Annual Computer Security Applications Conference(ACSAC)会议关注计算机应用安全领域的研究工作,与DSN, ESORICS和RAID并称为网络与信息安全领域的“四小安全顶级会议”(简称四小),代表着国际网络与信息安全学术研究的最高水平。ACSAC 2021年共收到论文326篇(2020:300, 2019:266, 2018:299),录取80篇(2020:70, 2019:60, 2018:60),录用率为24.5%(2020:23.33%, 2019:22.56%, 2018:20.1%),所有录用论文标题如下:
Technical Papers 1A: Machine Learning Security 1
- Stealing Machine Learning Models: Attacks and Countermeasures for Generative Adversarial Networks
Hailong Hu; Jun Pang
- The Many-faced God: Attacking Face Verification System with Embedding and Image Recovery
Mingtian Tan; Zhe Zhou; Zhou Li
- Two Souls in an Adversarial Image: Towards Universal Adversarial Example Detection using Multi-view Inconsistency
Sohaib Kiani; Sana Awan; Chao Lan; Fengjun Li; Bo Luo
- Efficient, Private and Robust Federated Learning
Meng Hao; Hongwei Li; Guowen Xu; Hanxiao Chen; Tianwei Zhang
- Morphence: Moving Target Defense Against Adversarial Examples
Abderrahmen Amich; Birhanu Eshete
Technical Papers 1A: Machine Learning Security 1
- Stealing Machine Learning Models: Attacks and Countermeasures for Generative Adversarial Networks
Hailong Hu; Jun Pang
- The Many-faced God: Attacking Face Verification System with Embedding and Image Recovery
Mingtian Tan; Zhe Zhou; Zhou Li
- Two Souls in an Adversarial Image: Towards Universal Adversarial Example Detection using Multi-view Inconsistency
Sohaib Kiani; Sana Awan; Chao Lan; Fengjun Li; Bo Luo
- Efficient, Private and Robust Federated Learning
Meng Hao; Hongwei Li; Guowen Xu; Hanxiao Chen; Tianwei Zhang
- Morphence: Moving Target Defense Against Adversarial Examples
Abderrahmen Amich; Birhanu Eshete
Technical Papers 5A: Machine Learning Security 2
- Eluding ML-based Adblockers With Actionable Adversarial Examples
Shitong Zhu; Zhongjie Wang; Xun Chen; Shasha Li; Keyu Man; Umar Iqbal; Zhiyun Qian; Kevin Chan; Srikanth Krishnamurthy; Zubair Shafiq
- BadNL: Backdoor Attacks against NLP models with Semantic-preserving Improvements
Xiaoyi Chen; Ahmed Salem; Dingfan Chen; Michael Backes; Shiqing Ma; Qingni Shen; Zhonghai Wu; Yang Zhang
- MISA: Online Defense of Trojaned Models using Misattributions
Panagiota Kiourti; Wenchao Li; Karan Sikka; Anirban Roy; Susmit Jha
- Detecting Audio Adversarial Examples with Logit Noising
Namgyu Park; Sangwoo Ji; Jong Kim
- Can We Leverage Predictive Uncertainty to Detect Dataset Shift and Adversarial Examples in Android Malware Detection?
Deqiang Li; Tian Qiu; Shuo Chen; Qianmu Li; Shouhuai Xu
Technical Papers 2A: Software Security 1
- Program Obfuscation via ABI Debiasing
David Demicco; Rukayat Erinfolami; Aravind Prakash
- A Look Back on a Function Identification Problem
Hyungjoon Koo; Soyeon Park; Taesoo Kim
- SoftMark: Software Watermarking via a Binary Function Relocation
Honggoo Kang; Yonghwi Kwon; Sangjin Lee; Hyungjoon Koo
- Dynamic Taint Analysis versus Obfuscated Self-Checking
Sebastian Banescu; Samuel Valenzuela; Marius Guggenmos; Mohsen Ahmadvand; Alexander Pretschner
- Dicos: Discovering Insecure Code Snippets from Stack Overflow Posts by Leveraging User Discussions
Hyunji Hong; Seunghoon Woo; Heejo Lee
Technical Papers 7A: Software Security 2
- RUPAIR: Towards Automatic Buffer Overflow Detection and Rectification for Rust
Baojian Hua; Wanrong Ouyang; Chengman Jiang; Qiliang Fan; Zhizhong Pan
- Keeping Safe Rust Safe with Galeed
Elijah Rivera; Samuel Mergendahl; Howard Shrobe; Hamed Okhravi; Nathan Burow
- DistAppGaurd: Distributed Application Behaviour Profiling in Cloud-Based Environment
mohammadmahdi ghorbani; Fereydoun Farrahi Moghaddam; Mengyuan Zhang; Makan Pourzandi; Kim Khoa Nguyen; Mohamed Cheriet
- ICS3Fuzzer: A Framework for Discovering Protocol Implementation Bugs in ICS Supervisory Software by Fuzzing
Dongliang Fang; Zhanwei Song; Le Guan; Puzhuo Liu; Anni Peng; Kai Cheng; Yaowen Zheng; Peng Liu; Hongsong Zhu; Limin Sun
- argXtract: Deriving IoT Security Configurations via Automated Static Analysis of Stripped ARM Cortex-M Binaries
Pallavi Sivakumaran; Jorge Blasco
Technical Papers 2B: Privacy and Anonymity
- ARID: Anonymous Remote IDentification of Unmanned Aerial Vehicles
Pietro Tedeschi; Savio Sciancalepore; Roberto Di Pietro
- Sipster: Settling IOU Privately and Quickly with Smart Meters
Sherman S. M. Chow; Ming Li; Yongjun Zhao; Wenqiang Jin
- TEEKAP: Self-Expiring Data Capsule using Trusted Execution Environment
Mingyuan Gao; Hung Dang; Ee-Chien Chang
- BAPM: Block Attention Profiling Model for Multi-tab Website Fingerprinting Attacks on Tor
Zhong Guan; Gang Xiong; Gaopeng Gou; Zhen Li; Mingxin Cui; Chang Liu
- Try before You Buy: Privacy-preserving Data Evaluation on Cloud-based Machine Learning Data Marketplace
Qiyang Song; Jiahao Cao; Kun Sun; Qi Li; Ke Xu
Technical Papers 3A: Distributed systems
- VIA: Analyzing Device Interfaces of Protected Virtual Machines
Felicitas Hetzelt; Martin Radev; Robert Buhren; Mathias Morbitzer; Jean-Pierre Seifert
- Rocky: Replicating Block Devices for Tamper and Failure Resistant Edge-based Virtualized Desktop Infrastructure
Beom Heyn Kim; Hyoungshick Kim
- On Detecting Growing-Up Behaviors of Malicious Accounts in Privacy-Centric Mobile Social Networks
Zijie Yang; Binghui Wang; Haoran Li; Dong Yuan; Zhuotao Liu; Neil Gong; Chang Liu; Qi Li; Xiao Liang; Shaofeng Hu
- ReCFA: Resilient Control-Flow Attestation
Yumei Zhang; Xinzhi Liu; Cong Sun; Dongrui Zeng; Gang Tan; Xiao Kan; Siqi Ma
- Practical Attestation for Edge Devices Running Compute Heavy Machine Learning Applications
Ismi Abidi; Vireshwar Kumar; Rijurekha Sen
Technical Papers 3B: Usability and Human-Centric Aspects of Security
- Is Visualization Enough? Evaluating the Efficacy of MUD-Visualizer in Enabling Ease of Deployment for Manufacturer Usage Description (MUD)
Vafa Andalibi; Jayati Dev; DongInn Kim; Eliot Lear; L. Jean Camp
- A Cross-role and Bi-national Analysis on Security Efforts and Constraints of Software Development Projects
Fumihiro Kanei; Ayako Akiyama Hasegawa; Eitaro Shioji; Mitsuaki Akiyama
- An Efficient Man-Machine Recognition Method Based On Mouse Trajectory Feature De-redundancy
Xiaofeng Lu; Zhenhan Feng; Jupeng Xia
- OPay: an Orientation-based Contactless Payment Solution Against Passive Attacks
Mahshid Mehr Nezhd; Feng Hao
- What’s in a Cyber Threat Intelligence sharing platform? A mixed-methods user experience investigation of MISP
Borce Stojkovski; Gabriele LENZINI; Vincent KOENIG; Salvador RIVAS
Technical Papers 4A: CPS and IoT
- They See Me Rollin': Inherent Vulnerability of the Rolling Shutter in CMOS Image Sensors
Sebastian Köhler; Giulio Lovisotto; Simon Birnbach; Richard Baker; Ivan Martinovic
- Evaluating the Effectiveness of Protection Jamming Devices in Mitigating Smart Speaker Eavesdropping Attacks Using Gaussian White Noise
Payton Walker; Nitesh Saxena
- S2-CAN: Sufficiently Secure Controller Area Network
Mert D. Pesé; Jay W. Schauer; Junhui Li; Kang G. Shin
- Crypto-Chain: A Relay Resilience Framework for Smart Vehicles
Abubakar Sadiq Sani; Dong Yuan; Elisa Bertino; Zhao Yang Dong
- Advanced System Resiliency Based on Virtualization Techniques for IoT Devices
Jonas Röckl; Mykolai Protsenko; Monika Huber; Tilo Müller; Felix C. Freiling
Technical Papers 4A: CPS and IoT
- They See Me Rollin': Inherent Vulnerability of the Rolling Shutter in CMOS Image Sensors
Sebastian Köhler; Giulio Lovisotto; Simon Birnbach; Richard Baker; Ivan Martinovic
- Evaluating the Effectiveness of Protection Jamming Devices in Mitigating Smart Speaker Eavesdropping Attacks Using Gaussian White Noise
Payton Walker; Nitesh Saxena
- S2-CAN: Sufficiently Secure Controller Area Network
Mert D. Pesé; Jay W. Schauer; Junhui Li; Kang G. Shin
- Crypto-Chain: A Relay Resilience Framework for Smart Vehicles
Abubakar Sadiq Sani; Dong Yuan; Elisa Bertino; Zhao Yang Dong
- Advanced System Resiliency Based on Virtualization Techniques for IoT Devices
Jonas Röckl; Mykolai Protsenko; Monika Huber; Tilo Müller; Felix C. Freiling
Technical Papers 5B: Hardware and Architecture
- TLB Poisoning Attacks on AMD Secure Encrypted Virtualization
Mengyuan Li; Yinqian Zhang; Huibo Wang; Kang Li; Yueqiang Cheng
- Reinhardt: Real-time Reconfigurable Hardware Architecture for Regular Expression Matching in DPI
Taejune Park; Jaehyun Nam; Seung Ho Na; Jaewoong Chung; Seungwon Shin
- Understanding the Threats of Trojaned Quantized Neural Network in Model Supply Chains
Xudong Pan; Mi Zhang; Yifan Yan; Min Yang
- FlexFilt: Towards Flexible Instruction Filtering for Security
Leila Delshadtehrani; Sadullah Canakci; William Blair; Manuel Egele; Ajay Joshi
- RingRAM: A Unified Hardware Security Primitive for IoT Devices that Gets Better with Age
Michael Moukarzel; Matthew Hicks
Technical Papers 6A: Malware and Novel Attacks
- SODA: A System for Cyber Deception Orchestration and Automation
Md Sajidul Islam Sajid; Jinpeng Wei; Basel Abdeen; Ehab Al-Shaer; Md Mazharul Islam; Walter Diong; Latifur Khan
- Reproducible and Adaptable Log Data Generation for Sound Cybersecurity Experiments
Rafael Uetz; Christian Hemminghaus; Louis Hackländer; Philipp Schlipper; Martin Henze
- Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification
Duy-Phuc Pham; Damien Marion; Matthieu Mastio; Annelie Heuser
- CommanderGabble: A Universal Attack Against ASR Systems Leveraging Fast Speech
Zhaohe (John) Zhang; Edwin Yang; Song Fang
- Physical Logic Bombs in 3D Printers via Emerging 4D Techniques
Tuan Le; Sriharsha Etigowni; Sizhuang Liang; Xirui Peng; Jerry Qi; Mehdi Javanmard; Saman Zonouz; Raheem Beyah
Technical Papers 6A: Malware and Novel Attacks
- SODA: A System for Cyber Deception Orchestration and Automation
Md Sajidul Islam Sajid; Jinpeng Wei; Basel Abdeen; Ehab Al-Shaer; Md Mazharul Islam; Walter Diong; Latifur Khan
- Reproducible and Adaptable Log Data Generation for Sound Cybersecurity Experiments
Rafael Uetz; Christian Hemminghaus; Louis Hackländer; Philipp Schlipper; Martin Henze
- Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification
Duy-Phuc Pham; Damien Marion; Matthieu Mastio; Annelie Heuser
- CommanderGabble: A Universal Attack Against ASR Systems Leveraging Fast Speech
Zhaohe (John) Zhang; Edwin Yang; Song Fang
- Physical Logic Bombs in 3D Printers via Emerging 4D Techniques
Tuan Le; Sriharsha Etigowni; Sizhuang Liang; Xirui Peng; Jerry Qi; Mehdi Javanmard; Saman Zonouz; Raheem Beyah
Technical Papers 7B: Wireless Security
- On Key Reinstallation Attacks over 4G LTE Network: Feasibility and Negative Impact
Muhammad Taqi Raza; Yunqi Guo; Songwu Lu; Fatima Muhammad Anwar
- Security of Multicarrier Time-of-Flight Ranging
Patrick Leu; Martin Kotuliak; Marc Roeschlin; Srdjan Capkun
- Don’t hand it Over: Vulnerabilities in the Handover Procedure of Cellular Telecommunications
Evangelos Bitsikas; Christina Pöpper
- Time to Rethink the Design of Qi Standard? Security and Privacy Vulnerability Analysis of Qi Wireless Charging
Yi Wu; Zhuohang Li; Nicholas Van Nostrand; Jian Liu
- Detecting and Characterizing SMS Spearphising Attacks
Mingxuan Liu; Yiming Zhang; Baojun Liu; Zhou Li; Haixin Duan; Donghong Sun
Technical Papers 8A: Mobile and Smart Apps
- Characterizing Improper Input Validation Vulnerabilities of Mobile Crowdsourcing Services
Sojhal Ismail Khan; Dominika C Woszczyk; Chengzeng You; Soteris Demetriou; Muhammad Naveed
- Towards Stalkerware Detection with Precise Warnings
Yufei Han; Kevin Alejandro Roundy; Acar Tamersoy
- Repack Me If You Can: An Anti-Repackaging Solution based on Android Virtualization
Antonio Ruggia; Eleonora Losiouk; Luca Verderame; Mauro Conti; Alessio Merlo
- Westworld: Fuzzing-Assisted Remote Dynamic Symbolic Execution of Smart Apps on IoT Cloud Platforms
Lannan Luo; Qiang Zeng; Bokai Yang; Fei Zuo; Junzhe Wang
- The Emperor's New Autofill Framework: A Security Analysis of Autofill on iOS and Android
Sean Oesch; Anuj Gautam; Scott Ruoti
Technical Papers 8A: Mobile and Smart Apps
- Characterizing Improper Input Validation Vulnerabilities of Mobile Crowdsourcing Services
Sojhal Ismail Khan; Dominika C Woszczyk; Chengzeng You; Soteris Demetriou; Muhammad Naveed
- Towards Stalkerware Detection with Precise Warnings
Yufei Han; Kevin Alejandro Roundy; Acar Tamersoy
- Repack Me If You Can: An Anti-Repackaging Solution based on Android Virtualization
Antonio Ruggia; Eleonora Losiouk; Luca Verderame; Mauro Conti; Alessio Merlo
- Westworld: Fuzzing-Assisted Remote Dynamic Symbolic Execution of Smart Apps on IoT Cloud Platforms
Lannan Luo; Qiang Zeng; Bokai Yang; Fei Zuo; Junzhe Wang
- The Emperor's New Autofill Framework: A Security Analysis of Autofill on iOS and Android
Sean Oesch; Anuj Gautam; Scott Ruoti