In: IEEE Symposium on Security and Privacy (S&P)

representative citing papers

citing papers explorer

Showing 34 of 34 citing papers.

• Mind your key: An Empirical Study of LLM API Credential Leakage in iOS Apps cs.SE · 2026-06-10 · unverdicted · none · ref 51

  Empirical analysis of 444 iOS apps using dynamic traffic interception found 282 leaking LLM API keys across ten providers, with only 28% remediation after three months.

• MHOT: Height-Optimized Authenticated Data Structure for Blockchain State Commitment cs.CR · 2026-06-10 · unverdicted · none · ref 43

  MHOT achieves provably minimal tree height via discriminative-bit indexing and hierarchical proofs, delivering up to 9X write throughput, 4X lower amplification, 2X smaller proofs, and 0% Nurgle attack success versus MPT on Ethereum workloads.

• Privacy-Robust Incrementality Measurement for Advertising Systems under Signal Loss stat.ML · 2026-06-02 · unverdicted · none · ref 23

  Formulates privacy-constrained advertising measurement as a robust causal decision problem under signal loss and derives a sharp decision frontier separating certifiable from unresolved incrementality claims.

• The Price of Decentralization in Block Building cs.GT · 2026-06-01 · unverdicted · none · ref 24

  Decentralized block building is an exact potential game with an asymptotically tight factor-2 Price of Anarchy and utility concentration bounds showing the lowest-utility builder earns at least half the highest.

• Your Loss is My Gain: Low Stake Attacks on Liquid Staking Pools cs.GT · 2026-05-01 · unverdicted · none · ref 24

  A low-stake adversary can degrade a liquid staking pool's performance via consensus manipulation and profit from the resulting drop in its LST value through application-layer financial positions.

• Private Learning with Public Feature Conditioning cs.LG · 2026-06-17 · unverdicted · none · ref 26

  Cond-DP conditions DPSGD on public features with decaying spectra to achieve faster convergence guarantees and better empirical performance in label-DP regression.

• ResAware: Cross-Environment Website Fingerprinting via Resource-Privileged Distillation cs.LG · 2026-06-16 · unverdicted · none · ref 11

  ResAware improves cross-environment website fingerprinting robustness by distilling resource-privileged knowledge into a traffic-only student model, raising Var-CNN F1 from 72.77% to 81.49% under 150-day drift on a 160k-sample dataset.

• Dummy Backdoor as a Defense: Removing Unknown Backdoors via Shared Internal Mechanisms for Generative LLMs cs.CR · 2026-06-10 · unverdicted · none · ref 66

  Embedding and removing a dummy backdoor reduces unknown backdoor success in generative LLMs by targeting shared trigger-activated internal mechanisms.

• GapFuzz: Cross-Plane Divergence Fuzzing for Distributed SDN Controllers cs.SE · 2026-06-09 · unverdicted · none · ref 17

  GapFuzz detects cross-plane divergences in distributed SDN clusters by injecting timed contradictory Northbound requests on backup nodes and reconstructing state via replica queries plus kernel probes, reporting 81.7% detection on ONOS 2.7.

• Secrets Best Not Shared: DNS Privacy Enhancements for the Constrained IoT cs.CR · 2026-06-08 · unverdicted · none · ref 106

  DNS over CoAP with packet length equalization, block-wise transfer, header and payload compression reduces DNS identification accuracy to 77-86% in constrained IoT scenarios, outperforming DNS over HTTPS.

• PoisonCap: Efficient Hierarchical Temporal Safety for CHERI cs.AR · 2026-05-13 · unverdicted · none · ref 24

  PoisonCap uses a new poison capability format to deliver strict use-after-free and initialization safety for CHERI systems with no fundamental overhead over Cornucopia baselines.

• Towards LLM-Based Analysis of Virtualization-Obfuscated Code through Automated Data Generation cs.CR · 2026-05-11 · unverdicted · none · ref 3

  An automated static-analysis pipeline generates labeled structural units from virtualization-obfuscated binaries so LLMs can analyze them without exceeding token limits.

• Removing the Watermark Is Not Enough: Forensic Stealth in Generative-AI Watermark Removal cs.CR · 2026-05-09 · unverdicted · none · ref 26 · 2 links

  Current AI image watermark removal attacks replace the watermark with a different forensic signal, allowing independent detectors to distinguish processed outputs from clean images at over 98% true-positive rate under a 1% false-positive budget.

• GRASP -- Graph-Based Anomaly Detection Through Self-Supervised Classification cs.CR · 2026-05-08 · unverdicted · none · ref 11

  GRASP detects anomalies in system provenance graphs via self-supervised executable prediction from two-hop neighborhoods, outperforming prior PIDS on DARPA datasets by identifying all documented attacks where behaviors are learnable plus additional unlabeled suspicious activity.

• Pomegranate: A Lightweight Compartmentalization Architecture using Virtualization Extensions cs.CR · 2026-05-07 · unverdicted · none · ref 23

  Pomegranate compartmentalizes commodity OS kernels via virtualization extensions, sentry functions, and EPT-enforced policies, achieving negligible overhead on a Linux network stack when compartment boundaries limit cross-talk.

• Semia: Auditing Agent Skills via Constraint-Guided Representation Synthesis cs.CR · 2026-05-01 · unverdicted · none · ref 24

  Semia synthesizes Datalog representations of agent skills via constraint-guided loops to enable reachability queries for semantic risks, finding critical issues in over half of 13,728 real skills with 97.7% recall on expert-labeled samples.

• Stealthy Backdoor Attacks against LLMs Based on Natural Style Triggers cs.CR · 2026-04-23 · unverdicted · none · ref 48

  BadStyle creates stealthy backdoors in LLMs by poisoning samples with imperceptible style triggers and using an auxiliary loss to stabilize payload injection, achieving high attack success rates across multiple models while evading defenses.

• Differentially Private Modeling of Disease Transmission within Human Contact Networks cs.CR · 2026-04-08 · unverdicted · none · ref 40

  A differentially private pipeline using node-level DP summaries to fit ERGMs or SBMs, generate synthetic networks, and simulate SIS disease spread on ARTNet sexual contact data produces incidence, prevalence, and intervention effect sizes close to non-private versions.

• PrivacyAkinator: Articulating Key Privacy Design Decisions by Answering LLM-Generated Multiple-choice Questions cs.HC · 2026-04-08 · unverdicted · none · ref 108

  PrivacyAkinator uses LLM-generated questions grounded in data-flow representations and a news-mined design space to help developers surface privacy decisions, yielding 47% more decisions identified in 73% less time than PRAM in a 24-person study.

• Content Fuzzing for Escaping Information Cocoons on Digital Social Media cs.CL · 2026-04-07 · unverdicted · none · ref 44

  ContentFuzz rewrites posts with LLM guidance from stance model confidence to flip machine labels without altering human intent, tested across four models and three datasets in two languages.

• NanoTag: Systems Support for Efficient Byte-Granular Overflow Detection on ARM MTE cs.CR · 2025-09-26 · unverdicted · none · ref 80

  NanoTag enables byte-granular overflow detection on unmodified MTE binaries by combining hardware tagging with selective software tripwire checks on the Scudo allocator.

• Ambulance: saving BFT through racing cs.DC · 2026-06-23 · unverdicted · none · ref 81

  Ambulance uses protocol-rigged races among replicas to achieve high throughput and low latency comparable to timeout-based BFT while matching the robustness of cooperative approaches.

• TinyContainer: Container Runtime Middleware Enabling Multi-tenant Microcontrollers with Built-in Security cs.OS · 2026-06-08 · unverdicted · none · ref 21

  TinyContainer provides per-container configurable scheduling and fine-grained access control for multi-tenant microcontrollers with up to 4 ms overhead per call.

• Can Crowdsourcing Survive the LLM Era? A Community Survey on Human Data Collection cs.CL · 2026-06-03 · unverdicted · none · ref 37

  Survey of 155 researchers finds 44% observed LLM usage in crowdsourced data, with high awareness but insufficient mitigation efforts.

• To Wait or To Probe: Arbitrage Competition on High-Throughput Blockchains cs.CE · 2026-05-30 · unverdicted · none · ref 68

  On Base, probabilistic search is 23% of arbitrage activity but causes 95% of spam and 20% of gas use; protocol changes shift revenue toward successful trades and reduce spam share.

• Adversarial Reframing: A Framework for Targeted Generation in Language Models cs.CR · 2026-05-20 · unverdicted · none · ref 56

  THREAT uses coordinated LLMs in an iterative optimization loop to generate jailbreak prompts that achieve higher success rates and lower detection rates than previous methods across tested models and datasets.

• An Evaluation of Chat Safety Moderations in Roblox cs.CY · 2026-05-06 · unverdicted · none · ref 110

  Roblox's automated chat moderation fails to catch numerous unsafe messages involving grooming, sexualization of minors, bullying, violence, self-harm, and sensitive information sharing, with users evading detection through various techniques.

• Position Paper: Denial-of-Service against Multi-Round Transaction Simulation cs.CR · 2026-04-23 · unverdicted · none · ref 1

  The paper examines denial-of-service risks to multi-round transaction simulation arising from inter-transaction dependencies in smart-contract state.

• How Generative AI Empowers Attackers and Defenders Across the Trust & Safety Landscape cs.HC · 2025-11-10 · unverdicted · none · ref 117

  Generative AI boosts attackers' ability to create harmful content at scale while also enabling defenders to detect threats, support users, and improve moderation processes.

• Certification of Machine Learning Models via Directional Sharpness cs.LG · 2026-06-23 · unverdicted · none · ref 97

  Directional sharpness is introduced as a metric that correlates more strongly with generalization, identifies poor generalization more reliably, and supports efficient auditing and zero-knowledge certification.

• Agent Security is a Systems Problem cs.CR · 2026-05-18 · unverdicted · none · ref 32 · 2 links

  The paper argues that agent security is best addressed as a systems problem by applying principles from operating systems, networks, and formal methods rather than relying solely on model robustness improvements.

• AI-Driven Security Alert Screening and Alert Fatigue Mitigation in Security Operations Centers: A Comprehensive Survey cs.CR · 2026-05-08 · unverdicted · none · ref 90

  A literature survey synthesizes 119 studies on AI-driven alert screening into a four-stage taxonomy of filtering, triage, correlation, and generative augmentation while identifying gaps in deployment realism and robustness.

• Digital Guardians: The Past and The Future of Cyber-Physical Resilience cs.CR · 2026-04-15 · unverdicted · none · ref 90

  A survey frames CPS resilience through five themes and illustrates them in connected transportation and medical systems to provide a roadmap for real-world resilience.

• StegoStylo: Squelching Stylometric Scrutiny through Steganographic Stitching cs.CR · 2026-01-14 · unreviewed · ref 5