国际信息安全顶级会议ACM CCS 2022论文合集整理(下)

On the Success Rate of Side-Channel Attacks on Masked Implementations: Information-Theoretical Bounds and Their Practical Usage

https://doi.org/10.1145/3548606.3560579

AI/ML for Network Security: The Emperor has no Clothes

https://doi.org/10.1145/3548606.3560609

DISTINCT: Identity Theft using In-Browser Communications in Dual-Window Single Sign-On

https://doi.org/10.1145/3548606.3560692

Are Attribute Inference Attacks Just Imputation?

https://doi.org/10.1145/3548606.3560663

Cache Refinement Type for Side-Channel Detection of Cryptographic Software

https://doi.org/10.1145/3548606.3560672

Evocatio: Conjuring Bug Capabilities from a Single PoC

https://doi.org/10.1145/3548606.3560575

Understanding IoT Security from a Market-Scale Perspective

https://doi.org/10.1145/3548606.3560640

SymLM: Predicting Function Names in Stripped Binaries via Context-Sensitive Execution-Aware Code Embeddings

https://doi.org/10.1145/3548606.3560612

P-Verifier: Understanding and Mitigating Security Risks in Cloud-based IoT Access Policies

https://doi.org/10.1145/3548606.3560680

Private and Reliable Neural Network Inference

https://doi.org/10.1145/3548606.3560709

A Scalable and Dynamic ACL System for In-Network Defense

https://doi.org/10.1145/3548606.3560606

TRACER: Signature-based Static Analysis for Detecting Recurring Vulnerabilities

https://doi.org/10.1145/3548606.3560664

HyperDbg: Reinventing Hardware-Assisted Debugging

https://doi.org/10.1145/3548606.3560649

RedShift: Transparent SNARKs from List Polynomial Commitments

https://doi.org/10.1145/3548606.3560657

PEReDi: Privacy-Enhanced, Regulated and Distributed Central Bank Digital Currencies

https://doi.org/10.1145/3548606.3560707

DriveFuzz: Discovering Autonomous Driving Bugs through Driving Quality-Guided Fuzzing

https://doi.org/10.1145/3548606.3560558

Phishing URL Detection: A Network-based Approach Robust to Evasion

https://doi.org/10.1145/3548606.3560615

NTRU-v-um: Secure Fully Homomorphic Encryption from NTRU with Small Modulus

https://doi.org/10.1145/3548606.3560700

Low-Latency Hardware Private Circuits

https://doi.org/10.1145/3548606.3559362

LPGNet: Link Private Graph Networks for Node Classification

https://doi.org/10.1145/3548606.3560705

Leakage Inversion: Towards Quantifying Privacy in Searchable Encryption

https://doi.org/10.1145/3548606.3560593

PentaGOD: Stepping beyond Traditional GOD with Five Parties

https://doi.org/10.1145/3548606.3559369

Hammurabi: A Framework for Pluggable, Logic-Based X.509 Certificate Validation Policies

https://doi.org/10.1145/3548606.3560594

Cerberus: A Formal Approach to Secure and Efficient Enclave Memory Sharing

https://doi.org/10.1145/3548606.3560595

Collect Responsibly But Deliver Arbitrarily?: A Study on Cross-User Privacy Leakage in Mobile Apps

https://doi.org/10.1145/3548606.3559371

PACMem: Enforcing Spatial and Temporal Memory Safety via ARM Pointer Authentication

https://doi.org/10.1145/3548606.3560598

Auditing Membership Leakages of Multi-Exit Networks

https://doi.org/10.1145/3548606.3559359

Overo: Sharing Private Audio Recordings

https://doi.org/10.1145/3548606.3560572

InviCloak: An End-to-End Approach to Privacy and Performance in Web Content Distribution

https://doi.org/10.1145/3548606.3559336

DirtyCred: Escalating Privilege in Linux Kernel

https://doi.org/10.1145/3548606.3560585

Frequency Throttling Side-Channel Attack

https://doi.org/10.1145/3548606.3560682

Ready Raider One: Exploring the Misuse of Cloud Gaming Services

https://doi.org/10.1145/3548606.3560647

When Evil Calls: Targeted Adversarial Voice over IP Network

https://doi.org/10.1145/3548606.3560671

Order-Disorder: Imitation Adversarial Attacks for Black-box Neural Ranking Models

https://doi.org/10.1145/3548606.3560683

Matproofs: Maintainable Matrix Commitment with Efficient Aggregation

https://doi.org/10.1145/3548606.3560591

Harnessing Perceptual Adversarial Patches for Crowd Counting

https://doi.org/10.1145/3548606.3560566

Acquirer: A Hybrid Approach to Detecting Algorithmic Complexity Vulnerabilities

https://doi.org/10.1145/3548606.3559337

Membership Inference Attacks by Exploiting Loss Trajectory

https://doi.org/10.1145/3548606.3560684

Empirical Analysis of EIP-1559: Transaction Fees, Waiting Times, and Consensus Security

https://doi.org/10.1145/3548606.3559341

StolenEncoder: Stealing Pre-trained Encoders in Self-supervised Learning

https://doi.org/10.1145/3548606.3560586

LoneNeuron: A Highly-Effective Feature-Domain Neural Trojan Using Invisible and Polymorphic Watermarks

https://doi.org/10.1145/3548606.3560678

Detecting Missing-Permission-Check Vulnerabilities in Distributed Cloud Systems

https://doi.org/10.1145/3548606.3560589

Bolt-Dumbo Transformer: Asynchronous Consensus As Fast As the Pipelined BFT

https://doi.org/10.1145/3548606.3559346

TChecker: Precise Static Inter-Procedural Analysis for Detecting Taint-Style Vulnerabilities in PHP Applications

https://doi.org/10.1145/3548606.3559391

Proving UNSAT in Zero Knowledge

https://doi.org/10.1145/3548606.3559373

Frequency Estimation in the Shuffle Model with Almost a Single Message

https://doi.org/10.1145/3548606.3560608

Feature Inference Attack on Shapley Values

https://doi.org/10.1145/3548606.3560573

Federated Boosted Decision Trees with Differential Privacy

https://doi.org/10.1145/3548606.3560687

The Closer You Look, The More You Learn: A Grey-box Approach to Protocol State Machine Learning

https://doi.org/10.1145/3548606.3559365

Securing Reset Operations in NISQ Quantum Computers

https://doi.org/10.1145/3548606.3559380

Constant Latency in Sleepy Consensus

https://doi.org/10.1145/3548606.3559347

Physical Hijacking Attacks against Object Trackers

https://doi.org/10.1145/3548606.3559390

The Multi-User Security of Triple Encryption, Revisited: Exact Security, Strengthening, and Application to TDES

https://doi.org/10.1145/3548606.3560674

Cerberus: Exploring Federated Prediction of Security Events

https://doi.org/10.1145/3548606.3560580

Sigstore: Software Signing for Everybody

https://doi.org/10.1145/3548606.3560596

Freely Given Consent?: Studying Consent Notice of Third-Party Tracking and Its Violations of GDPR in Android Apps

https://doi.org/10.1145/3548606.3560564

NARRATOR: Secure and Practical State Continuity for Trusted Execution in the Cloud

https://doi.org/10.1145/3548606.3560620

Cart-ology: Intercepting Targeted Advertising via Ad Network Identity Entanglement

https://doi.org/10.1145/3548606.3560641

Discovering IoT Physical Channel Vulnerabilities

https://doi.org/10.1145/3548606.3560644

Eluding Secure Aggregation in Federated Learning via Model Inconsistency

https://doi.org/10.1145/3548606.3560557

Hidden in Plain Sight: Exploring Encrypted Channels in Android Apps

https://doi.org/10.1145/3548606.3560665

Cerberus: Query-driven Scalable Vulnerability Detection in OAuth Service Provider Implementations

https://doi.org/10.1145/3548606.3559381

TickTock: Detecting Microphone Status in Laptops Leveraging Electromagnetic Leakage of Clock Signals

https://doi.org/10.1145/3548606.3560698

FABEO: Fast Attribute-Based Encryption with Optimal Security

https://doi.org/10.1145/3548606.3560699

Blazing Fast PSI from Improved OKVS and Subfield VOLE

https://doi.org/10.1145/3548606.3560658

Strengthening Order Preserving Encryption with Differential Privacy

https://doi.org/10.1145/3548606.3560610

EIFFeL: Ensuring Integrity for Federated Learning

https://doi.org/10.1145/3548606.3560611

ROAST: Robust Asynchronous Schnorr Threshold Signatures

https://doi.org/10.1145/3548606.3560583

Fast Fully Oblivious Compaction and Shuffling

https://doi.org/10.1145/3548606.3560603

FeIDo: Recoverable FIDO2 Tokens Using Electronic IDs

https://doi.org/10.1145/3548606.3560584

MC2: Rigorous and Efficient Directed Greybox Fuzzing

https://doi.org/10.1145/3548606.3560648

Post-breach Recovery: Protection against White-box Adversarial Examples for Leaked DNN Models

https://doi.org/10.1145/3548606.3560561

Gringotts: Fast and Accurate Internal Denial-of-Wallet Detection for Serverless Computing

https://doi.org/10.1145/3548606.3560629

Finding MNEMON: Reviving Memories of Node Embeddings

https://doi.org/10.1145/3548606.3559358

Why So Toxic?: Measuring and Triggering Toxic Behavior in Open-Domain Chatbots

https://doi.org/10.1145/3548606.3560599

Escaping the Confines of Time: Continuous Browser Extension Fingerprinting Through Ephemeral Modifications

https://doi.org/10.1145/3548606.3560576

pMPL: A Robust Multi-Party Learning Framework with a Privileged Party

https://doi.org/10.1145/3548606.3560697

Bullshark: DAG BFT Protocols Made Practical

https://doi.org/10.1145/3548606.3559361

Batching, Aggregation, and Zero-Knowledge Proofs in Bilinear Accumulators

https://doi.org/10.1145/3548606.3560676

Zapper: Smart Contracts with Data and Identity Privacy

https://doi.org/10.1145/3548606.3560622

Clues in Tweets: Twitter-Guided Discovery and Analysis of SMS Spam

https://doi.org/10.1145/3548606.3559351

NeVerMore: Exploiting RDMA Mistakes in NVMe-oF Storage Applications

https://doi.org/10.1145/3548606.3560568

Truth Serum: Poisoning Machine Learning Models to Reveal Their Secrets

https://doi.org/10.1145/3548606.3560554

VeRSA: Verifiable Registries with Efficient Client Audits from RSA Authenticated Dictionaries

https://doi.org/10.1145/3548606.3560605

L-SRR: Local Differential Privacy for Location-Based Services with Staircase Randomized Response

https://doi.org/10.1145/3548606.3560636

Practical Volume-Hiding Encrypted Multi-Maps with Optimal Overhead and Beyond

https://doi.org/10.1145/3548606.3559345

ENGRAFT: Enclave-guarded Raft on Byzantine Faulty Nodes

https://doi.org/10.1145/3548606.3560639

Don't Kick Over the Beehive: Attacks and Security Analysis on Zigbee

https://doi.org/10.1145/3548606.3560703

Group Property Inference Attacks Against Graph Neural Networks

https://doi.org/10.1145/3548606.3560662

DPIS: An Enhanced Mechanism for Differentially Private SGD with Importance Sampling

https://doi.org/10.1145/3548606.3560562

AntMan: Interactive Zero-Knowledge Proofs with Sublinear Communication

https://doi.org/10.1145/3548606.3560667

Microwalk-CI: Practical Side-Channel Analysis for JavaScript Applications

https://doi.org/10.1145/3548606.3560654

EchoHand: High Accuracy and Presentation Attack Resistant Hand Authentication on Commodity Mobile Devices

https://doi.org/10.1145/3548606.3560553

Platypus: A Central Bank Digital Currency with Unlinkable Transactions and Privacy-Preserving Regulation

https://doi.org/10.1145/3548606.3560617

Protecting Critical Inter-Domain Communication through Flyover Reservations

https://doi.org/10.1145/3548606.3560582

Understanding and Mitigating Remote Code Execution Vulnerabilities in Cross-platform Ecosystem

https://doi.org/10.1145/3548606.3559340

CETIS: Retrofitting Intel CET for Generic and Efficient Intra-process Memory Isolation

https://doi.org/10.1145/3548606.3559344

zkBridge: Trustless Cross-chain Bridges Made Practical

https://doi.org/10.1145/3548606.3560652

Automatic Detection of Fake Key Attacks in Secure Messaging

https://doi.org/10.1145/3548606.3560588

WINK: Wireless Inference of Numerical Keystrokes via Zero-Training Spatiotemporal Analysis

https://doi.org/10.1145/3548606.3559339

An Extensive Study of Residential Proxies in China

https://doi.org/10.1145/3548606.3559377

Detecting and Measuring Misconfigured Manifests in Android Apps

https://doi.org/10.1145/3548606.3560607

Cross Miniapp Request Forgery: Root Causes, Attacks, and Vulnerability Detection

https://doi.org/10.1145/3548606.3560597

Enhanced Membership Inference Attacks against Machine Learning Models

https://doi.org/10.1145/3548606.3560675

HeatDeCam: Detecting Hidden Spy Cameras via Thermal Emissions

https://doi.org/10.1145/3548606.3560669

Caulk: Lookup Arguments in Sublinear Time

https://doi.org/10.1145/3548606.3560646

PalanTír: Optimizing Attack Provenance with Hardware-enhanced System Observability

https://doi.org/10.1145/3548606.3560570

PACE: Fully Parallelizable BFT from Reproposable Byzantine Agreement

https://doi.org/10.1145/3548606.3559348

I'm SPARTACUS, No, I'm SPARTACUS: Proactively Protecting Users from Phishing by Intentionally Triggering Cloaking Behavior

https://doi.org/10.1145/3548606.3559334

When Good Becomes Evil: Tracking Bluetooth Low Energy Devices via Allowlist-based Side Channel and Its Countermeasure

https://doi.org/10.1145/3548606.3559372

VOProof: Efficient zkSNARKs from Vector Oracle Compilers

https://doi.org/10.1145/3548606.3559387

Characterizing and Detecting Non-Consensual Photo Sharing on Social Networks

https://doi.org/10.1145/3548606.3560571

Ibex: Privacy-preserving Ad Conversion Tracking and Bidding

https://doi.org/10.1145/3548606.3560651

Uncovering Intent based Leak of Sensitive Data in Android Framework

https://doi.org/10.1145/3548606.3560601

Non-Distinguishable Inconsistencies as a Deterministic Oracle for Detecting Security Bugs

https://doi.org/10.1145/3548606.3560661

What Your Firmware Tells You Is Not How You Should Emulate It: A Specification-Guided Approach for Firmware Emulation

https://doi.org/10.1145/3548606.3559386

Perils and Mitigation of Security Risks of Cooperation in Mobile-as-a-Gateway https://doi.org/10.1145/3548606.3560590

注：转载时请说明 “本文转自隐私计算研习社公众号”