Issue 1
- Computation on Encrypted Data using Dataflow Authentication
Andreas Fischer (SAP Security Research), Benny Fuhry (SAP Security Research), Florian Kerschbaum (School of Computer Science, University of Waterloo, Canada), and Eric Bodden (Heinz Nixdorf Institute, University of Paderborn, Germany) - Discontinued Privacy: Personal Data Leaks in Apple Bluetooth-Low-Energy Continuity Protocols
Guillaume Celosia (Univ Lyon, INSA Lyon, Inria, CITI) and Mathieu Cunche (Univ Lyon, INSA Lyon, Inria, CITI) - The Privacy Policy Landscape After the GDPR
Thomas Linden (University of Wisconsin-Madison), Rishabh Khandelwal (University of Wisconsin-Madison), Hamza Harkous (EPFL), and Kassem Fawaz (University of Wisconsin-Madison) - Inferring Tracker-Advertiser Relationships in the Online Advertising Ecosystem using Header Bidding
John Cook (The University of Iowa), Rishab Nithyanand (The University of Iowa), and Zubair Shafiq (The University of Iowa) - Emotional and Practical Considerations towards the Adoption and Abandonment of VPNs as a Privacy-Enhancing Technology.
Moses Namara (Clemson University), Daricia Wilkinson (Clemson University), Bart Knijnenburg (Clemson University), and Kelly Caine (Clemson University) - Not All Attributes are Created Equal: 𝘥𝓧-Private Mechanisms for Linear Queries
Parameswaran Kamalaruban (EPFL), Victor Perrier (ISAE-SUPAERO & Data61, CSIRO), Hassan Jameel Asghar (Macquarie University & Data61, CSIRO), and Mohamed Ali Kaafar (Macquarie University & Data61, CSIRO) - Protecting the 4G and 5G Cellular Paging Protocols against Security and Privacy Attacks
Ankush Singla (Purdue University), Syed Rafiul Hussain (Purdue University), Omar Chowdhury (University of Iowa), Elisa Bertino (Purdue University), and Ninghui Li (Purdue University) - Pets without PETs: on the under-estimation of privacy concerns in pet wearables
Dirk van der Linden (University of Bristol), Matthew Edwards (University of Bristol), Irit Hadar (University of Haifa), and Anna Zamansky (University of Haifa) - Black-Box Wallets: Fast Anonymous Two-Way Payments for Constrained Devices
Max Hoffmann (Ruhr-University Bochum), Michael Kloo?? (Karlsruhe Institute of Technology), Markus Raiber (Karlsruhe Institute of Technology), and Andy Rupp (Karlsruhe Institute of Technology) - The Best of Both Worlds: Mitigating Trade-offs Between Accuracy and User Burden in Capturing Mobile App Privacy Preferences
Daniel Smullen (Carnegie Mellon University), Yuanyuan Feng (Carnegie Mellon University), Shikun (Aerin) Zhang (Carnegie Mellon University), and Norman Sadeh (Carnegie Mellon University) - SqORAM: Read-Optimized Sequential Write-Only Oblivious RAM
Anrin Chakraborti (Stony Brook University) and Radu Sion (Stony Brook University) - Website Fingerprinting with Website Oracles
Tobias Pulls (Karlstad University) and Rasmus Dahlberg (Karlstad University)
Issue 2
- Illuminating the Dark or how to recover what should not be seen in FE-based classifiers
Sergiu Carpov (CEA LIST), Caroline Fontaine (LSV, CNRS), Damien Ligier (Wallix), Renaud Sirdey (CEA LIST), and Sergiu Carpov (CEA LIST) - Enhanced Performance and Privacy for TLS over TCP Fast Open
Erik Sy (University of Hamburg), Tobias Mueller (University of Hamburg), Christian Burkert (University of Hamburg), Hannes Federrath (University of Hamburg), and Mathias Fischer (University of Hamburg) - A Comparative Measurement Study of Web Tracking on Mobile and Desktop Environments
Zhiju Yang (Colorado School of Mines) and Chuan Yue (Colorado School of Mines) - NoMoATS: Towards Automatic Detection of Mobile Tracking
Anastasia Shuba (Broadcom Inc.) and Athina Markopoulou (University of California, Irvine) - Privacy-Preserving Payment Splitting
Saba Eskandarian (Stanford University), Mihai Christodorescu (Visa Research), and Payman Mohassel (Facebook) - Protecting against Website Fingerprinting with Multihoming
Sébastien Henri (Cisco Meraki), Gines Garcia-Aviles (University Carlos III of Madrid, Spain), Pablo Serrano (University Carlos III of Madrid, Spain), Albert Banchs (IMDEA Networks Institute and University Carlos III of Madrid, Spain), and Patrick Thiran (EPFL, Switzerland) - Explaining the Technology Use Behavior of Privacy-Enhancing Technologies: The Case of Tor and JonDonym
David Harborth (Chair of Mobile Business and Multilateral Security, Goethe University Frankfurt), Dr. Sebastian Pape (Chair of Mobile Business and Multilateral Security, Goethe University Frankfurt), and Prof. Dr. Kai Rannenberg (Chair of Mobile Business and Multilateral Security, Goethe University Frankfurt) - The TV is Smart and Full of Trackers: Measuring Smart TV Advertising and Tracking
Janus Varmarken (University of California, Irvine), Hieu Le (University of California, Irvine), Anastasia Shuba (Broadcom Inc.), Athina Markopoulou (University of California, Irvine), and Zubair Shafiq (University of Iowa) - SPy: Car Steering Reveals Your Trip Route!
Mert D. Pesé (University of Michigan), Xiaoying Pu (University of Michigan), and Kang G. Shin (University of Michigan) - A Framework of Metrics for Differential Privacy from Local Sensitivity
Peeter Laud (Cybernetica AS), Alisa Pankova (Cybernetica AS), and Martin Pettai (Cybernetica AS) - Secure and Scalable Document Similarity on Distributed Databases: Differential Privacy to the Rescue
Phillipp Schoppmann (Humboldt-Universität zu Berlin), Lennart Vogelsang (Humboldt-Universität zu Berlin), Adrià Gascón (The Alan Turing Institute / University of Warwick), and Borja Balle () - Differentially Private SQL with Bounded User Contribution
Royce J Wilson (Google), Celia Yuxin Zhang (Google), William Lam (Google), Damien Desfontaines (Google / ETH Zürich), Daniel Simmons-Marengo (Google), and Bryant Gipson (Google) - Listen Only When Spoken To: Interpersonal Communication Cues as Smart Speaker Privacy Controls
Abraham H. Mhaidli (University of Michigan), Manikandan Venkatesh (University of Michigan), Yixin Zou (University of Michigan), and Florian Schaub (University of Michigan) - SoK: Differential Privacies
Damien Desfontaines (ETH Zürich / Google) and Balázs Pejó (University of Luxembourg) - Angel or Devil? A Privacy Study of Mobile Parental Control Apps
Álvaro Feal (IMDEA Networks Institute / Universidad Carlos III de Madrid), Paolo Calciati (IMDEA Software Institute / Universidad Politécnica de Madrid), Narseo Vallina-Rodriguez (IMDEA Networks Institute / ICSI), Carmela Troncoso (EPFL), and Alessandra Gorla (IMDEA Sofware Institute) - Averaging Attacks on Bounded Noise-based Disclosure Control Algorithms
Hassan Jameel Asghar (Macquarie University & Data61, CSIRO) and Dali Kaafar (Macquarie University & Data61, CSIRO) - Impact of Frequency of Location Reports on the Privacy Level of Geo-indistinguishability
Ricardo Mendes (University of Coimbra), Mariana Cunha (University of Coimbra), and João P. Vilela (University of Coimbra) - Mind the Gap: Ceremonies for Applied Secret Sharing
Bailey Kacsmar (University of Waterloo), Chelsea H. Komlo (University of Waterloo), Florian Kerschbaum (University of Waterloo), and Ian Goldberg (University of Waterloo) - Privacy at a Glance: The User-Centric Design of Glanceable Data Exposure Visualizations
Daricia Wilkinson (Clemson University), Paritosh Bahirat (Clemson University), Moses Namara (Clemson University), Jing Lyu (Clemson University), Arwa Alsubhi (Clemson University), Jessica Qiu (Clemson University), Pamela J. Wisniewski (University of Central Florida), and Bart Knijnenburg (Clemson University) - Smart Devices in Airbnbs: Considering Privacy and Security for both Guests and Hosts
Shrirang Mare (Indiana University and University of Washington), Franziska Roesner (University of Washington), Tadayoshi Kohno (University of Washington), and Tadayoshi Kohno () - FLASH: Fast and Robust Framework for Privacy-preserving Machine Learning
Megha Byali (Indian Institute of Science, Bangalore, India), Harsh Chaudhari (Indian Institute of Science, Bangalore, India), Arpita Patra (Indian Institute of Science, Bangalore, India), and Ajith Suresh (Indian Institute of Science, Bangalore, India) - Multiple Purposes, Multiple Problems: A User Study of Consent Dialogs after GDPR
Dominique Machuletz (University of Münster) and Rainer Böhme (University of Innsbruck) - Missed by Filter Lists: Detecting Unknown Third-Party Trackers with Invisible Pixels
Imane Fouad (INRIA), Nataliia Bielova (INRIA), Arnaud Legout (INRIA), and Natasa Sarafijanovic (IRIS) - A Tale of Two Trees: One Writes, and Other Reads. Optimized Oblivious Accesses to Large-Scale Blockchains
Duc V. Le (Purdue University), Lizzy Tengana Hurtado (National University of Colombia), Adil Ahmad (Purdue University), Mohsen Minaei (Purdue University), Byoungyoung Lee (Seoul National University), and Aniket Kate (Purdue University) - Identifying Influential Spreaders in a Social Network (While Preserving Privacy)
Varsha Bhat Kukkala (Indian Institute of Technology Ropar) and S.R.S. Iyengar (Indian Institute of Technology Ropar) - Long-Term Observation on Browser Fingerprinting: Users’ Trackability and Perspective
Gaston Pugliese (Friedrich-Alexander University Erlangen-Nürnberg (FAU)), Christian Riess (Friedrich-Alexander University Erlangen-Nürnberg (FAU)), Freya Gassmann (Saarland University), and Zinaida Benenson (Friedrich-Alexander University Erlangen-Nürnberg (FAU)) - T0RTT: Non-Interactive Immediate Forward-Secure Single-Pass Circuit Construction
Sebastian Lauer (Ruhr University Bochum), Kai Gellert (Paderborn University), Robert Merget (Ruhr University Bochum), Tobias Handirk (Paderborn University), and Jörg Schwenk (Ruhr University Bochum)
Issue 3
These papers are pre-prints that are not suitable for citation. The page numbers may be updated in the final versions.
- Tik-Tok: The Utility of Packet Timing in Website Fingerprinting Attacks
Mohammad Saidur Rahman (Rochester Institute of Technology), Payap Sirinam (Navaminda Kasatriyadhiraj Royal Air Force Academy), Nate Mathews (Rochester Institute of Technology), Kantha Girish Gangadhara (Rochester Institute of Technology), and Matthew Wright (Rochester Institute of Technology) - Multi-x: Identifying Multiple Authors from Source Code Files
Mohammed Abuhamad (University of Central Florida), Tamer Abuhmed (Sungkyunkwan University), Aziz Mohaisen (University of Central Florida), and DaeHun Nyang (INHA University) - Secure k-ish Nearest Neighbors Classifier
Hayim Shaul (University of Haifa + IDC), Dan Feldman (University of Haifa), and Daniela Rus (MIT) - P4TC - Provably-Secure yet Practical Privacy-Preserving Toll Collection
Valerie Fetzer (Karlsruhe Institute of Technology), Max Hoffmann (Ruhr University Bochum), Matthias Nagel (Karlsruhe Institute of Technology), Rebecca Schwerdt (Karlsruhe Institute of Technology), and Andy Rupp (University of Luxembourg) - Differentially-Private Multi-Party Sketching for Large-Scale Statistics
Seung Geol Choi (United States Naval Academy), Dana Dachman-Soled (University of Maryland), Mukul Kulkarni (University of Massachusetts), and Arkady Yerukhimovich (George Washington University) - Scaling Up Anonymous Communication with Efficient Nanopayment Channels
Florentin Rochet (Uclouvain Crypto Group), Thien-Nam Dinh (Sandia), Olivier Pereira (Uclouvain Crypto Group), and Dan Wallach (Rice University) - Mitigator: Privacy policy compliance using trusted hardware
Miti Mazmudar (University of Waterloo) and Ian Goldberg (University of Waterloo) - The Price is (not) Right: Comparing Privacy in Free and Paid Apps
Catherine Han (University of California, Berkeley), Irwin Reyes (Two Six Labs / International Computer Science Institute), Álvaro Feal (IMDEA Networks Institute), Joel Reardon (University of Calgary), Primal Wijesekera (University of California, Berkeley), Narseo Vallina-Rodriguez (IMDEA Networks Institute / International Computer Science Institute), and Serge Egelman (International Computer Science Institute / University of California, Berkeley) - SiegeBreaker: An SDN Based Practical Decoy Routing System
Piyush Sharma (IIIT Delhi), Devashish Gosain (IIIT Delhi), Himanshu Sagar (IIIT Delhi), Chaitanya Kumar (IBM research Labs, Singapore), Aneesh Dogra (IIIT Delhi), Vinayak Naik (BITS Pilani, Goa), H.B. Acharya (RIT, New York USA), and Sambuddho Chakravarty (IIIT Delhi) - Exposing Private User Behaviors of Collaborative Filtering via Model Inversion Techniques
Seira Hidano (KDDI Research, Inc.), Takao Murakami (National Institute of Advanced Industrial Science and Technology), Shuichi Katsumata (National Institute of Advanced Industrial Science and Technology), Shinsaku Kiyomoto (KDDI Research, Inc.), and Goichiro Hanaoka (National Institute of Advanced Industrial Science and Technology) - Protecting Private Inputs: Bounded Distortion Guarantees With Randomised Approximations
Patrick Ah-Fat (Imperial College London) and Michael Huth (Imperial College London) - dPHI: An improved high-speed network-layer anonymity protocol
Alexander Bajic (ESMT Berlin) and Georg T. Becker (ESMT Berlin) - Tandem: Securing Keys by Using a Central Server While Preserving Privacy
Wouter Lueks (EPFL), Brinda Hampiholi (Radboud University / Philips), Greg Alpár (Open University), and Carmela Troncoso (EPFL) - Comprehensive Anonymity Trilemma: User Coordination is not enough
Debajyoti Das (Purdue University), Sebastian Meiser (Visa Research), Esfandiar Mohammadi (Universitaet zu Luebeck), Aniket Kate (Purdue University), and Esfandiar Mohammadi (University of Luebeck) - A Privacy-Focused Systematic Analysis of Online Status Indicators
Camille Cobb (Carnegie Mellon University), Lucy Simko (University of Washington), Tadayoshi Kohno (University of Washington), and Alexis Hiniker (University of Washington) - MoneyMorph: Censorship Resistant Rendezvous using Permissionless Cryptocurrencies
Mohsen Minaei (Purdue University), Pedro Moreno-Sanchez (TU Wien), and Aniket Kate (Purdue University)
Issue 4
Note: Acceptance of some of these papers is conditional upon approval from a shepherd.
- Automatic Discovery of Privacy-Utility Pareto Fronts
Brendan Avent (University of Southern California), Javier González (Amazon), Tom Diethe (Amazon), Andrei Paleyes (University of Cambridge), and Borja Balle (DeepMind) - LLDC: Low-Latency Anonymity for Organizational Networks
Ludovic Barman (EPFL), Italo Dacosta (UBS), Mahdi Zamani (Visa Research), Ennan Zhai (Alibaba Group), Apostolos Pyrgelis (EPFL), Bryan Ford (EPFL), Jean-Pierre Hubaux (EPFL), and Joan Feigenbaum (Yale University) - The Power of the Hybrid Model for Mean Estimation
Brendan Avent (University of Southern California), Yatharth Dubey (Georgia Institute of Technology), and Aleksandra Korolova (University of Southern California) - The Road Not Taken : Re-thinking The Feasibility of Voice Calling Over Tor
Piyush Sharma (IIIT Delhi), Shashwat Chaudhary (IIIT Delhi), Nikhil Hassija (IIIT Delhi), Mukulika Maity (IIIT Delhi), and Sambuddho Chakravarty (IIIT Delhi) - An Empirical Analysis of the Commercial Arm of the Chinese Social Credit System
Mo Chen (Technical University of Munich) and Jens Grossklags (Technical University of Munich) - Privacy Preserving Detection of Path Bias Attacks in Anonymity Networks
Lauren Watson (University of Edinburgh), Anupam Mediratta (University of Edinburgh), Tariq Elahi (University of Edinburgh), and Rik Sarkar (University of Edinburgh) - Publishing Community-Preserving Attributed Social Graphs with a Differential Privacy Guarantee
Xihui Chen (University of Luxembourg), Sjouke Mauw (University of Luxembourg), and Yunior Ramirez-Cruz (University of Luxembourg) - Anatomy of Data Breaches
Hamza Saleem (University of Southern California) and Muhammad Naveed (University of Southern California) - Effective writing style transfer via combinatorial paraphrasing
Tommi Gröndahl (Aalto University) and N. Asokan (University of Waterloo) - Anonymous, Attribute Based, Decentralized, Secure, and Fair e-Donation
Osman Biçer (Koç University) and Alptekin Küpçü (Koç University) - No boundaries: data exfiltration by third parties embedded on web pages
Gunes Acar (KU Leuven), Steve Englehardt (Mozilla), and Arvind Narayanan (Princeton University) - INFUSE: Invisible plausibly-deniable file system for NAND flash
Chen Chen (Stony Brook University), Anrin Chakraborti (Stony Brook University), and Radu Sion (Stony Brook University) - When Speakers Are All Ears: Characterizing Misactivations of IoT Smart Speakers
Daniel J. Dubois (Northeastern University), Roman Kolcun (Imperial College London), Anna Maria Mandalari (Imperial College London), Muhammad Talha Paracha (Northeastern University), David Choffnes (Northeastern University), and Hamed Haddadi (Imperial College London) - VideoDP: A Flexible Platform for Video Analytics with Differential Privacy
Han Wang (Illinois Institute of Technology), Shangyu Xie (Illinois Institute of Technology), and Yuan Hong (Illinois Institute of Technology) - Reputable List Curation from Decentralized Voting
Elizabeth Crites (University College London), Mary Maller (Ethereum Foundation), Sarah Meiklejohn (University College London), and Rebekah Mercer (O(1) Labs) - Running Refraction Networking for Real
Benjamin VanderSloot (University of Michigan), Sergey Frolov (University of Colorado Boulder), Jack Wampler (University of Colorado Boulder), Sze Chuen Tan (University of Illinois, Urbana-Champaign), Irv Simpson (Psiphon), Michalis Kallitsis (Merit), J. Alex Halderman (University of Michigan), Nikita Borisov (University of Illinois, Urbana-Champaign), and Eric Wustrow (University of Colorado Boulder) - CanaryTrap: Detecting Data Misuse by Third-Party Apps on Online Social Networks
Shehroze Farooqi (The University of Iowa), Maaz Musa (The University of Iowa), Zubair Shafiq (The University of Iowa), and Fareed Zaffar (Lahore University of Management and Sciences) - Secure Evaluation of Quantized Neural Networks
Anders Dalskov (Aarhus University), Daniel Escudero (Aarhus University), and Marcel Keller (Data61, CSIRO) - Energy-Efficient Dummy Traffic Generation for Home Automation Systems
Frederik Möllers (Saarland University) - In Depth Evaluation of Redirect Tracking and Link Usage
Martin Stopczynski (None), Erik Tews (University of Twente), and Stefan Katzenbeisser (Universität Passau) - Practical Privacy-Preserving K-means Clustering
Payman Mohassel (Facebook), Mike Rosulek (Oregon State University), and Ni Trieu (Oregon State University) - Self-Processing Sensor Data via Garbled Encryption
Nathan Manohar (UCLA), Abhishek Jain (John Hopkins University), and Amit Sahai (UCLA) - Adept Secret-Sharing
Mihir Bellare (UC San Diego), Wei Dai (UC San Diego), and Phillip Rogaway (UC Davis) - How private is your period?: A systematic analysis of menstrual app privacy policies
Laura Shipp (Royal Holloway, University of London) and Jorge Blasco (Royal Holloway, University of London)