Keynote
Malware & PUP: Keep them separate, if you can
Juan Caballero
Juan Caballero is Deputy Director and Associate Research Professor at the IMDEA Software Institute in Madrid, Spain. His research addresses security issues in systems, software, and networks. One of his focus is the analysis of malware and cyberattacks. He received his Ph.D. in Electrical and Computer Engineering from Carnegie Mellon University, USA. His research regularly appears at the top academic security venues and has won awards at the USENIX Security Symposium, IMC, and DIMVA. He has been an Associate Editor for ACM TOPS and program chair for ACSAC, DIMVA, DFRWS, and ESSOS. He often participates in the technical committees of the top venues in computer security including IEEE S&P, ACM CCS, USENIX Security, and NDSS.
PLC-Sleuth: Detecting and Localizing PLC Intrusions Using Control Invariants
Zeyu Yang
Zhejiang University
Liang He
University of Colorado Denver
Peng Cheng
Zhejiang University
Jiming Chen
Zhejiang University
David K.Y. Yau
Singapore University of Technology and Design
Linkang Du
Zhejiang University
EnclavePDP: A General Framework to Verify Data Integrity in Cloud Using Intel SGX
Yun He
Institute of Information Engineering, Chinese Academy of Sciences
Yihua Xu
Metropolitan College, Boston University
Xiaoqi Jia
Institute of Information Engineering, Chinese Academy of Sciences
Shengzhi Zhang
Metropolitan College, Boston University
Peng Liu
Pennsylvania State University
Shuai Chang
Institute of Information Engineering, Chinese Academy of Sciences
A Framework for Software Diversification with ISA Heterogeneity
Xiaoguang Wang
Virginia Tech
SengMing Yeoh
Virginia Tech
Robert Lyerly
Virginia Tech
Pierre Olivier
The University of Manchester
Sang-Hoon Kim
Ajou University
Binoy Ravindran
Virginia Tech
What’s in an Exploit? An Empirical Analysis of Reflected Server XSS Exploitation Techniques
Ahmet Salih Buyukkayhan
Microsoft
Can Gemicioglu
Northeastern University
Tobias Lauinger
New York University
Alina Oprea
Northeastern University
William Robertson
Northeastern University
Engin Kirda
Northeastern University
Cyber Threat Intelligence Modeling Based on Heterogeneous Graph Convolutional Network
Jun Zhao
Beihang University
Qiben Yan
Michigan State University
Xudong Liu
Beihang University
Bo Li
Beihang University
Guangsheng Zuo
Beihang University
Dark Firmware: A Systematic Approach to Exploring Application Security Risks in the Presence of Untrusted Firmware
Duha Ibdah
University of Michigan, Dearborn
Nada Lachtar
University of Michigan, Dearborn
Abdul Rahman Abu Elkhail
University of Michigan, Dearborn
Anys Bacha
University of Michigan, Dearborn
Hafiz Malik
University of Michigan, Dearborn
HyperLeech: Stealthy System Virtualization with Minimal Target Impact through DMA-Based Hypervisor Injection
Ralph Palutke
Friedrich-Alexander-Universität Erlangen/Nürnberg
Simon Ruderich
Friedrich-Alexander-Universität Erlangen/Nürnberg
Matthias Wild
Friedrich-Alexander-Universität Erlangen/Nürnberg
Felix Freiling
Friedrich-Alexander-Universität Erlangen/Nürnberg
Effective Detection of Credential Thefts from Windows Memory: Learning Access Behaviours to Local Security Authority Subsystem Service
Michael Huth
Imperial College London
Patrick Ah-Fat
Imperial College London
Rob Mead
Microsoft
Tim Burrell
Microsoft
Joshua Neil
Microsoft
SpecROP: Speculative Exploitation of ROP Chains
Atri Bhattacharyya
EPFL
Andres Sanchez Marin
EPFL
Esmaeil Mohammmadian Koruyeh
UC Riverside
Nael Abu-Ghazaleh
University of California, Riverside
Chengyu Song
UC Riverside
Mathias Payer
EPFL
Mininode: Reducing the Attack Surface of Node.js Applications
Igibek Koishybayev
North Carolina State University
Alexandros Kapravelos
North Carolina State University
MEUZZ: Smart Seed Scheduling for Hybrid Fuzzing
Yaohui Chen
Northeastern University
Mansour Ahmadi
Northeastern University
Reza Mirzazade farkhani
Northeastern University
Boyu Wang
Stony Brook University
Long Lu
Northeastern University
Confine: Automated System Call Policy Generation for Container Attack Surface Reduction
Seyedhamed Ghavamnia
Stony Brook University
Tapti Palit
Stony Brook University
Azzedine Benameur
Cloudhawk.io
Michalis Polychronakis
Stony Brook University
Evaluating Changes to Fake Account Verification Systems
Fedor Kozlov
Isabella Yuen
Jakub Kowalczyk
Daniel Bernhardt
David Freeman
Paul Pearce
Georgia Tech; Facebook
Ivan Ivanov
Robust P2P Primitives Using SGX Enclaves
Yaoqi Jia
ACM Member
Shruti Tople
Microsoft Research
Tarik Moataz
Aroki Systems
Deli Gong
ACM Member
Prateek Saxena
National University of Singapore
Zhenkai Liang
National University of Singapore
Evasion Attacks against Banking Fraud Detection Systems
Michele Carminati
Politecnico di Milano
Luca Santini
Politecnico di Milano
Mario Polino
Politecnico di Milano
Stefano Zanero
Politecnico di Milano
Tracing and Analyzing Web Access Paths Based on User-Side Data Collection: How Do Users Reach Malicious URLs?
Takeshi Takahashi
National Institute of Information and Communications Technology
Christopher Kruegel
University of California, Santa Barbara
Giovanni Vigna
UC Santa Barbara
Katsunari Yoshioka
Yokohama National University, Japan
Daisuke Inoue
National Institute of Information and Communications Technology
Software-based Realtime Recovery from Sensor Attacks on Robotic Vehicles
Hongjun Choi
Purdue University
Sayali Kate
Purdue University
Yousra Aafer
University of Waterloo
Xiangyu Zhang
Purdue University
Dongyan Xu
Purdue University
Never Trust Your Victim: Weaponizing Vulnerabilities in Security Scanners
Andrea Valenza
University of Genova
Gabriele Costa
IMT School for Advanced Studies Lucca
Alessandro Armando
University of Genova
aBBRate: Automating BBR Attack Exploration Using a Model-Based Approach
Anthony Peterson
Northeastern University
Samuel Jero
Purdue University
Endadul Hoque
Syracuse University
Dave Choffnes
Northeastern University
Cristina Nita-Rotaru
Northeastern University
GhostImage: Remote Perception Attacks against Camera-based Image Classification Systems
Yanmao Man
The University of Arizona
Ming Li
The University of Arizona
Ryan Gerdes
Virginia Tech
The Limitations of Federated Learning in Sybil Settings
Clement Fung
Carnegie Mellon University
Chris J. M. Yoon
University of British Columbia
Ivan Beschastnikh
University of British Columbia
BlueShield: Detecting Spoofing Attacks in Bluetooth Low Energy Networks
Jianliang Wu
Purdue University
Yuhong Nan
Purdue University
Vireshwar Kumar
Purdue University
Mathias Payer
EPFL
Dongyan Xu
Purdue University
SIEVE: Secure In-Vehicle Automatic Speech Recognition Systems
Shu Wang
George Mason University
Jiahao Cao
Tsinghua University
Kun Sun
George Mason University
Qi Li
Tsinghua University
Camera Fingerprinting Authentication Revisited
Dominik Maier
TU Berlin
Henrik Erb
Friedrich-Alexander University Erlangen-Nuremberg
Patrick Mullan
Friedrich-Alexander University Erlangen-Nuremberg
Vincent Haupert
Friedrich-Alexander University Erlangen-Nuremberg
WearFlow: Expanding Information Flow Analysis To Companion Apps in Wear OS
Marcos Tileria
Royal Holloway, University of London
Jorge Blasco
Royal Holloway, University of London
Guillermo Suarez-Tangil
IMDEA Networks and King’s College London
Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities
Manh-Dung Nguyen
CEA LIST
Sébastien Bardin
CEA LIST
Bonichon Richard
Tweag I/O
Roland Groz
University Grenoble Alpes, France
Matthieu Lemerre
CEA LIST
Detecting Lateral Movement in Enterprise Computer Networks with Unsupervised Graph AI
Benjamin Bowman
George Washington University
Craig Laprade
George Washington University
Yuede Ji
George Washington University
Howie Huang
The George Washington University
SourceFinder: Finding Malware Source-Code from Publicly Available Repositories in GitHub
Md Omar Faruk Rokon
UC Riverside
Risul Islam
UC Riverside
Ahmad Darki
UC Riverside
Evangelos E. Papalexakis
UC Riverside
Michalis Faloutsos
UC Riverside
μSBS: Static Binary Sanitization of Bare-metal Embedded Devices for Fault Observability
Majid Salehi
KU Leuven
Danny Hughes
KU Leuven
Bruno Crispo
University of Trento
An Object Detection based Solver for Google’s Image reCAPTCHA v2
Md Imran Hossen
University of Louisiana at Lafayette
Yazhou Tu
University of Louisiana at Lafayette
Md Fazle Rabby
University of Louisiana at Lafayette
Md Nazmul Islam
University of Louisiana at Lafayette
Hui Cao
Xi’an Jiaotong University
Xiali Hei
University of Louisiana at Lafayette
sysfilter: Automated System Call Filtering for Commodity Software
Nicholas DeMarinis
Brown University
Kent Williams-King
Brown University
Di Jin
Brown University
Rodrigo Fonseca
Brown University
Vasileios P. Kemerlis
Brown University