Default Cover Image

Default Cover Image

2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)

Jul 03 2023 to Jul 07 2023

Delft, Netherlands

ISSN: 2768-0657

ISBN: 979-8-3503-2720-5

Table of Contents

pp. 1-1

pp. 3-3

pp. 4-4

Table of Contents

pp. 5-13

Welcome Message from the General Chairs

pp. 14-14

Welcome Message from the Workshop Chairs

pp. 15-15

A Threat Model for Soft Privacy on Smart Cars

pp. 1-10

by Mario Raciti, Giampaolo Bella

Vulnerability Analysis of Vehicular Coordinated Maneuvers

pp. 11-20

by Konstantinos Kalogiannis, Andreas Henriksson, Panos Papadimitratos

A Preliminary Study of Privilege Life Cycle in Software Management Platform Automation Workflows

pp. 21-28

by Giacomo Benedetti, Luca Verderame, Alessio Merlo

An Investigation of Quality Issues in Vulnerability Detection Datasets

pp. 29-33

by Yuejun Guo, Seifeddine Bettaieb

GLICE: Combining Graph Neural Networks and Program Slicing to Improve Software Vulnerability Detection

pp. 34-41

by Wesley De Kraker, Harald Vranken, Arjen Hommersom

Guiding Directed Fuzzing with Feasibility

pp. 42-49

by Weiheng Bai, Kefu Wu, Qiushi Wu, Kangjie Lu

Effective Machine Learning-based Access Control Administration through Unlearning

pp. 50-57

by Javier Martínez Llamas, Davy Preuveneers, Wouter Joosen

An Analysis System to Test Security of Software on Continuous Integration-Continuous Delivery Pipeline

pp. 58-67

by Carmelo Aparo, Cinzia Bernardeschi, Giuseppe Lettieri, Fabio Lucattini, Salvatore Montanarella

Tales from the Git: Automating the Detection of Secrets on Code and Assessing Developers' Passwords Choices

pp. 68-75

by Nikolaos Lykoysas, Constantinos Patsakis

A ‘Human-in-the-Loop’ Approach for Information Extraction from Privacy Policies under Data Scarcity

pp. 76-83

by Michael Gebauer, Faraz Maschhur, Nicola Leschke, Elias Grünewald, Frank Pallas

An Analysis of Requirements and Privacy Threats in Mobile Data Donations

pp. 84-93

by Leonie Reichert, Björn Scheuermann

ATLAS: Automatically Detecting Discrepancies Between Privacy Policies and Privacy Labels

pp. 94-107

by Akshath Jain, David Rodriguez, Jose M. del Alamo, Norman Sadeh

Automating Privacy Decisions – Where to Draw the Line?

pp. 108-116

by Victor Morel, Simone Fischer-Hübnerr

Lessons Learned: Building a Privacy-Preserving Entity Resolution Adaptation of PPJoin using End-to-End Homomorphic Encryption

pp. 117-124

by Tanmay Ghai, Yixiang Yao, Srivatsan Ravi

Privacy as an Architectural Quality: A Definition and an Architectural View

pp. 125-132

by Immanuel Kunz, Shuqian Xu

Secure Key Management for Multi-Party Computation in MOZAIK

pp. 133-140

by Enzo Marquet, Jerico Moeyersons, Erik Pohle, Michiel Van Kenhove, Aysajan Abidin, Bruno Volckaert

Unified Communication: What do Digital Activists Need?

pp. 141-149

by Thomas Reisinger, Isabel Wagner, Eerke Albert Boiten

Comparing Privacy Label Disclosures of Apps Published in Both the App Store and Google Play Stores

pp. 150-157

by David Rodriguez, Akshath Jain, Jose M. del Alamo, Norman Sadeh

"Get a Higher Return on Your Savings!": Comparing Adverts for Cryptocurrency Investment Scams Across Platforms

pp. 158-169

by Gilberto Atondo Siu, Alice Hutchings

An Argument for Linguistic Expertise in Cyberthreat Analysis: LOLSec in Russian Language eCrime Landscape

pp. 170-176

by Dalyapraz Manatova, L Jean Camp, Julia R. Fox, Sandra Kuebler, Maria A. Shardakova, Inna Kouper

Applying Neutralisation Theory to Better Understand Ransomware Offenders

pp. 177-182

by Lena Connolly, Hervé Borrion, Budi Arief, Sanaa Kaddoura

Digital Drift and the Evolution of a Large Cybercrime Forum

pp. 183-193

by Jack Hughes, Alice Hutchings

Enhancing Vulnerability Prioritization: Data-Driven Exploit Predictions with Community-Driven Insights

pp. 194-206

by Jay Jacobs, Sasha Romanosky, Octavian Suciu, Ben Edwards, Armin Sarabi

How Cryptocurrency Exchange Interruptions Create Arbitrage Opportunities

pp. 207-215

by Andrew Morin, Tyler Moore

Mapping the Cyberstalking Landscape: An Empirical Analysis of Federal U.S. Crimes

pp. 216-226

by Sasha Romanosky, Peter Schirmer

On Gaps in Enterprise Cyber Attack Reporting

pp. 227-231

by Abulfaz Hajizada, Tyler Moore

The Peculiar Case of Tailored Phishing against SMEs: Detection and Collective Defense Mechanisms at a Small IT Company

pp. 232-243

by Pavlo Burda, Abdul Malek Altawekji, Luca Allodi, Nicola Zannone

Visualizing Cyber-Threats in Underground Forums

pp. 244-258

by James Burroughs, Michal Tereszkowski-Kaminski, Guillermo Suarez-Tangil

A Hybrid Solution for Constrained Devices to Detect Microarchitectural Attacks

pp. 259-269

by Nikolaos-Foivos Polychronou, Pierre-Henri Thevenon, Maxime Puys, Vincent Beroulle

A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards

pp. 270-280

by Joshua Harrison, Ehsan Toreini, Maryam Mehrnezhad

Combined Internal Attacks on SoC-FPGAs: Breaking AES with Remote Power Analysis and Frequency-based Covert Channels

pp. 281-286

by Anis Fellah-Touta, Lilian Bossuet, Carlos Andres Lara-nino

Emulating Side Channel Attacks on Gem5: Lessons Learned

pp. 287-295

by Lilian Bossuet, Vincent Grosso, Carlos Andres Lara-Nino

TimeInspector: A Static Analysis Approach for Detecting Timing Attacks

pp. 296-303

by Fatih Durmaz, Nureddin Kamadan, Melih Taha Öz, Musa Unal, Arsalan Javeed, Cemal Yilmaz, Erkay Savas

Work in Progress: Thwarting Timing Attacks in Microcontrollers using Fine-Grained Hardware Protections

pp. 304-310

by Nicolas Gaudin, Jean-Loup Hatchikian-Houdot, Frédéric Besson, Pascal Cotret, Guy Gogniat, Guillaume Hiet, Vianney Lapotre, Pierre Wilke

Faulting Original McEliece’s Implementations is Possible How to Mitigate this Risk?

pp. 311-319

by Vincent Giraud, Guillaume Bouffard

A Digital Forensic Taxonomy For Programmable Logic Controller Data Artefacts

pp. 320-328

by Feras Shahbi, Joseph Gardiner, Sridhar Adepu, Awais Rashid

A Key to Embedded System Security: Locking and Unlocking Secrets with a Trusted Platform Module

pp. 329-335

by Teri Lenard, Anastasija Collen, Niels A. Nijdam, Bela Genge

From Tactics to Techniques: A Systematic Attack Modeling for Advanced Persistent Threats in Industrial Control Systems

pp. 336-344

by Yunhe Yang, Mu Zhang

The Bandit’s States: Modeling State Selection for Stateful Network Fuzzing as Multi-armed Bandit Problem

pp. 345-350

by Anne Borcherding, Mark Giraud, Ian Fitzgerald, Jürgen Beyerer

The Case for Virtual PLC-Enabled Honeypot Design

pp. 351-357

by Samin Y. Chowdhury, Brandon Dudley, Ruimin Sun

To me, to you: Towards Secure PLC Programming through a Community-Driven Open-Source Initiative

pp. 358-362

by Richard Derbyshire, Sam Maesschalck, Alexander Staves, Benjamin Green, David Hutchison

Unsafe Behavior Detection with Adaptive Contrastive Learning in Industrial Control Systems

pp. 363-369

by Xu Zheng, Tianchun Wang, Samin Yasar Chowdhury, Ruimin Sun, Dongsheng Luo

ARCSG: Advancing Resilience of Cyber-Physical Smart Grid: An Integrated Co-Simulation Approach Incorporating Indicators of Compromise

pp. 370-378

by Mohammed Asiri, Neetesh Saxena, Pete Burnap

Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth

pp. 379-385

by Jens Pottebaum, Jost Rossel, Juraj Somorovsky, Yasemin Acar, René Fahr, Patricia Arias Cabarcos, Eric Bodden, Iris Gräßler

D-GATE: Decentralized Geolocation and Time Enforcement for Usage Control

pp. 386-395

by Hendrik Meyer Zum Felde, Jean-Luc Reding, Michael Lux

Hexanonymity: a Scalable Geo-Positioned Data Clustering Algorithm for Anonymisation Purposes

pp. 396-404

by Javier Rodriguez-Viñas, Ines Ortega-Fernandez, Eva Sotos Martínez

Masking Location Streams in the Presence of Colluding Service Providers

pp. 405-414

by Toon Dehaene, Michiel Willocx, Bert Lagaisse, Vincent Naessens

A Wolf in Sheep's Clothing: Query-Free Evasion Attacks Against Machine Learning-Based Malware Detectors with Generative Adversarial Networks

pp. 415-426

by Daniel Gibert, Jordi Planes, Quan Le, Giulio Zizzo

Simplification of General Mixed Boolean-Arithmetic Expressions: GAMBA

pp. 427-438

by Benjamin Reichenwallner, Peter Meerwald-Stadler

Temporal Analysis of Distribution Shifts in Malware Classification for Digital Forensics

pp. 439-450

by Francesco Zola, Jan Lukas Bruse, Mikel Galar

How Well does GPT Phish People? An Investigation Involving Cognitive Biases and Feedback

pp. 451-457

by Megha Sharma, Kuldeep Singh, Palvi Aggarwal, Varun Dutt

Learning to Defend by Attacking (and Vice-Versa): Transfer of Learning in Cybersecurity Games

pp. 458-464

by Tyler Malloy, Cleotilde Gonzalez

Honey Infiltrator: Injecting Honeytoken Using Netfilter

pp. 465-469

by Daniel Reti, Tillmann Angeli, Hans Dieter Schotten

A First Look at SVCB and HTTPS DNS Resource Records in the Wild

pp. 470-474

by Johannes Zirngibl, Patrick Sattler, Georg Carle

Assessing and Exploiting Domain Name Misinformation

pp. 475-486

by Blake Anderson, David McGrew

Assessing Network Operator Actions to Enhance Digital Sovereignty and Strengthen Network Resilience: A Longitudinal Analysis during the Russia-Ukraine Conflict

pp. 487-494

by Muhammad Yasir Muzayan Haq, Abhishta Abhishta, Raffaele Sommese, Mattijs Jonker, Lambert J.M. Nieuwenhuis

Detecting and Analyzing Mouse Tracking in the Wild

pp. 495-500

by Marcel Urpí-Bricollé, Ismael Castell-Uroz, Pere Barlet-Ros

Inside Residential IP Proxies: Lessons Learned from Large Measurement Campaigns

pp. 501-512

by Elisa Chiapponi, Marc Dacier, Olivier Thonnard

Lost in Translation: AI-based Generator of Cross-Language Sound-Squatting

pp. 513-520

by Rodolfo Valentim, Idilio Drago, Marco Mellia, Federico Cerutti

Revisiting OAuth 2.0 Compliance: A Two-Year Follow-Up Study

pp. 521-525

by Pieter Philippaerts, Davy Preuveneers, Wouter Joosen

TLS → Post-Quantum TLS: Inspecting the TLS Landscape for PQC Adoption on Android

pp. 526-538

by Dimitri Mankowski, Thom Wiggers, Veelasha Moonsamy

Towards More Rigorous Domain-based Metrics: Quantifying the Prevalence and Implications of "Active" Domains

pp. 539-545

by Siôn Lloyd, Carlos Hernandez-Gañan, Samaneh Tajalizadehkhoob

Unveiling the Weak Links: Exploring DNS Infrastructure Vulnerabilities and Fortifying Defenses

pp. 546-557

by Yevheniya Nosyk, Olivier Hureau, Simon Fernandez, Andrzej Duda, Maciej Korczyński

Fake it Till You Detect it: Continual Anomaly Detection in Multivariate Time-Series using Generative AI

pp. 558-566

by Gastón García González, Pedro Casas, Alicia Fernández

Identifying and Differentiating Acknowledged Scanners in Network Traffic

pp. 567-574

by M. Patrick Collins, Alefiya Hussian, Stephen Schwab

”As Usual, I Needed Assistance of a Seeing Person”: Experiences and Challenges of People with Disabilities and Authentication Methods

pp. 575-593

by Ahmet Erinola, Annalina Buckmann, Jennifer Friedauer, Asli Yardim, M. Angela Sasse

Talking Abortion (Mis)information with ChatGPT on TikTok

pp. 594-608

by Filipo Sharevski, Jennifer Vander Loop, Peter Jachim, Amy Devine, Emma Pieroni

Work in Progress: A Glance at Social Media Self-Censorship in North America

pp. 609-618

by Wei Hu, Diogo Barradas

Position Paper: The Role of law in Achieving Privacy and Security Measures in Smart Buildings from the GDPR Context

pp. 619-626

by Natalie Leesakul, Charles Morisset

Divided We Hack: Exploring the Degree of Sino-Russian Coordination in Cyberspace During the Ukraine War

pp. 627-640

by Francesco Ferazza, Cosimo Melella, Konstantinos Mersinas, Antonio Calcara

U-Sense: Feasibility Study of "Human as a Sensor" in Incident Reporting Systems in a Smart Campus

pp. 641-652

by Naoom Abu Abah, Nick Taylor, Charles Morisset, Maryam Mehrnezhad

Work in Progress: Evaluation of Security Standards through a Cyber Range using Hackers' Tactics, Techniques and Procedures

pp. 653-658

by Patrick Wake, Sue Black, Jonathan Young

What We Do in the Shadows: How does Experiencing Cybercrime Affect Response Actions & Protective Practices?

pp. 659-672

by Magdalene Ng, Maria Bada, Kovila P.L. Coopamootoo

pp. 673-676

Showing 80 out of 80