All sessions will be held in Salon CD unless otherwise noted.
Papers are available for download below to registered attendees now. The papers and the full proceedings will be available to everyone beginning Monday, August 12, 2024. Paper abstracts are available to everyone now. Copyright to the individual works is retained by the author[s].
Monday, August 12
7:30 am–9:00 am
Continental Breakfast
Salon CD Foyer
9:00 am–9:15 am
Opening Remarks and Awards
Program Co-Chairs: Adam Doupé, Arizona State University; Alyssa Milburn, Intel
9:15 am–10:15 am
Keynote Address
AI and White Hat Hacking: A Symbiotic Relationship?
Perri Adams, DARPA
10:15 am–10:45 am
Coffee and Tea Break
Salon CD Foyer
10:45 am–12:00 pm
Practitioners at Work
Achilles Heel in Secure Boot: Breaking RSA Authentication and Bitstream Recovery from Zynq-7000 SoC
Prasanna Ravi and Arpan Jati, Temasek Laboratories, Nanyang Technological University, Singapore; Shivam Bhasin, National Integrated Centre for Evaluation (NiCE), Nanyang Technological University, Singapore
12:00 pm–1:30 pm
Conference Luncheon
Salon AB
1:30 pm–2:45 pm
Security Can Be Tricky
The Power of Words: Generating PowerShell Attacks from Natural Language
Pietro Liguori, Christian Marescalco, Roberto Natella, Vittorio Orbinato, and Luciano Pianese, DIETI, Università degli Studi di Napoli Federico II
Attacking with Something That Does Not Exist: 'Proof of Non-Existence' Can Exhaust DNS Resolver CPU
Olivia Gruza, Elias Heftrig, Oliver Jacobsen, Haya Schulmann, and Niklas Vogel, National Research Center for Applied Cybersecurity ATHENE, Goethe-Universität Frankfurt; Michael Waidner, National Research Center for Applied Cybersecurity ATHENE, Technische Universität Darmstadt, Fraunhofer Institute for Secure Information Technology SIT
Amplifying Threats: The Role of Multi-Sender Coordination in SMS-Timing-Based Location Inference Attacks
Evangelos Bitsikas, Northeastern University; Theodor Schnitzler, Research Center Trustworthy Data Science and Security and Maastricht University; Christina Pöpper, New York University Abu Dhabi; Aanjhan Ranganathan, Northeastern University
2:45 pm–3:15 pm
Coffee and Tea Break
Salon CD Foyer
3:15 pm–4:30 pm
Embedded Security
MakeShift: Security Analysis of Shimano Di2 Wireless Gear Shifting in Bicycles
Maryam Motallebighomi, Northeastern University; Earlence Fernandes, UC San Diego; Aanjhan Ranganathan, Northeastern University
Oh No, My RAN! Breaking Into an O-RAN 5G Indoor Base Station
Leon Janzen, Lucas Becker, Colin Wiesenäcker, and Matthias Hollick, Technical University of Darmstadt (TUDa)
Tuesday, August 13
8:00 am–9:00 am
Continental Breakfast
Salon CD Foyer
9:00 am–10:15 am
Hardware Security
Reverse Engineering the Eufy Ecosystem: A Deep Dive into Security Vulnerabilities and Proprietary Protocols
Victor Goeman, Dairo de Ruck, Tom Cordemans, Jorn Lapon, and Vincent Naessens, DistriNet, KU Leuven
SoK: Where’s the “up”?! A Comprehensive (bottom-up) Study on the Security of Arm Cortex-M Systems
Xi Tan and Zheyuan Ma, CactiLab, University at Buffalo; Sandro Pinto, Universidade do Minho; Le Guan, University of Georgia; Ning Zhang, Washington University in St. Louis; Jun Xu, The University of Utah; Zhiqiang Lin, Ohio State University; Hongxin Hu, University at Buffalo; Ziming Zhao, CactiLab, University at Buffalo
10:15 am–10:45 am
Coffee and Tea Break
Salon CD Foyer
10:45 am–12:00 pm
Memory Corruption Is a Solved Problem
SoK: On the Effectiveness of Control-Flow Integrity in Practice
Lucas Becker and Matthias Hollick, Technical University of Darmstadt; Jiska Classen, Hasso Plattner Institute, University of Potsdam
Exploiting Android’s Hardened Memory Allocator
Philipp Mao, Elias Valentin Boschung, Marcel Busch, and Mathias Payer, EPFL
Awarded Best Paper!12:00 pm–1:30 pm
Conference Luncheon
Salon AB
1:30 pm–2:45 pm
Physical Attacks
Breaking Espressif’s ESP32 V3: Program Counter Control with Computed Values using Fault Injection
Jeroen Delvaux, Technology Innovation Institute; Cristofaro Mune, Raelize; Mario Romero, Technology Innovation Institute; Niek Timmers, Raelize
SOK: 3D Printer Firmware Attacks on Fused Filament Fabrication
Muhammad Haris Rais, Virginia State University; Muhammad Ahsan and Irfan Ahmed, Virginia Commonwealth University
2:45 pm–3:15 pm
Coffee and Tea Break
Salon CD Foyer
3:15 pm–4:15 pm
Lightning Talks and Closing Remarks
Program Co-Chairs: Adam Doupé, Arizona State University; Alyssa Milburn, Intel
4:30 pm–6:00 pm
Demo/Poster Session and Happy Hour
Salon ABF