S&P 2022 论文录用列表

IEEE Symposium on Security and Privacy(简称 S&P)是信息安全领域四大顶级学术会议之一，始于1980年，今年是第43届。S&P 2022共收到1012篇论文（2021：952；2020：841；2019：679；2018:549），录取147篇（2021：107；2020：104；2019：84；2018：63）,录取率只有14.5%。在2022年有一些变动：

• 在2022年引入了三轮投稿机制，总共收到论文1012篇(其中第三轮收到410篇)；
• 在所有三轮投稿中，共有104篇论文收到重修要求，只有92篇被录用（即88.4%的录用率），重修期间还是需要引起大家重视。
• 论文投稿中大修论文数量为144篇，只有59篇可被考虑在2023 S&P中被录用，即大修被录用的概率为：40.97%。
• 首次成立了道德伦理委员会(REC),审核存在道德伦理的论文。

国内包含浙江大学、山东大学、复旦大学、香港科技大学、中国科学院、PLA信息工程大学、中国科学院信工所、上海科技大学、清华大学、华中科技大学等高校都有录用论文，部分小编感兴趣的论文标题已经标红(小编也非常抱歉今年S&P现在才推送)：

• Adversarial Examples for Proof-of-Learning

Rui Zhang (Zhejiang University), Jian Liu (Zhejiang University), Yuan Ding (Zhejiang University), Zhibo Wang (Zhejiang University), Qingbiao Wu (Zhejiang University), Kui Ren (Zhejiang University), Jian Liu (Zhejiang University)

• "Desperate Times Call for Desperate Measures": User Concerns with Mobile Loan Apps in Kenya

Collins W. Munyendo (The George Washington University), Yasemin Acar (The George Washington University), Adam J. Aviv (The George Washington University), Yasemin Acar (George Washington University)

• "Flawed, but like democracy we don't have a better system": The Experts' Insights on the Peer Review Process of Evaluating Security Papers

Ananta Soneji (Arizona State University), Faris Bugra Kokulu (Arizona State University), Carlos Rubio-Medrano (Texas A&M University - Corpus Christi), Tiffany Bao (Arizona State University), Ruoyu Wang (Arizona State University), Yan Shoshitaishvili (Arizona State University), Adam Doupe (Arizona State University)

• "They're not that hard to mitigate": What Cryptographic Library Developers Think About Timing Attacks

Jan Jancar (Masaryk University), Marcel Fourné (Max Planck Institute for Security and Privacy), Daniel De Almeida Braga (Univ Rennes, CNRS, IRISA), Mohamed Sabt (Univ Rennes, CNRS, IRISA), Peter Schwabe (Max Planck Institute for Security and Privacy & Radboud University), Gilles Barthe (Max Planck Institute for Security and Privacy & IMDEA Software Institute), Pierre-Alain Fouque (Univ Rennes, CNRS, IRISA), Yasemin Acar (Max Planck Institute for Security and Privacy & George Washington University)

• 27 Years and 81 Million Opportunities Later: Investigating the Use of Email Encryption for an Entire University

Christian Stransky (Leibniz University Hannover, Germany), Oliver Wiese (Freie Universität Berlin, Germany), Volker Roth (Freie Universität Berlin, Germany), Yasemin Acar (Max Planck Institute for Security and Privacy, Germany), Sascha Fahl (CISPA / Leibniz University Hannover, Germany)

• A Formal Security Analysis of the W3C Web Payment APIs: Attacks and Verification

Quoc Huy Do (University of Stuttgart, Germany), Pedram Hosseyni (University of Stuttgart, Germany), Ralf Küsters (University of Stuttgart, Germany), Guido Schmitz (University of Stuttgart, Germany and Royal Holloway, University of London, UK), Nils Wenzler (University of Stuttgart, Germany), Tim Würtele (University of Stuttgart, Germany)

• A Logic and an Interactive Prover for the Computational Post-Quantum Security of Protocols

Cas Cremers (CISPA Helmholtz Center for Information Security), Charlie Jacomme (CISPA - Helmholtz Center for Information Security), Caroline Fontaine (Université Paris-Saclay, CNRS, ENS Paris-Saclay, Laboratoire Méthodes Formelles), Cas Cremers (CISPA Helmholtz Center for Information Security)

• A Secret-Free Hypervisor: Rethinking Isolation in the Age of Speculative Vulnerabilities

Hongyan Xia (Microsoft Research), David Zhang (Microsoft), Wei Liu (Microsoft), Istvan Haller (Microsoft Research), Bruce Sherwin (Microsoft), David Chisnall (Microsoft Research)

• A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP

Mengyuan Li (The Ohio State University), Luca Wilke (University of Lübeck), Jan Wichelmann (University of Lübeck), Thomas Eisenbarth (University of Lübeck), Radu Teodorescu (The Ohio State University), Yinqian Zhang (Southern University of Science and Technology)

• AccEar: Accelerometer Acoustic Eavesdropping with Unconstrained Vocabulary

Pengfei Hu (Shandong University), Hui Zhuang (Shandong University), Panneer Selvam Santhalingam (George Mason University), Riccardo Spolaor (Shandong University), Parth Pathak (George Mason University), Guoming Zhang (Shandong University), Xiuzhen Cheng (Shandong University)

• Adversarial Prefetch: New Cross-Core Cache Side Channel Attacks

Yanan Guo (University of Pittsburgh), Andrew Zigerelli (Independent), Youtao Zhang (Computer Science Department, University of Pittsburgh), Jun Yang (University of Pittsburgh)

• Analyzing Ground-Truth Data of Mobile Gambling Scam

Geng Hong (Fudan University), Zhemin Yang (Fudan University), Sen Yang (Fudan University), Xiaojing Liao (Indiana University Bloomington), Xiaolin Du (Fudan University), Min Yang (Fudan University), Haixin Duan (Institute for Network Science and Cyberspace, Tsinghua University; Qi An Xin Group Corp.)

• Annotating, Tracking, and Protecting Cryptographic Secrets with CryptoMPK Xuancheng Jin (Shanghai Jiao Tong University), Xuangan Xiao (Shanghai Jiao Tong University), Songlin Jia (Shanghai Jiao Tong University), Wang Gao (Shanghai Jiao Tong University), Hang Zhang (UC Riverside), Dawu Gu (Shanghai Jiao Tong University), Siqi Ma (The University of Queensland), Zhiyun Qian (UC Riverside), Juanru Li (Shanghai Jiao Tong University)

• Anti-Tamper Radio: System-Level Tamper Detection for Computing Systems

Paul Staat (Max Planck Institute for Security and Privacy), Johannes Tobisch (Max Planck Institute for Security and Privacy), Christian Zenger (PHYSEC GmbH), Christof Paar (Max Planck Institute for Security and Privacy)

• Are We There Yet? Timing and Floating-Point Attacks on Differential Privacy Systems

Jiankai Jin (The University of Melbourne, Australia), Eleanor McMurtry (ETH Zurich), Benjamin Rubinstein (University of Melbourne, Australia), Olga Ohrimenko (The University of Melbourne)

• Asleep at the Keyboard? Assessing the Security of GitHub Copilot's Code Contributions

Hammond Pearce (NYU Tandon School of Engineering), Baleegh Ahmad (NYU Tandon School of Engineering), Benjamin Tan (NYU Tandon School of Engineering), Brendan Dolan-Gavitt (NYU Tandon School of Engineering), Ramesh Karri (NYU Tandon School of Engineering)

• Attacks on Wireless Coexistence

Jiska Classen (TU Darmstadt, SEEMOO), Michael Hermann (TU Darmstadt, SEEMOO), Francesco Gringoli (University of Brescia), Matthias Hollick (TU Darmstadt, SEEMOO)

• Augury: Using Data Memory-Dependent Prefetchers to Leak Data at Rest

Jose Rodrigo Sanchez Vicarte (University of Illinois at Urbana-Champaign), Michael Flanders (University of Washington), Riccardo Paccagnella (University of Illinois at Urbana-Champaign), Grant Garrett-Grossman (University of Illinois at Urbana-Champaign), Adam Morrison (Tel Aviv University), Chris Fletcher (University of Illinois at Urbana-Champaign), David Kohlbrenner (University of Washington)

• Automated Attack Synthesis by Extracting Finite State Machines from Protocol Specification Documents

Maria Pacheco Gonzales (Purdue University), Max von Hippel (Northeastern University), Ben Weintraub (Northeastern University), Dan Goldwasser (Purdue University), Cristina Nita-Rotaru (Northeastern University)

• BEACON : Directed Grey-Box Fuzzing with Provable Path Pruning

Heqing Huang (The Hong Kong University of Science and Technology), Yiyuan Guo (The Hong Kong University of Science and Technology), Qingkai Shi (The Hong Kong University of Science and Technology), Peisen Yao (The Hong Kong University of Science and Technology), Rongxin Wu (Xiamen University), Charles Zhang (The Hong Kong University of Science and Technology)

• Back to the Drawing Board: A Critical Evaluation of Poisoning Attacks on Federated Learning

Virat Shejwalkar (UMass Amherst), Amir Houmansadr (UMass Amherst), Peter Kairouz (Google), Daniel Ramage (Google)

• Bad Characters: Imperceptible NLP Attacks

Nicholas Boucher (University of Cambridge), Ilia Shumailov (University of Cambridge, Vector Institute), Ross Anderson (University of Cambridge, University of Edinburgh), Nicolas Papernot (University of Toronto, Vector Institute)

• BadEncoder: Backdoor Attacks to Pre-trained Encoders in Self-Supervised Learning

Jinyuan Jia (Duke University, USA), Yupei Liu (Duke University, USA), Neil Zhenqiang Gong (Duke University, USA)

• Blacksmith: Compromising Target Row Refresh by Rowhammering in the Frequency Domain

Patrick Jattke (ETH Zurich), Victor van der Veen (Qualcomm Technologies Inc.), Pietro Frigo (Vrije Universiteit Amsterdam), Stijn Gunter (ETH Zurich), Kaveh Razavi (ETH Zurich)

• COBRA: Dynamic Proactive Secret Sharing for Confidential BFT Services

Robin Vassantlal (LASIGE, Faculdade de Ciencias, Universidade de Lisboa), Eduardo Alchieri (Universidade de Brasilia), Bernardo Ferreira (LASIGE, Faculdade de Ciencias, Universidade de Lisboa), Alysson Bessani (LASIGE, Faculdade de Ciencias, Universidade de Lisboa)

• Cats vs. Spectre: An Axiomatic Approach to Modeling Speculative Execution Attacks

Hernán Ponce de León (Bundeswehr University Munich), Johannes Kinder (Bundeswehr University Munich)

• CirC: Compiler infrastructure for proof systems, software verification, and more

Alex Ozdemir (Stanford University), Fraser Brown (Stanford University, Carnegie Mellon University), Riad Wahby (Stanford University, Carnegie Mellon University, and Algorand), Alex Ozdemir (Stanford University)

• Committed to Trust: A Qualitative Study on Security & Trust in Open Source Software Projects

Dominik Wermke (CISPA Helmholtz Center for Information Security), Noah Woehler (CISPA Helmholtz Center for Information Security), Jan H. Klemmer (Leibniz University Hannover), Marcel Fourné (Max Planck Institute for Security and Privacy), Yasemin Acar (George Washington University), Sascha Fahl (CISPA Helmholtz Center for Information Security, Leibniz University Hannover)

• Copy, Right? A Testing Framework for Copyright Protection of Deep Learning Models

Jialuo Chen (Zhejiang University), Jingyi Wang (Zhejiang University), Tinglan Peng (Zhejiang University), Youcheng Sun (Queen's University Belfast, UK), Peng Cheng (Zhejiang University), Shouling Ji (Zhejiang University), Xingjun Ma (Deakin University), Bo Li (University of Illinois Urbana-Champaign), Dawn Song (University of California, Berkeley)

• DEPCOMM: Graph Summarization on System Audit Logs for Attack Investigation

Zhiqiang Xu (Chinese Academy of Sciences, China), Pengcheng Fang (Case Western Reserve University, USA), Changlin Liu (Case Western Reserve University, USA), Xusheng Xiao (Case Western Reserve University, USA), Yu Wen (Chinese Academy of Sciences, China), Dan Meng (Chinese Academy of Sciences, China)

• DeepCASE: Semi-Supervised Contextual Analysis of Security Events

Thijs van Ede (University of Twente), Hojjat Aghakhani (University of California, Santa Barbara), Noah Spahn (University of California, Santa Barbara), Riccardo Bortolameotti (ReaQta), Marco Cova (VMware, Inc.), Andrea Continella (University of Twente), Maarten van Steen (University of Twente), Andreas Peter (University of Twente), Christopher Kruegel (University of California, Santa Barbara), Giovanni Vigna (University of California)

• DeepCoFFEA: Improved Flow Correlation Attacks on Tor via Metric Learning and Amplification

Se Eun Oh (Ewha Womans University), Taiji Yang (University of Minnesota), Nate Mathews (Rochester Institute of Technology), James K Holland (University of Minnesota), Mohammad Saidur Rahman (Rochester Institute of Technology), Nicholas Hopper (University of Minnesota), Matthew Wright (Rochester Institute of Technology)

• DeepSteal: Advanced Model Extractions Leveraging Efficient Weight Stealing in Memories

Adnan Siraj Rakin (Arizona State University), Md Hafizul Islam Chowdhuryy (University of Central Florida), Fan Yao (University of Central Florida), Deliang Fan (Arizona State University)

• Delay Wreaks Havoc on Your Smart Home: Delay-based Automation Interference Attacks

Haotian Chi (Temple University), Chenglong Fu (Temple University), Qiang Zeng (University of South Carolina, United States of America), Xiaojiang Du (Stevens Institute of Technology)

• Deployment of Source Address Validation by Network Operators: A Randomized Control Trial

Qasim Lone (Delft University of Technology), Alisa Frik (International Computer Science Institute / UC Berkeley), Matthew Luckie (University of Waikato), Maciej Korczynski (Grenoble INP), Michel van Eeten (Delft University of Technology), Carlos Ganan (Delft University of Technology)

• Device Fingerprinting with Peripheral Timestamps

John Monaco (Naval Postgraduate School, USA)

• Differential Privacy and Swapping: Examining De-Identification's Impact on Minority Representation and Privacy Preservation in the U.S. Census

Sarah Radway (Tufts University), Miranda Christ (Columbia University), Steven Bellovin (Columbia University)

• Differentially Private Histograms in the Shuffle Model from Fake Users

Albert Cheu (Georgetown University), Maxim Zhilyaev (MindStrong Inc.)

• Domains Do Change Their Spots: Quantifying Potential Abuse of Residual Trust

Johnny So (Stony Brook University, USA), Najmeh Miramirkhani (Stony Brook University, USA), Michael Ferdman (Stony Brook University, USA), Nick Nikiforakis (Stony Brook University, USA)

• Effective Seed Scheduling for Fuzzing with Graph Centrality Analysis

Dongdong She (Columbia University), Abhishek Shah (Columbia University), Suman Jana (Columbia University)

• Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices

Hadi Givehchian (UC San Diego), Nishant Bhaskar (UC San Diego), Eliana Rodriguez Herrera (UC San Diego), Hector Lopez Soto (UC San Diego), Christian Dameff (UC San Diego), Dinesh Bharadia (UC San Diego), Aaron Schulman (UC San Diego)

• Exploit the Last Straw That Breaks Android Systems

Lei Zhang (Fudan University, China), Keke Lian (Fudan University, China), Haoyu Xiao (Fudan University, China), Zhibo Zhang (Fudan University, China), Peng Liu (The Pennsylvania State University, United States of America), Yuan Zhang (Fudan University, China), Min Yang (Fudan University, China), Haixin Duan (Tsinghua University, China)

• Exposed Infrastructures: Discovery, Attacks and Remediation of Insecure ICS Remote Management Devices

Takayuki Sasaki (Yokohama National University), Akira Fujita (Yokohama National University/National Institute of Information and Communications Technology), Carlos Hernandez Ganan (TU Delft/Yokohama National University), Michel van Eeten (TU Delft/Yokohama National University), Katsunari Yoshioka (Yokohama National University), Tsutomu Matsumoto (Yokohama National University)

• FSAFlow: Lightweight and Fast Dynamic Path Tracking and Control for Privacy Protection on Android Using Hybrid Analysis with State-Reduction Strategy Zhi Yang (PLA Information Engineering University, Zhengzhou, China), Zhanhui Yuan (PLA Information Engineering University, Zhengzhou, China), Xingyuan Chen (PLA Information Engineering University, Zhengzhou, China), Shuyuan Jin (SUN YAT-SEN University, Guangzhou, China.), Lei Sun (PLA Information Engineering University, Zhengzhou, China), Xuehui Du (PLA Information Engineering University, Zhengzhou, China), Wenfa Li (Beijing Union University, Beijing, Chian)

• Finding SMM Privilege-Escalation Vulnerabilities in UEFI Firmware with Protocol-Centric Static Analysis

Jiawei Yin (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China), Wei Huo (Key Laboratory of Network Assessment Technology, Institute of Information Engineering, Chinese Academy of Sciences, China; School of CyberSpace Security at University of Chinese Academy of Sciences, China), Menghao Li (Institute of Information Engineering, Chinese Academy of Sciences), Wei Wu (Huawei Technologies), Dandan Sun (Key Laboratory of Network Assessment Technology, Institute of Information Engineering, Chinese Academy of Sciences, China), Jianhua Zhou (Key Laboratory of Network Assessment Technology, Institute of Information Engineering, Chinese Academy of Sciences, China), Jingling Xue (University of New South Wales)

• Finding and Exploiting CPU Features using MSR Templating

Andreas Kogler (Graz University of Technology), Daniel Weber (CISPA Helmholtz Center for Information Security), Martin Haubenwallner (Graz University of Technology), Moritz Lipp (Graz University of Technology), Daniel Gruss (Graz University of Technology), Michael Schwarz (CISPA Helmholtz Center for Information Security), Moritz Lipp (Amazon Web Services)

• Formal Model-Driven Discovery of Bluetooth Protocol Design Vulnerabilities

Jianliang Wu (Purdue University), Ruoyu Wu (Purdue University), Dongyan Xu (Purdue University), Dave (Jing) Tian (Purdue University), Antonio Bianchi (Purdue University)

• Foundations of Dynamic BFT

Sisi Duan (Tsinghua University), Haibin Zhang (independent)

• Four Attacks and a Proof for Telegram

Martin R. Albrecht (Royal Holloway, University of London, United Kingdom), Lenka Mareková (Royal Holloway, University of London, United Kingdom), Kenneth G. Paterson (ETH Zurich, Switzerland), Igors Stepanovs (ETH Zurich, Switzerland)

• FuzzUSB: Hybrid Stateful Fuzzing of USB Gadget Stacks

Kyungtae Kim (Purdue University), Taegyu Kim (Purdue University), Ertza Warraich (Purdue University), Byoungyoung Lee (Seoul National University), Kevin Butler (University of Florida), Antonio Bianchi (Purdue University), Dave (Jing) Tian (Purdue University)

• GREBE: Unveiling Exploitation Potential for Linux Kernel Bugs

Zhenpeng Lin (Pennsylvania State University), Yueqi Chen (Pennsylvania State University), Dongliang Mu (Huazhong University of Science and Technology), Chensheng Yu (George Washington University), Yuhang Wu (Pennsylvania State University), Xinyu Xing (Pennsylvania State University), Kang Li (Baidu Security)

• Goshawk: Hunting Memory Corruptions via Structure-Aware and Object-Centric Memory Operation Synopsis

Yunlong Lyu (University of Science and Technology of China), Yi Fang (Feiyu Security), Yiwei Zhang (Shanghai Jiao Tong University), Qibin Sun (University of Science and Technology of China), Siqi Ma (The University of New South Wales Canberra), Elisa Bertino (Purdue University), Kangjie Lu (University of Minnesota), Juanru Li (Shanghai Jiao Tong University)

• Graphics Peeping Unit: Exploiting EM Side-Channel Information of GPUs to Eavesdrop on Your Neighbors

Zihao Zhan (Vanderbilt University), Zhengkai Zhang (Clemson University), Sisheng Liang (Clemson University), Fan Yao (University of Central Florida), Xenofon Koutsoukos (Vanderbilt University)

• HAMRAZ: Resilient Partitioning and Replication

Xiao Li (University of California, Riverside, USA), Farzin Houshmand (University of California, Riverside, USA), Mohsen Lesani (University of California, Riverside, USA)

• HardLog: Practical Tamper-Proof System Auditing Using a Novel Audit Device

Adil Ahmad (Purdue), Sangho Lee (Microsoft Research), Marcus Peinado (Microsoft Research)

• Hardening Circuit-Design IP Against Reverse-Engineering Attacks

Animesh Chhotaray (University of Florida, USA), Thomas Shrimpton (University of Florida, USA)

• Hark: A Deep Learning System for Navigating Privacy Feedback at Scale

Hamza Harkous (Google Inc.), Sai Teja Peddinti (Google Inc.), Rishabh Khandelwal (University of Wisconsin - Madison), Animesh Srivastava‚Äé (Google Inc.), Nina Taft (Google Inc.)

• Heapster: Analyzing the Security of Dynamic Allocators for Monolithic Firmware Images

Fabio Gritti (University of California, Santa Barbara), Fabio Pagani (University of California, Santa Barbara), Ilya Grishchenko (University of California, Santa Barbara), Lukas Dresel (University of California, Santa Barbara), Nilo Redini (Qualcomm Inc.), Christopher Kruegel (University of California, Santa Barbara), Giovanni Vigna (University of California, Santa Barbara)

• How Does Usable Security (Not) End Up in Software Products? Results From a Qualitative Interview Study

Marco Gutfleisch (Ruhr University Bochum, Germany), Jan H. Klemmer (Leibniz University Hannover, Germany), Niklas Busch (Leibniz University Hannover, Germany), Yasemin Acar (Max Planck Institute for Security and Privacy, Germany), M. Angela Sasse (Ruhr University Bochum, Germany), Sascha Fahl (CISPA / Leibniz University Hannover, Germany)

• How Not to Protect Your IP - An Industry-Wide Break of IEEE 1735 Implementations

Julian Speith (Max Planck Institute for Security and Privacy), Florian Schweins (Ruhr-University Bochum), Maik Ender (Max Planck Institute for Security and Privacy), Marc Fyrbiak (Max Planck Institute for Security and Privacy), Alexander May (Ruhr-University Bochum), Christof Paar (Max Planck Institute for Security and Privacy)

• How to Attack and Generate Honeywords

Ding Wang (Nankai University), Yunkai Zou (Nankai University), Qiying Dong (Nankai University), Yuanming Song (Peking University), Xinyi Huang (Fujian Normal University)

• IRQDebloat: Reducing Driver Attack Surface in Embedded Devices

Zhenghao Hu (New York University), Brendan Dolan-Gavitt (NYU)

• IRShield: A Countermeasure Against Adversarial Physical-Layer Wireless Sensing

Paul Staat (Max Planck Institute for Security and Privacy), Simon Mulzer (Ruhr University Bochum), Stefan Roth (Ruhr University Bochum), Veelasha Moonsamy (Ruhr University Bochum), Markus Heinrichs (TH Köln – University of Applied Sciences, Cologne, Germany), Rainer Kronberger (TH Köln – University of Applied Sciences, Cologne, Germany), Aydin Sezgin (Ruhr University Bochum), Christof Paar (Max Planck Institute for Security and Privacy)

• Investigating Influencer VPN Ads on YouTube

Omer Akgul (University of Maryland), Richard Roberts (University of Maryland), Moses Namara (Clemson University), Dave Levin (University of Maryland), Michelle L. Mazurek (University of Maryland)

• Invisible Finger: Practical Electromagnetic Interference Attack on Touchscreen-based Electronic Devices

Haoqi Shan (University of Florida), Boyi Zhang (University of Florida), Zihao Zhan (University of Florida), Dean Sullivan (University of New Hampshire), Shuo Wang (University of Florida), Yier Jin (University of Florida)

• IronMask: Versatile Verification of Masking Security

Sonia Belaid (CryptoExperts), Darius Mercadier (CryptoExperts), Matthieu Rivain (CryptoExperts), Abdul Rahman Taleb (CryptoExperts)

• Jigsaw: Efficient and Scalable Path Constraints Fuzzing

Ju Chen (UC, Riverside), Jinghan Wang (UC, Riverside), Chengyu Song (UC, Riverside), Heng Yin (UC, Riverside)

• LinkTeller: Recovering Private Edges from Graph Neural Networks via Influence Analysis

Fan Wu (University of Illinois at Urbana-Champaign, USA), Yunhui Long (University of Illinois at Urbana-Champaign, USA), Ce Zhang (ETH Zurich, Switzerland), Bo Li (University of Illinois at Urbana-Champaign, USA)

• Locally Differentially Private Sparse Vector Aggregation

Mingxun Zhou (Carnegie Mellon University), Tianhao Wang (Carnegie Mellon University and University of Virginia), T-H. Hubert Chan (The University of Hong Kong), Giulia Fanti (Carnegie Mellon University), Elaine Shi (Carnegie Mellon University)

• Low-Bandwidth Threshold ECDSA via Pseudorandom Correlation Generators

Damiano Abram (Aarhus University), Ariel Nof (Technion), Claudio Orlandi (Aarhus University), Peter Scholl (Aarhus University), Omer Shlomovits (ZenGo X)

• MatRiCT+: More Efficient Post-Quantum Private Blockchain Payments

Muhammed F. Esgin (Monash University and CSIRO's Data61, Australia), Ron Steinfeld (Monash University, Australia), Raymond K. Zhao (Monash University, Australia)

• Measuring and Mitigating the Risk of IP Reuse on Public Clouds

Eric Pauley (Pennsylvania State University), Ryan Sheatsley (Pennsylvania State University), Blaine Hoak (Pennsylvania State University), Quinn Burke (Pennsylvania State University), Yohan Beugin (Pennsylvania State University), Patrick McDaniel (Pennsylvania State University)

• Membership inference attacks from first principles Nicholas Carlini (Google Brain), Steve Chien (Google Brain), Milad Nasr (UMASS), Shuang Song (Google Research, Brain), Andreas Terzis (Google, Inc.), Florian Tramer (Google Brain)

• MeshUp: Stateless Cache Side-channel Attack on CPU Mesh

Junpeng Wan (Fudan University), Yanxiang Bi (Fudan University), Zhe Zhou (Fudan University), Zhou Li (University of California, Irvine)

• Mind the Gap: Studying the Insecurity of Provably Secure Embedded Trusted Execution Architectures

Marton Bognar (KU Leuven), Jo Van Bulck (KU Leuven), Frank Piessens (KU Leuven)

• Mitigating Information Leakage Vulnerabilities with Type-based Data Isolation Alyssa Milburn (Vrije Universiteit Amsterdam, The Netherlands), Erik van der Kouwe (Vrije Universiteit Amsterdam, The Netherlands), Cristiano Giuffrida (Vrije Universiteit Amsterdam, The Netherlands)

• Model Orthogonalization: Class Distance Hardening in Neural Networks for Better Security

Guanhong Tao (Purdue University), Yingqi Liu (Purdue University), Guangyu Shen (Purdue University), Qiuling Xu (Purdue University), Shengwei An (Purdue University), Zhuo Zhang (Purdue University), Xiangyu Zhang (Purdue University)

• Model Stealing Attacks Against Inductive Graph Neural Networks

Yun Shen (Norton Research Group), Xinlei He (CISPA Helmholtz Center for Information Security), Yufei Han (Inria), Yang Zhang (CISPA Helmholtz Center for Information Security)

• Multi-Server Verifiable Computation of Low-Degree Polynomials

Liang Feng Zhang (ShanghaiTech University), Huaxiong Wang (Nanyang Technological University)

• Noise-SDR: Arbitrary Modulation of Electromagnetic Noise from Unprivileged Software and Its Impact on Emission Security

Giovanni Camurati (EURECOM, France), Aurélien Francillon (EURECOM, France)

• Noise: A Library of Verified High-Performance Secure Channel Protocol Implementations

Son Ho (INRIA), Jonathan Protzenko (Microsoft Research), Abhishek Bichhawat (IIT Gandhinagar), Karthikeyan Bhargavan (INRIA)

• PATA: Fuzzing with Path Aware Taint Analysis Jie Liang (Tsinghua University, China), Mingzhe Wang (Tsinghua University, China), Chijin Zhou (Tsinghua University, China), Zhiyong Wu (Tsinghua University, China), Yu Jiang (Tsinghua University, China), (Jianzhong Liu (Tsinghua University, China), Zhe Liu (Nanjing University of Aeronautics and Astronautics, China), Jiaguang Sun (Tsinghua University, China)

• PCR-Auth: Solving Authentication Puzzle Challenges with Encoded Palm Contact Responses

Long Huang (Louisiana State University), Chen Wang (Louisiana State University)

• PGPATCH: Policy-Guided Logic Bug Patching for Robotic Vehicles

Hyungsub Kim (Purdue University), Muslum Ozgur Ozmen (Purdue University), Z. Berkay Celik (Purdue University), Antonio Bianchi (Purdue University), Dongyan Xu (Purdue University)

• PICCOLO: Exposing Complex Backdoors in NLP Transformer Models

Yingqi Liu (Purdue Univ.), Guangyu Shen (Purdue University), Guanhong Tao (Purdue University), Shengwei An (Purdue University), Shiqing Ma (Rutgers University), Xiangyu Zhang (Purdue University)

• PROTRR: Principled yet Optimal In-DRAM Target Row Refresh

Michele Marazzi (ETH Zurich), Patrick Jattke (ETH Zurich), Flavien Solt (ETH Zurich), Kaveh Razavi (ETH Zurich)

• Peekaboo: A Hub-Based Approach to Enable Transparency in Data Processing within Smart Homes

Haojian Jin (Carnegie Mellon University), Gregory William Joseph Liu (Carnegie Mellon University), David Ethan Hwang (Carnegie Mellon University), Swarun Kumar (Carnegie Mellon University), Yuvraj Agarwal (Carnegie Mellon University), Jason Hong (Carnegie Mellon University)

• Phishing in Organizations: Findings from a Large-Scale and Long-Term Study

Daniele Lain (ETH Zurich), Kari Kostiainen (ETH Zurich), Srdjan Capkun (ETH Zurich)

• Practical Asynchronous Distributed Key Generation

Sourav Das (UIUC), Tom Yurek (UIUC), Zhuolun Xiang (UIUC), Andrew Miller (UIUC), Lefteris Kokoris-Kogias (IST Austria), Ling Ren (UIUC)

• Practical EMV Relay Protection

Andreea-Ina Radu (University of Birmingham, UK), Tom Chothia (University of Birmingham, UK), Christopher J.P. Newton (University of Surrey, UK), Ioana Boureanu (University of Surrey, UK), Liqun Chen (University of Surrey, UK)

• Privacy-from-Birth: Protecting Sensed Data from Malicious Sensors with VERSA

Ivan De Oliveira Nunes (Rochester Institute of Technology), Seoyeon Hwang (UC Irvine), Sashidhar Jakkamsetti (UC Irvine), Gene Tsudik (UC Irvine)

• Private Nearest Neighbor Search with Sublinear Communication and Malicious Security

Sacha Servan-Schreiber (Massachusetts Institute of Technology), Simon Langowski (Massachusetts Institute of Technology), Srinivas Devadas (Massachusetts Institute of Technology)

• ProVerif with Lemmas, Induction, Fast Subsumption, and Much More

Bruno Blanchet (Inria Paris), Vincent Cheval (Inria Paris), Véronique Cortier (Université de Lorraine, CNRS, Inria)

• Property Inference from Poisoning

Saeed Mahloujifar (Princeton), Esha Ghosh (Microsoft Research), Melissa Chase (Microsoft Research)

• Publicly Accountable Robust Multi-Party Computation

Marc Rivinius (University of Stuttgart), Pascal Reisert (University of Stuttgart), Daniel Rausch (University of Stuttgart), Ralf Küsters (University of Stuttgart)

• Quantifying Blockchain Extractable Value:How dark is the forest?

Kaihua Qin (Imperial College London), Liyi Zhou (Imperial College London), Arthur Gervais (Imperial College London)

• RT-TEE: Real-time System Availability for Cyber-physical Systems using ARM TrustZone

Jinwen Wang (Washington University in St. Louis), Ao Li (Washington University in St. Louis), Haoran Li (Washington University in St. Louis), Chenyang Lu (Washington University in St. Louis), Ning Zhang (Washington University in St. Louis)

• Reconstructing Training Data with Informed Adversaries

Borja Balle (DeepMind), Giovanni Cherubin (Alan Turing Institute), Jamie Hayes (DeepMind), Giovanni Cherubin (Alan Turing Institute)

• Repairing DoS Vulnerability of Real-World Regexes

Nariyoshi Chida (NTT Secure Platform Laboratories), Tachio Terauchi (Waseda University)

• Robbery on DevOps: Understanding and Mitigating Illicit Cryptomining on Continuous Integration Service Platforms

Zhi Li (School of Cyber Science and Engineering, Huazhong University of Science and Technology, China; School of Computer Science and Technology, Huazhong University of Science and Technology, China; National Engineering Research Center for Big Data Technology and Sytem, China; Cluster and Grid Computing Lab, China; Services Computing Technology and System Lab, China; Big Data Security Engineering Research Center, China), Weijie Liu (Indiana University Bloomington, USA), Hongbo Chen (Indiana University Bloomington, USA), XiaoFeng Wang (Indiana University Bloomington, USA), Xiaojing Liao (Indiana University Bloomington, USA), Luyi Xing (Indiana University Bloomington, USA), Mingming Zha (Indiana University Bloomington, USA), Hai Jin (School of Computer Science and Technology, Huazhong University of Science and Technology, China; National Engineering Research Center for Big Data Technology and Sytem, China; Cluster and Grid Computing Lab, China; Services Computing, Deqing Zou (School of Cyber Science and Engineering, Huazhong University of Science and Technology, China; National Engineering Research Center for Big Data Technology and Sytem, China; Cluster and Grid Computing Lab, China; Services Computing Technology and System Lab, China; Big Data Security Engineering Research Center, China Technology and System Lab, China; Big Data Security Engineering Research Center, China)

• SAILFISH: Vetting Smart Contract State-Inconsistency Bugs in Seconds

Priyanka Bose (University of California, Santa Barbara), Dipanjan Das (University of California, Santa Barbara), Yanju Chen (University of California, Santa Barbara), Yu Feng (University of California, Santa Barbara), Christopher Kruegel (University of California, Santa Barbara), Giovanni Vigna (UC Santa Barbara)

• SIRAJ: A Unified Framework for Aggregation of Malicious Entity Detectors

Saravanan Thirumuruganathan (QCRI), Mohamed Nabeel (QCRI), Euijin Choo (Qatar Computing Research Institute), Issa Khalil (Qatar Computing Research Institute (QCRI), HBKU), Ting Yu (Qatar Computing Research Institute)

• SMILE: Secure Memory Introspection for Live Enclave

Lei Zhou (Southern University of Science and Technology (SUSTech)), Xuhua Ding (Singapore Management University), Fengwei Zhang (Southern University of Science and Technology (SUSTech))

• SNARKBlock: Federated Anonymous Blocklisting from Hidden Common Input Aggregate Proofs

Michael Rosenberg (University of Maryland), Mary Maller (Ethereum Foundation), Ian Miers (University of Maryland)

• SPURT: Scalable Distributed Randomness Beacon with Transparent Setup

Sourav Das (UIUC), Vinith Krishnan (UIUC), Irene Isaac (UIUC), Ling Ren (UIUC)

• SYMBEXCEL: Automated Analysis and Understanding of Malicious Excel 4.0 Macros

Nicola Ruaro (UC Santa Barbara), Fabio Pagani (UC Santa Barbara), Stefano Ortolani (VMware), Christopher Kruegel (UC Santa Barbara), Giovanni Vigna (UC Santa Barbara)

• Sabre: Sender-Anonymous Messaging with Fast Audits

Adithya Vadapalli (Indiana University Bloomington), Kyle Storrier (University of Calgary), Ryan Henry (University of Calgary)

• Scraping Sticky Leftovers: App User Information Left on Servers After Account Deletion

Preethi Santhanam (Wichita State University), Hoang Dang (Wichita State University), Zhiyong Shan (Wichita State University), Iulian Neamtiu (New Jersey Institute of Technology)

• SecFloat: Accurate Floating-Point meets Secure 2-Party Computation

Deevashwer Rathee (UC Berkeley), Anwesh Bhattacharya (Microsoft Research India), Rahul Sharma (Microsoft Research India), Divya Gupta (Microsoft Research India), Nishanth Chandran (Microsoft Research India), Aseem Rastogi (Microsoft Research India)

• Security Analysis of the MLS Key Derivation

Chris Brzuska (Aalto University, Finland), Eric Cornelissen (Aalto University, Finland), Konrad Kohbrok (Aalto University, Finland)

• Security Foundations for Application-Based Covert Communication Channels

James K Howes IV (University of Florida), Marios Georgiou (Galois), Alex Malozemoff (Galois), Thomas Shrimpton (University of Florida)

• ShadeWatcher: Recommendation-guided Cyber Threat Analysis using System Audit Records

Jun Zeng (National University of Singapore), Xiang Wang (National University of Singapore), Jiahao Liu (National University of Singapore), Yinfang Chen (University of Illinois - Urbana Champaign), Zhenkai Liang (National University of Singapore), Tat-Seng Chua (National University of Singapore), Zheng Leong Chua (Independent Researcher)

• ShorTor: Improving Tor Network Latency via Multi-hop Overlay Routing

Kyle Hogan (MIT), Sacha Servan-Schreiber (MIT), Zachary Newman (MIT), Ben Weintraub (Northeastern University), Cristina Nita-Rotaru (Northeastern University), Srinivas Devadas (MIT)

• SoK: A Framework for Unifying At-Risk User Research

Noel Warford (University of Maryland), Tara Matthews (Google), Kaitlyn Yang (University of Maryland), Omer Akgul (University of Maryland), Sunny Consolvo (Google), Patrick Gage Kelley (Google), Nathan Malkin (University of Maryland), Michelle L. Mazurek (University of Maryland), Manya Sleeper (Google), Kurt Thomas (Google)

• SoK: Authentication in Augmented and Virtual Reality

Sophie Stephenson (University of Wisconsin--Madison), Bijeeta Pal (Cornell University), Stephen Fan (University of Wisconsin--Madison), Earlence Fernandes (UW Madison), Yuhang Zhao (University of Wisconsin-Madison), Rahul Chatterjee (University of Wisconsin--Madison)

• SoK: Demystifying Binary Lifters Through the Lens of Downstream Applications

Zhibo Liu (The Hong Kong University of Science and Technology), Yuanyuan Yuan (The Hong Kong University of Science and Technology), Shuai Wang (The Hong Kong University of Science and Technology), Yuyan Bao (University of Waterloo)

• SoK: How Robust is Image Classification Deep Neural Network Watermarking?

Nils Lukas (University of Waterloo), Edward Jiang (University of Waterloo), Xinda Li (University of Waterloo), Florian Kerschbaum (University of Waterloo)

• SoK: Practical Foundations for Software Spectre Defenses

Sunjay Cauligi (UC San Diego), Craig Disselkoen (UC San Diego), Daniel Moghimi (UC San Diego), Gilles Barthe (MPI-SP and IMDEA Software Institute), Deian Stefan (UC San Diego)

• SoK: Social Cybersecurity

Yuxi Wu (Georgia Institute of Technology), W. Keith Edwards (Georgia Institute of Technology), Sauvik Das (Georgia Institute of Technology)

• SoK: The Dual Nature of Technology in Sexual Assault

Borke Obada-Obieh (The University of British Columbia), Yue Huang (University of British Columbia), Lucrezia Spagnolo (Vesta Social Innovation Technologies), Konstantin (Kosta) Beznosov (University of British Columbia)

• SpecHammer: Combining Spectre and Rowhammer for New Speculative Attacks

Youssef Tobah (The University of Michigan), Andrew Kwong (University of Michigan), Ingab Kang (University of Michigan), Daniel Genkin (Georgia Institute of Technology), Kang G. Shin (The University of Michigan)

• Sphinx: Enabling Privacy-Preserving Online Learning over the Cloud

Han Tian (Hong Kong University of Science and Technology), Chaoliang Zeng (Hong Kong University of Science and Technology), Zhenghang Ren (Hong Kong University of Science and Technology), Di Chai (Hong Kong University of Science and Technology), Junxue ZHANG (Hong Kong University of Science and Technology), Kai Chen (Hong Kong University of Science and Technology), Qiang Yang (Hong Kong University of Science and Technology)

• Spinning Language Models: Risks of Propaganda-as-a-Service and Countermeasures

Eugene Bagdasaryan (Cornell Tech), Vitaly Shmatikov (Cornell Tech)

• Spiral: Fast, High-Rate Single-Server PIR via FHE Composition

Samir Jordan Menon (None), David J. Wu (UT Austin)

• Spook.js: Attacking Chrome Strict Site Isolation via Speculative Execution

Ayush Agarwal (University of Michigan, USA), Sioli O’Connell (University of Adelaide, Australia), Jason Kim (Georgia Institute of Technology, USA), Shaked Yehezkel (Tel Aviv University, Israel), Daniel Genkin (Georgia Institute of Technology, USA), Eyal Ronen (Tel Aviv University, Israel), Yuval Yarom (University of Adelaide, Australia)

• Statistical Quantification of Differential Privacy: A Local Approach

Önder Askin (Ruhr-University Bochum), Tim Kutta (Ruhr-University Bochum), Holger Dette (Ruhr-University Bochum)

• Surakav: Generating Realistic Traces for a Strong Website Fingerprinting Defense

Jiajun GONG (The Hong Kong University of Science and Technology), Wuqi Zhang (The Hong Kong University of Science and Technology), Charles Zhang (The Hong Kong University of Science and Technology), Tao Wang (Simon Fraser University)

• SwarmFlawFinder: Discovering and Exploiting Logic Flaws of Swarm Algorithms

Chijung Jung (University of Virginia), Ali Ahad (University of Virginia), Yuseok Jeon (UNIST), Yonghwi Kwon (University of Virginia)

• TASHAROK: Using Mechanism Design for Enhancing Security Resource Allocation in Interdependent Systems

Mustafa Abdallah (Purdue University), Daniel Woods (University of Innsbruck), Parinaz Naghizadeh (Ohio State University), Issa Khalil (Qatar Computing Research Institute (QCRI), HBKU), Timothy Cason (Purdue University), Shreyas Sundaram (Purdue University), Saurabh Bagchi (Purdue University)

• TROLLMAGNIFIER: Detecting State-Sponsored Troll Accounts on Reddit?

Mohammad Hammas Saeed (Boston University), Shiza Ali (Boston University), Jeremy Blackburn (Binghamton University), Emiliano De Cristofaro (University College London), Savvas Zannettou (TU Delft), Gianluca Stringhini (Boston University)

• The State of the SameSite: Studying the Usage, Effectiveness, and Adequacy of SameSite Cookies

Soheil Khodayari (CISPA Helmholtz Center for Information Security, Germany), Giancarlo Pellegrino (CISPA Helmholtz Center for Information Security, Germany)

• Time-Print: Authenticating USB Flash Drives with Novel Timing Fingerprints

Patrick Cronin (University of Delaware), Xing Gao (University of Delaware), Haining Wang (Virginia Tech), Chase Cotton (University of Delaware)

• Timing-Based Browsing Privacy Vulnerabilities Via Site Isolation

Zihao Jin (Microsoft Research Asia and Tsinghua University, China), Ziqiao Kong (Microsoft Research Asia, China), Shuo Chen (Microsoft Research Asia), Haixin Duan (Tsinghua University, China)

• Towards Automated Auditing for Account and Session Management Flaws in Single Sign-On Deployments

Mohammad Ghasemisharif (University of Illinois at Chicago), Chris Kanich (University of Illinois at Chicago), Jason Polakis (University of Illinois at Chicago)

• Transcending TRANSCEND: Revisiting Malware Classification in the Presence of Concept Drift

Federico Barbero (King's College London & University of Cambridge), Feargus Pendlebury (ICSI & King's College London & Royal Holloway, University of London), Fabio Pierazzi (King's College London), Lorenzo Cavallaro (University College London)

• Transfer Attacks Revisited: A Large-Scale Empirical Study in Real Computer Vision Settings

Yuhao Mao (Zhejiang University), Saizhuo Wang (Zhejiang University), Shouling Ji (Zhejiang University), Xuhong Zhang (Zhejiang University), Zhenguang Liu (Zhejiang Gongshang University), Jun Zhou (Ant Financial Services Group), Raheem Beyah (Georgia Institute of Technology), Ting Wang (Penn State)

• Universal 3-Dimensional Perturbations for Black-Box Attacks on Video Recognition Systems

Shangyu Xie (Illinois Institute of Technology, USA), Han Wang (Illinois Institute of Technology, USA), Yu Kong (Rochester Institute of Technology, USA), Yuan Hong (Illinois Institute of Technology, USA)

• Universal Atomic Swaps: Secure Exchange of Coins Across All Blockchains

Sri AravindaKrishnan Thyagarajan (Friedrich Alexander University of Erlangen-Nürnberg), Giulio Malavolta (Max Planck Institute for Security and Privacy), Pedro Moreno-Sanchez (IMDEA Software Institute)

• Using Throughput-Centric Byzantine Broadcast to Tolerate Malicious Majority in Blockchains

Ruomu Hou (National University of Singapore), Haifeng Yu (National University of Singapore), Prateek Saxena (National University of Singapore)

• WIGHT: Wired Ghost Touch Attack on Capacitive Touchscreens

Yan Jiang (Zhejiang University), Xiaoyu Ji (Zhejiang University), Kai Wang (Zhejiang University), Chen Yan (Zhejiang University), Richard Mitev (Technische University of Darmstadt), Ahmad-Reza Sadeghi (Technical University of Darmstadt), Wenyuan Xu (Zhejiang University)

• Waldo: A Private Time-Series Database from Function Secret-Sharing

Emma Dauterman (UC Berkeley), Mayank Rathee (UC Berkeley), Raluca Popa (UC Berkeley), Ion Stoica (UC Berkeley)

• Why Crypto-detectors Fail: A Systematic Evaluation of Cryptographic Misuse Detection Techniques

Amit Seal Ami (William & Mary), Nathan Cooper (William & Mary), Kaushal Kafle (William & Mary), Kevin Moran (George Mason University), Denys Poshyvanyk (William & Mary), Adwait Nadkarni (William & Mary)

• Wobfuscator: Obfuscating JavaScript Malware via Opportunistic Translation to WebAssembly

Alan Romano (University at Buffalo, SUNY), Daniel Lehmann (University of Stuttgart), Michael Pradel (University of Stuttgart), Weihang Wang (University at Buffalo, SUNY)

• WtaGraph: Web Tracking and Advertising Detection using Graph Neural Networks

Zhiju Yang (Colorado School of Mines), Weiping Pei (Colorado School of Mines), Monchu Chen (Appen), Chuan Yue (Colorado School of Mines)

• ZeeStar: Private Smart Contracts by Homomorphic Encryption and Zero-knowledge Proofs

Samuel Steffen (ETH Zurich), Benjamin Bichsel (ETH Zurich), Roger Baumgartner (ETH Zurich), Martin Vechev (ETH Zurich)

• mmSpy: Spying Phone Calls using mmWave Radars

Suryoday Basak (Penn State University), Mahanth Gowda (Penn State University)

• vSGX: Virtualizing SGX Enclaves on AMD SEV

Shixuan Zhao (The Ohio State University), Mengyuan Li (The Ohio State University), Yinqian Zhang (Southern University of Science and Technology), Zhiqiang Lin (Ohio State University)

论文下载：https://www.computer.org/csdl/proceedings/sp/2022/1FlQurJZBuw

论文演讲视频：https://www.youtube.com/watch?v=_eg0ieS947A&list=PL0pRF4xvoD0nGAZ7Fwi2CZ6sDE5dW49B0