| Uncovering the Limits of Machine Learning for Automatic Vulnerability Detection | USENIX Security '24 | Niklas Risse, Marcel Böhme |
| SSRF vs. Developers: A Study of SSRF-Defenses in PHP Applications | USENIX Security '24 | Malte Wessels, Simon Koch, Giancarlo Pellegrino, Martin Johns |
| Deciphering Textual Authenticity: A Generalized Strategy through the Lens of Large Language Semantics for Detecting Human vs. Machine-Generated Text | USENIX Security '24 | Mazal Bethany, Brandon Wherry, Emet Bethany, Nishant Vishwamitra, Anthony Rios, Peyman Najafirad |
| Formalizing and Benchmarking Prompt Injection Attacks and Defenses | USENIX Security '24 | Yupei Liu, Yuqi Jia, Runpeng Geng, Jinyuan Jia, Neil Zhenqiang Gong |
| Leakage-Abuse Attacks Against Structured Encryption for SQL | USENIX Security '24 | Alexander Hoover, Ruth Ng, Daren Khu, Yao'An Li, Joelle Lim, Derrick Ng, Jed Lim, Yiyang Song |
| OPTISAN: Using Multiple Spatial Error Defenses to Optimize Stack Memory Protection within a Budget | USENIX Security '24 | Rahul George, Mingming Chen, Kaiming Huang, Zhiyun Qian, Thomas La Porta, Trent Jaeger |
| Cost-effective Attack Forensics by Recording and Correlating File System Changes | USENIX Security '24 | Le Yu, Yapeng Ye, Zhuo Zhang, Xiangyu Zhang |
| Moderating Illicit Online Image Promotion for Unsafe User Generated Content Games Using Large Vision-Language Models | USENIX Security '24 | Keyan Guo, Ayush Utkarsh, Wenbo Ding, Isabelle Ondracek, Ziming Zhao, Guo Freeman, Nishant Vishwamitra, Hongxin Hu |
| Did the Neurons Read your Book? Document-level Membership Inference for Large Language Models | USENIX Security '24 | Matthieu Meeus, Shubham Jain, Marek Rei, Yves-Alexandre de Montjoye |
| Engaging Company Developers in Security Research Studies: A Comprehensive Literature Review and Quantitative Survey | USENIX Security '24 | Raphael Serafini, Stefan Albert Horstmann, Alena Naiakshina |
| A Broad Comparative Evaluation of Software Debloating Tools | USENIX Security '24 | Michael D. Brown, Adam Meily, Brian Fairservice, Akshay Sood, Jonathan Dorn, Eric Kilmer, Ronald Eytchison |
| BeeBox: Hardening BPF against Transient Execution Attacks | USENIX Security '24 | Di Jin, Alexander J. Gaidis, Vasileios P. Kemerlis |
| FAMOS: Robust Privacy-Preserving Authentication on Payment Apps via Federated Multi-Modal Contrastive Learning | USENIX Security '24 | Yifeng Cai, Ziqi Zhang, Jiaping Gui, Bingyan Liu, Xiaoke Zhao, Ruoyu Li, Zhe Li, Ding Li |
| OblivGNN: Oblivious Inference on Transductive and Inductive Graph Neural Network | USENIX Security '24 | Zhibo Xu, Shangqi Lai, Xiaoning Liu, Alsharif Abuadbba, Xingliang Yuan, Xun Yi |
| FV8: A Forced Execution JavaScript Engine for Detecting Evasive Techniques | USENIX Security '24 | Nikolaos Pantelaios, Alexandros Kapravelos |
| DEEPTYPE: Refining Indirect Call Targets with Strong Multi-layer Type Analysis | USENIX Security '24 | Tianrou Xia, Hong Hu, Dinghao Wu |
| Argus: All your (PHP) Injection-sinks are belong to us. | USENIX Security '24 | Rasoul Jahanshahi, Manuel Egele |
| MOAT: Towards Safe BPF Kernel Extension | USENIX Security '24 | Hongyi Lu, Shuai Wang, Yechang Wu, Wanning He, Fengwei Zhang |
| Invalidate+Compare: A Timer-Free GPU Cache Attack Primitive | USENIX Security '24 | Zhenkai Zhang, Kunbei Cai, Yanan Guo, Fan Yao, Xing Gao |
| It Doesn't Look Like Anything to Me: Using Diffusion Model to Subvert Visual Phishing Detectors | USENIX Security '24 | Qingying Hao, Nirav Diwan, Ying Yuan, Giovanni Apruzzese, Mauro Conti, Gang Wang |
| DMAAUTH: A Lightweight Pointer Integrity-based Secure Architecture to Defeat DMA Attacks | USENIX Security '24 | Xingkai Wang, Wenbo Shen, Yujie Bu, Jinmeng Zhou, Yajin Zhou |
| PEPSI: Practically Efficient Private Set Intersection in the Unbalanced Setting | USENIX Security '24 | Rasoul Akhavan Mahdavi, Nils Lukas, Faezeh Ebrahimianghazani, Thomas Humphries, Bailey Kacsmar, John Premkumar, Xinda Li, Simon Oya, Ehsan Amjadian, Florian Kerschbaum |
| True Attacks, Attack Attempts, or Benign Triggers? An Empirical Measurement of Network Alerts in a Security Operations Center | USENIX Security '24 | Limin Yang, Zhi Chen, Chenkai Wang, Zhenning Zhang, Sushruth Booma, Phuong Cao, Constantin Adam, Alexander Withers, Zbigniew Kalbarczyk, Ravishankar K. Iyer, Gang Wang |
| Double Face: Leveraging User Intelligence to Characterize and Recognize AI-synthesized Faces | USENIX Security '24 | Matthew Joslin, Xian Wang, Shuang Hao |
| Athena: Analyzing and Quantifying Side Channels of Transport Layer Protocols | USENIX Security '24 | Feiyang Yu, Quan Zhou, Syed Rafiul Hussain, Danfeng Zhang |
