42nd IEEE Symposium & Workshops on Security and Privacy
Proudly supported by
Speakers
Trust, But Verify: A Longitudinal Analysis Of Android OEM Compliance and Customization
![](https://events-ringcentral-prod.imgix.net/suggested_profiles/pictures/000/585/282/original/155143686_10159203808193554_1568824755535157226_n.jpg?ixlib=rails-4.3.1&auto=compress&w=384&h=384&fit=clip&s=2959b1bff126ef0d4975630121742a7b)
![](https://events-ringcentral-prod.imgix.net/suggested_profiles/pictures/000/589/666/original/Portrait_cropped.jpeg?ixlib=rails-4.3.1&auto=compress&w=384&h=384&fit=clip&s=76019402c74f05efe77303cfe3133db8)
Session Chair
Android Custom Permissions Demystified: From Privilege Escalation to Design Shortcomings
![](https://events-ringcentral-prod.imgix.net/suggested_profiles/pictures/000/589/668/original/Yuan_Tian_001.jpg?ixlib=rails-4.3.1&auto=compress&w=384&h=384&fit=clip&s=8520cfe405b77a6ae857e8b6a98285a3)
Session Chair // Shadow PC Chair for IEEE S&P
Ethics in Security and Privacy Research Panel
Ethics in Security and Privacy Research Panel
Synthesizing Allowlists With RASPunzel
![](https://events-ringcentral-prod.imgix.net/suggested_profiles/pictures/000/590/720/original/Yang.png?ixlib=rails-4.3.1&auto=compress&w=384&h=384&fit=clip&s=f89c34ccf2d7d42d3e44f5d76e621fc5)
Near Real-time Learning and Extraction of Cyberattack Behavior Models
Invisible Perturbations: Physical Adversarial Examples Exploiting the Rolling Shutter Effect
Sustainable Software Security Program
Consent Management Platforms under the GDPR: Processors or Controllers?
![](https://events-ringcentral-prod.imgix.net/suggested_profiles/pictures/000/590/726/original/16160647366586.jpg?ixlib=rails-4.3.1&auto=compress&w=384&h=384&fit=clip&s=c5b4544a83ba555ff8584b1d5a33dff1)
Post-Quantum WireGuard
Merkle^2: A Low-Latency Transparency Log System
Session Chair
CacheOut: Leaking Data on Intel CPUs via Cache Evictions
CacheOut: Leaking Data on Intel CPUs via Cache Evictions
![](https://events-ringcentral-prod.imgix.net/suggested_profiles/pictures/000/591/472/original/a_a_a___a___sdf_Shot_2021-05-25_at_16.17.51.png?ixlib=rails-4.3.1&auto=compress&w=384&h=384&fit=clip&s=845ca9db50779e1565dcf7d91940425f)
Is Private Learning Possible with Instance Encoding?
DP-Sniper: Black-Box Discovery of Differential Privacy Violations using Classifiers
Is Private Learning Possible with Instance Encoding?
![](https://events-ringcentral-prod.imgix.net/suggested_profiles/pictures/000/591/475/original/florian2020.png?ixlib=rails-4.3.1&auto=compress&w=384&h=384&fit=clip&s=f6d5b018760491ab504c827f8d6b114f)
Is Private Learning Possible with Instance Encoding?
Defensive Technology Use by Political Activists During the Sudanese Revolution
Defensive Technology Use by Political Activists During the Sudanese Revolution
DIANE: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices
Data Privacy in Trigger-Action IoT Systems
Session Chair
An I/O Separation Model for Formal Verification of Kernel Implementations
An I/O Separation Model for Formal Verification of Kernel Implementations
Session Chair
Diogenes: Lightweight Scalable RSA Modulus Generation with a Dishonest Majority
One Engine to Fuzz 'em All: Generic Language Processor Testing with Semantic Validation
One Engine to Fuzz 'em All: Generic Language Processor Testing with Semantic Validation
Session Chair
STOCHFUZZ: Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting
NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis
Who is Real Bob? Adversarial Attacks on Speaker Recognition Systems
SoK: Computer-Aided Cryptography
CRYLOGGER: Detecting Crypto Misuses Dynamically
SoK: All You Ever Wanted to Know About Binary Disassembly But Were Afraid to Ask
ConDySTA: Context-Aware Dynamic Supplement to Static Taint Analysis
Detecting AI Trojans Using Meta Neural Analysis
Learning Differentially Private Mechanisms
Lockable Signatures for Blockchains: Scriptless Scripts for all Signatures
PEGASUS: Bridging Polynomial and Non-polynomial Evaluations in Homomorphic Encryption
CrawlPhish: Large-scale Analysis of Client-side Cloaking Techniques in Phishing
SGUARD: Towards Fixing Vulnerable Smart Contracts Automatically
Compositional Security for Reentrant Applications
DIFUZZRTL: Differential Fuzz Testing to Find CPU Bugs
Wolverine: Fast, Scalable, and Communication-Efficient Zero-Knowledge Proofs for Boolean and Arithmetic Circuits
Bookworm Game: Automatic Discovery of LTE Vulnerabilities Through Documentation Analysis
Session Chair
Method Confusion Attack on the Bluetooth Pairing Process
Linking Bluetooth LE & Classic and Implications for Privacy-Preserving Bluetooth-Based Protocols
They Would do Better if They Worked Together: The Case of Interaction Problems Between Password Managers and Websites
![](https://events-ringcentral-prod.imgix.net/suggested_profiles/pictures/000/591/612/original/%E5%BE%AE%E4%BF%A1%E5%9B%BE%E7%89%87_20210526024207.jpg?ixlib=rails-4.3.1&auto=compress&w=384&h=384&fit=clip&s=2776f3a56a9ce552a7dbe470b271dfc5)
When LoRa Meets EMR: Electromagnetic Covert Channels Can Be Super Resilient
Revealer: Detecting and Exploiting Regular Expression Denial-of-Service Vulnerabilities
Revealer: Detecting and Exploiting Regular Expression Denial-of-Service Vulnerabilities
Breaking the Specification: PDF Certfiication
Session Chair
A Decentralized and Encrypted National Gun Registry
Zero Knowledge for Everything and Everyone: Fast ZK Processor with Cached ORAM for ANSI C Programs
Epochal Signatures for Deniable Group Chats
The Provable Security of Ed25519: Theory and Practice
![](https://events-ringcentral-prod.imgix.net/suggested_profiles/pictures/000/591/627/original/Headshot.jpg?ixlib=rails-4.3.1&auto=compress&w=384&h=384&fit=clip&s=fe9ab4af3fa82de6e5e23e795d0eb545)
Session Chair
Survivalism: Systematic Analysis of Malware Living-Off-The-Land
Trouble Over-The-Air: An Analysis of FOTA Apps in the Android Ecosystem
Detecting Filter List Evasion With Event-Loop-Turn Granularity JavaScript Signatures.
A Secure and Formally Verified Linux KVM Hypervisor
Did you mix me? Formally Verifying Verifiable Mix Nets in Electronic Voting
Runtime Recovery of Web Applications under Zero-Day ReDoS Attacks
Happer: Unpacking Android Apps via a Hardware-Assisted Approach
BUFFing signature schemes beyond unforgettability and the case of post-quantum signatures
![](https://events-ringcentral-prod.imgix.net/suggested_profiles/pictures/000/591/661/original/IMG_2345.jpg?ixlib=rails-4.3.1&auto=compress&w=384&h=384&fit=clip&s=da129c5b7e22b3e24295d819012382ef)
Intel Rep
Intel Award Finalist
Intel Award Finalist
Intel Award Finalist
Video Chair for IEEE S&P // Intel Award Finalist
Intel Award Finalist
Session Chair
Session Chair
Session Chair
CrossTalk: Speculative Data Leaks Across Cores Are Real
DynPTA: Combining Static and Dynamic Analysis for Practical Selective Data Protection
A Novel Dynamic Analysis Infrastructure to Instrument Untrusted Execution Flow Across User-Kernel Spaces
CRYLOGGER: Detecting Crypto Misuses Dynamically
Real-World Snapshots vs. Theory: Questioning the t-Probing Security Model.
Lightweight Techniques for Private Heavy Hitters // Session Chair
![](https://events-ringcentral-prod.imgix.net/suggested_profiles/pictures/000/592/076/original/img_20200218_124150_mh1617649496449.jpg?ixlib=rails-4.3.1&auto=compress&w=384&h=384&fit=clip&s=71062afce8cbf885ea64977fc4a2ce69)
Proof-of-Learning: Definitions and Practice
Session Chair
Session Chair
MC for the Intel Awards
Proof-of-Learning: Definitions and Practice
Awards Chair
When Function Signature Recovery Meets Compiler Optimization
![](https://events-ringcentral-prod.imgix.net/suggested_profiles/pictures/000/592/142/original/sekar-square-headshot.jpg?ixlib=rails-4.3.1&auto=compress&w=384&h=384&fit=clip&s=ff7a7e670486534c9ab326b26c75ac53)
ConDySTA: Context-Aware Dynamic Supplement to Static Taint Analysis
Panelist
Adversary Instantiation // Proof-of-Learning: Definitions and Practice
Session Chair
Doing good by fighting fraud: Ethical anti-fraudsystems for mobile payments
A2L: Anonymous Atomic Locks for Scalability in Payment Channel Hubs
Keep the Dirt: Tainted TreeKEM, Adaptively and Actively Secure Continuous Group Key Agreement
Session Chair
Session Chair
humanID: One-Click Anonymous Login
SIRNN: A Math Library for Secure RNN Inference
Session Chair
Linking Bluetooth LE & Classic and Implications for Privacy-Preserving Bluetooth-Based Protocols
A Security Model and Fully Verified Implementation for the IETF QUIC Record Layer
Learning Differentially Private Mechanisms
ConDySTA: Context-Aware Dynamic Supplement to Static Taint Analysis
humanID: One-Click Anonymous Login
VP/Registration Chair for IEEE S&P
![](https://events-ringcentral-prod.imgix.net/suggested_profiles/pictures/000/593/055/original/Takabi.jpeg?ixlib=rails-4.3.1&auto=compress&w=384&h=384&fit=clip&s=5610a1496449e4d87168a7bd3df17758)
Treasurer for IEEE S&P
Deep Learning and Security Workshop Organizer
![](https://events-ringcentral-prod.imgix.net/suggested_profiles/pictures/000/593/066/original/Screen_Shot_2021-05-11_at_12.57.15_PM.png?ixlib=rails-4.3.1&auto=compress&w=384&h=384&fit=clip&s=77ca140c26472b5fe5fe33731549adf9)
Arbitrar, User-Guided API Misuse Detection
A Decentralized and Encrypted National Gun Registry
SafeThings Workshop Organizer
SafeThings Workshop Organizer
Booths
![](https://events-ringcentral-prod.imgix.net/vendors/logos/000/481/725/original/Intel_Logo_transparent_circle.png?ixlib=rails-4.3.1&auto=compress&width=152&height=152&fit=clip&s=7fb1cb6c7f8d52dadceaac97d432afdb)
Intel
Do Something Wonderful
![](https://events-ringcentral-prod.imgix.net/vendors/logos/000/483/084/original/logo_with_background.png?ixlib=rails-4.3.1&auto=compress&width=152&height=152&fit=clip&s=d976113d4722f1901cb08f7cc56fad87)
IBM
IBM Research: Inventing What’s Next.
![](https://events-ringcentral-prod.imgix.net/vendors/logos/000/484/973/original/Hopin_Apple_Logo_Black_1000x1000.jpg?ixlib=rails-4.3.1&auto=compress&width=152&height=152&fit=clip&s=cb2519e86c08cf89bcc10ccc4c8c6507)
Apple
Join us. Be you.
![](https://events-ringcentral-prod.imgix.net/vendors/logos/000/493/790/original/logo_Google_FullColor_1x_722x237px.png?ixlib=rails-4.3.1&auto=compress&width=152&height=152&fit=clip&s=ca5f9fc42abbc1260c9140a9b1b392ac)
Google Security and Privacy
![](https://events-ringcentral-prod.imgix.net/vendors/logos/000/497/158/original/Mission_with_logo.png?ixlib=rails-4.3.1&auto=compress&width=152&height=152&fit=clip&s=525c8b710712699ca285c102a0ff0a3d)
ByteDance
bytedance.com
![](https://events-ringcentral-prod.imgix.net/vendors/logos/000/498/492/original/PANW_Parent_Brand_Primary_Logo_RGB.jpeg?ixlib=rails-4.3.1&auto=compress&width=152&height=152&fit=clip&s=cece6032043b78bcc3ed58d00fb55ebd)
Palo Alto Networks
paloaltonetworks.com
![](https://events-ringcentral-prod.imgix.net/vendors/logos/000/500/587/original/White_Unitmark_Black_Square.jpg?ixlib=rails-4.3.1&auto=compress&width=152&height=152&fit=clip&s=dd3fa21ce4678f530196c6ad78879a73)
The CERT Division Carnegie Mellon University Software Engineering Institute
Bringing CERTainty to your organization through advanced methods and technologies.
![](https://events-ringcentral-prod.imgix.net/vendors/logos/000/484/861/original/0_Technology_Innovation_Institute_RGB_1080px_white_BG.jpg?ixlib=rails-4.3.1&auto=compress&width=152&height=152&fit=clip&s=3a35cdd1f175f1d5cc9a9225d3132925)
Technology Innovation Institute
Innovation for a better world
MIT Lincoln Laboratory
MIT Lincoln Laboratory - Technolgy in Support of National Security
![](https://events-ringcentral-prod.imgix.net/vendors/logos/000/493/789/original/qc_logo_flt_rgb_blu_pos.jpg?ixlib=rails-4.3.1&auto=compress&width=152&height=152&fit=clip&s=e4cab0efe1333400b3ebd7f1adeac6c4)
Qualcomm
Qualcomm Product Security - We take security vulnerabilities very seriously and always seek to respond appropriately.