| Mining for the Minimum Number of Roles from Hard Inputs |
Puneet Gill (University of Waterloo), Mahesh Tripunitara (University of Waterloo). |
| From See to Shield: ML-Assisted Fine-Grained Access Control for Visual Data |
Mete Harun Akcay (Nokia Bell Labs & Åbo University), Buse Gul Atli (Linköping University & Nokia Bell Labs), Siddharth Prakash Rao (Nokia Bell Labs), Alexandros Bakas (Nokia Bell Labs). |
| Active Learning of Negative Relationship-Based Authorizations |
Ferhat Demirkiran (University at Albany), Amir Masoumzadeh (University at Albany - SUNY). |
| Towards Securing Access Control in 5G and Beyond with Zero Trust |
Sudip Maitra (Virginia Tech), Kenechukwu Nwodo (Virginia Tech), Tolga Atalay (A2 Labs), Angelos Stavrou (Virginia Tech, A2 Labs), Haining Wang (Virginia Tech). |
| Explainability-Driven Image Anonymization in Latent Space (EDIALS) |
Younas Khan (University of Rovira i Virgili), Anna Monreale (University of Pisa), Carlo Metta (University of Pisa), David Sanchez (University of Rovira i Virgili), Josep Domingo-Ferrer (University of Rovira i Virgili). |
| Secure Sparse Matrix Multiplications and Their Applications to Privacy-Preserving Machine Learning |
Marc Damie (University of Twente), Florian Hahn (University of Twente), Andreas Peter (Carl von Ossietzky Universität Oldenburg), Jan Ramon (Inria). |
| Hidden Elo: Private Matchmaking through Encrypted Rating Systems |
Mindaugas Budzys (Tampere University), Bin Liu (Tampere University), Antonis Michalas (Tampere University). |
| MoE-T: Dependency Graph-Gated Mixture of Experts for Tabular Generation with Functional Dependency |
Mary Dhooghe (University of Texas at Dallas), Murat Kantarcioglu (Virginia Tech), Bhavani Thuraisingham (University of Texas at Dallas). |
| VRSafe: A Secure Virtual Keyboard to Mitigate Keystroke Inference in Virtual Reality |
Yijun Yuan (University of Pittsburgh), Na Du (University of Pittsburgh), Adam J. Lee (University of Pittsburgh), Balaji Palanisamy (University of Pittsburgh). |
| Demystifying LLM API Misuses: A Lifecycle-Based Empirical Study on Real-world Android Apps |
Jinghang Wen (City University of Hong Kong), Qingchuan Zhao (City University of Hong Kong). |
| Infrastructure as Compromise: Abusing Residual Trust in Infrastructure as Code Tools |
Ruining Yang (Stony Brook University), Narong Chaiwut (Stony Brook University), Nick Nikiforakis (Stony Brook University). |
| VSMEx: A Collection Tool and a Dataset of Malicious VS Code Extensions |
Kotaiba Alachkar (TU Delft), Dirk Gaastra (Independent Researcher), Olga Gadyatskaya (Leiden University), Eduardo Barbaro (TU Delft), Michel Van Eeten (TU Delft), Yury Zhauniarovich (TU Delft). |
| Measuring the Robustness of Audio Deepfake Detection under Real-World Corruption |
Xiang Li (Fordham University), Pin-Yu Chen (IBM Research), Wenqi Wei (Fordham University). |
| An Evolutionary Black-Box Framework for Adversarial Prompt Generation in Large Language Models |
Qiyang Sun (University of Southampton), Erisa Karafili (University of Southampton). |
| SecRL-Prune: Structured Reinforcement Learning–Based Pruning of CodeLLMs for Preserving Adversarial Code Mutation |
Parsa Memarzadehsaghezi (Ontario Tech University), Pooria Madani (Ontario Tech University), Khalil El-Khatib (Ontario Tech University). |
| Optimus: A Robust Defense Framework for Mitigating Toxicity while Fine-Tuning Conversational AI |
Aravind Cheruvu (Virginia Tech), Shravya Kanchi (Virginia Tech), Sifat Muhammad Abdullah (Virginia Tech), Nicholas Ka-Shing Kong (Virginia Tech), Daphne Yao (Virginia Tech), Murtuza Jadliwala (The University of Texas at San Antonio), Bimal Viswanath (Virginia Tech). |
| A Reality Check on SBOM-based Vulnerability Management: An Empirical Study and A Path Forward |
Li Zhou (KAUST), Marc Dacier (KAUST), Charalambos Konstantinou (KAUST). |
| Local Privacy Laws in a Globalized World |
Shantanu Sharma (New Jersey Institute of Technology), Ethan Myers (Colorado State University), Lorenzo De Carli (University of Calgary), Ritwik Banerjee (Stony Brooks University), Indrakshi Ray (Colorado State University). |
| Practical Type Inference: High-Throughput Recovery of Real-World Structures and Function Signatures |
Lukas Seidel (Binarly, Inc. & TU Berlin), Sam Thomas (Binarly, Inc.), Konrad Rieck (TU Berlin & BIFOLD). |
| Leaky Apps: Targeted Deanonymization on Mobile Phones |
Robert Blacha (New Jersey Institute of Technology), Yossi Oren (Ben-Gurion University of the Negev), Reza Curtmola (New Jersey Institute of Technology). |
| Post-Processing for Utility Improvement under Personalized Local Differential Privacy |
Cagdas Parlak (Boğaziçi University), Dicle Ceylan (Yıldız Technical University), Berkay Kemal Balioglu (Koç University), Alireza Khodaie (Koç University), Emre Gursoy (Koç University). |
| How Practitioners Assess Software System Security |
Arina Kudriavtseva (Leiden University), Olga Gadyatskaya (Leiden University). |
| Does Anonymity Love the Chat Groups? |
Marc Roßberger (University of Regensburg), Dogan Kesdogan (University of Regensburg). |
| BinType: Type based Indirect Call Target Refinement on Binary Programs |
Sun Hyoung Kim (Rebellions Inc), Dongrui Zeng (Palo Alto Networks, Inc.), Monika Santra (The Pennsylvania State University), Gang Tan (The Pennsylvania State University). |
| Security Barriers to Trustworthy AI-Driven Cyber Threat Intelligence in Finance: Evidence from Practitioners |
Emir Karaosman (University of Liechtenstein), Advije Rizvani (University of Liechtenstein), Irdin Pekaric (University of Liechtenstein). |
| A Modular HRL Agent for Automated Pentesting with Specialized Policies: A Maritime Use Case |
Marc-Antoine Faillon (Polytechnique Montreal), Julien Francq (Naval Group, Naval Cyber Laboratory, 199 Av. Pierre-Gilles de Gennes, 83190 Ollioules France), Nora Boulahia-Cuppens (Polytechnique Montreal), Frédéric Cuppens (Polytechnique Montreal), Reda Yaich (IRT SystemX). |
| KnitFuzz: LLM-guided Kernel Fuzzing via Context-Sensitive Socket System Calls |
Siwei Zhang (Syracuse University), Endadul Hoque (Syracuse University). |
| AUTOMal: An LLM-Based Automated Feature Engineering Framework for Efficient Malware Detection at the Edge |
Nguyen Khanh Son (University of Insubria), Christian Rondanini (University of Insubria), Barbara Carminati (University of Insubria), Elena Ferrari (University of Insubria). |
| Formal Verification of Peer-Assisted FIDO2 Passkey Recovery Protocol with Tamarin |
Murat Sekmen (Istanbul Technical University), Kemal Bicakci (Istanbul Technical University). |
| DeCerts: Secure and Fine-grained CDN Delegation |
Ethan Thompson (Carleton University), Ali Sadeghi Jahromi (Carleton University), AbdelRahman Abdou (Carleton University). |
| A Comparative Analysis of Third-Party Script Behaviour in Consent-Based and Implicit Web Tracking |
Chongwen Ma (University of Nottingham Ningbo China), Yuan Cheng (University of Nottingham Ningbo China). |