USENIX Security '24 Poster Session

Accepted Posters

The following posters will be presented at the USENIX Security '24 Poster Session and Happy Hour on Thursday, August 15, from 6:00 pm–7:30 pm.

Compartmentalizing Untrusted Code in Bare-Metal Embedded Devices
Liam Tyler and Ivan De Oliveira Nunes, Rochester Institute of Technology

Next-Gen Anomaly Detection: Innovations in Intrusion Detection Systems
Anthony Zatika and Joel Coffman, Johns Hopkins University

How Good Is It? Evaluating the Efficacy of Common versus Domain-Specific Prompts on Foundational Large Language Models
Oluyemi Enoch Amujo and Shanchieh Jay Yang, Rochester Institute of Technology

KnitSock: LLM Powered Test Case Generation for Linux Socket
Siwei Zhang, Mahbub Alam, Kritika Verma, and Endadul Hoque, Syracuse University

Taming the Overhead of High-Frequency Intel MPK Permission Switching
Adriaan Jacobs, DistriNet, KU Leuven; Jeroen Gardeyn, CODeS, KU Leuven; Stijn Volckaert, DistriNet, KU Leuven

Developer Guidance: Making Rust Safer
Alicia Andries, Jorn Lapon, and Stijn Volckaert, DistriNet, KU Leuven

iConPAL: LLM-guided Policy Authoring Assistant for Configuring IoT Defenses
Mahbub Alam, Siwei Zhang, Eric Rodriguez, Akib Jawad Nafis, and Endadul Hoque, Syracuse University

Proof of Execution in Real-Time Embedded Systems
Antonio Joia Neto and Ivan de Oliveira Nunes, Rochester Institute of Technology

Noise or reality?: Investigating the real-world exploitability and impact of certified IoT Apps
Nicolas Janis and Adwait Nadkarni, William & Mary

Whispers in the Machine: Confidentiality in LLM-integrated Systems
Jonathan Evertz, Merlin Chlosta, and Lea Schönherr, CISPA Helmholtz Center for Information Security; Thorsten Eisenhofer, TU Berlin

POSTER: Powerful and Efficient Stepping-Stone Detection with DeepCoFFEA
Nate Mathews, Rochester Institute of Technology; James K. Holland, University of Minnesotta; Matthew Wright, Rochester Institute of Technology; Nicholas Hopper, University of Minnesota; Shanchieh Jay Yang, Rochester Institute of Technology

Special Delivery! Investigating the Prevalence, Causes, and Mitigation Methods of Package Hallucinations in Code Generating LLMs.
Joseph Spracklen, Raveen Wijewickrama, and A.H.M Nazmus Sakib, University of Texas at San Antonio; Anindya Maiti, University of Oklahoma; Murtuza Jadliwala, University of Texas at San Antonio

Poster: Runtime Attestation and Auditing from the Verifier’s Perspective
Adam Caulfield, Rochester Institute of Technology; Norrathep Rattanavipanon, Prince of Songkla University, Phuket Campus; Ivan De Oliveira Nunes, Rochester Institute of Technology

Federated Learning Trust Evaluation for Robust Computer Vision Applications
Dmitrii Korobeinikov, Raman Zatsarenko, Sergei Chuprov, and Leon Reznik, Rochester Institute of Technology

DiffTranPure: Diffusion Transformer based Adversarial Purification to Extract Face and Facial Soft-Biometric Features from Obfuscated Images
Shaikh Akib Shahriyar and Matthew Wright, Rochester Institute of Technology; Armon Barton, Naval Postgraduate School

KISS: Integrating Security Knowledge for More Robust ML Services
Raman Zatsarenko, Dmitrii Korobeinikov, Sergei Chuprov, and Leon Reznik, Rochester Institute of Technology

Dungeons & Deepfakes App: A User Study Platform for Journalistic Verification Workflows
Saniat J. Sohrawardi and Y. Kelly Wu, Rochester Institute of Technology; Andrea Hickerson, University of Mississippi; Matthew Wright, Rochester Institute of Technology

Exploiting Cross Language Attacks against Rust for Linux
Yu-Ting Wang, Liang-Chun Chen, and Shih-Wei Li, National Taiwan University

Revealing DeepFakes: Self-Explaining Neural Networks for Advanced Detection
Xinmiao Lin and Matthew Wright, Rochester Institute of Technology

FuBuKi: Fuzzing Testing on Bluetooth with Profile Emulation Kit
Zhao Min Chen, National Taiwan University; Yu-Sheng Lin, National Yang Ming Chiao Tung University; Tien-Chih Lin, CyCraft Technology; Guan-Yan Yang and Farn Wang, National Taiwan University

Fuchsia Through an Object Capability Lens
Noah Mauthe and Sven Bugiel, CISPA Helmholtz Center for Information Security

SIPS, IPPS, or Oops! An Analysis of the Security and Privacy of DNS Service Discovery
Joseph Call, Mostafa Ahmed, and Stephen Herwig, William & Mary

AKESO: Bringing Post-Compromise Security to Cloud Storage
Lily Gloudemans, Pankaj Niroula, Aashutosh Poudel, and Stephen Herwig, William & Mary

Digital twin for security evaluation using an attack agent
Manuel Poisson, Amossys/CentraleSupélec/CNRS/Univ. Rennes/IRISA; Sebastien Kilian, Valérie Viet Triem Tong, and Jean-Francois Lalande, CentraleSupélec/CNRS/Univ. Rennes/IRISA; Gilles Guette, CNRS/Univ. Rennes/IRISA; Frederic Guihery and Damien Crémilleux, Amossys

Beyond the WEIRD: Toward a General Security Scale
Yukiko Sawaya and Takamasa Isohara, KDDI Research, Inc; Mahmod Sharif, Tel Aviv University

Enhancing Security and Visibility Through IoT Vendor and Function Labeling
Bar Meyuhas, Reichman University; Anat Bremler-Barr, Tel Aviv University; Tal Shapira, Reichman University

FIRMMOD: Generating API Taint Models for Firmware Analysis
Ken (Yihang) Bai and Tuba Yavuz, University of Florida

2D Human Spoofing Attack Defense Challenges for Autonomous Vehicles
Bhupathiraju Sri Hrushikesh Varma, University of Florida; Trishna Chakraborty, University of California, Riverside; Thomas Fai, University of Florida; Justin Yue, University of California, Irvine; Dipkamal Bhusal, Rochester Institute of Technology; Michael Clifford, Toyota; Nidhi Rastogi, Rochester Institute of Technology; Alfred Chen, University of California, Irvine; Sara Rampazzi, University of Florida

Security and Privacy Heterogeneous Environment for Reproducible Experimentation (SPHERE)
Jelena Mirkovic, David Balenson, and Brian Kocoloski, USC Information Sciences Institute; David Choffnes and Daniel J. Dubois, Northeastern University; Geoff Lawler, Chris Tran, Joseph Barnes, Yuri Pradkin, Terry Benzel, Srivatsan Ravi, Ganesh Sankaran, and Alba Regalado, USC Information Sciences Institute; Luis Garcia, University of Utah

Bringing Verification-Aware Languages to Formal Verification of Federated Authentication Protocols
Bach Hoang and Phuong Cao, National Center for Supercomputing Applications, University of Illinois Urbana-Champaign

Post-Quantum Cryptography (PQC) Network Instrument: Measuring PQC Adoption Rates and Identifying Migration Pathways
Bach Hoang, National Center for Supercomputing Applications, University of Illinois Urbana-Champaign; Jakub Sowa, University of Illinois Urbana-Champaign; Phuong Cao, National Center for Supercomputing Applications, University of Illinois Urbana-Champaign

VeriSSO: Privacy-Preserving Legacy-Compatible Single Sign-On Using Verifiable Credentials and Threshold Tokens
Ifteher Alom, Yue Li, and Yang Xiao, University of Kentucky

Is More Information Better? How Increasingly Augmented LLM Help in Vulnerability Assessment
Reza Fayyazi and Shanchieh Jay Yang, Rochester Institute of Technology

Pretrained Executable Language Models (ELMs) Excel at Malware Understanding
Luke Kurlandski, Rochester Institute of Technology; Harel Berger, Georgetown University; Yin Pan and Matthew Wright, Rochester Institute of Technology

Towards Detecting Zero-day Attacks in IoT Environments Using Adaptive SAMKNN
Promise Ricardo Agbedanu and Shanchieh Jay Yang, Rochester Institute of Technology

Wary Implementations of Cryptographic-API by Developers.
Victor Olaiya and Adwait Nadkarni, William & Mary

PASTE: Multi-Level Pattern-Based Detection of Hardware Vulnerabilities
Ruochen Dai and Tuba Yavuz, University of Florida

Digital Media Forensics Ontology for Systematic Organization of Analytics
Y. Kelly Wu, Saniat J. Sohrawardi, and Matthew Wright, Rochester Institute of Technology

Leveraging an Ordered Versioning SSD to Defend Against Data Compromise
Weidong Zhu, Carson Stillman, Sara Rampazzi, and Kevin Butler, University of Florida

Explainability of Machine Learning in the Intrusion Detection System
Mohammad Noureddine, Xianshun Jiang, and Yujie Zhang, Rose-Hulman Institute of Technology

Drone Fingerprinting: Unveiling and Countering Traffic Analysis Vulnerabilities in Wi-Fi UAVs
Masoumeh Abolfathi and Haadi Jafarian, University of Colorado, Denver

AI Red Teaming: Considerations for safe Generative AI systems and developing an automated framework
Bolor-Erdene Jagdagdorj, Gary D Lopez Munoz, Amanda J. Minnich, Roman Lutz, Richard Lundeen, Raja Sekhar Rao Dheekonda, Nina Chikanov, and Ram Shankar Siva Kumar, Microsoft

Towards Understanding the Underuse of Security Features in Open-source Repositories
Jessy Ayala, Steven Ngo, and Joshua Garcia, University of California, Irvine

Exploring Informal References in Cyber Security Papers
Marton Bognar, Victor Le Pochat, Lieven Desmet, Wouter Joosen, and Frank Piessens, DistriNet, KU Leuven

Usable Methods to Detect and Locate Hidden IoT Cameras
Tim Hsuan-Ting Lu and Danny Yuxing Huang, New York University