USENIX Security '25 Cycle 1 Accepted Papers
AidFuzzer: Adaptive Interrupt-Driven Firmware Fuzzing via Run-Time State Recognition
DP-BREM: Differentially-Private and Byzantine-Robust Federated Learning with Client Momentum
Am I Infected? Lessons from Operating a Large-Scale IoT Security Diagnostic Service
A Thorough Security Analysis of BLE Proximity Tracking Protocols
'Hey mum, I dropped my phone down the toilet': Investigating Hi Mum and Dad SMS Scams in the United Kingdom
Lost in Translation: Enabling Confused Deputy Attacks on EDA Software with TransFuzz
Universal Cross-app Attacks: Exploiting and Securing OAuth 2.0 in Integration Platforms
NeuroScope: Reverse Engineering Deep Neural Network on Edge Devices using Dynamic Analysis
As Advertised? Understanding the Impact of Influencer VPN Ads
LOHEN: Layer-wise Optimizations for Neural Network Inferences over Encrypted Data with High Performance or Accuracy
StruQ: Defending Against Prompt Injection with Structured Queries
The Conspiracy Money Machine: Uncovering Telegram's Conspiracy Channels and their Profit Model
SoK: An Introspective Analysis of RPKI Security
Haunted by Legacy: Discovering and Exploiting Vulnerable Tunnelling Hosts
TimeTravel: Real-time Timing Drift Attack on System Time Using Acoustic Waves
"I'm regretting that I hit run": In-situ Assessment of Potential Malware
Towards Understanding and Enhancing Security of Proof-of-Training for DNN Model Ownership Verification
DiskSpy: Exploring a Long-Range Covert-Channel Attack via mmWave Sensing of μm-level HDD Vibrations
Task-Oriented Training Data Privacy Protection for Cloud-based Model Training
The Ghost Navigator: Revisiting the Hidden Vulnerability of Localization in Autonomous Driving
Patching Up: Stakeholder Experiences of Security Updates for Connected Medical Devices
Seeing Through: Analyzing and Attacking Virtual Backgrounds in Video Calls
Dorami: Privilege Separating Security Monitor on RISC-V TEEs
A Stakeholder-Based Framework to Highlight Tensions when Implementing Privacy Features
BarraCUDA: Edge GPUs do Leak DNN Weights
PoisonedRAG: Knowledge Corruption Attacks to Retrieval-Augmented Generation of Large Language Models
SoK: A Security Architect's View of Printed Circuit Board Attacks
Predictive Response Optimization: Using Reinforcement Learning to Fight Online Social Network Abuse
Privacy Law Enforcement Under Centralized Governance: A Qualitative Analysis of Four Years' Special Privacy Rectification Campaigns
SpeechGuard: Recoverable and Customizable Speech Privacy Protection
Thunderdome: Timelock-Free Rationally-Secure Virtual Channels
Robustifying ML-powered Network Classifiers with PANTS
GraphAce: Secure Two-Party Graph Analysis Achieving Communication Efficiency
Dormant: Defending against Pose-driven Human Image Animation
PAPILLON: Efficient and Stealthy Fuzz Testing-Powered Jailbreaks for LLMs
BulletCT: Towards More Scalable Ring Confidential Transactions With Transparent Setup
Further Study on Frequency Estimation under Local Differential Privacy
Fuzzing the PHP Interpreter via Dataflow Fusion
Enabling Low-Cost Secure Computing on Untrusted In-Memory Architectures
Distributional Private Information Retrieval
A limited technical background is sufficient for attack-defense tree acceptability
Finding Metadata Inconsistencies in Distributed File Systems via Cross-Node Operation Modeling
Lemon: Network-Wide DDoS Detection with Routing-Oblivious Per-Flow Measurement
ORTHRUS: Achieving High Quality of Attribution in Provenance-based Intrusion Detection Systems
Serverless Functions Made Confidential and Efficient with Split Containers
BlueGuard: Accelerated Host and Guest Introspection Using DPUs
Harness: Transparent and Lightweight Protection of Vehicle Control on Untrusted Android Automotive Operating System
"I'm trying to learn…and I'm shooting myself in the foot": Beginners' Struggles When Solving Binary Exploitation Exercises
Not so Refreshing: Attacking GPUs using RFM Rowhammer Mitigation
Arbitrary-Threshold Fully Homomorphic Encryption with Lower Complexity
The Silent Danger in HTTP: Identifying HTTP Desync Vulnerabilities with Gray-box Testing
Web Execution Bundles: Reproducible, Accurate, and Archivable Web Measurements
RangeSanitizer: Detecting Memory Errors with Efficient Range Checks
Efficient Ranking, Order Statistics, and Sorting under CKKS
Principled and Automated Approach for Investigating AR/VR Attacks
SoK: Come Together – Unifying Security, Information Theory, and Cognition for a Mixed Reality Deception Attack Ontology & Analysis Framework
PICACHV: Formally Verified Data Use Policy Enforcement for Secure Data Analytics
I Can Tell Your Secrets: Inferring Privacy Attributes from Mini-app Interaction History in Super-apps
ALERT: Machine Learning-Enhanced Risk Estimation for Databases Supporting Encrypted Queries
Security Implications of Malicious G-Codes in 3D Printing
Detecting Compromise of Passkey Storage on the Cloud
Secure Caches for Compartmentalized Software
An Industry Interview Study of Software Signing for Supply Chain Security
SparSamp: Efficient Provably Secure Steganography Based on Sparse Sampling
TLBlur: Compiler-Assisted Automated Hardening against Controlled Channels on Off-the-Shelf Intel SGX Platforms
Characterizing and Detecting Propaganda-Spreading Accounts on Telegram
Nothing is Unreachable: Automated Synthesis of Robust Code-Reuse Gadget Chains for Arbitrary Exploitation Primitives
HyTrack: Resurrectable and Persistent Tracking Across Android Apps and the Web
BLens: Contrastive Captioning of Binary Functions using Ensemble Embedding
Fighting Fire with Fire: Continuous Attack for Adversarial Android Malware Detection
PoiSAFL: Scalable Poisoning Attack Framework to Byzantine-resilient Semi-asynchronous Federated Learning
Too Much of a Good Thing: (In-)Security of Mandatory Security Software for Financial Services in South Korea
"Threat modeling is very formal, it's very technical, and also very hard to do correctly": Investigating Threat Modeling Practices in Open-Source Software Projects
JBShield: Defending Large Language Models from Jailbreak Attacks through Activated Concept Analysis and Manipulation
Onions Got Puzzled: On the Challenges of Mitigating Denial-of-Service Problems in Tor Onion Services
When Good Kernel Defenses Go Bad: Reliable and Stable Kernel Exploits via Defense-Amplified TLB Side-Channel Leaks
OneTouch: Effortless 2FA Scheme to Secure Fingerprint Authentication with Wearable OTP Token
Phantom Trails: Practical Pre-Silicon Discovery of Transient Data Leaks
THEMIS: Towards Practical Intellectual Property Protection for Post-Deployment On-Device Deep Learning Models
PATCHAGENT: A Practical Program Repair Agent Mimicking Human Expertise
Beyond Statistical Estimation: Differentially Private Individual Computation via Shuffling
AudioMarkNet: Audio Watermarking for Deepfake Speech Detection
Revisiting Training-Inference Trigger Intensity in Backdoor Attacks
Atkscopes: Multiresolution Adversarial Perturbation as a Unified Attack on Perceptual Hashing and Beyond
Improved Secure Two-party Computation from a Geometric Perspective
SafeSpeech: Robust and Universal Voice Protection Against Malicious Speech Synthesis
Stack Overflow Meets Replication: Security Research Amid Evolving Code Snippets
The Cost of Performance: Breaking ThreadX with Kernel Object Masquerading Attacks
Encarsia: Evaluating CPU Fuzzers via Automatic Bug Injection
Deanonymizing Ethereum Validators: The P2P Network Has a Privacy Issue
High Stakes, Low Certainty: Evaluating the Efficacy of High-Level Indicators of Compromise in Ransomware Attribution
Oblivious Digital Tokens
V-ORAM: A Versatile and Adaptive ORAM Framework with Service Transformation for Dynamic Workloads
"That's my perspective from 30 years of doing this": An Interview Study on Practices, Experiences, and Challenges of Updating Cryptographic Code
Double-Edged Shield: On the Fingerprintability of Customized Ad Blockers
Provably Robust Multi-bit Watermarking for AI-generated Text
Evaluating LLM-based Personal Information Extraction and Countermeasures
Websites' Global Privacy Control Compliance at Scale and over Time
LLMmap: Fingerprinting for Large Language Models
Expert Insights into Advanced Persistent Threats: Analysis, Attribution, and Challenges
Evaluating the Effectiveness and Robustness of Visual Similarity-based Phishing Detection Models
Flexway O-Sort: Enclave-Friendly and Optimal Oblivious Sorting
Tracking the Takes and Trajectories of English-Language News Narratives across Trustworthy and Worrisome Websites
AKMA+: Security and Privacy-Enhanced and Standard-Compatible AKMA for 5G Communication
SoK: On Gradient Leakage in Federated Learning
AGNNCert: Defending Graph Neural Networks against Arbitrary Perturbations with Deterministic Certification
Dumbo-MPC: Efficient Fully Asynchronous MPC with Optimal Resilience
zkGPT: An Efficient Non-interactive Zero-knowledge Proof Framework for LLM Inference
CAMP in the Odyssey: Provably Robust Reinforcement Learning with Certified Radius Maximization
Gotta Detect 'Em All: Fake Base Station and Multi-Step Attack Detection in Cellular Networks
Achilles: A Formal Framework of Leaking Secrets from Signature Schemes via Rowhammer
Who Pays Whom? Anonymous EMV-Compliant Contactless Payments
Bundled Authenticated Key Exchange: A Concrete Treatment of Signal's Handshake Protocol and Post-Quantum Security
SelfDefend: LLMs Can Defend Themselves against Jailbreaking in a Practical Manner
Auspex: Unveiling Inconsistency Bugs of Transaction Fee Mechanism in Blockchain
Pretender: Universal Active Defense against Diffusion Finetuning Attacks
Exploring How to Authenticate Application Messages in MLS: More Efficient, Post-Quantum, and Anonymous Blocklistable
Suda: An Efficient and Secure Unbalanced Data Alignment Framework for Vertical Privacy-Preserving Machine Learning
GeCos Replacing Experts: Generalizable and Comprehensible Industrial Intrusion Detection
Waltzz: WebAssembly Runtime Fuzzing with Stack-Invariant Transformation
Attacker Control and Bug Prioritization
On the Proactive Generation of Unsafe Images From Text-To-Image Models Using Benign Prompts
H2O2RAM: A High-Performance Hierarchical Doubly Oblivious RAM
A Formal Analysis of Apple's iMessage PQ3 Protocol
MBFuzzer: A Multi-Party Protocol Fuzzer for MQTT Brokers
MAESTRO: Multi-Party AES Using Lookup Tables
X.509DoS: Exploiting and Detecting Denial-of-Service Vulnerabilities in Cryptographic Libraries using Crafted X.509 Certificates
Synthetic Artifact Auditing: Tracing LLM-Generated Synthetic Data Usage in Downstream Applications
Email Spoofing with SMTP Smuggling: How the Shared Email Infrastructures Magnify this Vulnerability
How Researchers De-Identify Data in Practice
Lost in the Mists of Time: Expirations in DNS Footprints of Mobile Apps
CoVault: Secure, Scalable Analytics of Personal Data
VoiceWukong: Benchmarking Deepfake Voice Detection
Secure Information Embedding in Forensic 3D Fingerprinting
ImpROV: Measurement and Practical Mitigation of Collateral Damage in RPKI Route Origin Validation
Persistent Backdoor Attacks in Continual Learning
Encrypted Access Logging for Online Accounts: Device Attributions without Device Tracking
Sound of Interference: Electromagnetic Eavesdropping Attack on Digital Microphones Using Pulse Density Modulation
SoK: Towards Effective Automated Vulnerability Repair
Analyzing the AI Nudification Application Ecosystem
From Purity to Peril: Backdooring Merged Models From "Harmless" Benign Components
Qelect: Lattice-based Single Secret Leader Election Made Practical
Assuring Certified Database Utility in Privacy-Preserving Database Fingerprinting
Privacy Audit as Bits Transmission: (Im)possibilities for Audit by One Run
A Framework for Abusability Analysis: The Case of Passkeys in Interpersonal Threat Models
We Have a Package for You! A Comprehensive Analysis of Package Hallucinations by Code Generating LLMs
Whispering Under the Eaves: Protecting User Privacy Against Commercial and LLM-powered Automatic Speech Recognition Systems
Exposing the Guardrails: Reverse-Engineering and Jailbreaking Safety Filters in DALL·E Text-to-Image Pipelines
Shechi: A Secure Distributed Computation Compiler Based on Multiparty Homomorphic Encryption
Following Devils' Footprint: Towards Real-time Detection of Price Manipulation Attacks
GNSS-WASP: GNSS Wide Area SPoofing
A Comprehensive Formal Security Analysis of OPC UA
Data-Free Model-Related Attacks: Unleashing the Potential of Generative AI
Data Duplication: A Novel Multi-Purpose Attack Paradigm in Machine Unlearning
Robust, Efficient, and Widely Available Greybox Fuzzing for COTS Binaries with System Call Pattern Feedback
Digital Security Perceptions and Practices Around the World: A WEIRD versus Non-WEIRD Comparison
Engorgio: An Arbitrary-Precision Unbounded-Size Hybrid Encrypted Database via Quantized Fully Homomorphic Encryption
Invisible but Detected: Physical Adversarial Shadow Attack and Defense on LiDAR Object Detection
Great, Now Write an Article About That: The Crescendo Multi-Turn LLM Jailbreak Attack
Efficient Multi-Party Private Set Union Without Non-Collusion Assumptions
More is Less: Extra Features in Contactless Payments Break Security
DeepFold: Efficient Multilinear Polynomial Commitment from Reed-Solomon Code and Its Application to Zero-knowledge Proofs
Cyber-Physical Deception Through Coordinated IoT Honeypots
Careless Retention and Management: Understanding and Detecting Data Retention Denial-of-Service Vulnerabilities in Java Web Containers
Await() a Second: Evading Control Flow Integrity by Hijacking C++ Coroutines
Posthammer: Pervasive Browser-based Rowhammer Attacks with Postponed Refresh Commands
A Framework for Designing Provably Secure Steganography
The DOMino Effect: Detecting and Exploiting DOM Clobbering Gadgets via Concolic Execution with Symbolic DOM
Enhanced Label-Only Membership Inference Attacks with Fewer Queries
Efficient 2PC for Constant Round Secure Equality Testing and Comparison
Current Affairs: A Security Measurement Study of CCS EV Charging Deployments
Assessing the Aftermath: the Effects of a Global Takedown against DDoS-for-hire Services
When LLMs Go Online: The Emerging Threat of Web-Enabled LLMs
HateBench: Benchmarking Hate Speech Detectors on LLM-Generated Content and Hate Campaigns
ChoiceJacking: Compromising Mobile Devices through Malicious Chargers like a Decade ago
DFS: Delegation-friendly zkSNARK and Private Delegation of Provers
Branch Privilege Injection: Compromising Spectre v2 Hardware Mitigations by Exploiting Branch Predictor Race Conditions
Security and Privacy Advice for UPI Users in India
Disparate Privacy Vulnerability: Targeted Attribute Inference Attacks and Defenses
SoK: Understanding zk-SNARKs: The Gap Between Research and Practice
When Translators Refuse to Translate: A Novel Attack to Speech Translation Systems
Watch the Watchers! On the Security Risks of Robustness-Enhancing Diffusion Models
Synthesis of Code-Reuse Attacks from p-code Programs
GLaDoS: Location-aware Denial-of-Service of Cellular Networks
TYPEPULSE: Detecting Type Confusion Bugs in Rust Programs
Software Availability Protection in Cyber-Physical Systems
DISPATCH: Unraveling Security Patches from Entangled Code Changes
CertPHash: Towards Certified Perceptual Hashing via Robust Training
Membership Inference Attacks Against Vision-Language Models
Machine Against the RAG: Jamming Retrieval-Augmented Generation with Blocker Documents
Bots can Snoop: Uncovering and Mitigating Privacy Risks of Bots in Group Chats
Learning from Functionality Outputs: Private Join and Compute in the Real World
BEAT-MEV: Epochless Approach to Batched Threshold Encryption for MEV Prevention
Catch-22: Uncovering Compromised Hosts using SSH Public Keys
EvilEDR: Repurposing EDR as an Offensive Tool
Trust but Verify: An Assessment of Vulnerability Tagging Services
From Meme to Threat: On the Hateful Meme Understanding and Induced Hateful Content Generation in Open-Source Vision Language Models
Characterizing the MrDeepFakes Sexual Deepfake Marketplace
From Alarms to Real Bugs: Multi-target Multi-step Directed Greybox Fuzzing for Static Analysis Result Verification
Chimera: Creating Digitally Signed Fake Photos by Fooling Image Recapture and Deepfake Detectors
Generated Data with Fake Privacy: Hidden Dangers of Fine-tuning Large Language Models on Generated Data
TORCHLIGHT: Shedding LIGHT on Real-World Attacks on Cloudless IoT Devices Concealed within the Tor Network
Easy As Child's Play: An Empirical Study on Age Verification of Adult-Oriented Android Apps
Distributed Private Aggregation in Graph Neural Networks
zk-promises: Anonymous Moderation, Reputation, and Blocking from Anonymous Credentials with Callbacks
FLOP: Breaking the Apple M3 CPU via False Load Output Predictions
Towards Label-Only Membership Inference Attack against Pre-trained Large Language Models
Voluntary Investment, Mandatory Minimums, or Cyber Insurance: What Minimizes Losses?
Phantom: Privacy-Preserving Deep Neural Network Model Obfuscation in Heterogeneous TEE and GPU System
HawkEye: Statically and Accurately Profiling the Communication Cost of Models in Multi-party Learning
Misty Registry: An Empirical Study of Flawed Domain Registry Operation
ChainFuzz: Exploiting Upstream Vulnerabilities in Open-Source Supply Chains
APPATCH: Automated Adaptive Prompting Large Language Models for Real-World Software Vulnerability Patching
Mirage in the Eyes: Hallucination Attack on Multi-modal Large Language Models with Only Attention Sink
AUDIO WATERMARK: Dynamic and Harmless Watermark for Black-box Voice Dataset Copyright Protection
Available Attestation: Towards a Reorg-Resilient Solution for Ethereum Proof-of-Stake
Voting-Bloc Entropy: A New Metric for DAO Decentralization
Practical Mempool Privacy via One-time Setup Batched Threshold Encryption
OBLIVIATOR: OBLIVIous Parallel Joins and other OperATORs in Shared Memory Environments
Practical Keyword Private Information Retrieval from Key-to-Index Mappings
DarkGram: A Large-Scale Analysis of Cybercriminal Activity Channels on Telegram
Recover from Excessive Faults in Partially-Synchronous BFT SMR
Sound and Efficient Generation of Data-Oriented Exploits via Programming Language Synthesis
Shadowed Realities: An Investigation of UI Attacks in WebXR
Fast Enhanced Private Set Union in the Balanced and Unbalanced Scenarios
Systematic Evaluation of Randomized Cache Designs against Cache Occupancy
Tracking You from a Thousand Miles Away! Turning a Bluetooth Device into an Apple AirTag Without Root Privileges
NOKEScam: Understanding and Rectifying Non-Sense Keywords Spear Scam in Search Engines
Endangered Privacy: Large-Scale Monitoring of Video Streaming Services
TockOwl: Asynchronous Consensus with Fault and Network Adaptability
Low-Cost and Comprehensive Non-textual Input Fuzzing with LLM-Synthesized Input Generators
CoreCrisis: Threat-Guided and Context-Aware Iterative Learning and Fuzzing of 5G Core Networks
FIXX: FInding eXploits from eXamples
Towards Automatic Detection and Exploitation of Java Web Application Vulnerabilities via Concolic Execution guided by Cross-thread Object Manipulation
Surviving in Dark Forest: Towards Evading the Attacks from Front-Running Bots in Application Layer
GenHuzz: An Efficient Generative Hardware Fuzzer
Demystifying the (In)Security of QR Code-based Login in Real-world Deployments
URL Inspection Tasks: Helping Users Detect Phishing Links in Emails
System Register Hijacking: Compromising Kernel Integrity By Turning System Registers Against the System
A Mixed-Methods Study of Open-Source Software Maintainers On Vulnerability Management and Platform Security Features
LightShed: Defeating Perturbation-based Image Copyright Protections
Private Set Intersection and other Set Operations in the Third Party Setting
Effective Directed Fuzzing with Hierarchical Scheduling for Web Vulnerability Detection
DeBackdoor: A Deductive Framework for Detecting Backdoor Attacks on Deep Models with Limited Data
Preventing Artificially Inflated SMS Attacks through Large-Scale Traffic Inspection