Export Citations
Save this search
Please login to be able to save your searches and receive alerts for new content matching your search criteria.
- posterNovember 2023
Poster: Verifiable Data Valuation with Strong Fairness in Horizontal Federated Learning
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 3642–3644https://doi.org/10.1145/3576915.3624402Federated learning (FL) represents an innovative decentralized paradigm in the field of machine learning, which differs from traditional centralized approaches. It facilitates collaborative model training among multiple participants and transfers only ...
- posterNovember 2023
Poster: Detecting Adversarial Examples Hidden under Watermark Perturbation via Usable Information Theory
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 3636–3638https://doi.org/10.1145/3576915.3624396Image watermark is a technique widely used for copyright protection. Recent studies show that the image watermark can be added to the clear image as a kind of noise to realize fooling deep learning models. However, previous adversarial example (AE) ...
- posterNovember 2023
Poster: The Risk of Insufficient Isolation of Database Transactions in Web Applications
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 3576–3578https://doi.org/10.1145/3576915.3624394Web applications utilizing databases for persistence frequently expose security flaws due to race conditions. The commonly accepted remedy to this problem is to envelope related database operations in transactions. Unfortunately, sole trust in ...
- posterNovember 2023
Poster: Data Minimization by Construction for Trigger-Action Applications
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 3522–3524https://doi.org/10.1145/3576915.3624376Trigger-Action Platforms (TAPs) enable applications to integrate various devices and services otherwise unconnected. Recent features of TAPs introduce additional sources of data such as queries in IFTTT. The current TAPs, like IFTTT, demand that trigger ...
- posterNovember 2023
Poster: Boosting Adversarial Robustness by Adversarial Pre-training
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 3540–3542https://doi.org/10.1145/3576915.3624370Vision Transformer (ViT) shows superior performance on various tasks, but, similar to other deep learning techniques, it is vulnerable to adversarial attacks. Due to the differences between ViT and traditional CNNs, previous works designed new ...
-
- posterNovember 2023
Poster: Backdoor Attack on Extreme Learning Machines
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 3588–3590https://doi.org/10.1145/3576915.3624369Deep neural networks (DNNs) achieve top performance through costly training on large datasets. Such resources may not be available in some scenarios, like IoT or healthcare. Extreme learning machines (ELMs) aim to alleviate this problem using single-...
- posterNovember 2023
Poster: A Privacy-Preserving Smart Contract Vulnerability Detection Framework for Permissioned Blockchain
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 3630–3632https://doi.org/10.1145/3576915.3624366The two main types of blockchains that are currently widely deployed are public blockchains and permissioned blockchains. The research that has been conducted for blockchain vulnerability detection is mainly oriented to public blockchains. Less ...
- abstractNovember 2023
SCORED '23: Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 3671–3672https://doi.org/10.1145/3576915.3624031Recent attacks on the software supply chain have shed light on the fragility and importance of ensuring the security and integrity of this vital ecosystem. Addressing the technical and social challenges to building trustworthy software for deployment in ...
- abstractNovember 2023
DeFi '23: Workshop on Decentralized Finance and Security
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 3660–3661https://doi.org/10.1145/3576915.3624026Decentralized Finance (DeFi) heralds a transformative moment in the realm of finance, challenging traditional intermediaries with a blockchain-centric blueprint. As DeFi burgeons, the intricate dance between its evolution and security emerges as an area ...
- abstractNovember 2023
MTD '23: 10th ACM Workshop on Moving Target Defense
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 3653–3654https://doi.org/10.1145/3576915.3624022The tenth ACM Workshop on Moving Target Defense (MTD) is held on November 26, 2023, in conjunction with the ACM Conference on Computer and Communications Security (CCS). The main objective of the workshop is to discuss novel randomization, ...
- research-articleNovember 2023
RetSpill: Igniting User-Controlled Data to Burn Away Linux Kernel Protections
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 3093–3107https://doi.org/10.1145/3576915.3623220Leveraging a control flow hijacking primitive (CFHP) to gain root privileges is critical to attackers striving to exploit Linux kernel vulnerabilities. Such attack has become increasingly elusive as security researchers propose capable kernel security ...
- research-articleNovember 2023
Fine-Grained Data-Centric Content Protection Policy for Web Applications
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 2845–2859https://doi.org/10.1145/3576915.3623217The vast amount of sensitive data in modern web applications has become a prime target for cyberattacks. Existing browser security policies disallow the execution of unknown scripts, but do not restrict access to sensitive web content by 'trusted' third-...
- research-articleNovember 2023
TypeSqueezer: When Static Recovery of Function Signatures for Binary Executables Meets Dynamic Analysis
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 2725–2739https://doi.org/10.1145/3576915.3623214Control-Flow Integrity (CFI) is considered a promising solution in thwarting advanced code-reuse attacks. While the problem of backward-edge protection in CFI is nearly closed, effective forward-edge protection is still a major challenge. The keystone of ...
- research-articleNovember 2023
SymGX: Detecting Cross-boundary Pointer Vulnerabilities of SGX Applications via Static Symbolic Execution
- Yuanpeng Wang,
- Ziqi Zhang,
- Ningyu He,
- Zhineng Zhong,
- Shengjian Guo,
- Qinkun Bao,
- Ding Li,
- Yao Guo,
- Xiangqun Chen
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 2710–2724https://doi.org/10.1145/3576915.3623213Intel Security Guard Extensions (SGX) have shown effectiveness in critical data protection. Recent symbolic execution-based techniques reveal that SGX applications are susceptible to memory corruption vulnerabilities. While existing approaches focus on ...
- research-articleNovember 2023
TxPhishScope: Towards Detecting and Understanding Transaction-based Phishing on Ethereum
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 120–134https://doi.org/10.1145/3576915.3623210The prosperity of Ethereum attracts many users to send transactions and trade crypto assets. However, this has also given rise to a new form of transaction-based phishing scam, named TxPhish. Specifically, tempted by high profits, users are tricked into ...
- research-articleNovember 2023
PANIC: PAN-assisted Intra-process Memory Isolation on ARM
- Jiali Xu,
- Mengyao Xie,
- Chenggang Wu,
- Yinqian Zhang,
- Qijing Li,
- Xuan Huang,
- Yuanming Lai,
- Yan Kang,
- Wei Wang,
- Qiang Wei,
- Zhe Wang
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 919–933https://doi.org/10.1145/3576915.3623206Intra-process memory isolation is a well-known technique to enforce least privilege within a process. In this paper, we propose a generic and efficient intra-process memory isolation technique named PANIC, by leveraging Privileged Access Never (PAN) and ...
- research-articleNovember 2023
Put Your Memory in Order: Efficient Domain-based Memory Isolation for WASM Applications
- Hanwen Lei,
- Ziqi Zhang,
- Shaokun Zhang,
- Peng Jiang,
- Zhineng Zhong,
- Ningyu He,
- Ding Li,
- Yao Guo,
- Xiangqun Chen
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 904–918https://doi.org/10.1145/3576915.3623205Memory corruption vulnerabilities can have more serious consequences in WebAssembly than in native applications. Therefore, we present \tool, the first WebAssembly runtime with memory isolation. Our insight is to use MPK hardware for efficient memory ...
- research-articleNovember 2023
Lanturn: Measuring Economic Security of Smart Contracts Through Adaptive Learning
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 1212–1226https://doi.org/10.1145/3576915.3623204We introduce Lanturn: a general purpose adaptive learning-based framework for measuring the cryptoeconomic security of composed decentralized-finance (DeFi) smart contracts. Lanturn discovers strategies comprising of concrete transactions for extracting ...
- research-articleNovember 2023
Speranza: Usable, Privacy-friendly Software Signing
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 3388–3402https://doi.org/10.1145/3576915.3623200Software repositories, used for wide-scale open software distribution, are a significant vector for security attacks. Software signing provides authenticity, mitigating many such attacks. Developer-managed signing keys pose usability challenges, but ...
- research-articleNovember 2023
KRover: A Symbolic Execution Engine for Dynamic Kernel Analysis
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 2009–2023https://doi.org/10.1145/3576915.3623198We present KRover, a novel kernel symbolic execution engine catered for dynamic kernel analysis such as vulnerability analysis and exploit generation. Different from existing symbolic execution engines, KRover operates directly upon a live kernel thread'...