Accepted papers

A Comprehensive Quantification of Inconsistencies in Memory Dumps [PDF]
Andrea Oliveri, EURECOM; Davide Balzarotti, EURECOM;

A Longitudinal Analysis of LockBit 3.0’s Extortion Lifecycle and Response to Law Enforcement [PDF]
Yin Minn Pa Pa, Yokohama National University; Yuji Sekine, Yokohama National University; Yamato Kawaguchi, Yokohama National University; Tatsuki Yogo, Yokohama National University; Kelvin Lubbertsen, Delft University of Technology; Rolf van Wegberg, Delft University of Technology; Michel van Eeten, Delft University of Technology; Katsunari Yoshioka, Yokohama National University;

Activation Functions Considered Harmful: Recovering Neural Network Weights through Controlled Channels [PDF]
Jesse Spielman, University of Birmingham; David Oswald, University of Birmingham; Mark Ryan, University of Birmingham; Jo Van Bulck, DistriNet, KU Leuven;

Active Attack Resilience in 5G: A New Take on Authentication and Key Agreement [PDF]
Nazatul Haque Sultan, CSIRO's Data61, Sydney; Xinlong Guan, CSIRO's Data61, Sydney; Josef Pieprzyk, CSIRO's Data61, Sydney; Wei Ni, CSIRO's Data61, Sydney; Sharif Abuadbba, CSIRO's Data61, Sydney; Hajime Suzuki, CSIRO's Data61, Sydney;

ADAPT: A Pseudo-labeling Approach to Combat Concept Drift in Malware Detection [PDF]
Md Tanvirul Alam, Rochester Institute of Technology; Aritran Piplai, University of Texas, El Paso; Nidhi Rastogi, Rochester Institute of Technology;

An In-model Spy in Edge Intelligence [PDF]
Fengxu Yang, ShanghaiTech University; Paizhuo Chen, ShanghaiTech University; Yihui Yan, ShanghaiTech University; Zhice Yang, ShanghaiTech University;

BadFU: Backdoor Federated Learning Through Adversarial Machine Unlearning [PDF]
Bingguang Lu, University of Newcastle; Hongsheng Hu, University of Newcastle; Yuantian Miao, University of Newcastle; Shaleeza Sohail, University of Newcastle; Chaoxiang He, Shanghai Jiao Tong University; Shuo Wang, Shanghai Jiao Tong University; Xiao Chen, University of Newcastle;

BadLogo: A Physically Realizable Adversarial Sticker for Evaluating the Robustness of Face Recognition Models [PDF]
Fuqi Qi, Xidian University; Haichang Gao, Xidian University; Boling Li, Xidian University; Shiping Guo, Xidian University; Yuming Zheng, Xidian University; Bingqian Zhou, Xidian University;

Carbon Filter: Scalable, Efficient, and Secure Alert Triage for Endpoint Detection & Response [PDF]
Muhammad Adil Inam, University of Illinois at Urbana-Champaign; Jonathan Oliver, Broadcom; Raghav Batta, Broadcom; Adam Bates, University of Illinois at Urbana-Champaign;

Careless Whisper: Exploiting Silent Delivery Receipts to Monitor Users on Mobile Instant Messengers [PDF]
Gabriel Karl Gegenhuber, University of Vienna; Maximilian Günther, University of Vienna; Markus Maier, University of Vienna; Aljosha Judmayer, University of Vienna; Florian Holzbauer, University of Vienna; Philipp Frenzel, SBA Research; Johanna Ullrich, University of Vienna;

CasinoLimit: An Offensive Dataset Labeled with MITRE ATT&CK Techniques [PDF]
Sebastien Kilian, CentraleSupélec; Valérie Viet Triem Tong, CentraleSupélec; Jean-François Lalande, CentraleSupélec; Frédéric Majorczyk, DGA, Ministère des Armées; Alexandre Sanchez, Inria; Natan Talon, CentraleSupélec; Pierre-Victor Besson, Inria; Helene Orsini, CentraleSupelec; Pierre Lledo, DGA, Ministère des Armées; Pierre-François Gimenez, Univ. Rennes, Inria, IRISA;

Deception Meets Diagnostics: Deception-based Real-Time Threat Detection in Healthcare Web Systems [PDF]
Zeeshan Zulkifl Shah, Macquarie University; Muhammad Ikram, Macquarie University; Hassan Jameel Asghar, Macquarie University; Mohamed Ali Kaafar, Macquarie University;

Deep Learning-Based Attacks on Traditional Watermarking Systems in Real-Time Live Video Streams [PDF]
Amin Sakzad, Monash University; Rebecca Wang, Monash University; Stuart W. Hall, Monash University;

DeepFW: A DNN-Based Firmware Version Identification Framework for Online IoT Devices [PDF]
Zhen Lei, Taiyuan University of Technology, China; Nian Xue, Shandong University of Technology, China; Zhen Li, Shandong University of Technology, China; Dan Yu, Taiyuan University of Technology, China; Xin Huang, Taiyuan University of Technology, China; Yongle Chen, Taiyuan University of Technology, China;

Demystifying Feature Engineering in Malware Analysis of API Call Sequences [PDF]
Tianheng Qu, Institute of Information Engineering at Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences, China; Hongsong Zhu, Institute of Information Engineering, CAS, China; School of Cyber Security, University of Chinese Academy of Sciences, China; Limin Sun, Institute of Information Engineering of CAS; Haining Wang, Virginia Tech; Haiqiang Fei, Institute of Information Engineering at Chinese Academy of Sciences; Zheng He, National Computer Network Emergency Response Technical Team/Coordination Center of China; Zhi Li, Institute of Information Engineering, Chinese Academy of Sciences, China;

DEPHP: A Source Code Recovery Method for PHP Bytecode with Improved Structural Analysis [PDF]
Shiwu Zhao, Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences; Ningjun Zheng, Tencent Technology (Shanghai)Co., Ltd., Shanghai, China; Haoyu Li, Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences; Ruizhi Feng, Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences; Xingchen Chen, Institute of Information Engineering, Chinese Academy of Sciences; Ru Tan, Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences; Qixu Liu, Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences;

Detecting and Adapting to Stealthy Label-Inversion Drifts via Conditional Distribution Inference [PDF]
Xiaoli Zhang, University of Science and Technology Beijing; Yue Xiao, Wuhan University; Qilei Yin, Zhongguancun Lab; Zhengyang Li, University of Science and Technology Beijing; Xinyan Wang, China Unicom Digital Technology Co., Ltd; Jianrong Zhang, China Unicom Digital Technology Co., Ltd; Ke Xu, Tsinghua University; Qi Li, Tsinghua University; Xu-Cheng Yin, University of Science and Technology Beijing;

Developing a Strong CPS Defender: An Evolutionary Approach [PDF]
Qingyuan Hu, School of Information Science and Technology, ShanghaiTech University; Christopher M. Poskitt, Singapore Management University; Jun Sun, Singapore Management University; Yuqi Chen, School of Information Science and Technology, ShanghaiTech University;

Evaluating LLM-Based Detection of Malicious Package Updates in npm [PDF]
Elizabeth Wyss, University of Kansas; Dominic Tassio, University of Kansas; Lorenzo De Carli, University of Calgary; Drew Davidson, University of Kansas;

EventHunter: Dynamic Clustering and Ranking of Security Events from Hacker Forum Discussions [PDF]
Yasir Ech-chammakhy, Mohammed VI Polytechnic University, College of Computing; Anas Motii, Mohammad VI Polytechnic University, College of Computing; Anass Rabii, Deloitte Morocco Cyber Center; Jaafar Chbili, Deloitte Conseil;

Exploring Runtime Evolution in Android: A Cross-Version Analysis and Its Implications for Memory Forensics [PDF]
Babangida Bappah, Louisiana State University; Lauren G Bristol, Louisiana State University; Lamine Noureddine, Louisiana State University; Sideeq Bello, Louisiana State University; Umar Farooq, Louisiana State University; Aisha Ali-Gombe, Louisiana State University;

FedSIG: Privacy-Preserving Federated Recommendation via Synthetic Interaction Generation [PDF]
Thirasara Ariyarathna, University of New South Wales; Salil Kanhere, University of New South Wales; Hye-Young (Helen) Paik, University of New South Wales (UNSW); Meisam Mohammady, Iowa State University of Science and Technology, Iowa, The USA;

From Concealment to Exposure: Understanding the Lifecycle and Infrastructure of APT Domains [PDF]
Athanasios Avgetidis, Georgia Institute of Technology; Aaron Faulkenberry, Georgia Institute of Technology; Boladji Vinny Adjibi, Georgia Institute of Technology; Tillson Galloway, Georgia Institute of Technology; Panagiotis Kintis, Georgia Institute of Technology; Omar Alrawi, Georgia Institute of Technology; Zane Ma, Oregon State University; Angelos Keromytis, Georgia Institute of Technology; Fabian Monrose, Georgia Institute of Technology; Roberto Perdisci, University of Georgia; Manos Antonakakis, Georgia Tech;

From Text to Actionable Intelligence: Automating STIX Entity and Relationship Extraction [PDF]
Ahmed Lekssays, Qatar Computing Research Institute; Husrev Taha Sencar, Qatar Computing Research Institute; Ting Yu, Mohamed bin Zayed University of Artificial Intelligence;

Functional Encryption in Secure Neural Network Training: Data Leakage and Practical Mitigations [PDF]
Alexandru Ionita, "Al. I. Cuza" University of Iasi; Andreea Ionita, "Al. I. Cuza" University of Iasi;

Guard-GBDT: Efficient Privacy-Preserving Approximated GBDT Training on Vertical Dataset [PDF]
Anxiao Song, Xidian university; Shujie Cui, Monash University; Jianli Bai, Singapore Management University; Ke Cheng, Xidian university; Yulong Shen, Xidian University, China; Giovanni Russello, University of Auckland;

H2FUZZ: Guided, Black-box, Differential Fuzzing for HTTP/2-to-HTTP/1 Conversion Anomalies [PDF]
Anthony Gavazzi, Northeastern University; Weixin Kong, Northeastern University; Engin Kirda, Northeastern University;

Malware and Vulnerability Analysis using Graph-synchronized Language Model [PDF]
Paventhan Vivekanandan, Indiana University Bloomington; Alexander Shroyer, Indiana University Bloomington; Martin Swany, Indiana University Bloomington;

MotionDecipher: General Video-assisted Passcode Inference In Virtual Reality [PDF]
Guanchong Huang, University of Oklahoma; Yan He, University of Oklahoma; Shangqing Zhao, University of Oklahoma; Yi Wu, University of Oklahoma; Song Fang, University of Oklahoma;

MuSAR: Multi-Step Attack Reconstruction from Lightweight Security Logs via Event-Level Semantic Association in Multi-Host Environments [PDF]
Yang Liu, Xi'an Jiaotong University; Zisen Xu, Xi'an Jiaotong University; Zian Luo, Xi'an Jiaotong University; Jin'ao Shang, Xi'an Jiaotong University; Shilong Zhang, Xi'an Jiaotong University; Haichuan Zhang, University of Science and Technology of China; Ting Liu, Xi'an Jiaotong University;

NIDP:Solving Feature Distribution Shifts in Network Intrusion Detection via Neural Pruning [PDF]
Jiangtao Ding, Zhejiang University of Technology; Junli ZHENG, Zhejiang University of Technology; Chenyang Mo, China Jiliang University; Zhicheng Xu, Zhejiang University of Technology; Han Zhu, Zhejiang University of Technology; Hongbing Cheng, Zhejiang University of Technology;

On the Effectiveness of Custom Transformers for Binary Analysis [PDF]
Xuezixiang Li, UC Riverside; Lian Gao, UC Riverside; Sheng Yu, UC Riverside; Yu Qu, UC Riverside; Heng Yin, UC Riverside;

Overlapping IPv4, IPv6, and TCP data: exploring errors, test case context, and multiple overlaps inside network stacks and NIDSes with PYROLYSE [PDF]
Lucas Aubard, Inria; Johan Mazel, ANSSI; Gilles Guette, IMT Atlantique; Pierre Chifflier, ANSSI;

Perry: A High-level Framework for Accelerating Cyber Deception Experimentation [PDF]
Brian Singer, Carnegie Mellon University; Yusuf Saquib, Carnegie Mellon University; Lujo Bauer, Carnegie Mellon University; Vyas Sekar, Carnegie Mellon University;

Portal: Enabling Accurate Siemens PLC Rehosting via Peripheral Synthesis and Proactive Interrupt Synchronization [PDF]
Haoran Li, Zhejiang University; Dakun Shen, Zhejiang University; Wenbo Shen, Zhejiang University; Zhen Zhu, Zhejiang Lab;

PRIV-HFL: Privacy-Preserving and Robust Federated Learning for Heterogeneous Clients Against Data Reconstruction Attacks [PDF]
MOHAMMADREZA NAJAFI, La Trobe University; Hooman Alavizadeh, La Trobe University; Ahmad Salehi Shahraki, La Trobe University; A.S.M Kayes, La Trobe University; Wenny Rahayu, La Trobe University;

RBAClock: Contain RBAC Permissions through Secure Scheduling [PDF]
Qingwang Chen, Institute of Information Engineering, Chinese Academy of Sciences; Ru Tan, Institute of Information Engineering, Chinese Academy of Sciences; Xinyu Liu, Institute of Information Engineering, Chinese Academy of Sciences; Yuqi Shu, Institute of Information Engineering, Chinese Academy of Sciences; Zhou Tong, Institute of Information Engineering, Chinese Academy of Sciences; Haoqiang Wang, Institute of Information Engineering, Chinese Academy of Sciences; Ze Jin, Institute of Information Engineering, Chinese Academy of Sciences; Qixu Liu, Institute of Information Engineering, Chinese Academy of Sciences;

Re-examine Federated Rank Learning: Analyzing Its Robustness Against Poisoning Attacks [PDF]
Xiaofei Huang, Institute of Information Engineering,Chinese Academy of Sciences; Xiaojie Zhu, King Abdullah University of Science and Technology; chi chen, Institute of Information Engineering,Chinese Academy of Sciences; Paulo Esteves-Veríssimo, King Abdullah University of Science and Technology;

Reconstruction of Differentially Private Text Sanitization via Large Language Models [PDF]
Shuchao Pang, Nanjing University of Science and Technology; Zhigang Lu, Western Sydney University; Haichen Wang, Nanjing University of Science and Technology; Peng Fu, Institute of Information Engineering, Chinese Academy of Sciences; Yongbin Zhou, Nanjing University of Science and Technology; Jason (Minhui) Xue, CSIRO's Data61 and Responsible AI Research (RAIR) Centre, The University of Adelaide;

Red-Teaming LLMs with Token Control Score: Efficient, Universal, and Transferable Jailbreaks [PDF]
Leo Hyun Park, Yonsei University; Taekyoung Kwon, Yonsei University;

Revealing Informed Scanners by Colocating Reactive and Passive Telescopes [PDF]
Dario Ferrero, Delft University of Technology; Georgios Smaragdakis, Delft University of Technology; Harm Griffioen, Delft University of Technology;

RF-Eye-D: Probing Feasibility of CMOS Camera Watermarking with Radio-Frequency Injection [PDF]
Hui Zhuang, Northeastern University; Yan Long, Northeastern University; Kevin Fu, Northeastern University;

Robust Cross-Modal Deepfake Detection via Facial UV Maps and Momentum Contrastive Learning [PDF]
Yuesen Tang, Southeast University; Yuanyang Zhang, Southeast Unviersity; Wangxiao Mao, Southeast University; Li Yao, Southeast University;

Scalable Active Directory Defense with α-Metagraph [PDF]
Nhu Long Nguyen, The University of Adelaide; Nickolas Falkner, The University of Adelaide; Hung Nguyen, The University of Adelaide;

Scalable and Generalizable RL Agents for Attack Path Discovery via Continuous Invariant Spaces [PDF]
Franco Terranova, Université de Lorraine, CNRS, Inria, LORIA; Abdelkader Lahmadi, Université de Lorraine, CNRS, Inria, LORIA; Isabelle Chrisment, Université de Lorraine, CNRS, Inria, LORIA;

Semantic Heat Guided Relational Privacy Inference Based on Panoptic Scene Graph [PDF]
Qi Hao, School of Cyber Science and Engineering, Southeast University; Jie Huang, Southeast University; Changhao Ding, School of Cyber Science and Engineering, Southeast University; Zeping Zhang, Southeast University;

SH3ARS: Privilege Reduction for ARMv8.0-A Secure Monitors [PDF]
Jonas Röckl, Friedrich-Alexander-Universität Erlangen-Nürnberg; Julian Funk, Friedrich-Alexander-Universität Erlangen-Nürnberg; Matti Schulze, Friedrich-Alexander-Universität Erlangen-Nürnberg; Tilo Müller, Hof University of Applied Sciences;

ShuffleV: A Microarchitectural Defense Strategy against Electromagnetic Side-Channel Attacks in Microprocessors [PDF]
Nuntipat Narkthong, Northeastern University; Yukui Luo, Binghamton University; Xiaolin Xu, Northeastern University;

STGraph: Spatio-Temporal Graph Mining for Anomaly Detection in Distributed System Logs [PDF]
Teng Li, Xidian University; Shengkai Zhang, Xidian University; Yebo Feng, Nanyang Technological University; Jiahua Xu, UCL; Zexu Dang, Xidian University; Yang Liu, Nanyang Technological University; Jianfeng Ma, Xidian University;

SyzGrapher: Resource-Centric Graph-Based Kernel Fuzzing [PDF]
Marius Fleischer, NVIDIA; Harrison Green, Carnegie Mellon University; Ilya Grishchenko, University of Toronto; Christopher Kruegel, UC Santa Barbara; Giovanni Vigna, UC Santa Barbara;

SyzRetrospector: A Large-Scale Retrospective Study of Syzbot [PDF]
Joseph Bursey, UC Irvine; Ardalan Amiri Sani, University of California, Irvine; Zhiyun Qian, University of California, Riverside;

TAPPecker: TAP Logic Inference and Violation Detection in Heterogeneous Smart Home Systems [PDF]
Qixiao Lin, Beihang University; Jian Mao, Beihang University; Ziwen Liu, Beihang University; Zhenkai Liang, National University of Singapore;

The Adaptive Arms Race: Redefining Robustness in AI Security [PDF]
Ilias Tsingenopoulos, KU Leuven; Vera Rimmer, KU Leuven; Davy Preuveneers, KU Leuven; Fabio Pierazzi, University College London; Lorenzo Cavallaro, University College London; Wouter Joosen, KU Leuven;

The Persistent Threat of DGA-Based Botnets [PDF]
Arthur Drichel, RWTH Aachen University; Ulrike Meyer, RWTH Aachen University;

TypeFlexer:Type Directed Flexible Program Partitioning [PDF]
Arunkumar Bhattar, Purdue University; Liyi Li, Iowa State University; Mingwei Zhu, University of Maryland, College Park; Le Chang, University of Maryland, College Park; Aravind Machiry, Purdue University;

Uncontained Danger: Quantifying Remote Dependencies in Containerized Applications [PDF]
Chris Tsoukaladelis, Stony Brook University; Roberto Perdisci, University of Georgia; Nick Nikiforakis, Stony Brook University;

Unsupervised Backdoor Detection and Mitigation for Spiking Neural Networks [PDF]
Jiachen Li, RMIT University; Bang Wu, RMIT University; Xiaoyu Xia, RMIT University; Xiaoning Liu, RMIT University; Xun Yi, RMIT University; Xiuzhen Zhang, RMIT University;

ViDToken: A Video-Transformer-Based Latent Token Defense for Adversarial Video Detection [PDF]
Wei Song, UNSW Sydney; Zhenchang Xing, CSIRO's Data61; Liming Zhu, CSIRO's Data61; Yulei Sui, UNSW Sydney; Jingling Xue, UNSW Sydney;

VulCodeMark: Adaptive Watermarking for Vulnerability Datasets Protection [PDF]
Di Cao, Swinburne University of Technology; Shigang Liu, CSIRO's Data61, Australia; Jun Zhang, Swinburne University of Technology; Yang Xiang, Digital Capability Research Platform, Swinburne University of Technology;

When (Inter)actions Speak Louder Than (Pass)words: Task-Based Evaluation of Implicit Authentication in Virtual Reality [PDF]
Woojin Jeon, Sungkyunkwan University; Chaejin Lim, Sungkyunkwan University; Hyoungshick Kim, Sungkyunkwan University;

Zebrafix: Mitigating Memory-Centric Side-Channel Leakage via Interleaving [PDF]
Anna Pätschke, University of Luebeck; Jan Wichelmann, University of Luebeck; Thomas Eisenbarth, University of Luebeck;

{{alert(’CSTI’)}}: Large-Scale Detection of Client-Side Template Injection [PDF]
Lorenzo Pisu, University of Cagliari; Davide Balzarotti, EURECOM; Davide Maiorca, University of Cagliari, Italy; Giorgio Giacinto, University of Cagliari;

Organized by


polyu
polyu
polyu


Sponsors


Silver

The University of Melbourne

Bronze

BlockSec