2023 accepted
Accepted Papers
Accepted Tutorials
- Tutorial: Crypto-Ransomware: Analysis, Defense, and Criminal Negotiation.
Wenjia Song (Virginia Tech); Arianna Schuler Scott (Virginia Tech) - Tutorial: The End of Binary Protocol Parser Vulnerabilities.
Alexander Senier (AdaCore)
Accepted Research Papers
- Parser Weakness Enumeration.
Denley Lam, Letitia Li, Anthony Gabrielson (BAE Systems) - An In-Depth Analysis of Android’s Java Class Library: its Evolution and Security Impact.
Timothée Riom, Alexandre Bartel (Umeå University) - Model-Agnostic Federated Learning for Privacy-Preserving Systems.
Hussain Almohri (Kuwait University); Layne T. Watson (Virginia Tech) - Challenges with Passwordless FIDO2 in an Enterprise Setting: A Usability Study.
Michal Kepkowski (Macquarie University); Maciej Machulak; Ian Wood (Macquarie University); Dali Kaafar (Macquarie University) - PRICAR: Privacy Framework for Vehicular Data Sharing with Third Parties.
Mert D. Pesé (Clemson University); Jay W. Schauer, Murali Mohan, Cassandra Joseph, Kang G. Shin (University of Michigan); John Moore (Ford Motor Company) - Grading on a Curve: How Rust can Facilitate New Contributors while Decreasing Vulnerabilities.
Justin Tracey, Ian Goldberg (University of Waterloo) - A Lot Less Likely Than I Thought: Introducing Evidence-Based Security Risk Assessment for Healthcare Software.
Charles Weir, Anna Dyson, Daniel Prince (Lancaster University) - Triaging Android Systems Using Bayesian Attack Graphs.
Yu-Tsung Lee, Rahul George (Penn State University); Haining Chen (Google); Kevin Chan (Army Research Lab); Tina Eliassi-Rad (Northeastern University); Trent Jaeger (Penn State University) - Securing Your Crypto-API Usage Through Tool Support – A Usability Study.
Stefan Krüger; Michael Reif, Anna-Katharina Wickert (Technischen Universität Darmstadt); Sarah Nadi, Karim Ali (University of Alberta); Eric Bodden (University of Paderborn); Mira Mezini (Technischen Universität Darmstadt); Yasemin Acar (University of Paderborn); Sascha Fahl (CISPA Helmholtz-Center for Information Security) - Fortifying IoT Devices: AI-Driven Intrusion Detection via Memory-Encoded Audio Signals.
Ramyapandian Vijayakanthan (Towson University); Karley M Waguespack (Louisiana State University); Irfan Ahmed (Virginia Commonwealth University); Aisha Ali-Gombe (Louisiana State University) - Friend or Foe Inside? Exploring In-Process Isolation to Maintain Memory Safety for Unsafe Rust.
Merve Gulmez (KU Leuven); Thomas Nyman, Christoph Baumann (Ericsson); Jan Tobias Muehlberg (ULB) - Security and Privacy Threat Analysis for Solid.
Omid Mirzamohammadi (imec-COSIC, KU Leuven); Kristof Jannes, Laurens Sion, Dimitri Van Landuyt (imec-DistriNet, KU Leuven); Aysajan Abidin, Dave Singelee (imec-COSIC, KU Leuven) - Assessing the Impact of Efficiently Protecting Ten Million Stack Objects from Memory Errors Comprehensively.
Kaiming Huang, Jack Sampson, Trent Jaeger (The Pennsylvania State University) - Blade: Scalable Source Code Debloating Framework.
Muaz Ali (University of Arizona); Rumaisa Habib (Lahore University of Management Sciences); Ashish Gehani (SRI International); Sazzadur Rahaman (University of Arizona); Zartash Uzmi (Lahore University of Management Sciences) - A randomization-based, zero-trust cyberattack detection method for hierarchical systems.
Sinnott Murphy, Richard Macwan, Vivek Kumar Singh, Chin-Yao Chang (National Renewable Energy Laboratory) - Characterizing Static Analysis Alerts for Terraform Manifests: An Experience Report.
Hanyang Hu, Yani Bu, Kristen Wong, Gaurav Sood, Karen Smiley (company A); Akond Rahman (Auburn University) - BloatProfiler: Evaluating Container Debloaters.
Muhammad Hassan, Talha Tahir, Muhammad Farrukh, Abdullah Naveed, Anas Naeem (Lahore University of Management Sciences); Fahad Shaon (Data Security Technologies, LLC); Fareed Zaffar (Lahore University of Management Sciences); Ashish Gehani (SRI); Sazzadur Rahaman (University of Arizona) - Curbing the Vulnerable Parser: Graded Modal Guardrails for Secure Input Handling.
Eric Bond, Matthew Heimerdinger (Two Six Technologies)
Accepted Practitioner Papers
- Bridging the Bubbles: Connecting Academia and Industry in Cybersecurity Research.
Rasha Kashef, Monika Freunek (Toronto Metropolitan University); Jeff Schwartzentruber (eSentire Inc.); Reza Samavi, Burcu Bulgurcu (Toronto Metropolitan University); AJ Khan (Vehiqilla Inc.); Marcus Santos (Toronto Metropolitan University) - 11 Things about Securing Microservices.
Yuvaraj Madheswaran (GM Financial) - Misplaced Trust: The Security Flaw in Modern Code Signing Process.
Pranshu Bajpai (Motorola Solutions); Raghudeep Kannavara (Meta Platforms Inc) - Adaptive Security: Certificate and Key Rotation for Firmware Integrity.
Sunil Joshi, Kenneth Crowther, Jarvis Robinson (Xylem Inc.)