KernJC: Automated Vulnerable Environment Generation for Linux Kernel Vulnerabilities [PDF]
Bonan Ruan, National University of Singapore; Jiahao Liu, National University of Singapore; Chuqi Zhang, National University of Singapore; Zhenkai Liang, National University of Singapore;

What do malware analysts want from academia? A survey on the state-of-the-practice to guide research developments [PDF]
Marcus Botacin, Texas A&M University;

Cross-Regional Malware Detection via Model Distilling and Federated Learning [PDF]
Marcus Botacin, Texas A&M University; Heitor Gomes, Victoria University of Wellington;

Cross-Chain Bridges: Attack Taxonomy, Defenses, and Open Problems [PDF]
Mengya Zhang, The Ohio State University; Xiaokuan Zhang, George Mason University; Yinqian Zhang, Southern University of Science and Technology; Zhiqiang Lin, The Ohio State University;

Context-Aware Anomaly Detection Using Vehicle Dynamics [PDF]
Chun-Yu Chen, The University of Michigan; Kang G. Shin, The University of Michigan; Soodeh Dadras, Ford Motor Company;

Deception-Resistant Stochastic Manufacturing for Automated Production Lines [PDF]
Zeyu Yang, Zhejiang University; Hongyi Pu, Zhejiang University; Liang He, University of Colorado Denver; Chengtao Yao, Zhejiang University; Jianying Zhou, Singapore University of Technology and Design; Peng Cheng, Zhejiang University; Jiming Chen, Zhejiang University;

Honeyquest: Rapidly Measuring the Enticingness of Cyber Deception Techniques with Code-based Questionnaires [PDF]
Mario Kahlhofer, Dynatrace Research, Johannes Kepler University Linz; Stefan Achleitner, Dynatrace Research; Stefan Rass, Johannes Kepler University Linz, LIT Secure and Correct Systems Lab; René Mayrhofer, Johannes Kepler University Linz;

Catch You Cause I Can: Busting Rogue Base Stations using CellGuard and the Apple Cell Location Database [PDF]
Lukas Arnold, TU Darmstadt, Secure Mobile Networking Lab; Matthias Hollick, TU Darmstadt, Secure Mobile Networking Lab; Jiska Classen, Hasso Plattner Institute;

Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols [PDF]
Carlotta Tagliaro, TU Wien; Martina Komsic, TU Wien; Andrea Continella, University of Twente; Kevin Borgolte, Ruhr University Bochum; Martina Lindorfer, TU Wien;

A Second Look at the Portability of Deep Learning Side-Channel Attacks over EM Traces [PDF]
Mabon Ninan, University of Cincinnati; Evan Nimmo, University of Cincinnati; Shane Reilly, University of Cincinnati; Channing Smith, College of Charleston; Wenhai Sun, Purdue University West Lafayette; Boyang Wang, University of Cincinnati; John M. Emmert, University of Cincinnati;

Mateen: Adaptive Ensemble Learning for Network Anomaly Detection [PDF]
Fahad Alotaibi, Imperial College London; Sergio Maffeis, Imperial College London;

Leveraging Deep Reinforcement Learning for Cyber-Attack Paths Prediction: Formulation, Generalization, and Evaluation [PDF]
Franco Terranova, Université de Lorraine, CNRS, Inria, LORIA; Abdelkader Lahmadi, Université de Lorraine, CNRS, Inria, LORIA; Isabelle Chrisment, Université de Lorraine, CNRS, Inria, LORIA;

The "Big Beast to Tackle": Practices in Quality Assurance for Cyber Threat Intelligence [PDF]
Thomas Geras, HM Munich University of Applied Sciences; Thomas Schreck, HM Munich University of Applied Sciences;

Gudifu: Guided Differential Fuzzing for HTTP Request Parsing Discrepancies [PDF]
Bahruz Jabiyev, Dartmouth College; Anthony Gavazzi, Northeastern University; Kaan Onarlioglu, Akamai Technologies; Engin Kirda, Northeastern University;

Breaking Privacy in Model-Heterogeneous Federated Learning [PDF]
Atharva Haldankar, Virginia Tech; Arman Riasi, Virginia Tech; Hoang-Dung Nguyen, Virginia Tech; Tran Phuong, University of Arkansas at Little Rock; Thang Hoang, Virginia Tech;

KGDist: A Prompt-Based Distillation Attack against LMs Augmented with Knowledge Graphs [PDF]
Peizhuo Lv, SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences; Kai Chen, Institute of Information Engineering, Chinese Academy of Sciences; Jiachen Zhou, SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences;

VeriFence: Lightweight and Precise Spectre Defenses for Untrusted Linux Kernel Extensions [PDF]
Luis Gerhorst, Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU); Henriette Herzog, Ruhr-Universität Bochum (RUB); Peter Wägemann, Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU); Maximilian Ott, Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU); Rüdiger Kapitza, Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU); Timo Hönig, Ruhr-Universität Bochum (RUB);

Tango: Extracting Higher-Order Feedback through State Inference [PDF]
Ahmad Hazimeh, EPFL; Duo Xu, EPFL; Qiang Liu, EPFL; Yan Wang, Huawei; Mathias Payer, EPFL;

ADAPT it! Automating APT Campaign and Group Attribution by Leveraging and Linking Heterogeneous Files [PDF]
Aakanksha Saha, TU Wien; Jorge Blasco, Universidad Politécnica de Madrid; Lorenzo Cavallaro, University College London; Martina Lindorfer, TU Wien;

Understanding Web Fingerprinting with a Protocol-Centric Approach [PDF]
Bogdan Cebere, CISPA Helmholtz Center for Information Security; Christian Rossow, CISPA Helmholtz Center for Information Security;

Unraveling the Web of Disinformation: Exploring the Larger Context of State-Sponsored Influence Campaigns on Twitter [PDF]
Mohammad Hammas Saeed, Boston University; Shiza Ali, Boston University; Pujan Paudel, Boston University; Jeremy Blackburn, Binghamton University; Gianluca Stringhini, Boston University;

How to Train your Antivirus: RL-based Hardening through the Problem Space [PDF]
Ilias Tsingenopoulos, imec-DistriNet, KU Leuven; Jacopo Cortellazzi, King's College London; Branislav Bosansky, Gen Digital; Simone Aonzo, EURECOM; Davy Preuveneers, KU Leuven; Wouter Joosen, KU Leuven; Fabio Pierazzi, King's College London; Lorenzo Cavallaro, University College London;

Down to earth! Guidelines for DGA-based Malware Detection [PDF]
Bogdan Cebere, CISPA Helmholtz Center for Information Security; Jonathan Lasse Bennet Flueren, CISPA Helmholtz Center for Information Security; Silvia Sebastián, CISPA Helmholtz Center for Information Security; Daniel Plohmann, Fraunhofer FKIE; Christian Rossow, CISPA Helmholtz Center for Information Security;

CrypTody: Cryptographic Misuse Analysis of IoT Firmware via Data-flow Reasoning [PDF]
Jianing Wang, National University of Singapore; Shanqing Guo, Shandong University; Wenrui Diao, Shandong University; Yue Liu, Southeast University; Haixin Duan, Tsinghua University; Yichen Liu, Indiana University Bloomington; Zhenkai Liang, National University of Singapore;

Enhancing Model Poisoning Attacks to Byzantine-Robust Federated Learning via Critical Learning Periods [PDF]
Gang Yan, UC Merced; Hao Wang, Stevens Institute of Technology; Xu Yuan, University of Delaware; Jian Li, Stony Brook University;

Obfuscating Provenance-Based Forensic Investigations with Mapping System Meta-Behavior [PDF]
Anyuan Sang, Xidian University; Yuchen Wang, Xidian University; Li Yang, Xidian University, Shaanxi Key Laboratory of Network and System Security; Junbo Jia, Xidian University; Lu Zhou, Xidian University;

Replay-resistant Disk Fingerprinting via Unintentional Electromagnetic Emanations [PDF]
Wenfan Song, Zhejiang University; Jianwei Liu, School of Cyber Science and Technology, Zhejiang University; Yajie Liu, Zhejiang University; Jinsong Han, Zhejiang University;

Encrypted Endpoints: Defending Online Services from Illegitimate Bot Automation [PDF]
August See, Universität Hamburg; Kevin Röbert, Universität Hamburg; Mathias Fischer, Universität Hamburg;

Prob-Hashcat: Accelerating Probabilistic Password Guessing with Hashcat by Hundreds of Times [PDF]
Ziyi Huang, Nankai University; Ding Wang, Nankai University; Yunkai Zou, Nankai University;

Integrating Static Analyses for High-Precision Control-Flow Integrity [PDF]
Florian Kasten, Fraunhofer AISEC; Philipp Zieris, Fraunhofer AISEC; Julian Horsch, Fraunhofer AISEC;

Extending C2 Traffic Detection Methodologies: From TLS 1.2 to TLS 1.3-enabled Malware [PDF]
Carlos Novo, INESC TEC, HASLab and DCC FCUP; Sofia Romeiro, INESC-ID / Instituto Superior Técnico, Universidade de Lisboa; Bernardo Portela, INESC TEC, HASLab and DCC FCUP; Diogo Barradas, University of Waterloo; Nuno Santos, INESC-ID / Instituto Superior Técnico, Universidade de Lisboa;

AI-Generated Faces in the Real World: A Large-Scale Case Study of Twitter Profile Images [PDF]
Jonas Ricker, Ruhr University Bochum; Dennis Assenmacher, GESIS - Leibniz Institute for the Social Sciences; Thorsten Holz, CISPA Helmholtz Center for Information Security; Asja Fischer, Ruhr University Bochum; Erwin Quiring, Ruhr University Bochum, International Computer Science Institute Berkeley;

BluePrint: Automatic Malware Signature Generation for Internet Scanning [PDF]
Kevin Stevens, Georgia Institute of Technology; Mert Erdemir, Georgia Institute of Technology; Hang Zhang, Indiana University Bloomington; Taesoo Kim, Georgia Institute of Technology; Paul Pearce, Georgia Institute of Technology;

Fixing Insecure Cellular System Information Broadcasts For Good [PDF]
Alexander J. Ross, North Carolina State University; Bradley Reaves, North Carolina State University; Yomna Nasser, Google; Gil Cukierman, Google; Roger Piqueras Jover, Google;

Blocklist-Forecast: Proactive Domain Blocklisting by Identifying Malicious Hosting Infrastructure [PDF]
Udesh Kumarasinghe, Purdue University; Mohamed Nabeel, Palo Alto Networks; Ravindu De Silva, SCoRe Lab; Charitha Elvitigala, SCoRe Lab;

From Victims to Defenders: An Exploration of the \\Phishing Attack Reporting Ecosystem [PDF]
Zhibo Sun, Drexel University; Faris Bugra Kokulu, Arizona State University; Penghui Zhang, Arizona State University; Adam Oest, PayPal; Gianluca Stringhini, Boston University; Tiffany Bao, Arizona State University; Ruoyu Wang, Arizona State University; Yan Shoshitaishvili, Arizona State University; Adam Doupé, Arizona State University; Gail-Joon Ahn, Arizona State University;

A Comprehensive, Automated Security Analysis of the Uptane Automotive Over-the-Air Update Framework [PDF]
Robert Lorch, The University of Iowa; Daniel Larraz, The University of Iowa; Cesare Tinelli, The University of Iowa; Omar Chowdhury, Stony Brook University;

Beyond REST: Introducing APIF for Comprehensive API Vulnerability Fuzzing [PDF]
Eric Wang, THU; Larry Xu, PTLAB;

AudiTrim: A Real-time, General, Efficient, and Low-overhead Data Compaction System for Intrusion Detection [PDF]
Hongbin Sun, Zhongguancun Laboratory; Su Wang, Zhongguancun Laboratory; Zhiliang Wang, Zhongguancun Laboratory; Zheyu Jiang, Tsinghua University; Dongqi Han, Beijing University of Posts and Telecommunications; Jiahai Yang, Zhongguancun Laboratory;

You Might Have Known It Earlier: Analyzing the Role of Underground Forums in Threat Intelligence [PDF]
Tommaso Paladini, Politecnico di Milano; Lara Ferro, Politecnico di Milano; Mario Polino, Politecnico di Milano; Stefano Zanero, Politecnico di Milano; Michele Carminati, Politecnico di Milano;

Hidden Web Caches Discovery [PDF]
Matteo Golinelli, University of Trento; Bruno Crispo, University of Trento;

No Need for Details: Effective Anomaly Detection for Process Control Traffic in Absence of Protocol and Attack Knowledge [PDF]
Franka Schuster, Brandenburg University of Technology Cottbus-Senftenberg; Hartmut König, Brandenburg University of Technology Cottbus-Senftenberg;

Efficiently Rebuilding Coverage in Hardware-Assisted Greybox Fuzzing [PDF]
Tai Yue, Academy of Mitary Science, Southern University of Science and Technology; Yibo Jin, Southern University of Science and Technology; Fengwei Zhang, Southern University of Science and Technology (SUSTech); Zhenyu Ning, Hunan University; Pengfei Wang, National University of Defense Technology; Xu Zhou, National University of Defense Technology; Kai Lu, National University of Defense Technology;