pith. sign in

arxiv: 2606.17562 · v1 · pith:5IPOUE7Onew · submitted 2026-06-16 · 💻 cs.CR · cs.SY· eess.SY

Anywhere, Any-Stymie: Remote Activation of Trojan Malware on LiDAR with Modulated Signals

Pith reviewed 2026-06-27 00:30 UTC · model grok-4.3

classification 💻 cs.CR cs.SYeess.SY
keywords LiDARmalwareautonomous vehiclespoint cloudoptical triggersensor securitycyber attack
0
0 comments X

The pith

Dormant malware in LiDAR firmware activates via external modulated optical signals to manipulate point clouds in real time.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper establishes that malware can be placed in the LiDAR sensing pipeline so that it stays dormant under normal conditions yet responds to a remote optical trigger after the sensor is deployed. Once active, the malware alters the point cloud data stream without any hardware or network access at the moment of attack. Demonstrations include injecting false objects and suppressing real ones on both stationary and moving platforms, with the trigger working at 300 feet and during 35 mph drive-bys. The work was performed in a closed test setting with vendor assistance rather than through supply-chain compromise. If correct, this means perception data feeding safety decisions in autonomous systems can be altered by an external light signal alone.

Core claim

Dormant malware embedded in the LiDAR sensing pipeline remains inactive during normal operation and can be externally triggered after deployment, without requiring access to sensor hardware or networking at attack time, enabling real-time point cloud manipulation including false object injection and real object suppression.

What carries the argument

An optical trigger that delivers a modulated signal into the sensing environment to activate embedded firmware malware for point-cloud manipulation.

If this is right

  • Attack remains feasible at static ranges of 300 feet and during drive-by runs reaching 35 mph.
  • Injected person-like artifacts stay semantically detectable by state-of-the-art 3D object detectors.
  • Multiple modes of safety-critical impact appear on a deployed tactical autonomous vehicle.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Similar firmware-resident triggers could apply to other perception sensors if the same embedding pattern exists.
  • LiDAR designs may require explicit checks on incoming optical signal patterns to reject activation attempts.

Load-bearing premise

The malware can be embedded into LiDAR firmware in a way that survives deployment and remains selectively triggerable by an external optical signal without being detected or disabled by normal sensor operation or vendor security measures.

What would settle it

A controlled test in which the modulated optical signal is delivered to a LiDAR sensor containing the malware and the point cloud is observed to change only in the presence of that signal.

Figures

Figures reproduced from arXiv: 2606.17562 by Miroslav Pajic, R. Spencer Hallyburton.

Figure 1
Figure 1. Figure 1: Malware is embedded on the LiDAR prior to attack [PITH_FULL_IMAGE:figures/full_fig_p003_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: End-to-end triggering pipeline. The attacker maps [PITH_FULL_IMAGE:figures/full_fig_p004_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Placement of the malware within the LiDAR sensing pipeline. The malware resides after low-level signal processing [PITH_FULL_IMAGE:figures/full_fig_p005_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Symbol-detection concept. Timing structure in [PITH_FULL_IMAGE:figures/full_fig_p005_4.png] view at source ↗
Figure 6
Figure 6. Figure 6: Handheld optical trigger hardware used in the ex [PITH_FULL_IMAGE:figures/full_fig_p006_6.png] view at source ↗
Figure 5
Figure 5. Figure 5: Message-reconstruction concept. Filtered symbol [PITH_FULL_IMAGE:figures/full_fig_p006_5.png] view at source ↗
Figure 7
Figure 7. Figure 7: Experimental setup diagrams for the three feasibility-envelope setup classes, indoor/outdoor/mobile. [PITH_FULL_IMAGE:figures/full_fig_p007_7.png] view at source ↗
Figure 8
Figure 8. Figure 8: Representative photographs of the feasibility experiments. These images complement the setup diagrams in Fig. [PITH_FULL_IMAGE:figures/full_fig_p007_8.png] view at source ↗
Figure 9
Figure 9. Figure 9: Representative Attack Set A outcomes across static and mobile settings. Each row shows the scene camera view, the [PITH_FULL_IMAGE:figures/full_fig_p008_9.png] view at source ↗
Figure 10
Figure 10. Figure 10: Inference sequence for person detection under false-data injection attack. The upper left frame shows the pre-attack [PITH_FULL_IMAGE:figures/full_fig_p010_10.png] view at source ↗
Figure 12
Figure 12. Figure 12: (a) Original LiDAR point cloud data before attack. [PITH_FULL_IMAGE:figures/full_fig_p011_12.png] view at source ↗
Figure 13
Figure 13. Figure 13: False-data-injection attack on the deployed TAV. From left to right, the vehicle responds to persistent front-near [PITH_FULL_IMAGE:figures/full_fig_p012_13.png] view at source ↗
Figure 14
Figure 14. Figure 14: Detector fine-tuning loss curves for the FCAF3D [PITH_FULL_IMAGE:figures/full_fig_p015_14.png] view at source ↗
Figure 15
Figure 15. Figure 15: Indoor setup variants used in the feasibility-envelope experiments. The diagram summarizes the shared geometry, [PITH_FULL_IMAGE:figures/full_fig_p017_15.png] view at source ↗
Figure 16
Figure 16. Figure 16: Outdoor static and mobile setup variants used in the feasibility-envelope experiments. The top row illustrates the [PITH_FULL_IMAGE:figures/full_fig_p017_16.png] view at source ↗
Figure 17
Figure 17. Figure 17: Additional static-setting examples using the same triptych schema as Fig. [PITH_FULL_IMAGE:figures/full_fig_p018_17.png] view at source ↗
Figure 18
Figure 18. Figure 18: Additional mobile-setting examples using the same triptych schema as Fig. [PITH_FULL_IMAGE:figures/full_fig_p019_18.png] view at source ↗
read the original abstract

LiDAR sensors are widely deployed in autonomous systems for 3D perception and safety-critical decision-making. We identify a previously unexplored attack surface in which dormant malware embedded in the LiDAR sensing pipeline remains inactive during normal operation and can be externally triggered after deployment, without requiring access to sensor hardware or networking at attack time. To operationalize this threat, we design malware capable of low-level point-cloud manipulation and embed it into LiDAR firmware. This malware was developed in a closed research test environment with vendor technical support, rather than by exploiting an inherent production supply-chain vulnerability. To selectively trigger attack activation, we design and implement an optical trigger that remotely activates the malware by delivering a modulated signal into the sensing environment. Once triggered, the malware performs real-time point cloud manipulation, and we demonstrate false object injection and real object suppression on static and mobile victim platforms. Our evaluation first establishes attack feasibility, including static operation at 300~ft and recorded drive-by runs reaching 35~mph. We then illustrate quantitatively that injected person-like artifacts can remain semantically detectable by a state-of-the-art 3D object detector. Finally, we demonstrate multiple modes of safety-critical impact on a deployed tactical autonomous vehicle. Together, these results highlight the need for stronger integrity guarantees throughout the LiDAR sensor development and deployment pipeline.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

1 major / 0 minor

Summary. The paper claims to identify a new attack surface on LiDAR sensors in autonomous systems: dormant malware embedded in the sensing pipeline can be remotely activated by an external modulated optical signal after deployment, without further hardware or network access. Once triggered, the malware enables real-time point-cloud manipulation including false object injection and real object suppression. The authors report embedding the malware with vendor technical support in a closed lab environment, demonstrate feasibility at up to 300 ft static range and 35 mph drive-by speeds, show that injected artifacts remain detectable by a state-of-the-art 3D detector, and illustrate safety-critical effects on a tactical autonomous vehicle.

Significance. If the remote-activation mechanism and point-cloud manipulation results hold under realistic conditions, the work would be significant for exposing an integrity threat in deployed LiDAR pipelines and motivating stronger firmware verification. The reported distance, speed, and detector-impact experiments would constitute concrete evidence of practical reach; however, the explicit reliance on vendor-assisted embedding in a closed setting substantially narrows the real-world threat model relative to supply-chain or post-deployment compromise scenarios.

major comments (1)
  1. [Abstract] Abstract: the central threat model presupposes malware already present in deployed production firmware that can be selectively triggered without prior access at attack time. The manuscript explicitly states the embedding 'was developed in a closed research test environment with vendor technical support, rather than by exploiting an inherent production supply-chain vulnerability,' yet provides no mechanism, attack vector, or evidence for achieving the initial infection step without such assistance. This prerequisite is load-bearing for any claim that the remote-activation attack applies outside the lab.

Simulated Author's Rebuttal

1 responses · 0 unresolved

We thank the referee for the careful review and for highlighting an important aspect of our threat model. We respond to the comment below.

read point-by-point responses
  1. Referee: [Abstract] Abstract: the central threat model presupposes malware already present in deployed production firmware that can be selectively triggered without prior access at attack time. The manuscript explicitly states the embedding 'was developed in a closed research test environment with vendor technical support, rather than by exploiting an inherent production supply-chain vulnerability,' yet provides no mechanism, attack vector, or evidence for achieving the initial infection step without such assistance. This prerequisite is load-bearing for any claim that the remote-activation attack applies outside the lab.

    Authors: We agree that the manuscript does not demonstrate or provide a mechanism for the initial embedding of malware without vendor assistance, and we explicitly note this limitation in the abstract. Our contribution centers on the remote optical activation mechanism and the resulting real-time point-cloud manipulation once the malware is present and triggered, without requiring further hardware or network access at attack time. To address the comment, we will revise the abstract, introduction, and add a short discussion paragraph to more precisely bound the threat model: we assume dormant malware is already resident (via any means, including but not limited to the vendor-assisted embedding used for the proof-of-concept) and focus on showing that such malware can be selectively activated and used for safety-critical manipulation from a distance. We will also note potential real-world infection paths as an area for future investigation rather than claiming supply-chain compromise. revision: yes

Circularity Check

0 steps flagged

No circularity: experimental demonstration with no derivation chain

full rationale

The paper reports an experimental security demonstration rather than any mathematical derivation, prediction, or first-principles result. The abstract and text explicitly qualify the malware embedding as performed 'in a closed research test environment with vendor technical support, rather than by exploiting an inherent production supply-chain vulnerability,' so the work does not claim or derive the supply-chain step. No equations, fitted parameters, self-citations, or ansatzes appear that could reduce any claim to its own inputs by construction. The central results (optical trigger feasibility, point-cloud manipulation) are direct empirical measurements on the instrumented hardware.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

This is an experimental security demonstration paper with no mathematical derivations, fitted parameters, or postulated physical entities.

pith-pipeline@v0.9.1-grok · 5775 in / 1146 out tokens · 32840 ms · 2026-06-27T00:30:13.566577+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

52 extracted references · 1 canonical work pages

  1. [1]

    https://notepad-plus-plus.org/news/hijacked-incident-info-update/

    2026. https://notepad-plus-plus.org/news/hijacked-incident-info-update/

  2. [2]

    James M Anderson, Nidhi Kalra, and William Stanley. 2021. Autonomous vehicle technology: A guide for policymakers.RAND Corporation(2021)

  3. [3]

    Yulong Cao, Jiaxiang Ma, Kevin Fu, Rampazzi Sara, and Morley Mao. 2021. Automated Tracking System For LiDAR Spoofing Attacks On Moving Targets. InProc. Workshop Automot. Auto. Vehicle Secur.(AutoSec). 1

  4. [4]

    Yulong Cao, Ningfei Wang, Chaowei Xiao, Dawei Yang, Jin Fang, Ruigang Yang, Qi Alfred Chen, Mingyan Liu, and Bo Li. 2021. Invisible for both camera and lidar: Security of multi-sensor fusion based perception in autonomous driving under physical-world attacks. In2021 IEEE symposium on security and privacy (SP). IEEE, 176–194

  5. [5]

    Yulong Cao, Chaowei Xiao, Benjamin Cyr, Yimeng Zhou, Won Park, Sara Ram- pazzi, Qi Alfred Chen, Kevin Fu, and Z Morley Mao. 2019. Adversarial sensor attack on lidar-based perception in autonomous driving. InProceedings of the 2019 ACM SIGSAC conference on computer and communications security. ACM, London, UK, 2267–2281

  6. [6]

    Fred Chang, Ehsan Jafarzadeh, Jacqueline Del Gatto, Graham Cran, and Hossein Sadjadi. 2023. Failure Mode Investigation to Enable LiDAR Health Monitoring for Automotive Application. InAnnual Conference of the PHM Society, Vol. 15

  7. [7]

    2012.Infrastructure investment protection with LiDAR

    Jeffrey C Chang, M Kaitlyn Tsai, Daniel J Findley, Christopher M Cunningham, et al. 2012.Infrastructure investment protection with LiDAR. Technical Report. North Carolina State University. Institute for Transportation Research

  8. [8]

    International Electrotechnical Commission. 2014. IEC 60825-1: Safety of laser products. https://webstore.iec.ch. Accessed: 2025-03-25

  9. [9]

    Gianpiero Costantino, Marco De Vincenzi, and Ilaria Matteucci. 2022. In-depth exploration of ISO/SAE 21434 and its correlations with existing standards.IEEE Communications Standards Magazine6, 1 (2022), 84–92

  10. [10]

    Jin Cui, Lin Shen Liew, Giedre Sabaliauskaite, and Fengjun Zhou. 2019. A review on safety failures, security attacks, and available countermeasures for autonomous vehicles.Ad Hoc Networks90 (2019), 101823

  11. [11]

    Yuepeng Cui, Hao Xu, Jianqing Wu, Yuan Sun, and Junxuan Zhao. 2019. Au- tomatic vehicle tracking with roadside LiDAR data for the connected-vehicles system.IEEE Intelligent Systems34, 3 (2019), 44–51

  12. [12]

    Angela Dai, Angel X Chang, Manolis Savva, Maciej Halber, Thomas Funkhouser, and Matthias Nießner. 2017. Scannet: Richly-annotated 3d reconstructions of indoor scenes. InProceedings of the IEEE conference on computer vision and pattern recognition. 5828–5839

  13. [13]

    A Di Benedetto, M Fiani, M Marsella, et al. 2019. Remote sensing technologies for linear infrastructure monitoring.International Archives of the Photogrammetry, Remote Sensing and Spatial Information Sciences42 (2019), 461–468

  14. [14]

    Sheikh Muhammad Farhan, Jianjun Yin, Zhijian Chen, and Muhammad Sohail Memon. 2024. A comprehensive review of LiDAR applications in crop man- agement for precision agriculture.Sensors (Basel, Switzerland)24, 16 (2024), 5409

  15. [15]

    James P Farwell and Rafal Rohozinski. 2011. Stuxnet and the future of cyber war. Survival53, 1 (2011), 23–40

  16. [16]

    R Spencer Hallyburton, Yupei Liu, Yulong Cao, Z Morley Mao, and Miroslav Pajic. 2022. Security analysis of {Camera-LiDAR} fusion against {Black-Box} attacks on autonomous vehicles. In31st USENIX Security Symposium (USENIX Security 22). 1903–1920

  17. [17]

    R Spencer Hallyburton and Miroslav Pajic. 2025. Security-Aware Sensor Fusion with MATE: the Multi-Agent Trust Estimator. InProceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security. 2009–2023

  18. [18]

    R Spencer Hallyburton and Miroslav Pajic. 2025. Trust-based assured sensor fusion in distributed aerial autonomy. InProceedings of the ACM/IEEE 16th Inter- national Conference on Cyber-Physical Systems (with CPS-IoT Week 2025). 1–12

  19. [19]

    R Spencer Hallyburton, Qingzhao Zhang, Z Morley Mao, and Miroslav Pajic

  20. [20]

    Partial-information, longitudinal cyber attacks on LiDAR in autonomous vehicles.arXiv preprint arXiv:2303.03470(2023)

  21. [21]

    Spencer Hallyburton, Shucheng Zhang, and Miroslav Pajic

    R. Spencer Hallyburton, Shucheng Zhang, and Miroslav Pajic. 2023. Avstack: An open-source, reconfigurable platform for autonomous vehicle development. InProceedings of the ACM/IEEE 14th International Conference on Cyber-Physical Systems (with CPS-IoT Week 2023). 209–220

  22. [22]

    Zizhi Jin, Xiaoyu Ji, Yushi Cheng, Bo Yang, Chen Yan, and Wenyuan Xu. 2023. Pla- lidar: Physical laser attacks against lidar-based 3d object detection in autonomous vehicle. In2023 IEEE Symposium on Security and Privacy (SP). IEEE, 1822–1839

  23. [23]

    James R Kellner, John Armston, Markus Birrer, KC Cushman, Laura Duncanson, Christoph Eck, Christoph Falleger, Benedikt Imbach, Kamil Kral, Martin Kruvcek, et al. 2019. New opportunities for forest remote sensing through ultra-high- density drone lidar.Surveys in Geophysics40 (2019), 959–977

  24. [24]

    Gunzung Kim and Yongwan Park. 2016. LIDAR pulse coding for high resolution range imaging at improved refresh rate.Optics express24, 21 (2016), 23810–23828

  25. [25]

    P. Koopman. 2022.The UL 4600 Guidebook: What to Include in an Autonomous Vehicle Safety Case. Amazon Digital Services LLC - Kdp. https://books.google. com/books?id=3W-OzwEACAAJ

  26. [26]

    You Li and Javier Ibanez-Guzman. 2020. Lidar for autonomous driving: The principles, challenges, and trends for automotive lidar and perception systems. IEEE Signal Processing Magazine37, 4 (2020), 50–61

  27. [27]

    Jeferson Martínez and Javier M Durán. 2021. Software supply chain attacks, a threat to global cybersecurity: SolarWinds’ case study.International Journal of Safety and Security Engineering11, 5 (2021), 537–545

  28. [28]

    Microsoft Defender Security Research Team Microsoft Threat Intelli- gence. 2026. Mitigating the axios NPM supply chain compromise. https://www.microsoft.com/en-us/security/blog/2026/04/01/mitigating- the-axios-npm-supply-chain-compromise/

  29. [29]

    Alwi Nofriandi, Hamdi, Ratnawulan, and Yulkifli. 2024. Ultra-sensitive light detection technologies based on single-photon detectors: a review.Sensing Technology2, 1 (2024), 2404268

  30. [30]

    Jonghoon Park et al. 2021. Over-the-air update attacks on automotive systems: Threats and defenses.IEEE Transactions on Vehicular Technology(2021)

  31. [31]

    Jonathan Petit and Steven E Shladover. 2014. Potential cyberattacks on automated vehicles.IEEE Transactions on Intelligent transportation systems16, 2 (2014), 546– 556

  32. [32]

    Jonathan Petit, Bas Stottelaar, Michael Feiri, and Frank Kargl. 2015. Remote attacks on automated vehicles sensors: Experiments on camera and lidar.Black Hat Europe11, 2015 (2015), 995

  33. [33]

    Hamamatsu Photonics. 2020. Laser Diodes. https://www.hamamatsu.com. Ac- cessed: 2025-03-25

  34. [34]

    Raul Quinonez, Jairo Giraldo, Luis Salazar, Erick Bauman, Alvaro Cardenas, and Zhiqiang Lin. 2020. {SAVIOR}: Securing autonomous vehicles with robust physical invariants. In29th USENIX security symposium (USENIX Security 20). 895–912

  35. [35]

    Gilberto Rivera, Raúl Porras, Rogelio Florencia, and J Patricia Sánchez-Solís. 2023. LiDAR applications in precision agriculture for cultivating crops: A review of recent advances.Computers and electronics in agriculture207 (2023), 107737

  36. [36]

    Danila Rukhovich, Anna Vorontsova, and Anton Konushin. 2022. Fcaf3d: Fully convolutional anchor-free 3d object detection. InEuropean Conference on Com- puter Vision. Springer, 477–493

  37. [37]

    Takami Sato, Ryo Suzuki, Yuki Hayakawa, Kazuma Ikeda, Ozora Sako, Rokuto Nagata, Ryo Yoshida, Qi Alfred Chen, and Kentaro Yoshioka. 2025. On the Realism of LiDAR Spoofing Attacks against Autonomous Driving Vehicle at High Speed and Long Distance. InProceedings of the Network and Distributed System Security Symposium (NDSS)

  38. [38]

    Chuan Sheng, Wanlun Ma, Qing-Long Han, Wei Zhou, Xiaogang Zhu, Sheng Wen, Yang Xiang, and Fei-Yue Wang. 2024. Pager Explosion: Cybersecurity Insights and Afterthoughts.IEEE/CAA Journal of Automatica Sinica11, 12 (2024), 2359–2362

  39. [39]

    Hocheol Shin, Dohyun Kim, Yujin Kwon, and Yongdae Kim. 2017. Illusion and dazzle: Adversarial optical channel exploits against lidars for automotive appli- cations. InInternational Conference on Cryptographic Hardware and Embedded Systems. Springer, Springer, New York, NY, 445–467

  40. [40]

    Craig Singleton and Mark Montgomery. 2024. Laser Focus: Countering China’s LiDAR Threat to U.S. Critical Infrastructure and Military Systems. official mem- orandum, Foundation for Defense of Democracies. https://www.fdd.org/wp- content/uploads/2024/12/fdd-memo-laser-focus-countering-chinas-lidar- threat-to-u.s.-critical-infrastructure-and-military-systems.pdf

  41. [41]

    K. S. Subraman, A. Antonopoulos, A. A. Abotabl, A. Nosratinia, and Y. Makris

  42. [42]

    Demonstrating and mitigating the risk of an FEC-based hardware trojan in wireless networks.IEEE Transactions on Information Forensics and Security14, 10 (2019), 2720–2734

  43. [43]

    Jiachen Sun, Yulong Cao, Qi Alfred Chen, and Z Morley Mao. 2020. Towards robust {LiDAR-based} perception in autonomous driving: General black-box adversarial sensor attack and countermeasures. In29th USENIX (USENIX Security 20). USENIX, Boston, MA, 877–894. 13

  44. [44]

    Pei Sun, Henrik Kretzschmar, Xerxes Dotiwalla, Aurelien Chouard, Vijaysai Patnaik, Paul Tsui, James Guo, Yin Zhou, Yuning Chai, Benjamin Caine, et al

  45. [45]

    In Proceedings of the IEEE/CVF conference on computer vision and pattern recognition

    Scalability in perception for autonomous driving: Waymo open dataset. In Proceedings of the IEEE/CVF conference on computer vision and pattern recognition. 2446–2454

  46. [46]

    Xiaoqiang Sun, F Richard Yu, and Peng Zhang. 2021. A survey on cyber-security of connected and autonomous vehicles (CAVs).IEEE Transactions on Intelligent Transportation Systems23, 7 (2021), 6240–6259

  47. [47]

    James Tu, Mengye Ren, Sivabalan Manivasagam, Ming Liang, Bin Yang, Richard Du, Frank Cheng, and Raquel Urtasun. 2020. Physically realizable adversarial examples for lidar object detection. InProceedings of the IEEE/CVF CVPR. IEEE, New York, NY, 13716–13725

  48. [48]

    Zhien Wang and Massimo Menenti. 2021. Challenges and opportunities in Lidar remote sensing.Frontiers in Remote Sensing2 (2021), 641723

  49. [49]

    Kai Xiao and Mark Tehranipoor. 2014. Hardware Trojans in embedded systems: A survey.Journal of Hardware and Systems Security1, 1 (2014), 15–32

  50. [50]

    Chen Yan, Wenyuan Xu, and Jianhao Liu. 2016. Can you trust autonomous vehicles: Contactless attacks against sensors of self-driving vehicle.Def Con24, 8 (2016), 109

  51. [51]

    Fuquan Zhao, Hao Jiang, and Zongwei Liu. 2019. Recent development of automo- tive LiDAR technology, industry and trends. InEleventh International Conference on Digital Image Processing (ICDIP 2019), Vol. 11179. SPIE, 1132–1139

  52. [52]

    foreground

    Yi Zhu, Chenglin Miao, Tianhang Zheng, Foad Hajiaghajani, Lu Su, and Chun- ming Qiao. 2021. Can we use arbitrary objects to attack lidar perception in autonomous driving?. InProceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security. 1945–1960. A Open Science We provide artifacts for the materials needed to evaluate the paper’s ...