ACM ASIACCS 2026 | 1-5 June Bangalore

Cycle 1 Papers

Efficiency Improvements for Signal’s Handshake Protocol

    Barbara Jiabao Benedikt, Sebastian Clermont, Marc Fischlin, Tobias Schmalz (Technische Universität Darmstadt)

BarkBeetle: Stealing Decision Tree Models with Fault Injection

    Qifan Wang (Durham University); Jonas Sander (University of Luebeck); Minmin Jiang (Queen’s University Belfast); Thomas Eisenbarth (University of Luebeck); David Oswald (Durham University)

Kitten or Panda? Measuring the Specificity of Threat Group Behaviors in Public CTI Knowledge Bases 

    Aakanksha Saha, Martina Lindorfer (TU Wien); Juan Caballero (IMDEA Software Institute)

MYao: Efficient Multiparty “Yao” Garbled Circuits with Row Reduction and Half Gates

    Aner Ben-Efraim, Lior Breitman, Jonathan Bronshtein, Olga Nissenbaum, Eran Omri (Ariel University)

VDPCollect: Vulnerability Disclosure Programs as a Complement to Web Security Measurements

    Philip Decker (University Saarland); Florian Hantke (CISPA Helmholtz Center for Information Security)

Privacy-preserving Proximity Testing from Geometric Fuzzy Matching

    Florias Papadopoulos, Ioannis Katis, Katerina Mitrokotsa (University of St. Gallen)

Trace Gadgets: Minimizing Code Context for Machine Learning-Based Vulnerability Prediction

    Felix Mächtle, Nils Loose (University of Luebeck); Tim Schulz (University of Hamburg); Florian Sieck, Jan-Niclas Serr (University of Luebeck); Ralf Moeller (University of Hamburg); Thomas Eisenbarth (University of Luebeck)

Knowing your weaknesses is your greatest strength: Mapping CVE to CWE by leveraging CWE Hierarchy and fine-tuned LLMs

    Stefano Simonetto, Ronan Oostveen, Thijs Van Ede, Peter Bosch, Willem Jonker (University of Twente)

Formal Analysis Framework for E2EE Protocols

    Yu Wang, Xiaofeng Liu, Yu Hou, Chengyu Hu, Shanqing Guo (Shandong University)

FUZZItizer: Hardware Sanitizer-Assisted Fuzzing for Automated SoC Vulnerability Detection 

    Rahul Kande (Texas A & M University); Mohamadreza Rostami (Technical University of Darmstadt); Chen Chen (Texas A&M University); Hareesh Khattri, Jason M. Fung (Intel Corporation); Ahmad-Reza Sadeghi (Technical University of Darmstadt); Jeyavijayan Rajendran (Texas A&M University)

The Cost of Convenience: Identifying, Analyzing, and Mitigating Predatory Loan Applications on Android

    Olawale Amos Akanji, Manuel Egele, Gianluca Stringhini (Boston University)

CRX-ray: Large-Scale Detection of API Key Leakage in Browser Extensions

    Wei Zeng (University of Liverpool); Zhi Wang (Nankai University); Valerio Bucci (Queen’s University Belfast); Xiaoyu Chen, Xin Yang, Siyu Zhang (Nankai University); Yuejun Guo (Luxembourg Institute of Science and Technology); Wanpeng Li (University of Liverpool)

Setup Once, Secure Always: A Single-Setup Secure Federated Learning Aggregation Protocol with Forward and Backward Secrecy for Dynamic Users

    Nazatul Haque Sultan (CSIRO’s Data61, Sydney); Yan Bo (CSIRO’s Data61); Yansong Gao (University of Western Australia); Seyit Camtepe (CSIRO’s Data61); Arash Mahboubi (CSU, Australia); Hang Thanh Bui (UNSW, Australia); Aufeef Chauhan (RMIT, Australia); Hamed Aboutorab (UNSW, Australia); Michael Bewong (CSU, Australia); Praveen Gauravaram (TCS, Australia); Dineshkumar Singh (TCS, India); Rafiqul Islam (CSU, Australia); Sharif Abuadbba (CSIRO’s Data61)

Improved Verifiable Computation of Linear and Quadratic Functions over Encrypted Data and Its Applications

    Evan Schott (Yale University); Yinuo Zhang (University of Canterbury)

Single-Fault Nonce Respecting Differential Attack on Hybrid Homomorphic Encryption

    Aikata Aikata (Graz University of Technology); Ahaan Dabholkar (Purdue University); Dhiman Saha (Indian Institute of Technology Bhilai); Sujoy Sinha Roy (Graz University of Technology)

Taming Data Challenges in ML-based Security Tasks Using Generative AI

    Shravya Kanchi (Virginia Tech); Neal Mangaokar (University of Michigan); Aravind Cheruvu, Sifat Muhammad Abdullah (Virginia Tech); Shirin Nilizadeh (The University of Texas at Arlington); Atul Prakash (University of Michigan); Bimal Viswanath (Virginia Tech)

Deep Learning Backdoor Defense via Adaptive Trigger Collisions in Latent Space

    Zixun Xiong (Stevens Institute of Technology); Hao Wang (Stevens Institue of Technology); Jian Li (Stony Brook University); Yang Hua (Queen’s University Belfast, UK); Miao Pan (University of Houston); Xiaojiang Du (Stevens Institute of Technology)

Sanitizable Signatures with Different Admissibility Policies for Multiple Sanitizers

    Osama Allabwani (Université Clermont Auvergne, LIMOS, CNRS, BeYs); Olivier Blazy (École Polytechnique); Pascal Lafourcade (Université Clermont Auvergne, LIMOS, CNRS, ASTEROIDE, Trust4Sign); Charles Olivier-Anclin, Olivier Raynaud (Université Clermont Auvergne, LIMOS, CNRS)

HidePrint: Protecting Device Anonymity by Obscuring Radio Fingerprints

    Gabriele Oligeri (Hamad bin Khalifa University); Savio Sciancalepore (TU Eindhoven (TU/e))

SoK: Security of the Image Processing Pipeline for Camera-based Sensing in Autonomous Vehicles

    Michael Kühr, Mohammad Hamad (Technical University of Munich); Pedram MohajerAnsari, Mert D. Pesé (Clemson University); Sebastian Steinhorst (Technical University of Munich)

TELESCOPE: TDX Exploit Leaking Encrypted Data using Sibling Core Performance Counters 

    Fabian Rauscher, Hannes Weissteiner, Daniel Gruss (Graz University of Technology)

Towards Lightweight CKKS: On Client Cost Efficiency

    Jung Hee Cheon (Seoul National University / CryptoLab Inc.); Minsik Kang (Seoul National University); Jai Hyun Park (CryptoLab Inc.)

Completing Policy-based Anonymous Tokens: Private Bits, Public Metadata and more

    David Kretzler, Yong Li, Codrin Ogreanu (Huawei Heisenberg Research Center)

SoK: Reviewing Two Decades of Security, Privacy, Accessibility, and Usability Studies on Internet of Things for Older Adults

    Suleiman Saka (University of Denver); Sanchari Das (George Mason University)

Fooling the Deception: On The Feasibility of Detecting Chaff Bugs

    Alessandro Brighente (University of Padua); Mauro Conti (University of Padua & Örebro University); Sitora Salaeva (University of Padua)

Reasoning That Leaks, Fine-Tuning That Amplifies: Exposing the Hidden Threats of Chain-of-Thought Models

    Zhiyuan Xu, Joseph Gardiner, Sana Belguith (University of Bristol)

Scalable Private Set Intersection over Distributed Encrypted Data

    Seunghun Paik (Hanyang University); Nirajan Koirala, Jack Nero (University of Notre Dame); Hyunjung Son, Yunki Kim, Jae Hong Seo (Hanyang University); Taeho Jung (University of Notre Dame)

PUE Schemes: Efficient Updatable Encryption With Robust Security From Symmetric Primitives 

    Andreas Weninger, Elena Andreeva (TU Wien)

Data Flows in You: Benchmarking and Improving Static Data-flow Analysis on Binary Executables

    Nicolaas Weideman (USC Information Sciences Institute); Sima Arasteh, Mukund Raghothaman (University of Southern California); Jelena Mirkovic (USC Information Sciences Institute); Christophe Hauser (Dartmouth College)

ATAG: AI-Agent Application Threat Assessment with Attack Graphs

    Parth Atulbhai Gandhi (Ben Gurion University of the Negev); David Tayouri (Ben-Gurion University of the Negev); Akansha Shukla, Beni Ifland, Yuval Elovici, Rami Puzis, Asaf Shabtai (Ben Gurion University of the Negev)

A New Construction Method for More Efficient Quadratic One-Time Noisy Multi-Client Functional Encryption Schemes

    Jasmin Zalonis (University of Mannheim); Linda Scheu-Hachtel (University of Mannheim, Germany); Frederik Armknecht (University of Mannheim)

Stateless 2PC Signatures for Internet-Scale Authentication and Authorization

    Michael Adjedj (Fireblocks); Geoffroy Couteau (Université Paris Cité, CNRS, IRIF); Arik Galansky, Nikolaos Makriyannis, Oren Yomtov (Fireblocks)

LotBoNC: Novel Botnet Traffic Classification under Long-tailed Distributions

    Huancheng Hu (Hasso Plattner Institute); Ziyun Li (KTH Royal Institute of Technology); Christian Doerr (Hasso Plattner Institute)

VET Your Agent: Towards Host-Independent Autonomy via Verifiable Execution Traces

    Artem Grigor, Christian Schroeder de Witt, Simon Birnbach, Ivan Martinovic (University of Oxford)

SaMBA: Increasing Mixed Boolean-Arithmetic Complexity Through Equality Saturation 

    Caroline König, David Schmidt, Philip König, Patrick Felbauer, Sebastian Schrittwieser (University of Vienna, Faculty of Computer Science, Christian Doppler Laboratory AsTra)

RESTing-LLAMA: Large Language Model based REST API Fuzzing

    Varun Gadey (University of Duisburg-Essen); Christoph Sendner, Keven Zimmermann (University of Würzburg); Alexandra Dmitrienko (University of Duisburg-Essen)

Sheriff: Arresting the Confused Deputy Undermining Ultra-low SWaP Device Trusted Execution Environments

    Prakhar Sah, Matthew Hicks (Virginia Tech)

SysDiver: Lightweight and Fast Static Analysis for Windows Kernel Drivers

    Chanhee Park, Dongjoo Kim, Youngjoo Shin (Korea University)

CoCoRADE: Introducing Replay Protection for Data-at-Rest of Confidential Virtual Machines 

    Joana Pecholt, Maximilian Peisl (Fraunhofer AISEC); Michael Weiß (Fraunhofer Institute AISEC)

Beyond the Device: A Security Analysis of Children’s Smartwatches and Their Ecosystem

    Huancheng Hu, Christian Doerr (Hasso Plattner Institute)

DroidHunter: A Robust Vision-Based Detection Against Hidden Android Malware

    Victoire Nganfang (Univ Rennes, CNRS, INRIA, IRISA); Simon Queyrut (University of Neuchâtel); Yérom-David Bromberg (Univ Rennes, Inria, CNRS, IRISA); Valerio Schiavoni (University of Neuchâtel); Djob Mvondo (Univ Rennes, CNRS, IRISA, INRIA); KENGNE TCHENDJI Vianney (University of Dschang)

Identity Crisis in Confidential Computing: Formal Analysis of Attested TLS

    Muhammad Usama Sardar (TU Dresden); Mariam Moustafa, Tuomas Aura (Aalto University)

TAGShield: Persistent Tagging for Robust Stack Memory Error Protection

    Michele Grisafi, Carlo Ramponi (University of Trento); Silviu Vlasceanu, Mahmoud Ammar (Huawei Research, Germany); Bruno Crispo (University of Trento)

CTRL+ALT+TLB: Exploring Microarchitectural Weird Machines on Translation Look-aside Buffers

    Jonah Heller, Marcel Pflaeging, Thore Tiemann, Thomas Eisenbarth (University of Luebeck)

Noise, Why Can’t You Bend? Detecting Adversarial Perturbations in Wireless Sensing via Structural Fragility

    Md Hasan Shahriar (Virginia Tech); Ning Wang (University of South Florida); Amit Kumar Sikder (Iowa State University); Naren Ramakrishnan, Y. Thomas Hou, Wenjing Lou (Virginia Tech)

Toward Efficient and Effective Vulnerability Detection with GolDRuSh

    Gabriele Costa, Silvia De Francisci (IMT School for Advanced Studies Lucca)

Original Sin of npm: A Study on Vulnerability Propagation in JavaScript Dependency Networks

    Michael Robinson (Data61, CSIRO, Australia); Sajal Halder (RMIT University and Data61, CSIRO, Australia); Muhammad Ejaz Ahmed (Data61, CSIRO, Australia); Muhammad Ikram (Macquarie University, Australia); Seyit Camtepe (Data61, CSIRO, Australia); Hyoungshick Kim (Sungkyunkwan University, South Korea)

The End of Anarchy? Understanding the Life of HTTP Exploits Used in IoT Malware Infections

    Ryu Kuki, Takayuki Sasaki (Yokohama National University); Arwa Al Alsadi (Delft University of Technology); Carlos Gañán (Delft University of Technology/Yokohama National University); Katsunari Yoshioka (Yokohama National University)

Purified Distillation Slimming (PDS) for Robust Backdoor Defense

    Liqun Shan, Kaiying Han (University of Louisiana at Lafayette); Yazhou Tu (Auburn University); Insup Lee (University of Pennsylvania); Xiali Hei (University of Louisiana at Lafayette)

Memory Tagging with Intra-Object Detection: Bridging the Gap in Fine-Grained Memory Safety

    Konrad Hohentanner, Lukas Hertel (Technical University of Munich); Minu Föger, Lukas Auer, Julian Horsch (Fraunhofer AISEC)

Uncovering the Deceptive Tactics of Stalkerware: A Large Scale Measurement Study

    Malvika Jadhav, Wenxuan Bao, Vincent Bindschaedler (University of Florida)

Mitigating Gradient Inversion Risks in Language Models via Token Obfuscation

    Xinguo Feng, Zhongkui Ma, Zihan Wang (The University of Queensland); Alsharif Abuadbba (CSIRO’s Data61, Australia); Guangdong Bai (City University of Hong Kong)

“To Pay or Not to Pay?”: Understanding User Decision-Making and Influence of Nudges in UPI Apps

    Nandini Bajaj, Shiladitya De, Kshitiz Sharma (Indian Institute of Technology, Kharagpur); Xinru Page (Brigham Young University); Bart Knijnenburg (Clemson University); Mainack Mondal (Indian Institute of Technology Kharagpur)

A Comparative Analysis of NVD, JVNDB and CNVD: Insights into Global and Regional Vulnerability Reporting

    Juehao Lin, Xuanxiang William Wang, Gianluca Stringhini, Manuel Egele (Boston University)

ClieND: Client-Side Neuron-Level Detection against Poisoning Attacks on Cross-Silo Federated Learning

    Mengyao Ma, Shuofeng Liu (The University of Queensland); Viet Vo (Swinburne University of Technology); Minghong Fang (University of Louisville); Surya Nepal (CSIRO’s Data61 Australia); Guangdong Bai (City University of Hong Kong)

PP-Vul: Privacy-Preserving Vulnerability Detection Using Homomorphic Encryption 

    Seungho Kim, Seonhye Park, Jihun Kim, Eunsoo Kim, Sanghak Oh (Sungkyunkwan University); Hyunmin Choi (NAVER Cloud); Hyoungshick Kim (Sungkyunkwan University)

ADAGE: Active Defenses Against GNN Extraction

    Jing Xu, Franziska Boenisch, Adam Dziedzic (CISPA Helmholtz Center for Information Security)

A First Look at the Mobile Driving License (mDL) Standard and its Real-world Usage

    Zeyu Lei (Purdue University); Güliz Seray Tuncay (Google); Abdullah Imran, Z. Berkay Celik, Antonio Bianchi (Purdue University)

A Linear Operator Framework for Polynomial Divisions in Cryptography

   Varun Madathil (Yale University); Arnab Roy, Konstantinos Chalkias (Mysten Labs); Charanjit Jutla (IBM Research); Jonas Lindstrom (Mysten Labs)

ZEEP: Zone Encryption with Enhanced Privacy for Vehicular Communication

   Kanchan Bisht, Ashish B Emmanuel, Prashanth Sriram S, Maria Francis (Indian Institute of Technology Hyderabad)

“Nobody should control the end user”: Exploring Privacy Perspectives of Indian Internet Users in Light of DPDPA

    Sana Athar (Max Planck Institute for Informatics); Devashish Gosain (Indian Institute of Technology Bombay); Anja Feldmann, Mannat Kaur, Ha Dao (Max Planck Institute for Informatics)

Auditing Differentially Private Interactive Database Systems

    Sagar Sharma, Wanrong Zhang, Qiang Yan (TikTok); Florian Tramer (ETH Zurich)

bPk#: Delegatable Pseudonyms

    Stephan Krenn, Doryan Lesaignoux, Sebastian Ramacher (AIT Austrian Institute of Technology)

The Role of Domain-Specific Features in Malware Detection: A macOS Case Study

    Biagio Montaruli (EURECOM, SAP); Andrea Oliveri (EURECOM); Savino Dambra (Gendigital); Davide Balzarotti (EURECOM)

SoK: Reassessing Side-Channel Vulnerabilities and Countermeasures in PQC Implementations

    Patrik Dobias (Brno University of Technology); Azade Rezaeezade (TU Delft, Radboud University); Lejla Batina (Radboud University); Łukasz Chmielewski (Masaryk University, Radboud University); Lukas Malina (Brno University of Technology)

Aggregator-Based Voting using proof of Partition

    Marius Lombard-Platet, Doron Zarchy (Apsia, SnT, university of Luxembourg)

PrivaDE: Privacy-preserving Data Evaluation for Blockchain-based Data Marketplaces

   Wan Ki Wong, Sahel Torkamani, Michele Ciampi, Rik Sarkar (University Of Edinburgh)

Revisiting Pre-trained Language Models for Vulnerability Detection

   Youpeng Li, Weiliang Qi (University of Texas at Dallas); Xuyu Wang (Florida International University); Fuxun Yu (Microsoft); Xinda Wang (University of Texas at Dallas)

FedLeaks: Creating Timing Channel Leaks in Federated Learning of Adaptive Neural Networks

    Ayomide Akinsanya, Tegan Brennan (Stevens Institute of Technology)

Unequal Privacy: Auditing Demographic Bias Vulnerabilities in Visual Protection Systems

   Seyyed Mohammad Sadegh Moosavi Khorzooghi (University of Texas at Arlington); Poojitha Thota (The University of Texas at Arlington); Mohit Singhal (Northeastern University); Abolfazl Asudeh (University of Illinois Chicago); Gautam Das, Shirin Nilizadeh (The University of Texas at Arlington)

TRM: An Efficient Hypervisor-Based Framework For Malware Analysis and Memory Reconstruction

   Mohammad Sina Karvandi (Vrije Universiteit Amsterdam); Soroush Meghdadizanjani (Stony Brook University); Sima Arasteh (University of Southern California); Saleh Khalaj Monfared (Worcester Polytechnic Institute); Mohammad K. Fallah (Chosun University); Saeid Gorgin (SungKyunKwan University); Jeong-A Lee (Chosun University); Asia Slowinska, Erik van der Kouwe (Vrije Universiteit Amsterdam)

StealthCup: Realistic, Multi-Stage, Evasion-Focused CTF for Benchmarking IDS

   Manuel Kern, Dominik Steffan, Felix Schuster (Austrian Institute of Technology); Simon Freudenthaler (FH Hagenberg); Edgar Weippl (University of Vienna); Florian Skopik, Max Landauer, David Allison (Austrian Institute of Technology)

PHANTOM: Physics-Aware Adversarial Attacks against Federated Learning-Coordinated EV Charging Management System 

   Mohammad Zakaria Haider (Florida International University); Amit Kumer Podder (North Carolina State University); Prabin Mali (Florida International University); Aranya Chakrabortty (North Carolina State University); Sumit Paudyal, Mohammad Ashiqur Rahman (Florida International University)