The paper introduces EvaluatAR, a cross-device evaluation framework that standardizes the testing of bystander Privacy-Enhancing Technologies (PETs) in Augmented Reality (AR) to enable rapid, reproduc…

The paper introduces VRSafe, a novel virtual QWERTY keyboard designed to significantly mitigate keystroke inference attacks in virtual reality by introducing false positive keystrokes and incorporatin…

This paper systematically analyzes 48 studies on perception attacks against autonomous vehicles, revealing that the increasing reliance on multi-sensor fusion creates new, complex vulnerabilities that…

Privatar introduces a scalable, privacy-preserving framework to offload computationally intensive multi-user avatar reconstruction from VR headsets to untrusted local devices, significantly improving…

The paper demonstrates a coordinated, cross-modal spoofing attack that successfully deceives state-of-the-art multi-sensor fusion systems in autonomous vehicles by making multiple sensors agree on a f…

The paper demonstrates that passive motion traces recorded during a mobile selfie capture can serve as a measurable, low-friction auxiliary signal for enhancing both spoof screening and user identity…

This paper introduces a dual-layer side-channel attack framework that exploits the variable workload introduced by dynamic image preprocessing in local Vision-Language Models (VLMs) to infer sensitive…

The paper introduces a stealthy, scenario-realistic data fabrication attack that subtly manipulates object poses in shared perception data to induce unsafe driving behaviors in connected and autonomou…

The paper introduces SCAgent, an automated framework that uses LLM-assisted agents to systematically discover, analyze, and assess side-channel leakage risks in complex systems like iOS, moving beyond…

The paper introduces BYOT-CPS, a hybrid cyber-physical testbed that bridges the gap between purely simulated and purely physical IoT testing environments, enabling realistic and scalable security asse…

The paper introduces TESLA, a novel, contactless electromagnetic (EM) side-channel attack that exploits inherent EM emanations from capacitive touchscreens to extract highly sensitive user data like P…

This paper analyzes the privacy challenges posed by Integrated Sensing and Communication (ISAC) in 6G networks by classifying sensitive data into three levels (location, behavioral, and physiological)…

The paper addresses the vulnerability of zero-knowledge proximity proofs in stateful systems by proposing Zairn-ZKP, a method that embeds operational context (like drop identity and policy version) di…

This paper demonstrates that side-channel attacks can be executed across chiplets within a package by repurposing communication-oriented interfaces as internal observation platforms, revealing informa…

The paper demonstrates that even a casual attacker with basic IT skills can perform sophisticated privacy attacks on smart-home networks, extracting detailed daily routines and personal information fr…

This paper systematically identifies and demonstrates multiple session manipulation attacks against VPN connection tracking frameworks, revealing widespread vulnerabilities in popular VPN services.

LiteAtt introduces a verifier-less, Peer-to-Peer Self-Attestation (P2P-SA) framework for modern IoT MCUs, enabling mutual authentication and firmware attestation directly within the connection handsha…

TriSweep proposes a novel four-drone swarm framework for autonomous, standoff electromagnetic side-channel analysis, achieving high key rank recovery even with significant signal degradation and jitte…

DSTAN-Med is a novel dual-channel attention framework that significantly improves False Data Injection (FDI) attack detection in IoMT medical devices by explicitly separating spatial and temporal depe…

The paper proposes Rowhammer Vulnerability Counter (RVC), a novel framework that improves RowHammer mitigation by tracking a row's actual vulnerability to bit flips rather than relying on simple activ…