Default Cover Image

Default Cover Image

2023 IEEE Security and Privacy Workshops (SPW)

May 25 2023 to May 25 2023

San Francisco, CA, USA

ISBN: 979-8-3503-1236-2

Table of Contents

pp. 1-1

pp. 1-1

pp. 1-1

Table of Contents

pp. v-viii

HoneyKube: Designing and Deploying a Microservices-based Web Honeypot

pp. 1-11

by Chakshu Gupta, Thijs Van Ede, Andrea Continella

Evaluating Password Composition Policy and Password Meters of Popular Websites

pp. 12-20

by Kyungchan Lim, Joshua H. Kang, Matthew Dixson, Hyungjoon Koo, Doowon Kim

Is It Overkill? Analyzing Feature-Space Concept Drift in Malware Detectors

pp. 21-28

by Zhi Chen, Zhenning Zhang, Zeliang Kan, Limin Yang, Jacopo Cortellazzi, Feargus Pendlebury, Fabio Pierazzi, Lorenzo Cavallaro, Gang Wang

Deep Bribe: Predicting the Rise of Bribery in Blockchain Mining with Deep RL

pp. 29-37

by Roi Bar-Zur, Danielle Dori, Sharon Vardi, Ittay Eyal, Aviv Tamar

On the Brittleness of Robust Features: An Exploratory Analysis of Model Robustness and Illusionary Robust Features

pp. 38-44

by Alireza Aghabagherloo, Rafa Gálvez, Davy Preuveneers, Bart Preneel

Benchmarking the Effect of Poisoning Defenses on the Security and Bias of Deep Learning Models

pp. 45-56

by Nathalie Baracaldo, Farhan Ahmed, Kevin Eykholt, Yi Zhou, Shriti Priya, Taesung Lee, Swanand Kadhe, Mike Tan, Sridevi Polavaram, Sterling Suggs, Yuyang Gao, David Slater

On the Pitfalls of Security Evaluation of Robust Federated Learning

pp. 57-68

by Momin Ahmad Khan, Virat Shejwalkar, Amir Houmansadr, Fatima M. Anwar

SafeFL: MPC-friendly Framework for Private and Robust Federated Learning

pp. 69-76

by Till Gehlhar, Felix Marx, Thomas Schneider, Ajith Suresh, Tobias Wehrle, Hossein Yalame

Membership Inference Attacks against Diffusion Models

pp. 77-83

by Tomoya Matsumoto, Takayuki Miura, Naoto Yanai

On Feasibility of Server-side Backdoor Attacks on Split Learning

pp. 84-93

by Behrad Tajalli, Oğuzhan Ersoy, Stjepan Picek

Your Email Address Holds the Key: Understanding the Connection Between Email and Password Security with Deep Learning

pp. 94-104

by Etienne Salimbeni, Nina Mainusch, Dario Pasquini

A Survey of Parser Differential Anti-Patterns

pp. 105-116

by Sameed Ali, Sean W. Smith

PolyDoc: Surveying PDF Files from the PolySwarm network

pp. 117-134

by Prashant Anantharaman, Robert Lathrop, Rebecca Shapiro, Michael E. Locasto

Whole-Program Privilege and Compartmentalization Analysis with the Object-Encapsulation Model

pp. 1-12

by Yudi Yang, Weijie Huang, Kelly Kaoudis, Nathan Dautenhahn

Unsupervised clustering of file dialects according to monotonic decompositions of mixtures

pp. 147-162

by Michael Robinson, Tate Altman, Denley Lam, Letitia W. Li

DISV: Domain Independent Semantic Validation of Data Files

pp. 163-174

by Ashish Kumar, Bill Harris, Gang Tan

Blind Spots: Identifying Exploitable Program Inputs

pp. 175-186

by Henrik Brodin, Marek Surovič, Evan Sultanik

Automatically Detecting Variability Bugs Through Hybrid Control and Data Flow Analysis

pp. 187-197

by Kelly Kaoudis, Henrik Brodin, Evan Sultanik

Research Report: Synthesizing Intrusion Detection System Test Data from Open-Source Attack Signatures

pp. 198-208

by Jared Chandler, Adam Wick

Corpus-wide Analysis of Parser Behaviors via a Format Analysis Workbench

pp. 209-218

by Pottayil Harisanker Menon, Walt Woods

Reflections on Trusting Docker: Invisible Malware in Continuous Integration Systems

pp. 219-227

by Florent Moriconi, Axel Ilmari Neergaard, Lucas Georget, Samuel Aubertin, Aurélien Francillon

ROPfuscator: Robust Obfuscation with ROP

pp. 1-10

by Giulio De Pasquale, Fukutomo Nakanishi, Daniele Ferla, Lorenzo Cavallaro

GPThreats-3: Is Automatic Malware Generation a Threat?

pp. 238-254

by Marcus Botacin

Emoji shellcoding in RISC-V

pp. 255-263

by Hadrien Barral, Georges-Axel Jaloyan, David Naccache

The ghost is the machine: Weird machines in transient execution

pp. 264-272

by Ping-Lun Wang, Fraser Brown, Riad S. Wahby

Cryo-Mechanical RAM Content Extraction Against Modern Embedded Systems

pp. 273-284

by Yuanzhe Wu, Grant Skipper, Ang Cui

CustomProcessingUnit: Reverse Engineering and Customization of Intel Microcode

pp. 285-297

by Pietro Borrello, Catherine Easdon, Martin Schwarzl, Roland Czerny, Michael Schwarz

The Little Seal Bug: Optical Sound Recovery from Lightweight Reflective Objects

pp. 298-310

by Ben Nassi, Raz Swissa, Jacob Shams, Boris Zadov, Yuval Elovici

ESPwn32: Hacking with ESP32 System-on-Chips

pp. 311-325

by Romain Cayre, Damien Cauquil, Aurélien Francillon

Fuzzing the Latest NTFS in Linux with Papora: An Empirical Study

pp. 326-336

by Edward Lo, Ningyu He, Yuejie Shi, Jiajia Xu, Chiachih Wu, Ding Li, Yao Guo

Divergent Representations: When Compiler Optimizations Enable Exploitation

pp. 337-348

by Andreas D. Kellas, Alan Cao, Peter Goodman, Junfeng Yang

Go or No Go: Differential Fuzzing of Native and C Libraries

pp. 349-363

by Alessandro Sorniotti, Michael Weissbacher, Anil Kurmus

ASanity: On Bug Shadowing by Early ASan Exits

pp. 364-370

by Vincent Ulitzsch, Deniz Scholz, Dominik Maier

Scripted Henchmen: Leveraging XS-Leaks for Cross-Site Vulnerability Detection

pp. 371-383

by Tom Van Goethem, Iskander Sanchez-Rola, Wouter Joosen

Hakuin: Optimizing Blind SQL Injection with Probabilistic Language Models

pp. 384-393

by Jakub Pružinec, Nguyen Anh Quynh

Towards Simultaneous Attacks on Multiple Cellular Networks

pp. 394-405

by Alexander J. Ross, Bradley Reaves

pp. 407-408

Showing 41 out of 41