Items where Year is 2023

(2023) Fact-Saboteurs: A Taxonomy of Evidence Manipulation Attacks against Fact-Verification Systems. (In Press)

(2023) VENOMAVE: Targeted Poisoning Against Speech Recognition.

(2023) Computing Square Colorings on Bounded-Treewidth and Planar Graphs. (In Press)

(2023) SandDriller: A Fully-Automated Approach for Testing Language-Based JavaScript Sandboxes.

(2023) Distributed Maximal Matching and Maximal Independent Set on Hypergraphs. (Submitted)

(2023) Fuzztruction: Using Fault Injection-based Fuzzing to Leverage Implicit Domain Knowledge.

(2023) The Network Zoo: a multilingual package for the inference and analysis of gene regulatory networks.

(2023) SecBench.js: An Executable Security Benchmark Suite for Server-Side JavaScript.

(2023) FIDO2, CTAP 2.1, and WebAuthn 2: Provable Security and Post-Quantum Instantiation. (In Press)

(2023) CustomProcessingUnit: Reverse Engineering and Customization of Intel Microcode.

(2023) TALUS: Reinforcing TEE Confidentiality with Cryptographic Coprocessors.

(2023) Hash Gone Bad: Automated discovery of protocol attacks that exploit hash function weaknesses.

(2023) Formal Analysis of SPDM: Security Protocol and Data Model version 1.2.

(2023) Formal Analysis of Session-Handling in Secure Messaging: Lifting Security from Sessions to Conversations. (Submitted)

(2023) Why I Can't Authenticate --- Understanding the Low Adoption of Authentication Ceremonies with Autoethnography.

(2023) Tight Complexity Bounds for Counting Generalized Dominating Sets in Bounded-Treewidth Graphs. (In Press)

(2023) Investigating Verification Behavior and Perceptions of Visual Digital Certificates.

(2023) A Systematic Study of the Consistency of Two-Factor Authentication User Journeys on Top-Ranked Websites.

(2023) Taming Large Bounds in Synthesis from Bounded-Liveness Specifications. (In Press)

(2023) It's (DOM) Clobbering Time: Attack Techniques, Prevalence, and Defenses. (Submitted)

(2023) UnGANable: Defending Against GAN-based Face Manipulation.

(2023) Learning Program Models from Generated Inputs. (In Press)

(2023) Automated Security Analysis of Exposure Notification Systems. (In Press)

(2023) Different Researchers, Different Results? Analyzing the Influence of Researcher Experience and Data Type During Qualitative Analysis of an Interview and Survey Study on Security Advice.

(2023) The Leaky Web: Automated Discovery of Cross-Site Information Leaks in Browsers and the Web.

(2023) EdgeTDC: On the Security of Time Difference of Arrival Measurements in CAN Bus Systems.

(2023) Drone Security and the Mysterious Case of DJI's DroneID.

(2023) FeIDo: Recoverable FIDO2 Tokens Using Electronic IDs (Extended Version).

(2023) Practical Timing Side-Channel Attacks on Memory Compression.

(2023) Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js.

(2023) From Input to Failure: Explaining Program Behavior via Cause-Effect Chains. (In Press)

(2023) Bilingual Problems: Studying the Security Risks Incurred by Native Extensions in Scripting Languages.

(2023) Privacy Rarely Considered: Exploring Considerations in the Adoption of Third-Party Services by Websites.

(2023) PrivTrace: Differentially Private Trajectory Synthesis by Adaptive Markov Model.

(2023) DiffCSP: Finding Browser Bugs in Content Security Policy Enforcement through Differential Testing.

(2023) Pseudo Label-Guided Model Inversion Attack via Conditional Generative Adversarial Network.

(2023) (M)WAIT for It: Bridging the Gap between Microarchitectural and Architectural Side Channels.