NDSS 2022 83 papers accepted. Updated on 2023-09-08. You can find the lastest information here. ROV-MI: Large-Scale, Accurate and Efficient Measurement of ROV Deployment. HeadStart: Efficiently Verifiable and Low-Latency Participatory Randomness Generation at Scale. PMTUD is not Panacea: Revisiting IP Fragmentation Attacks against TCP. Subverting Stateful Firewalls with Protocol States. PHYjacking: Physical Input Hijacking for Zero-Permission Authorization Attacks on Android. GhostTalk: Interactive Attack on Smartphone Voice System Through Power Line. The Droid is in the Details: Environment-aware Evasion of Android Sandboxes. Uncovering Cross-Context Inconsistent Access Control Enforcement in Android. Evaluating Susceptibility of VPN Implementations to DoS Attacks Using Adversarial Testing. The Truth Shall Set Thee Free: Enabling Practical Forensic Capabilities in Smart Environments. LogicMEM: Automatic Profile Generation for Binary-Only Memory Forensics via Logic Inference. Forensic Analysis of Configuration-based Attacks. ditto: WAN Traffic Obfuscation at Line Rate. A Lightweight IoT Cryptojacking Detection Mechanism in Heterogeneous Smart Home Networks. FANDEMIC: Firmware Attack Construction and Deployment on Power Management Integrated Circuit and Impacts on IoT Applications. EqualNet: A Secure and Practical Defense for Long-term Network Topology Obfuscation. Context-Sensitive and Directional Concurrency Fuzzing for Data-Race Detection. MobFuzz: Adaptive Multi-objective Optimization in Gray-box Fuzzing. FirmWire: Transparent Dynamic Analysis for Cellular Baseband Firmware. EMS: History-Driven Mutation for Coverage-based Fuzzing. Tetrad: Actively Secure 4PC for Secure Training and Inference. MIRROR: Model Inversion for Deep LearningNetwork with High Fidelity. Local and Central Differential Privacy for Robustness and Privacy in Federated Learning. DeepSight: Mitigating Backdoor Attacks in Federated Learning Through Deep Model Inspection. Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications. Probe the Proto: Measuring Client-Side Prototype Pollution Vulnerabilities of One Million Real-world Websites. ScriptChecker: To Tame Third-party Script Execution With Task Capabilities. HARPO: Learning to Subvert Online Behavioral Advertising. Chosen-Instruction Attack Against Commercial Code Virtualization Obfuscators. Building Embedded Systems Like It's 1996. The Taming of the Stack: Isolating Stack Data from Memory Errors. CFInsight: A Comprehensive Metric for CFI Policies. Too Afraid to Drive: Systematic Discovery of Semantic DoS Vulnerability in Autonomous Driving Planning under Physical-World Attacks. RVPLAYER: Robotic Vehicle Forensics by Replay with What-if Reasoning. Hiding My Real Self! Protecting Intellectual Property in Additive Manufacturing Systems Against Optical Side-Channel Attacks. PoF: Proof-of-Following for Vehicle Platoons. Packet-Level Open-World App Fingerprinting on Wireless Traffic. SpiralSpy: Exploring a Stealthy and Practical Covert Channel to Attack Air-gapped Computing Devices via mmWave Sensing. SemperFi: Anti-spoofing GPS Receiver for UAVs. V-Range: Enabling Secure Ranging in 5G Wireless Networks. Hybrid Trust Multi-party Computation with Trusted Execution Environment. SynthCT: Towards Portable Constant-Time Code. Binary Search in Secure Computation. Chunked-Cache: On-Demand and Scalable Cache Isolation for Security Architectures. What You See is Not What the Network Infers: Detecting Adversarial Examples Based on Semantic Contradiction. Euler: Detecting Network Lateral Movement via Scalable Temporal Graph Link Prediction. Fooling the Eyes of Autonomous Vehicles: Robust Physical Adversarial Examples Against Traffic Sign Recognition Systems. FedCRI: Federated Mobile Cyber-Risk Intelligence. FakeGuard: Exploring Haptic Response to Mitigate the Vulnerability in Commercial Fingerprint Anti-Spoofing. On Utility and Privacy in Synthetic Genomic Data. ProvTalk: Towards Interpretable Multi-level Provenance Analysis in Networking Functions Virtualization (NFV). Privacy in Urban Sensing with Instrumented Fleets, Using Air Pollution Monitoring As A Usecase. Titanium: A Metadata-Hiding File-Sharing System with Malicious Security. Remote Memory-Deduplication Attacks. Interpretable Federated Transformer Log Learning for Cloud Threat Forensics. Repttack: Exploiting Cloud Schedulers to Guide Co-Location Attacks. ATTEQ-NN: Attention-based QoE-aware Evasive Backdoor Attacks. RamBoAttack: A Robust and Query Efficient Deep Neural Network Decision Exploit. Property Inference Attacks Against GANs. Get a Model! Model Hijacking Attack Against Machine Learning Models. DRAWN APART: A Device Identification Technique based on Remote GPU Fingerprinting. Clarion: Anonymous Communication from Multiparty Shuffling Protocols. VPNInspector: Systematic Investigation of the VPN Ecosystem. hbACSS: How to Robustly Share Many Secrets. An In-depth Analysis of Duplicated Linux Kernel Bug Reports. Kasper: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel. Semantic-Informed Driver Fuzzing Without Both the Hardware Devices and the Emulators. Progressive Scrutiny: Incremental Detection of UBI bugs in the Linux Kernel. F-PKI: Enabling Innovation and Trust Flexibility in the HTTPS Public-Key Infrastructure. Let's Authenticate: Automated Certificates for User Authentication. Transparency Dictionaries with Succinct Proofs of Correct Operation. Multi-Certificate Attacks against Proof-of-Elapsed-Time and Their Countermeasures. Shaduf: Non-Cycle Payment Channel Rebalancing. NC-Max: Breaking the Security-Performance Tradeoff in Nakamoto Consensus. Speeding Dumbo: Pushing Asynchronous BFT Closer to Practice. Preventing Kernel Hacks with HAKCs. D-Box: DMA-enabled Compartmentalization for Embedded Applications. Cross-Language Attacks. COOPER: Testing the Binding Code of Scripting Languages with Cooperative Mutation. Demystifying Local Business Search Poisoning for Illicit Drug Promotion. Hazard Integrated: Understanding Security Risks in App Extensions to Team Chat Systems. Above and Beyond: Organizational Efforts to Complement U.S. Digital Security Compliance Mandates. Fighting Fake News in Encrypted Messaging with the Fuzzy Anonymous Complaint Tally System (FACTS).