PROGRAM

The submission deadlines of ESORICS 2021 are over. On this page you find prepublication versions of the accepted papers. Full versions and abstracts will be available for conference participants soon. The Journal of Computer Security will publish a special issue containing selected papers from the ESORICS 2021 proceedings. As in previous years, ESORICS 2021 will present a Best Paper Award chosen by the Program Committee.

Keynotes

The Science of Computer Science: An Offensive Research Perspective

Dr. Yuval Yarom

more info

Increasing trust in ML through governance

Prof. Nicolas Papernot

more info

The Politics and Technology of (Hardware) Trojans

Prof. Christof Paar

more info

Algorithms and the Law

Prof. Shafi Goldwasser

more info

Accepted Papers



Shadow-Catcher: Looking Into Shadows to Detect Ghost Objects in Autonomous Vehicle 3D Sensing

Zhongyuan Hau (Imperial College London - United Kingdom), Soteris Demetriou (Imperial College London - United Kingdom), Luis Muñoz-González (Imperial College London - United Kingdom), Emil Lupu (Imperial College London - United Kingdom)


An Explainable Online Password Strength Estimator

Liron David (Tel-Aviv University - Israel), Avishai Wool (Tel Aviv University - Israel)


How to (legally) keep secrets from mobile operators

Ghada Arfaoui (Orange - France), Olivier Blazy (XLIM - France), Xavier Bultel (INSA-CVL - France), Pierre-Alain Fouque (CNRS/Univ Rennes 1 - France), Thibaut Jacques (IRISA - France), Adina Nedelcu (Orange - France), Cristina Onete (XLIM - France)


Tell Me How You Re-Charge, I Will Tell You Where You Drove To: Electric Vehicles Profiling Based on Charging-Current Demand

Alessandro Brighente (University of Padova - Italy), Mauro Conti (University of Padova - Italy), Izza Sadaf (University of Padova - Italy)


MiniLedger: Compact-sized Anonymous and Auditable Distributed Payments

Panagiotis Chatzigiannis (George Mason University - United States), Foteini Baldimtsi (George Mason University - United States)


POW-HOW: An Enduring Timing Side-Channel To Evade On-Line Malware Sandboxes

Antonio Nappa (UC Berkeley - UC3M Madrid - Spain), Panagiotis Papadopoulos (Telefonica Research - Spain), Matteo Varvello (Nokia Bell Labs - United States), Daniel Aceituno-Gomez (Indra - Spain), Juan Tapiador (UC3M Madrid - Spain), Andrea Lanzi (University of Milan - Italy)


MediSC: Towards Secure and Lightweight Deep Learning as a Medical Diagnostic Service

Xiaoning Liu (RMIT University - Australia), Yifeng Zheng (Harbin Institute of Technology - China), Xingliang Yuan (Monash University - Australia), Xun Yi (RMIT University - Australia)


Revocable Policy-Based Chameleon Hash

Shengmin Xu (Singapore Management University - Singapore), Jianting Ning (Fujian Normal University - China), Jinhua Ma (Singapore Management University - Singapore), Guowen Xu (Nanyang Technological University - Singapore), Yuan Jiaming (University of Oregon - United States), Robert Deng (School of Computing and Information System, Singapore Management University - Singapore)


Romoa: Robust Model Aggregation for the Resistance of Federated Learning to Model Poisoning Attacks

Yunlong Mao (Nanjing University - China), Xinyu Yuan (Nanjing University - China), Xinyang Zhao (Nanjing University - China), Sheng Zhong (Nanjing University - China)


Probabilistic micropayments with transferability

Taisei Takahashi (Institute of Information Security - Japan), Akira Otsuka (Institute of Information Security - Japan)


Conclave: A Collective Stake Pool Protocol

Dimitris Karakostas (University of Edinburgh and IOHK - United Kingdom), Aggelos Kiayias (University of Edinburgh and IOHK - United Kingdom), Mario Larangeira (Tokyo Institute of Technology and IOHK - Japan)


TAFA: A Task-Agnostic Fingerprinting Algorithm for Neural Networks

Xudong Pan (Fudan University - China), Mi Zhang (Fudan University - China), Yifan Lu (Fudan University - China), Min Yang (School of Cyber Science and Engineering, Wuhan University, Wuhan, China - China)


LiMNet: Early-Stage Detection of IoT Botnets with Lightweight Memory Networks

Lodovico Giaretta (KTH Royal Institute of Technology - Sweden), Ahmed Lekssays (University of Insubria - Italy), Barbara Carminati (University of Insubria - Italy), Elena Ferrari (University of Insubria - Italy), Sarunas Girdzijauskas (Royal Institute of Technology (KTH), Sweden - Sweden)


Caught in the Web: DoS Vulnerablities in Parsers for Structured Data

Shawn Rasheed (Massey University - New Zealand), Jens Dietrich (Victoria University of Wellington - New Zealand), Amjed Tahir (Massey University - New Zealand)


Iterative Selection of Categorical Variables for Log Data Anomaly Detection

Max Landauer (AIT Austrian Institute of Technology - Austria), Georg Höld (AIT Austrian Institute of Technology - Austria), Markus Wurzenberger (AIT Austrian Institute of Technology GmbH - Austria), Florian Skopik (AIT Austrian Institute of Technology - Austria), Andreas Rauber (Vienna University of Technology - Austria)


webFuzz: Grey-box Fuzzing for Web Applications

Orpheas van Rooij (University of Cyprus - Cyprus), Marcos Charalambous (University of Cyprus - Cyprus), Demetris Kaizer (University of Cyprus - Cyprus), Michalis Papaevripides (University of Cyprus - Cyprus), Elias Athanasopoulos (University of Cyprus - Cyprus)


Common Component in Black-Boxes is Prone to Attacks

Jiyi Zhang (National University of Singapore - Singapore), Wesley Joon-Wie Tann (National University of Singapore - Singapore), Ee-Chien Chang (Naional University of SIngapore - Singapore), Hwee Kuan Lee (BII - Singapore)


My Fuzzer Beats Them All! Developing a Framework for Fair Evaluation and Comparison of Fuzzers

David Paaßen (University of Duisburg-Essen - Germany), Sebastian Surminski (University of Duisburg-Essen - Germany), Michael Rodler (University of Duisburg-Essen - Germany), Lucas Davi (University of Duisburg-Essen - Germany)


Rope: Covert Multi-Process Malware Execution with Return-Oriented Programming

Daniele Cono D'Elia (Sapienza University of Rome - Italy), Lorenzo Invidia (Sapienza University of Rome - Italy), Leonardo Querzoni (Sapienza University of Rome - Italy)


DA3G: Detecting Adversarial Attacks by Analysing Gradients

Jan-Philipp Schulze (Fraunhofer AISEC - Germany), Philip Sperl (Fraunhofer AISEC - Germany), Konstantin Böttinger (Fraunhofer AISEC - Germany)


Fair Peer-to-Peer Content Delivery via Blockchain

Songlin He (New Jersey Institute of Technology - United States), Yuan Lu (Institute of Software Chinese Academy of Sciences - China), Qiang Tang (The University of Sydney - Australia), Guiling Wang (New Jersey Institute of Technology - United States), Chase Wu (New Jersey Institute of Technology - United States)


$\mathsf{FLOD}$: Oblivious Defender for Private Byzantine-Robust Federated Learning with Dishonest-Majority

Ye Dong (Institute of Information Engineering,Chinese Academy of Sciences - China), Xiaojun Chen (Institute of Computing Technology, Institute of Information Engineering, Chinese Academy of Sciences - China), Kaiyun Li (University of Chinese Academy of Sciences - China), Dakui Wang (Institute of Information Engineering,Chinese Academy of Sciences - China), Shuai Zeng (Institute of Information Engineering,Chinese Academy of Sciences - China)


CAN-SQUARE - Decimeter Level Localization of Electronic Control Units on CAN Buses

Bogdan Groza (Politehnica University of Timisoara - Romania), Pal-Stefan Murvay (Politehnica University of Timisoara - Romania), Lucian Popa (Politehnica University Timisoara - Romania), Camil Jichici (Politehnica University Timisoara - Romania)


Succinct Scriptable NIZK via Trusted Hardware

Bingsheng Zhang (Zhejiang University - China), Yuan Chen (Zhejiang University - China), Jiaqi Li (Zhejiang University - China), Yajin Zhou (Zhejiang University - China), Phuc Thai (Virginia Commonwealth University - United States), Hong-Sheng Zhou (Virginia Commonwealth University - United States), Kui Ren (Zhejiang University - China)


Peeler: Profiling Kernel-Level Events to Detect Ransomware

Muhammad Ejaz Ahmed (Data61 CSIRO - Australia), Hyoungshick Kim (Sungkyunkwan University - South Korea), Seyit Camtepe (Data61 CSIRO - Australia), Surya Nepal (Data61 CSIRO - Australia)


MORTON: Detection of Malicious Routines in Large-Scale DNS Traffic

Yael Daihes (Ben-Gurion University of the Negev, Akamai Technologies - Israel), Hen Tzaban (Akamai Technologies - Israel), Asaf Nadler (Ben-Gurion University of the Negev, Akamai Technologies - Israel), Asaf Shabtai (Ben-Gurion University of the Negev - Israel)


Detecting video-game injectors exchanged in game cheating communities

Panicos Karkallis (Royal Holloway, University of London - United Kingdom), Jorge Blasco (Royal Holloway, University of London - United Kingdom), Sergio Pastrana (Universidad Carlos III de Madrid - Spain), Guillermo Suarez-Tangil (IMDEA Networks - Spain)


Characterizing GPU Overclocking Faults

Eldad Zuberi (Tel Aviv University - Israel), Avishai Wool (Tel Aviv University - Israel)


CONTRA: Defending against Poisoning Attacks in Federated Learning

Sana Awan (The University of Kansas, Lawrence, KS, USA - United States), Bo Luo (The University of Kansas, Lawrence, KS, USA - United States), Fengjun Li (The University of Kansas, Lawrence, KS, USA - United States)


More efficient post-quantum KEMTLS with pre-distributed public keys

Peter Schwabe (Max Planck Institute for Security and Privacy and Radboud University - Germany), Douglas Stebila (University of Waterloo - Canada), Thom Wiggers (Radboud University - Netherlands)


ARIstoteles - Dissecting Apple's Baseband Interface

Tobias Kröll (TU Darmstadt, SEEMOO - Germany), Stephan Kleber (Ulm University - Germany), Frank Kargl (Ulm University - Germany), Matthias Hollick (TU Darmstadt, SEEMOO - Germany), Jiska Classen (TU Darmstadt, SEEMOO - Germany)


A Formal Security Analysis of Session Resumption Across Hostnames

Tobias Handirk (Bergische Universität Wuppertal - Germany), Kai Gellert (Bergische Universität Wuppertal - Germany)


AutoGuard: A Dual Intelligence Proactive Anomaly Detection at Application-Layer in 5G Networks

Taous Madi (Ericsson Canada - Canada), Hyame Alameddine (Ericsson Canada - Canada), Makan Pourzandi (Ericsson Canada - Canada), Amine Boukhtouta (Ericsson Canada - Canada), Moataz Shoukry (Concordia University - Canada), Chadi Assi (Concordia University - Canada)


Adversarial Activity Detection Using Keystroke Acoustics

Amin Fallahi (Syracuse University - United States), Vir V. Phoha (Syracuse University - United States)


Towards Automating Code-Reuse Attacks Using Synthesized Gadget Chains

Moritz Schloegel (Ruhr-Universität Bochum - Germany), Tim Blazytko (Ruhr-Universität Bochum - Germany), Julius Basler (Ruhr-Universität Bochum - Germany), Fabian Hemmer (Ruhr-Universität Bochum - Germany), Thorsten Holz (Ruhr-Universität Bochum - Germany)


Mingling of Clear and Muddy Water: Understanding and Detecting Semantic Confusion in Blackhat SEO

Hao Yang (Tsinghua University - China), Kun Du (Tsinghua University - China), Yubao Zhang (University of Delaware - United States), Shuai Hao (Old Dominion University - United States), Haining Wang (Virginia Tech - United States), Jia Zhang (Tsinghua University - China), Haixin Duan (Institute for Network Science and Cyberspace, Tsinghua University; Qi An Xin Group Corp. - China)


One-time Traceable Ring Signatures

Alessandra Scafuro (North Carolina State University - United States), Bihan Zhang (NCSU - United States)


MPC-in-Multi-Heads: a Multi-Prover Zero-Knowledge Proof System (or: How to Jointly Prove Any NP Statements in ZK)

Hongrui Cui (Shanghai Jiao Tong University - China), Kaiyi Zhang (Shanghai Jiao Tong University - China), Yu Chen (School of Cyber Science and Technology, Shandong University - China), Zhen Liu (Shanghai Jiao Tong University - China), Yu Yu (Shanghai Jiao Tong University - China)


Multipath TLS 1.3

Marc Fischlin (TU Darmstadt - Germany), Sven-Andre Müller (TU Darmstadt - Germany), Jean-Pierre Münch (TU Darmstadt - Germany), Lars Porth (TU Darmstadt - Germany)


Privacy-Preserving Gradient Descent for Distributed Genome-Wide Analysis

Yanjun Zhang (The University of Queensland - Australia), Guangdong Bai (The University of Queensland - Australia), Xue Li (The University of Queensland - Australia), Caitlin Curtis (The University of Queensland - Australia), Chen Chen (The University of Queensland - Australia), Ryan Ko (The University of Queensland - Australia)


Transparent Electricity Pricing with Privacy

Daniel Reijsbergen (Singapore University of Technology and Design - Singapore), Zheng Yang (Singapore University of Technology and Design - Singapore), Aung Maw (Singapore University of Technology and Design - Singapore), Anh Dinh (Singapore University of Technology and Design - Singapore), Jianying Zhou (Singapore University of Technology and Design - Singapore)


Bestie: Very Practical Searchable Encryption with Forward and Backward Security

Tianyang Chen (Huazhong University of Science and Technology - China), Peng Xu (Huazhong University of Science and Technology - China), Wei Wang (Huazhong University of Science and Technology - China), Yubo Zheng (Huazhong University of Science and Technology - China), Willy Susilo (University of Wollongong - Australia), Hai Jin (Huazhong University of Science and Technology - China)


Cache-Side-Channel Quantification and Mitigation for Quantum Cryptography

Alexandra Weber (TU Darmstadt - Germany), Oleg Nikiforov (TU Darmstadt - Germany), Alexander Sauer (TU Darmstadt - Germany), Johannes Schickel (TU Darmstadt - Germany), Gernot Alber (TU Darmstadt - Germany), Heiko Mantel (TU Darmstadt - Germany), Thomas Walther (TU Darmstadt - Germany)


Security Analysis of SFrame

Takanori Isobe (University of Hyogo - Japan), Ryoma Ito (National Institute of Information and Communications Technology - Japan), Kazuhiko Minematsu (NEC Corporation - Japan)


Precomputation for Rainbow Tables Has Never Been so Fast

Gildas Avoine (IRISA,INSA - France), Xavier Carpent (KU Leuven - Belgium), Diane Leblanc-Albarel (IRISA,CNRS - France)


Zero Knowledge Contingent Payments for Trained Neural Networks

Zhelei Zhou (Zhejiang University - China), Xinle Cao (Zhejiang University - China), Jian Liu (Zhejiang University - China), Bingsheng Zhang (Zhejiang University - China), Kui Ren (Zhejiang University - China)


SyLPEnIoT: Symmetric Lightweight Predicate Encryption for Data Privacy Applications in IoT Environments

Tran Viet Xuan Phuong (University of Wollongong and CSIRO - Australia), Willy Susilo (University of Wollongong - Australia), Guomin Yang (University of Wollongong - Australia), Jongkil Kim (University of Wollongong - Australia), Yang-Wai Chow (University of Wollongong - Australia), Dongxi Liu (University of Wollongong and CSIRO - Australia)


More Efficient Amortization of Exact Zero-Knowledge Proofs for LWE

Jonathan Bootle (IBM Research - Zurich - Switzerland), Vadim Lyubashevsky (IBM Research - Zurich - Switzerland), Ngoc Khanh Nguyen (IBM Research - Zurich, ETH Zurich - Switzerland), Gregor Seiler (IBM Research - Zurich, ETH Zurich - Switzerland)


One-more Unforgeability of Blind ECDSA

Xianrui Qin (The University of Hong Kong - China), Cailing Cai (The University of Hong Kong - China), Tsz Hon Yuen (The University of Hong Kong - Hong Kong)


SERVAS! Secure Enclaves via RISC-V Authenticryption Shield

Stefan Steinegger (Graz University of Technology - Austria), David Schrammel (Graz University of Technology - Austria), Samuel Weiser (Graz University of Technology - Austria), Pascal Nasahl (Graz University of Technology - Austria), Stefan Mangard (Graz University of Technology - Austria)


MLS group messaging: how Zero-Knowledge can secure Updates

Céline Duguey (DGA/Irisa - France), Julien Devigne (DGA - France), Pierre-Alain Fouque (CNRS/Univ Rennes 1 - France)


PACE with Mutual Authentication – towards an upgraded eID in Europe

Mirosław Kutyłowski (Wrocław University of Science and Technology - Poland), Patryk Kozieł (Wroclaw University Of Science and Technology - Poland), Przemysław Kubiak (Wroclaw University Of Science and Technology - Poland)


Optimal Verifiable Data Streaming Protocol with Data Auditing

Jianghong Wei (State Key Laboratory of Integrated Service Networks, Xidian University - China), Guohua Tian (State Key Laboratory of Integrated Service Networks, Xidian University - China), Jun Shen (State Key Laboratory of Integrated Service Networks, Xidian University - China), Xiaofeng Chen (Xidian University - China), Willy Susilo (University of Wollongong - Australia)


Complexity and Performance of Secure Floating-Point Polynomial Evaluation Protocols

Octavian Catrina (Universitatea Politehnica din Bucuresti - Romania)


CoinJoin in the Wild - An Empirical Analysis in Dash

Dominic Deuber (Friedrich-Alexander-Universität Erlangen-Nürnberg - Germany), Dominique Schröder (Friedrich-Alexander-Universität Erlangen-Nürnberg - Germany)


Geo-DRS: Geometric Dynamic Range Search on Spatial Data with Backward and Content Privacy

Shabnam Kasra Kermanshahi (RMIT University - Australia), Rafael Dowsley (Monash University - Australia), Ron Steinfeld (Monash University - Australia), Amin Sakzad (Monash University - Australia), Joseph K. Liu (Monash University - Australia), Surya Nepal (Data61 CSIRO - Australia), Xun Yi (RMIT University - Australia)


Identity-based Identity-Concealed Authenticated Key Exchange

Huanhuan Lian (Fudan University - China), Tianyu Pan (Fudan University - China), Huige Wang (Fudan University, Anhui Science and Technology University - China), Yunlei Zhao (Fudan University, Xidian University - China)


Locality Sensitive Hashing with Extended Differential Privacy

Natasha Fernandes (Macquarie University - Australia), Yusuke Kawamoto (National Institute of Advanced Industrial Science and Technology (AIST) - Japan), Takao Murakami (National Institute of Advanced Industrial Science and Technology (AIST) - Japan)


Privacy-Preserving Authenticated Key Exchange: Stronger Privacy and Generic Constructions

Sebastian Ramacher (AIT Austrian Institute of Technology - Austria), Daniel Slamanig (AIT Austrian Institute of Technology - Austria), Andreas Weninger (AIT Austrian Institute of Technology - Austria)


Lattice-based HRA-secure Attribute-based Proxy Re-Encryption in Standard Model

Willy Susilo (University of Wollongong - Australia), Priyanka Dutta (School of Computing and Information Technology; University of Wollongong - Australia), Dung Hoang Duong (University of Wollongong - Australia), Partha Sarathi Roy (School of Computing and Information Technology; University of Wollongong - Australia)


Correlated Randomness Teleportation via Semi-trusted Hardware – Enabling Silent Multi-party Computation

Yibiao Lu (Zhejiang University - China), Bingsheng Zhang (Zhejiang University - China), Hong-Sheng Zhou (Virginia Commonwealth University - United States), Weiran Liu (Alibaba Group - China), Lei Zhang (Alibaba Group - China), Kui Ren (Zhejiang University - China)


Efficient Multi-Client Order-Revealing Encryption and Its Applications

Chunyang Lv (Xidian University - China), Jianfeng Wang (Xidian University - China), Shi-Feng Sun (Monash University - Australia), Yunling Wang (Xi'an University of Posts and Telecommunications - China), Saiyu Qi (Xi'an Jiaotong University - China), Xiaofeng Chen (Xidian University - China)


Versatile and Sustainable Timed-Release Encryption and Sequential Time-Lock Puzzles

Peter Chvojka (University of Wuppertal - Germany), Tibor Jager (University of Wuppertal - Germany), Daniel Slamanig (AIT Austrian Institute of Technology - Austria), Christoph Striecks (AIT Austrian Institute of Technology - Austria)


Server-Aided Revocable Attribute-Based Encryption Revised: Multi-User Setting and Fully Secure

Leixiao Cheng (Shandong University - China), Fei Meng (Shandong University - China)


Secure Random Sampling in Differential Privacy

Naoise Holohan (IBM Research Europe - Ireland), Stefano Braghin (IBM Research Europe - Ireland)


Privug: Using Probabilistic Programming for Quantifying Leakage in Privacy Risk Analysis

Raúl Pardo (IT University of Copenhagen - Denmark), Willard Rafnsson (IT University of Copenhagen - Denmark), Christian Probst (Unitec Institute of Technology - Germany), Andrzej Wąsowski (IT University of Copenhagen - Denmark)


Genetic Algorithm Assisted State-recovery Attack on Round-Reduced Xoodyak

Zimin Zhang (School of Information Science and Engineering, Shandong Normal University - China), Wenying Zhang (School of Information Science and Engineering, Shandong Normal University - China), Hongfang Shi (School of Information Science and Engineering, Shandong Normal University - China)


Attribute-Based Conditional Proxy Re-Encryption in the Standard Model under LWE

Xiaojian Liang (Jinan University - China), Jian Weng (Jinan University - China), Anjia Yang (Jinan University - China), Lisha Yao (Jinan University - China), Zike Jiang (Jinan University - China), Zhenghao Wu (Jinan University - China)


Polynomial Representation Is Tricky: Maliciously Secure Private Set Intersection Revisited

Aydin Abadi (University College London - United Kingdom), Steven J. Murdoch (University College London - United Kingdom), Thomas Zacharias (University of Edinburgh - United Kingdom)


Training Differentially Private Neural Networks With Lottery Tickets

Lovedeep Gondara (Simon Fraser University - Canada), Ricardo Carvalho (Simon Fraser University - Canada), Ke Wang (Simon Fraser University - Canada)


Moving the Bar on Computationally Sound Exclusive-Or

Catherine Meadows (US Naval Research Laboratory - United States)

Accepted Posters



RIoTPot: a modular hybrid-interaction IoT/OT honeypot

Shreyas Srinivasa (Aalborg University - Denmark), Jens M. Pedersen (Aalborg University - Denmark), Emmanouil Vasilomanolakis (Aalborg University - Denmark)


Towards Automatically Generating Security Analyses from Machine-Learned Library Models

Maria Kober (Fraunhofer Institute for Secure Information Technology - Germany), Steven Arzt (Fraunhofer Institute for Secure Information Technology - Germany)


Jamming of NB-IoT Synchronisation Signals

Gabriela Morillo (University College Cork - Ireland), Utz Roedig (University College Cork - Ireland)


TPRou: A Privacy-Preserving Routing for Payment Channel Networks

Zijian Bao (Hainan Nanhai Cloud Holding Co., Ltd - China), Qinghao Wang (Hainan Nanhai Cloud Holding Co., Ltd - China), Yongxin Zhang (Hainan Nanhai Cloud Holding Co., Ltd - China), Hong Lei (Hainan Nanhai Cloud Holding Co., Ltd - China), Wenbo Shi (Northeastern University - China)


Determining Asset Criticality in Cyber-Physical Smart Grid

Yazeed Alrowaili (Cardiff University - United Kingdom), Neetesh Saxena (Cardiff University, UK - United Kingdom), Pete Burnap (Cardiff University - United Kingdom)


Signature-in-signature: the Last Line of Defence in Case of Signing Key Compromise

Przemysław Błaskiewicz (Wrocław University of Science and Technology - Poland), Miroslow Kutyłowski (Wrocław University of Science and Technology - Poland), Marcin Słowik (Wrocław University of Science and Technology - Poland)