BENZENE: A Practical Root Cause Analysis System with an Under-Constrained State Mutation
Younggi Park (Korea University), Hwiwon Lee (Korea University), Jinho Jung (Ministry of National Defense), Hyungjoon Koo (Sungkyunkwan University), Huy Kang Kim (Korea University)
Shedding Light on CVSS Scoring Inconsistencies: A User-Centric Study on Evaluating Widespread Security Vulnerabilities
Julia Wunder (Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU)), Andreas Kurtz (Heilbronn University of Applied Sciences), Christian Eichenmüller (Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU)), Freya Gassmann (Rheinland-Pfälzische Technische Universität Kaiserslautern-Landau (RPTU)), Zinaida Benenson (Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU))
"False negative - that one is going to kill you." - Understanding Industry Perspectives of Static Analysis based Security Testing
Amit Seal Ami (William & Mary), Kevin Moran (University of Central Florida), Denys Poshyvanyk (William & Mary), Adwait Nadkarni (William & Mary)
The Great Request Robbery: An Empirical Study of Client-side Request Hijacking Vulnerabilities on the Web
Soheil Khodayari (CISPA Helmholtz Center for Information Security), Thomas Barber (SAP Security Research), Giancarlo Pellegrino (CISPA Helmholtz Center for Information Security)
SoK: Prudent Evaluation Practices for Fuzzing
Moritz Schloegel (CISPA Helmholtz Center for Information Security), Nils Bars (CISPA Helmholtz Center for Information Security), Nico Schiller (CISPA Helmholtz Center for Information Security), Lukas Bernhard (CISPA Helmholtz Center for Information Security), Tobias Scharnowski (CISPA Helmholtz Center for Information Security), Addison Crump (CISPA Helmholtz Center for Information Security), Arash Ale Ebrahim (CISPA Helmholtz Center for Information Security), Nicolai Bissantz (Ruhr University Bochum), Marius Muench (University of Birmingham), Thorsten Holz (CISPA Helmholtz Center for Information Security)
SoK: Unintended Interactions among Machine Learning Defenses and Risks
Vasisht Duddu (University of Waterloo), Sebastian Szyller (Intel Labs), N. Asokan (University of Waterloo, Aalto University)
From Virtual Touch to Tesla Command: Unlocking Unauthenticated Control Chains From Smart Glasses for Vehicle Takeover
Xingli Zhang (University of Louisiana at Lafayette), Yazhou Tu (University of Louisiana at Lafayette), Yan Long (University of Michigan), Liqun Shan (University of Louisiana at Lafayette), Mohamed A Elsaadani (University of Louisiana at Lafayette), Kevin Fu (Northeastern University), Zhiqiang Lin (Ohio State University), Xiali Hei (University of Louisiana at Lafayette)
From Chatbots to Phishbots?: Phishing Scam Generation in Commercial Large Language Models
Sayak Saha Roy (University of Texas at Arlington), Poojitha Thota (University of Texas at Arlington), Krishna Vamsi Naragam (University of Texas at Arlington), Shirin Nilizadeh (University of Texas at Arlington)
INTFAIL: Using Spurious #VC Interrupts to Break AMD SEV-SNP
Benedict Schlüter (ETH Zurich), Supraja Sridhara (ETH Zurich), Andrin Bertschi (ETH Zurich), Shweta Shinde (ETH Zurich)