IEEE Secure Development Conference

October 18 - 20, 2023
Georgia Tech Hotel and Conference Center
Atlanta, GA

Sponsored by the IEEE Computer Society Technical Committee on Security and Privacy


2023 accepted

Posted on: September 16th, 2023 by SecDev
Accepted Papers
Accepted Tutorials
  • Tutorial: Crypto-Ransomware: Analysis, Defense, and Criminal Negotiation.
    Wenjia Song (Virginia Tech); Arianna Schuler Scott (Virginia Tech)
  • Tutorial: The End of Binary Protocol Parser Vulnerabilities.
    Alexander Senier (AdaCore)
Accepted Research Papers
  • Parser Weakness Enumeration.
    Denley Lam, Letitia Li, Anthony Gabrielson (BAE Systems)
  • An In-Depth Analysis of Android’s Java Class Library: its Evolution and Security Impact.
    Timothée Riom, Alexandre Bartel (Umeå University)
  • Model-Agnostic Federated Learning for Privacy-Preserving Systems.
    Hussain Almohri (Kuwait University); Layne T. Watson (Virginia Tech)
  • Challenges with Passwordless FIDO2 in an Enterprise Setting: A Usability Study.
    Michal Kepkowski (Macquarie University); Maciej Machulak; Ian Wood (Macquarie University); Dali Kaafar (Macquarie University)
  • PRICAR: Privacy Framework for Vehicular Data Sharing with Third Parties.
    Mert D. Pesé (Clemson University); Jay W. Schauer, Murali Mohan, Cassandra Joseph, Kang G. Shin (University of Michigan); John Moore (Ford Motor Company)
  • Grading on a Curve: How Rust can Facilitate New Contributors while Decreasing Vulnerabilities.
    Justin Tracey, Ian Goldberg (University of Waterloo)
  • A Lot Less Likely Than I Thought: Introducing Evidence-Based Security Risk Assessment for Healthcare Software.
    Charles Weir, Anna Dyson, Daniel Prince (Lancaster University)
  • Triaging Android Systems Using Bayesian Attack Graphs.
    Yu-Tsung Lee, Rahul George (Penn State University); Haining Chen (Google); Kevin Chan (Army Research Lab); Tina Eliassi-Rad (Northeastern University); Trent Jaeger (Penn State University)
  • Securing Your Crypto-API Usage Through Tool Support – A Usability Study.
    Stefan Krüger; Michael Reif, Anna-Katharina Wickert (Technischen Universität Darmstadt); Sarah Nadi, Karim Ali (University of Alberta); Eric Bodden (University of Paderborn); Mira Mezini (Technischen Universität Darmstadt); Yasemin Acar (University of Paderborn); Sascha Fahl (CISPA Helmholtz-Center for Information Security)
  • Fortifying IoT Devices: AI-Driven Intrusion Detection via Memory-Encoded Audio Signals.
    Ramyapandian Vijayakanthan (Towson University); Karley M Waguespack (Louisiana State University); Irfan Ahmed (Virginia Commonwealth University); Aisha Ali-Gombe (Louisiana State University)
  • Friend or Foe Inside? Exploring In-Process Isolation to Maintain Memory Safety for Unsafe Rust.
    Merve Gulmez (KU Leuven); Thomas Nyman, Christoph Baumann (Ericsson); Jan Tobias Muehlberg (ULB)
  • Security and Privacy Threat Analysis for Solid.
    Omid Mirzamohammadi (imec-COSIC, KU Leuven); Kristof Jannes, Laurens Sion, Dimitri Van Landuyt (imec-DistriNet, KU Leuven); Aysajan Abidin, Dave Singelee (imec-COSIC, KU Leuven)
  • Assessing the Impact of Efficiently Protecting Ten Million Stack Objects from Memory Errors Comprehensively.
    Kaiming Huang, Jack Sampson, Trent Jaeger (The Pennsylvania State University)
  • Blade: Scalable Source Code Debloating Framework.
    Muaz Ali (University of Arizona); Rumaisa Habib (Lahore University of Management Sciences); Ashish Gehani (SRI International); Sazzadur Rahaman (University of Arizona); Zartash Uzmi (Lahore University of Management Sciences)
  • A randomization-based, zero-trust cyberattack detection method for hierarchical systems.
    Sinnott Murphy, Richard Macwan, Vivek Kumar Singh, Chin-Yao Chang (National Renewable Energy Laboratory)
  • Characterizing Static Analysis Alerts for Terraform Manifests: An Experience Report.
    Hanyang Hu, Yani Bu, Kristen Wong, Gaurav Sood, Karen Smiley (company A); Akond Rahman (Auburn University)
  • BloatProfiler: Evaluating Container Debloaters.
    Muhammad Hassan, Talha Tahir, Muhammad Farrukh, Abdullah Naveed, Anas Naeem (Lahore University of Management Sciences); Fahad Shaon (Data Security Technologies, LLC); Fareed Zaffar (Lahore University of Management Sciences); Ashish Gehani (SRI); Sazzadur Rahaman (University of Arizona)
  • Curbing the Vulnerable Parser: Graded Modal Guardrails for Secure Input Handling.
    Eric Bond, Matthew Heimerdinger (Two Six Technologies)
Accepted Practitioner Papers
  • Bridging the Bubbles: Connecting Academia and Industry in Cybersecurity Research.
    Rasha Kashef, Monika Freunek (Toronto Metropolitan University); Jeff Schwartzentruber (eSentire Inc.); Reza Samavi, Burcu Bulgurcu (Toronto Metropolitan University); AJ Khan (Vehiqilla Inc.); Marcus Santos (Toronto Metropolitan University)
  • 11 Things about Securing Microservices.
    Yuvaraj Madheswaran (GM Financial)
  • Misplaced Trust: The Security Flaw in Modern Code Signing Process.
    Pranshu Bajpai (Motorola Solutions); Raghudeep Kannavara (Meta Platforms Inc)
  • Adaptive Security: Certificate and Key Rotation for Firmware Integrity.
    Sunil Joshi, Kenneth Crowther, Jarvis Robinson (Xylem Inc.)