Gore (Australian National University), Bhavesh Sharma (Australian National University), Thomas Haines (Norwegian University of Science and Technology) | Norwegian University of Science and Technology | 挪威 |
| Diogenes: Lightweight Scalable RSA Modulus Generation with a Dishonest Majority | Carmit Hazay (Bar-Ilan University), Megan Chen (Northeastern U.), Yuval Ishai (Technion), Yuriy Kashnikov (Ligero Inc.), Daniele Micciancio (UC San Diego), Tarik Riviere (Ligero Inc.), abhi shelat (Northeastern U.), Ruihan Wang (Ligero Inc.), Muthu Venkitasubramaniam (U. of Rochester) | Bar-Ilan University | 以色列 |
| Doing good by fighting fraud: Ethical anti-fraudsystems for mobile payments | Zainul Abi Din (UC Davis), Hari Venugopalan (UC Davis), Henry Lin (Bouncer Technologies), Adam Wushensky (Bouncer Technologies), Steven Liu (Bouncer Technologies), Samuel T. King (UC Davis and Bouncer Technologies) | UC Davis | 美国 |
| DynPTA: Combining Static and Dynamic Analysis for Practical Selective Data Protection | Tapti Palit (Stony Brook University), Jarin Firose Moon (Stony Brook University), Fabian Monrose (University of North Carolina, Chapel Hill), Michalis Polychronakis (Stony Brook University) | Stony Brook University | 美国 |
| Ebb-and-Flow Protocols: A Resolution of the Availability-Finality Dilemma | Joachim Neu (Stanford University), Ertem Nusret Tas (Stanford University), David Tse (Stanford University) | Stanford University | 美国 |
| Electromagnetic Covert Channels Can Be Super Resilient | Cheng Shen (Peking University), Tian Liu (Peking University), Jun Huang (MIT), Rui Tan (Nanyang Technological University) | Peking University | 中国 |
| Epochal Signatures for Deniable Group Chats | Florian Weber (TU Eindhoven), Andreas Hülsing (TU Eindhoven) | TU Eindhoven | 荷兰 |
| Fingerprinting the Fingerprinters: Learning to Detect Browser Fingerprinting Behaviors | Umar Iqbal (The University of Iowa), Steven Englehardt (Mozilla Corporation ), Zubair Shafiq (University of California, Davis) | The University of Iowa | 美国 |
| Good Bot, Bad Bot: Characterizing Automated Browsing Activity | Xigao Li (Stony Brook University), Babak Amin Azad (Stony Brook University), Amir Rahmati (Stony Brook University), Nick Nikiforakis (Stony Brook University) | Stony Brook University | 美国 |
| HackEd: A Pedagogical Analysis of Online Vulnerability Discovery Exercises | Daniel Votipka (Tufts University), Eric Zhang (University of Maryland), Michelle Mazurek (University of Maryland) | Tufts University | 美国 |
| Happer: Unpacking Android Apps via a Hardware-Assisted Approach | Lei Xue (The Hong Kong Polytechnic University), Hao Zhou (The Hong Kong Polytechnic University), Xiapu Luo (The Hong Kong Polytechnic University), Yajin Zhou (Zhejiang University), Yang Shi (Tongji University), Guofei Gu (Texas A&M University), Fengwei Zhang (Southern University of Science and Technology (SUSTech)), Man Ho Au (The University of Hong Kong) | The Hong Kong Polytechnic University | 中国 |
| Hardware-Software Contracts for Secure Speculation | Marco Guarnieri (IMDEA Software Institute), Boris Köpf (Microsoft Research), Jan Reineke (Saarland University), Pepe Vila (IMDEA Software Institute) | IMDEA Software Institute | 西班牙 |
| Hear “No Evil”, See “Kenansville”: Efficient and Transferable Black-Box Attacks on Speech Recognition and Voice Identification Systems | Hadi Abdullah (University of Florida), Muhammad Sajidur Rahman (University of Florida), Washington Garcia (University of Florida), Kevin Warren (University of Florida), Anurag Swarnim Yadav (University of Florida), Tom Shrimpton (University of Florida), Patrick Traynor (University of Florida) | University of Florida | 美国 |
| High-Assurance Cryptography in the Spectre Era | Gilles Barthe (Max Planck Institute for Security and Privacy and IMDEA Software Institute), Sunjay Cauligi (University of California San Diego), Benjamin Gregoire (INRIA Sophia Antipolis), Adrien Koutsos (Inria Paris, Max Planck Institute for Security and Privacy), Kevin Liao (Max Planck Institute for Security and Privacy and Massachusetts Institute of Technology), Tiago Oliveira (University of Porto (FCUP) and INESC TEC), Swarn Priya (Purdue University), Tamara Rezk (INRIA Sophia Antipolis), Peter Schwabe (Max Planck Institute for Security and Privacy) | Max Planck Institute for Security and Privacy and IMDEA Software Institute | 德国 |
| High-Frequency Trading on Decentralized On-Chain Exchanges | Liyi Zhou (Imperial College London), Kaihua Qin (Imperial College London), Christof Ferreira Torres (University of Luxembourg), Duc V Le (Purdue University), Arthur Gervais (Imperial College London) | Imperial College London | 英国 |
| How Did That Get In My Phone? Unwanted App Distribution on Android Devices | Platon Kotzias (NortonLifelock Research Group), Juan Caballero (IMDEA Software Institute), Leyla Bilge (NortonLifelock Research Group) | NortonLifelock Research Group | 美国 |
| Improving Password Guessing via Representation Learning | Dario Pasquini (Sapienza University of Rome; Stevens Institute of Technology; Institute of Applied Computing CNR), Ankit Gangwal (University of Padua; Stevens Institute of Technology), Giuseppe Ateniese (Stevens Institute of Technology), Massimo Bernaschi (Institute of Applied Computing CNR), Mauro Conti (University of Padua) | Sapienza University of Rome; Stevens Institute of Technology; Institute of Applied Computing CNR | 意大利 |
| Invisible Probe: Timing Attacks with PCIe Congestion Side-channel | Mingtian Tan (Fudan University), Junpeng Wan (Fudan University), Zhe Zhou (Fudan University), Zhou Li (University of California, Irvine) | Fudan University | 中国 |
| Invisible for both Camera and LiDAR: Security of Multi-Sensor Fusion based Perception in Autonomous Driving Under Physical-World Attacks | Yulong Cao* (University of Michigan), Ningfei Wang* (University of California, Irvine), Chaowei Xiao* (NVIDIA Research and Arizona State University), Dawei Yang* (University of Michigan), Jin Fang (Baidu Research and National Engineering Laboratory of Deep Learning Technology and Application, China), Ruigang Yang (Inceptio), Qi Alfred Chen (University of California, Irvine), Mingyan Liu (University of Michigan), Bo Li (University of Illinois at Urbana-Champaign), (*co-first authors) | University of Michigan | 美国 |
| Is Private Learning Possible with Instance Encoding? | Nicholas Carlini (Google), Samuel Deng (Columbia), Sanjam Garg (UC Berkeley), Somesh Jha (UW-Madison), Saeed Mahloujifar (Princeton), Mohammad Mahmoody (University of Virginia), Abhradeep Thakurta (Google), Florian Tramer (Stanford University) | 美国 | |
| Journey to the Center of the Cookie Ecosystem: Unraveling Actors’ Roles and Relationships | Iskander Sanchez-Rola (NortonLifeLock Research Group), Matteo Dell’Amico (NortonLifeLock Research Group), Davide Balzarotti (EURECOM), Pierre-Antoine Vervier (NortonLifeLock Research Group), Leyla Bilge (NortonLifeLock Research Group), Iskander () | NortonLifeLock Research Group | 美国 |
| Keep the Dirt: Tainted TreeKEM, Adaptively and Actively Secure Continuous Group Key Agreement | Joel Alwen (Wickr Inc.), Margarita Capretto (Universidad Nacional de Rosario), Miguel Cueto (ENS Lyon), Chethan Kamath (Northeastern University), Karen Klein (IST Austria), Ilia Markov (IST Austria), Guillermo Pascual-Perez (IST Austria), Krzysztof Pietrzak (IST Austria), Michael Walter (IST Austria), Michelle Yeo (IST Austria) | Wickr Inc. | 美国 |
| Learning Differentially Private Mechanisms | Subhajit Roy (IIT Kanpur), Justin Hsu (University of Wisconsin–Madison), Aws Albarghouthi (University of Wisconsin–Madison) | IIT Kanpur | 印度 |
| Lightweight Techniques for Private Heavy Hitters | Dan Boneh (Stanford), Elette Boyle (IDC Herzliya), Henry Corrigan-Gibbs (MIT CSAIL), Niv Gilboa (Ben-Gurion University), Yuval Ishai (Technion) | Stanford | 美国 |
| Linking Bluetooth LE & Classic and Implications for Privacy-Preserving Bluetooth-Based Protocols | Norbert Ludant (Northeastern University), Tien D. Vo-Huu (Northeastern University), Sashank Narain (University of Massachusetts Lowell), Guevara Noubir (Northeastern University) | Northeastern University | 美国 |
| Lockable Signatures for Blockchains: Scriptless Scripts for all Signatures | Sri AravindaKrishnan Thyagarajan (Friedrich Alexander Universität Erlangen-Nürnberg), Giulio Malavolta (Max Planck Institute for Security and Privacy) | Friedrich Alexander Universität Erlangen-Nürnberg | 德国 |
| MAD-HTLC: Because HTLC is Crazy-Cheap to Attack | Itay Tsabary (Technion), Matan Yechieli (Technion), Alex Manuskin (ZenGo), Ittay Eyal (Technion, VMware) | Technion | 以色列 |
| Machine Unlearning | Lucas Bourtoule (University of Toronto; Vector Institute), Varun Chandrasekaran (University of Wisconsin-Madison), Christopher A. Choquette-Choo (University of Toronto; Vector Institute), Hengrui Jia (University of Toronto; Vector Institute), Adelin Travers (University of Toronto; Vector Institute), Baiwu Zhang (University of Toronto; Vector Institute), David Lie (University of Toronto), Nicolas Papernot (University of Toronto; Vector Institute) | University of Toronto; Vector Institute | 加拿大 |
| Manipulation Attacks in Local Differential Privacy | Albert Cheu (Northeastern University), Adam Smith (Boston University), Jonathan Ullman (Northeastern University) | Northeastern University | 美国 |
| Many-out-of-Many Proofs and Applications to Anonymous Zether | Benjamin E. Diamond (J.P. Morgan) | J.P. Morgan | 美国 |
| Merkle^2: A Low-Latency Transparency Log System | Yuncong Hu (UC Berkeley), Kian Hooshmand (UC Berkeley), Rajeswari Harika Kalidhindi (UC Berkeley), Seung Jin Yang (UC Berkeley), Raluca Popa (UC Berkeley) | UC Berkeley | 美国 |
| Method Confusion Attack on Bluetooth Pairing | Maximilian von Tschirschnitz (Technical University Munich), Ludwig Peuckert (Technical University Munich), Fabian Franzen (Technical University Munich), Jens Grossklags (Technical University Munich) | Technical University Munich | 德国 |
| NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis | Jaeseung Choi (KAIST), Kangsu Kim (KAIST), Daejin Lee (KAIST), Sang Kil Cha (KAIST) | KAIST | 韩国 |
| OSPREY: Recovery of Variable and Data Structure via Probabilistic Analysis for Stripped Binary | Zhuo Zhang (Purdue University), Yapeng Ye (Purdue University), Wei You (Renmin University of China), Guanhong Tao (Purdue University), Wen-chuan Lee (Purdue University), Yonghwi Kwon (University of Virginia), Yousra Aafer (University of Waterloo), Xiangyu Zhang (Purdue University) | Purdue University | 美国 |
| On the Anonymity Guarantees of Anonymous Proof-of-Stake Protocols | Varun Madathil (North Carolina State University), Alessandra Scafuro (North Carolina State University), Kartik Nayak (Duke University), Markulf Kohlweiss (University of Edinburgh) | North Carolina State University | 美国 |
| On the Just-In-Time Discovery of Profit-Generating Transactions in DeFi Protocols | Liyi Zhou (Imperial College London), Kaihua Qin (Imperial College London), Antoine Cully (Imperial College London), Benjamin Livshits (Imperial College London), Arthur Gervais (Imperial College London) | Imperial College London | 英国 |
| One Engine to Fuzz ’em All: Generic Language Processor Testing with Semantic Validation | Yongheng Chen (Georgia Institute of Technology), Rui Zhong (Pennsylvania State University), Hong Hu (Pennsylvania State University), Hangfan Zhang (Pennsylvania State University), Yupeng Yang (University of Electronic Science and Technology of China), Dinghao Wu (Pennsylvania State University), Wenke Lee (Georgia Institute of Technology) | Georgia Institute of Technology | 美国 |
| PLATYPUS: Software-based Power Side-Channel Attacks on x86 | Moritz Lipp (Graz University of Technology), Andreas Kogler (Graz University of Technology), David Oswald (The University of Birmingham, UK), Michael Schwarz (CISPA Helmholtz Center for Information Security), Catherine Easdon (Graz University of Technology), Claudio Canella (Graz University of Technology), Daniel Gruss (Graz University of Technology), Catherine Easdon (Graz University of Technology) | Graz University of Technology | 奥地利 |
| Pegasus: Bridging Polynomial and Non-polynomial Evaluations in Homomorphic Encryption | Wen-jie Lu (Alibaba Group), Zhicong Huang (Alibaba Group), Cheng Hong (Alibaba Group), Yiping Ma (University of Pennsylvania), Fuping Qu (Alibaba Group) | Alibaba Group | 中国 |
| Poltergeist: Acoustic Adversarial Machine Learning against Cameras and Computer Vision | Xiaoyu Ji (Zhejiang University), Yushi Cheng (Zhejiang University), Yuepeng Zhang (Zhejiang University), Kai Wang (Zhejiang University), Chen Yan (Zhejiang University), Kevin Fu (University of Michigan), Wenyuan Xu (Zhejiang University) | Zhejiang University | 中国 |
| Post-Quantum WireGuard | Andreas Hülsing (Eindhoven University of Technology, NL), Kai-Chun Ning (KPN B.V., NL), Peter Schwabe (Radboud University, NL), Florian Weber (Eindhoven University of Technology, NL), Philip R. Zimmermann (Delft University of Technology & KPN B.V., NL) | Eindhoven University of Technology | 荷兰 |
| Proactive Threshold Wallets with Offline Devices | Yashvanth Kondi (Northeastern University), Bernardo Magri (Aarhus University), Claudio Orlandi (Aarhus University), Omer Shlomovits (ZenGo X) | Northeastern University | 美国 |
| Proof-of-Learning: Definitions and Practice | Hengrui Jia (University of Toronto and Vector Institute), Mohammad Yaghini (University of Toronto and Vector Institute), Christopher A. Choquette-Choo (University of Toronto and Vector Institute), Natalie Dullerud (University of Toronto and Vector Institute), Anvith Thudi (University of Toronto and Vector Institute), Varun Chandrasekaran (University of Wisconsin-Madison), Nicolas Papernot (University of Toronto and Vector Institute) | University of Toronto and Vector Institute | 加拿大 |
| Randomized Last-Level Caches Are Still Vulnerable to Cache Side-Channel Attacks! But We Can Fix It | Wei Song (State Key Laboratory of Information Security, Institute of Information Engineering, CAS), Boya Li (State Key Laboratory of Information Security, Institute of Information Engineering, CAS), Zihan Xue (State Key Laboratory of Information Security, Institute of Information Engineering, CAS), Zhenzhen Li (State Key Laboratory of Information Security, Institute of Information Engineering, CAS), Wenhao Wang (State Key Laboratory of Information Security, Institute of Information Engineering, CAS), Peng Liu (The Pennsylvania State University) | State Key Laboratory of Information Security | 中国 |
| Reading between the Lines: An Extensive Evaluation of the Security and Privacy Implications of EPUB Reading Systems | Gertjan Franken (imec-DistriNet, KU Leuven), Tom Van Goethem (imec-DistriNet, KU Leuven), Wouter Joosen (imec-DistriNet, KU Leuven) | imec-DistriNet,KU Leuven | 荷兰 |
| Real-World Snapshots vs. Theory: Questioning the t-Probing Security Model. | Thilo Krachenfels (Technische Universität Berlin), Amir Moradi (Ruhr-Universität Bochum), Jean-Pierre Seifert (Technische Universität Berlin), Fatemeh Ganji (Worcester Polytechnic Institute), Shahin Tajik (Worcester Polytechnic Institute) | Technische Universität Berlin | 德国 |
| Red Belly: A Secure, Fair and Scalable Open Blockchain | Tyler Crain (University of Sydney), Christopher Natoli (University of Sydney), Vincent Gramoli (University of Sydney and EPFL) | University of Sydney | 澳大利亚 |
| Response-Hiding Encrypted Ranges: Revisiting Security via Parametrized Leakage-Abuse Attacks | Evgenios Kornaropoulos (UC Berkeley), Charalampos Papamanthou (University of Maryland), Roberto Tamassia (Brown University) | UC Berkeley | 美国 |
| Revealer: Detecting and Exploiting Regular Expression Denial-of-Service Vulnerabilities | Yinxi Liu (The Chinese University of Hong Kong), Mingxue Zhang (The Chinese University of Hong Kong), Wei Meng (The Chinese University of Hong Kong) | The Chinese University of Hong Kong | 中国 |
| Runtime Recovery of Web Applications under Zero-Day ReDoS Attacks | Zhihao Bai (Johns Hopkins University), Ke Wang (Peking University), Hang Zhu (Johns Hopkins University), Yinzhi Cao (Johns Hopkins University), Xin Jin (Peking University) | Johns Hopkins University | 美国 |
| SGUARD: Towards Fixing Vulnerable Smart Contracts Automatically | Tai D. Nguyen (Singapore Management University), Long H. Pham (Singapore Management University), Jun Sun (Singapore Management University) | Singapore Management University | 新加坡 |
| SIRNN: A Math Library for Secure RNN Inference | Deevashwer Rathee (Microsoft), Mayank Rathee (Microsoft), Rahul Kranti Kiran Goli (Microsoft), Divya Gupta (Microsoft), Rahul Sharma (Microsoft), Nishanth Chandran (Microsoft), Aseem Rastogi (Microsoft) | Microsoft | 美国 |
| STOCHFUZZ: Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting | Zhuo Zhang (Purdue University), Wei You (Renmin University of China), Guanhong Tao (Purdue University), Yousra Aafer (University of Waterloo), Xuwei Liu (Purdue University), Xiangyu Zhang (Purdue University) | Purdue University | 美国 |
| Self-Supervised Euphemism Detection and Identification for Content Moderation | Wanzheng Zhu (University of Illinois, at Urbana-Champaign), Hongyu Gong (Facebook), Rohan Bansal (Carnegie Mellon University), Zachary Weinberg (University of Massachusetts, Amherst), Nicolas Christin (Carnegie Mellon University), Giulia Fanti (Carnegie Mellon University), Suma Bhat (University of Illinois, at Urbana-Champaign) | University of Illinois | 美国 |
| SmartPulse: Automated Checking of Temporal Properties in Smart Contracts | Jon Stephens (The University of Texas at Austin), Kostas Ferles (The University of Texas at Austin), Benjamin Mariano (The University of Texas at Austin), Shuvendu Lahiri (Microsoft Research), Isil Dillig (The University of Texas at Austin) | The University of Texas at Austin | 美国 |
| SoK: All You Ever Wanted to Know About x86/x64 Binary Disassembly but Were Afraid to Ask | Chengbin Pang (Stevens Institute of Technology; Nanjing University), Ruotong Yu (Stevens Institute of Technology), Yaohui Chen (Facebook Inc.), Eric Koskinen (Stevens Institute of Technology), Georgios Portokalidis (Stevens Institute of Technology), Bing Mao (Nanjing University), Jun Xu (Stevens Institute of Technology) | Stevens Institute of Technology; Nanjing University | 中国 |
| SoK: Computer-Aided Cryptography | Manuel Barbosa (University of Porto and INESC TEC), Gilles Barthe (Max Planck Institute for Security and Privacy; IMDEA Software Institute), Karthik Bhargavan (INRIA Paris), Bruno Blanchet (INRIA Paris), Cas Cremers (CISPA Helmholtz Center for Information Security), Kevin Liao (Max Planck Institute for Security and Privacy; Massachusetts Institute of Technology), Bryan Parno (Carnegie Mellon University) | University of Porto and INESC TEC | 葡萄牙 |
| SoK: Fully Homomorphic Encryption Compilers | Alexander Viand (ETH Zurich), Patrick Jattke (ETH Zurich), Anwar Hithnawi (ETH Zurich) | ETH Zurich | 瑞士 |
| SoK: Hate, Harassment, and the Changing Landscape of Online Abuse | Kurt Thomas (Google), Deepak Kumar (University of Illinois, Urbana-Champaign), Michael Bailey (University of Illinois, Urbana-Champaign), Sarah Meiklejohn (University College London), Thomas Ristenpart (Cornell Tech), Devdatta Akhawe (Independent Researcher), Dan Boneh (Stanford), Zakir Durumeric (Stanford), Damon McCoy (New York University), Gianluca Stringhini (Boston University), Sunny Consolvo (Google), Patrick Gage Kelley (Google), Elie Bursztein (Google), Nicki Dell (Cornell) | 美国 | |
| SoK: Quantifying Cyber Risk | Daniel W Woods (University of Innsbruck), Rainer Böhme (University of Innsbruck) | University of Innsbruck | 奥地利 |
| SoK: Security and Privacy in the Age of Commercial Drones | Ben Nassi (Ben-Gurion University of the Negev), Ron Bitton (Ben-Gurion University of the Negev), Ryusuke Masuoka (Fujitsu System Integration Laboratories), Asaf Shabtai (Ben-Gurion University of the Negev), Yuval Elovici (Ben-Gurion University of the Negev) | Ben-Gurion University of the Negev | 以色列 |
| SoK: The Faults in our ASRs: An Overview of Attacks against Automatic Speech Recognition and Speaker Identification Systems | Hadi Abdullah (University of Florida), Kevin Warren (University of Florida), Vincent Bindschaedler (University of Florida), Nicolas Papernot (University of Toronto), Patrick Traynor (University of Florida) | University of Florida | 美国 |
| Survivalism: Systematic Analysis of Windows Malware Living-Off-The-Land | Frederick Barr-Smith (Oxford University), Xabier Ugarte-Pedrero (Cisco Systems), Mariano Graziano (Cisco Systems), Riccardo Spolaor (Oxford University), Ivan Martinovic (Oxford University) | Oxford University | 英国 |
| Systematic Analysis of Randomization-Based Protected Cache Architectures | Antoon Purnal (imec-COSIC, KU Leuven), Lukas Giner (Graz University of Technology), Daniel Gruss (Graz University of Technology), Ingrid Verbauwhede (imec-COSIC, KU Leuven) | imec-COSIC, KU Leuven | 荷兰 |
| The EMV Standard: Break, Fix, Verify | David Basin (Department of Computer Science, ETH Zurich), Ralf Sasse (Department of Computer Science, ETH Zurich), Jorge Toro-Pozo (Department of Computer Science, ETH Zurich) | Department of Computer Science, ETH Zurich | 瑞士 |
| The Provable Security of Ed25519: Theory and Practice | Jacqueline Brendel (CISPA), Cas Cremers (CISPA), Dennis Jackson (ETH Zurich), Mang Zhao (CISPA – Helmholtz Center for Information Security) | CISPA | 德国 |
| They Would do Better if They Worked Together: The Case of Interaction Problems Between Password Managers and Websites | Nicolas Huaman (Leibniz University Hannover), Sabrina Amft (Leibniz University Hannover), Marten Oltrogge (CISPA Helmholtz Center for Information Security), Yasemin Acar (Leibniz University Hannover and Max Planck Institute for Security and Privacy (MPI-SP)), Sascha Fahl (Leibniz University Hannover) | Leibniz University Hannover | 德国 |
| Trouble Over-The-Air: An Analysis of FOTA Apps in the Android Ecosystem | Eduardo Blázquez (Universidad Carlos III de Madrid), Sergio Pastrana (Universidad Carlos III de Madrid), Álvaro Feal (IMDEA Networks Institute / Universidad Carlos III de Madrid), Julien Gamba (IMDEA Networks Institute / Universidad Carlos III de Madrid), Platon Kotzias (NortonLifelock Research Group), Narseo Vallina-Rodriguez (IMDEA Networks Institute / ICSI / AppCensus Inc.), Juan Tapiador (Universidad Carlos III de Madrid) | Universidad Carlos III de Madrid | 西班牙 |
| Trust, But Verify: A Longitudinal Analysis Of Android OEM Compliance and Customization | Andrea Possemato (IDEMIA/Eurecom), Simone Aonzo (Eurecom), Davide Balzarotti (Eurecom), Yanick Fratantonio (Eurecom) | IDEMIA/Eurecom | 法国 |
| Using Selective Memoization to Defeat Regular Expression Denial of Service (ReDoS) | James Davis (Virginia Tech / Purdue University), Francisco Servant (Virginia Tech), Dongyoon Lee (Stony Brook University) | Virginia Tech / Purdue University | 美国 |
| When Function Signature Recovery Meets Compiler Optimization | Yan Lin (Singapore Management University), Debin Gao (Singapore Management University) | Singapore Management University | 新加坡 |
| Which Privacy and Security Attributes Most Impact Consumers‚ Risk Perception and Willingness to Purchase IoT Devices? | Pardis Emami-Naeini (University of Washington), Janarth Dheenadhayalan (Carnegie Mellon University), Yuvraj Agarwal (Carnegie Mellon University), Lorrie Faith Cranor (Carnegie Mellon University) | University of Washington | 美国 |
| Who is Real Bob? Adversarial Attacks on Speaker Recognition Systems | Guangke Chen (ShanghaiTech University; Shanghai Institute of Microsystem and Information Technology, Chinese Academy of Sciences; University of Chinese Academy of Sciences), Sen Chen (Tianjin University; Nanyang Technological University), Lingling Fan (Nanyang Technological University), Xiaoning Du (Nanyang Technological University), Zhe Zhao (ShanghaiTech University), Fu Song (ShanghaiTech University; Shanghai Engineering Research Center of Intelligent Vision and Imaging), Yang Liu (Nanyang Technological University) | ShanghaiTech University; Shanghai Institute of Microsystem and Information Technology | 中国 |
| Wolverine: Fast, Scalable, and Communication-Efficient Zero-Knowledge Proofs for Boolean and Arithmetic Circuits | Chenkai Weng (Northwestern University), Kang Yang (State Key Laboratory of Cryptology), Jonathan Katz (University of Maryland), Xiao Wang (Northwestern University) | Northwestern University | 美国 |
| Zero Knowledge for Everything and Everyone: Fast ZK Processor with Cached ORAM for ANSI C Programs | David Heath (Georgia Institute of Technology), Yibin Yang (Georgia Institute of Technology), David Devecsery (Georgia Institute of Technology), Vladimir Kolesnikov (Georgia Institute of Technology) | Georgia Institute of Technology | 美国 |
