PoPETs Proceedings — Volume 2024

Volume 2024

Issue 1

Editors' Introduction
Micah Sherr (Georgetown University), Zubair Shafiq (University of California, Davis)
A Large-Scale Study of Cookie Banner Interaction Tools and their Impact on Users' Privacy [PDF] [Artifact: Available]
Nurullah Demir (Institute for Internet Security & KASTEL Security Research Labs & Karlsruhe Institute of Technology ), Tobias Urban (Institute for Internet Security & secunet Security Networks AG), Norbert Pohlmann (Institute for Internet Security), Christian Wressnegger (KASTEL Security Research Labs & Karlsruhe Institute of Technology)
SoK: Data Privacy in Virtual Reality [PDF]
Gonzalo Munilla Garrido (TUM), Vivek Nair (UC Berkeley), Dawn Song (UC Berkeley)
Interest-disclosing Mechanisms for Advertising are Privacy-Exposing (not Preserving) [PDF] [Artifact: Reproduced]
Yohan Beugin (University of Wisconsin-Madison), Patrick McDaniel (University of Wisconsin-Madison)
QUICKeR: Quicker Updates Involving Continuous Key Rotation [PDF] [Artifact: Available]
Lawrence Lim (University of California, Santa Barbara), Wei-Yee Goh (University of California, Santa Barbara), Divyakant Agrawal (University of California, Santa Barbara), Amr El Abbadi (University of California, Santa Barbara), Trinabh Gupta (University of California, Santa Barbara)
Efficiently Compiling Secure Computation Protocols From Passive to Active Security: Beyond Arithmetic Circuits [PDF] [Artifact: Reproduced]
Marina Blanton (University at Buffalo), Dennis Murphy (University at Buffalo), Chen Yuan (Meta Platform, Inc.)
DeTorrent: An Adversarial Padding-only Traffic Analysis Defense [PDF] [Artifact: Available]
James K Holland (University of Minnesota), Jason Carpenter (University of Minnesota), Se Eun Oh (Ewha Womans University), Nicholas Hopper (University of Minnesota)
A False Sense of Privacy: Towards a Reliable Evaluation Methodology for the Anonymization of Biometric Data [PDF]
Simon Hanisch (Center for Tactile Internet (CeTI), Technical University Dresden), Julian Todt (KASTEL, Karlsruhe Institute of Technology), Jose Patino (Cerence), Nicholas Evans (Digital Security Department, EURECOM), Thorsten Strufe (KASTEL, Karlsruhe Institute of Technology)
Cross-Contextual Examination of Older Adults' Privacy Concerns, Behaviors, and Vulnerabilities [PDF]
Yixin Zou (Max Planck Institute for Security and Privacy), Kaiwen Sun (University of Michigan), Tanisha Afnan (University of Michigan), Ruba Abu-Salma (King's College London), Robin Brewer (University of Michigan), Florian Schaub (University of Michigan)
“Those things are written by lawyers, and programmers are reading that.” Mapping the Communication Gap Between Software Developers and Privacy Experts [PDF]
Stefan Albert Horstmann (Ruhr University Bochum), Samuel Domiks (Independent), Marco Gutfleisch (Ruhr University Bochum), Mindy Tran (Paderborn University), Yasemin Acar (Paderborn University , The George Washington University), Veelasha Moonsamy (Ruhr University Bochum), Alena Naiakshina (Ruhr University Bochum)
Supporting Informed Choices about Browser Cookies: The Impact of Personalised Cookie Banners [PDF] [Artifact: Available]
Tom Biselli (Science and Technology for Peace and Security (PEASEC), Technical University of Darmstadt), Laura Utz (Science and Technology for Peace and Security (PEASEC), Technical University of Darmstadt), Christian Reuter (Science and Technology for Peace and Security (PEASEC), Technical University of Darmstadt)
Block Cookies, Not Websites: Analysing Mental Models and Usability of the Privacy-Preserving Browser Extension CookieBlock [PDF] [Artifact: Available]
Lorin Schöni (ETH Zürich), Karel Kubicek (ETH Zürich), Verena Zimmermann (ETH Zürich)
Mitigating Inference Risks with the NIST Privacy Framework [PDF]
Christopher B. Landis (Naval Postgraduate School), Joshua A. Kroll (Naval Postgraduate School)
Why Privacy-Preserving Protocols Are Sometimes Not Enough: A Case Study of the Brisbane Toll Collection Infrastructure [PDF] [Artifact: Reproduced]
Amirhossein Adavoudi Jolfaei (University of Luxembourg), Andy Rupp (University of Luxembourg and KASTEL SRL), Stefan Schiffner (Berufliche Hochschule Hamburg (BHH)), Thomas Engel (University of Luxembourg)
Generalizable Active Privacy Choice: Designing a Graphical User Interface for Global Privacy Control [PDF] [Artifact: Available]
Sebastian Zimmeck (Wesleyan University), Eliza Kuller (Wesleyan University), Chunyue Ma (Wesleyan University), Bella Tassone (Wesleyan University), Joe Champeau (Wesleyan University)
Opted Out, Yet Tracked: Are Regulations Enough to Protect Your Privacy? [PDF]
Zengrui Liu (Texas A&M University), Umar Iqbal (Washington University in St. Louis), Nitesh Saxena (Texas A&M University)
Privacy Preserving Feature Selection for Sparse Linear Regression [PDF] [Artifact: Available]
Adi Akavia (University of Haifa), Ben Galili (Technion), Hayim Shaul (IBM Research), Mor Weiss (Bar-Ilan University), Zohar Yakhini (Reichman University and Technion)
Model-driven Privacy [PDF] [Artifact: Reproduced]
Srdan Krstic (ETH Zurich), Hoang Nguyen (ETH Zurich), David Basin (ETH Zurich)
DP-ACT: Decentralized Privacy-Preserving Asymmetric Digital Contact Tracing [PDF]
Azra Abtahi (Lund University), Mathias Payer (EPFL), Amir Aminifar (Lund University)
CoStricTor: Collaborative HTTP Strict Transport Security in Tor Browser [PDF] [Artifact: Reproduced]
Killian Davitt (University College London), Dan Ristea (University College London), Duncan Russell (The Tor Project), Steven J. Murdoch (University College London)
DeVoS: Deniable Yet Verifiable Vote Updating [PDF] [Artifact: Reproduced]
Johannes Müller (University of Luxembourg), Balázs Pejó (Budapest University of Technology and Economics), Ivan Pryvalov (University of Luxembourg & Brandenburg University of Technology)
Over Fences and Into Yards: Privacy Threats and Concerns of Commercial Satellites [PDF]
Rachel McAmis (University of Washington), Mattea Sim (University of Indiana Bloomington), Mia Bennett (University of Washington), Tadayoshi Kohno (University of Washington)
Constant-Round Private Decision Tree Evaluation for Secret Shared Data [PDF] [Artifact: Available]
Nan Cheng (University of St.Gallen), Naman Gupta (IIT Delhi), Aikaterini Mitrokotsa (University of St.Gallen), Hiraku Morita (Aarhus University and University of Copenhagen), Kazunari Tozawa (The University of Tokyo)
Data Isotopes for Data Provenance in DNNs [PDF] [Artifact: Available]
Emily Wenger (The University of Chicago), Xiuyu Li (UC Berkeley), Ben Y. Zhao (The University of Chicago), Vitaly Shmatikov (Cornell Tech)
MAPLE: MArkov Process Leakage attacks on Encrypted Search [PDF] [Artifact: Reproduced]
Seny Kamara (MongoDB & Brown University), Abdelkarim Kati (Mohammed-VI Polytechnic University), Tarik Moataz (MongoDB), Jamie DeMaria (Elementl), Andrew Park (Carnegie Mellon University), Amos Treiber (Technical University of Darmstadt)
SocIoTy: Practical Cryptography in Smart Home Contexts [PDF] [Artifact: Reproduced]
Tushar M. Jois (City College of New York), Gabrielle Beck (Johns Hopkins University), Sofia Belikovetsky (Johns Hopkins University), Joseph Carrigan (Johns Hopkins University), Alishah Chator (Boston University), Logan Kostick (Johns Hopkins University), Maximilian Zinkus (Johns Hopkins University), Gabriel Kaptchuk (Boston University), Aviel D. Rubin (Johns Hopkins University)
Communication Breakdown: Modularizing Application Tunneling for Signaling Around Censorship [PDF]
Paul Vines (Two Six Technologies), Samuel McKay (Two Six Technologies), Jesse Jenter (Two Six Technologies), Suresh Krishnaswamy (Two Six Technologies)
On the Quality of Privacy Policy Documents of Virtual Personal Assistant Applications [PDF] [Artifact: Reproduced]
Chuan Yan (University of Queensland, Australia), Fuman Xie (University of Queensland, Australia), Mark Huasong Meng (Institute for Infocomm Research, Singapore), Yanjun Zhang (University of Technology Syndey, Australia), Guangdong Bai (University of Queensland, Australia)
SEDMA: Self-Distillation with Model Aggregation for Membership Privacy [PDF]
Tsunato Nakai (Mitsubishi Electric Corporation), Ye Wang (Mitsubishi Electric Research Laboratories), Kota Yoshida (Ritsumeikan University), Takeshi Fujino (Ritsumeikan University)
SoK: Metadata-Protecting Communication Systems [PDF]
Sajin Sasy (University of Waterloo), Ian Goldberg (University of Waterloo)
A Cautionary Tale: On the Role of Reference Data in Empirical Privacy Defenses [PDF] [Artifact: Reproduced]
Caelin Kaplan (SAP Labs France, Inria, Université Côte d’Azur), Chuan Xu (Inria, Université Côte d’Azur, CNRS, I3S), Othmane Marfoq (Inria, Université Côte d’Azur, Accenture Labs), Giovanni Neglia (Inria, Université Côte d’Azur), Anderson Santana de Oliveira (SAP Labs France)
SWiSSSE: System-Wide Security for Searchable Symmetric Encryption [PDF] [Artifact: Reproduced]
Zichen Gui (ETH Zurich), Kenneth G. Paterson (ETH Zurich), Sikhar Patranabis (IBM Research India), Bogdan Warinschi (University of Bristol and DFINITY)
PRIVIC: A privacy-preserving method for incremental collection of location data [PDF] [Artifact: Available]
Sayan Biswas (INRIA and LIX, École Polytechnique), Catuscia Palamidessi (INRIA and LIX, École Polytechnique)
User-Controlled Privacy: Taint, Track, and Control [PDF] [Artifact: Reproduced]
François Hublet (ETH Zürich), David Basin (ETH Zürich), Srđan Krstić (ETH Zürich)
SGXonerated:Finding (and Partially Fixing) Privacy Flaws in TEE-based Smart Contract Platforms Without Breaking the TEE [PDF] [Artifact: Reproduced]
Nerla Jean-Louis (University of Illinois Urbana Champaign), Yunqi Li (University of Illinois Urbana Champaign), Yan Ji (Cornell University), Harjasleen Malvai (University of Illinois Urbana Champaign), Thomas Yurek (University of Illinois Urbana Champaign), Sylvain Bellemare (IC3 (Cornell University)), Andrew Miller (University of Illinois Urbana Champaign, IC3)
Tailoring Digital Privacy Education Interventions for Older Adults: A Comparative Study on Modality Preferences and Effectiveness [PDF]
Heba Aly (Clemson University), Yizhou Liu (Clemson University), Reza Ghaiumy Anaraky (New York University), Sushmita Khan (Clemson University), Moses Namara (Clemson University), Kaileigh Angela Byrne (Clemson University), Bart Knijnenburg (Clemson University)

Issue 2

Editors' Introduction
Micah Sherr (Georgetown University), Zubair Shafiq (University of California, Davis)
Multipars: Reduced-Communication MPC over Z2k [PDF] [Artifact: Reproduced]
Sebastian Hasler (University of Stuttgart), Pascal Reisert (University of Stuttgart), Marc Rivinius (University of Stuttgart), Ralf Küsters (University of Stuttgart)
Privadome: Delivery Drones and Citizen Privacy [PDF]
Gokulnath M. Pillai (Indian Institute of Science Bangalore, and Cerebras Bangalore), Ajith Suresh (Indian Institute of Science Bangalore, and Technology Innovation Institute Abu Dhabi), Eikansh Gupta (Indian Institute of Science Bangalore, and Qualcomm Hyderabad), Vinod Ganapathy (Indian Institute of Science Bangalore), Arpita Patra (Indian Institute of Science Bangalore)
Delegated Private Matching For Compute [PDF] [Artifact: Reproduced]
Dimitris Mouris (University of Delaware), Daniel Masny (Meta Inc.), Ni Trieu (Arizona State University), Shubho Sengupta (Meta Inc.), Prasad Buddhavarapu (Meta Inc.), Benjamin Case (Meta Inc.)
Multiparty Private Set Intersection Cardinality and Its Applications [PDF]
Jiahui Gao (Arizona State University), Ni Trieu (Arizona State University), Avishay Yanai (VMware Research)
Two Steps Forward and One Step Back: The Right to Opt-out of Sale under CPRA [PDF]
Jan Charatan (Pomona College), Eleanor Birrell (Pomona College)
StyleAdv: A Usable Privacy Framework Against Facial Recognition with Adversarial Image Editing [PDF] [Artifact: Available]
Minh-Ha Le (Linköping University, Linköping, Sweden), Niklas Carlsson (Linköping University, Linköping, Sweden)
Differentially Private Ad Conversion Measurement [PDF]
John Delaney (Google), Badih Ghazi (Google), Charlie Harrison (Google), Christina Ilvento (Google), Ravi Kumar (Google), Pasin Manurangsi (Google), Martin Pál (Google), Karthik Prabhakar (Google), Mariana Raykova (Google)
A Framework for Provably Secure Onion Routing against a Global Adversary [PDF]
Philip Scherer (KIT Karlsruhe), Christiane Weis (NEC Laboratories Europe), Thorsten Strufe (KIT Karlsruhe)
Exploring the Privacy Experiences of Closeted Users of Online Dating Services in the US [PDF]
Elijah Bouma-Sims (Carnegie Mellon University), Sanjnah Ananda Kumar (Carnegie Mellon University), Lorrie Faith Cranor (Carnegie Mellon University)
Data Safety vs. App Privacy: Comparing the Usability of Android and iOS Privacy Labels [PDF]
Yanzi Lin (Wellesley College), Jaideep Juneja (Carnegie Mellon University), Eleanor Birrell (Pomona College), Lorrie Faith Cranor (Carnegie Mellon University)
Website Data Transparency in the Browser [PDF] [Artifact: Available]
Sebastian Zimmeck (Wesleyan University), Daniel Goldelman (Wesleyan University), Owen Kaplan (Wesleyan University), Logan Brown (Wesleyan University), Justin Casler (Wesleyan University), Judeley Jean-Charles (Wesleyan University), Joe Champeau (Wesleyan University), Hamza Harkous (Google)
Traceable mixnets [PDF] [Artifact: Reproduced]
Prashant Agrawal (CSE, IIT Delhi; CDAIS, Ashoka University), Abhinav Nakarmi (CSE, University of Michigan), Mahabir Prasad Jhanwar (CS and CDAIS, Ashoka University), Subodh Sharma (CSE, IIT Delhi), Subhashis Banerjee (CSE, IIT Delhi; CS and CDAIS, Ashoka University)
MixMatch: Flow Matching for Mixnet Traffic [PDF] [Artifact: Available]
Lennart Oldenburg (COSIC, KU Leuven), Marc Juarez (University of Edinburgh), Enrique Argones Rúa (COSIC, KU Leuven), Claudia Diaz (COSIC, KU Leuven, and Nym Technologies, SA)
Contextualizing Interpersonal Data Sharing in Smart Homes [PDF]
Weijia He (Dartmouth College), Nathan Reitinger (University of Maryland, College Park), Atheer Almogbil (Johns Hopkins University), Yi-Shyuan Chiang (University of Illinois Urbana-Champaign), Timothy J. Pierson (Dartmouth College), David Kotz (Dartmouth College)
SoK: Secure Human-centered Wireless Sensing [PDF]
Wei Sun (Duke University), Tingjun Chen (Duke University), Neil Gong (Duke University)
Extending the Security of SPDZ with Fairness [PDF]
Bart Veldhuizen (Independent researcher), Gabriele Spini (TNO), Thijs Veugen (TNO and Twente University), Lisa Kohl (CWI)
Defining and Controlling Information Leakage in US Equities Trading [PDF] [Artifact: Reproduced]
Arthur Américo (Proof Trading), Allison Bishop (Proof Trading and City College, CUNY), Paul Cesaretti (Graduate Center, CUNY and Proof Trading), Garrison Grogan, Adam McKoy (Proof Trading), Robert Nicholas Moss (Proof Trading), Lisa Oakley (Notheastern University and Proof Trading), Marcel Ribeiro (Proof Trading), Mohammad Shokri (Graduate Center, CUNY and Proof Trading)
How Does Connecting Online Activities to Advertising Inferences Impact Privacy Perceptions? [PDF]
Florian M. Farke (Ruhr University Bochum), David G. Balash (University of Richmond), Maximilian Golla (CISPA Helmholtz Center for Information Security), Adam J. Aviv (The George Washington University)
NOTRY: Deniable messaging with retroactive avowal [PDF] [Artifact: Reproduced]
Faxing Wang (University of Melbourne), Shaanan Cohney (University of Melbourne), Riad Wahby (Carnegie Mellon University), Joseph Bonneau (a16z Crypto Research)
Security and Privacy with Second-Hand Storage Devices: A User-Centric Perspective from Switzerland [PDF]
Kavous Salehzadeh Niksirat (University of Lausanne), Diana Korka (University of Lausanne), Quentin Jacquemin (University of Lausanne), Céline Vanini (University of Lausanne), Mathias Humbert (University of Lausanne), Mauro Cherubini (University of Lausanne), Sylvain Métille (University of Lausanne), Kévin Huguenin (University of Lausanne)
A Bilingual Longitudinal Analysis of Privacy Policies Measuring the Impacts of the GDPR and the CCPA/CPRA [PDF]
Henry Hosseini (University of Münster), Christine Utz (CISPA Helmholtz Center for Information Security), Martin Degeling (Stiftung Neue Verantwortung), Thomas Hupperich (University of Münster)
Blending Different Latency Traffic With Beta Mixing [PDF]
Iness Ben Guirat (COSIC KU leuven), Debajyoti Das (COSIC KU leuven), Claudia Diaz (COSIC KU leuven)
Internet Users' Willingness to Disclose Biometric Data for Continuous Online Account Protection: An Empirical Investigation [PDF]
Florian Dehling (Bonn-Rhein-Sieg University of Applied Sciences), Jan Tolsdorf (The George Washington University), Hannes Federrath (University of Hamburg), Luigi Lo Iacono (Bonn-Rhein-Sieg University of Applied Sciences)
Differentially Private Functional Encryption [PDF]
Jasmin Zalonis (University of Mannheim), Frederik Armknecht (University of Mannheim), Linda Scheu-Hachtel (University of Mannheim)
Towards Biologically Plausible and Private Gene Expression Data Generation [PDF]
Dingfan Chen (CISPA Helmholtz Center for Information Security), Marie Oestreich (German Center for Neurodegenerative Diseases (DZNE)), Tejumade Afonja (CISPA Helmholtz Center for Information Security), Raouf Kerkouche (CISPA Helmholtz Center for Information Security), Matthias Becker (German Center for Neurodegenerative Diseases (DZNE)), Mario Fritz (CISPA Helmholtz Center for Information Security)

Issue 3

Editors' Introduction
Micah Sherr (Georgetown University), Zubair Shafiq (University of California, Davis)
PLASMA: Private, Lightweight Aggregated Statistics against Malicious Adversaries [PDF] [Artifact: Reproduced]
Dimitris Mouris (University of Delaware & Nillion), Pratik Sarkar (Supra Research), Nektarios Georgios Tsoutsos (University of Delaware)
Compact: Approximating Complex Activation Functions for Secure Computation [PDF]
Mazharul Islam (University of Wisconsin - Madison), Sunpreet S. Arora (Visa Research), Rahul Chatterjee (University of Wisconsin - Madison), Peter Rindal (Visa Research), Maliheh Shirvanian (Netflix)
Hawk: Accurate and Fast Privacy-Preserving Machine Learning Using Secure Lookup Table Computation [PDF]
Hamza Saleem (University of Southern California), Amir Ziashahabi (University of Southern California), Muhammad Naveed (University of Southern California), Salman Avestimehr (University of Southern California)
FlashSwift: A Configurable and More Efficient Range Proof With Transparent Setup [PDF]
Nan Wang (CSIRO's Data61), Dongxi Liu (CSIRO's Data61)
SoK: Can Trajectory Generation Combine Privacy and Utility? [PDF] [Artifact: Reproduced]
Erik Buchholz (University of New South Wales/CSIRO's Data61/Cyber Security CRC), Alsharif Abuadbba (CSIRO's Data61/Cyber Security CRC), Shuo Wang (CSIRO's Data61/Cyber Security CRC), Surya Nepal (CSIRO's Data61/Cyber Security CRC), Salil S. Kanhere (University of New South Wales)
Anonify: Decentralized Dual-level Anonymity for Medical Data Donation [PDF] [Artifact: Reproduced]
Sarah Abdelwahab Gaballah (Ruhr University Bochum), Lamya Abdullah (Technical University of Darmstadt), Mina Alishahi (Open Universiteit), Thanh Hoang Long Nguyen (Technical University of Darmstadt), Ephraim Zimmer (Technical University of Darmstadt), Max Mühlhäuser (Technical University of Darmstadt), Karola Marky (Ruhr University Bochum)
Attacking Connection Tracking Frameworks as used by Virtual Private Networks [PDF] [Artifact: Reproduced]
Benjamin Mixon-Baca (ASU/Breakpointing Bad), Jeffrey Knockel (Citizen Lab, University of Toronto), Diwen Xue (University of Michigan), Tarun Ayyagari (Arizona State University), Deepak Kapur (University of New Mexico), Roya Ensafi (University of Michigan), Jedidiah R. Crandall (ASU/Breakpointing Bad)
Exploring Design Opportunities for Family-Based Privacy Education in Informal Learning Spaces [PDF]
Lanjing Liu (Virginia Tech), Lan Gao (University of Chicago), Nikita Soni (University of Illinois, Chicago), Yaxing Yao (Virginia Tech)
SoK: Wildest Dreams: Reproducible Research in Privacy-preserving Neural Network Training [PDF]
Tanveer Khan (Tampere University), Mindaugas Budzys (Tampere University), Khoa Nguyen (Tampere University), Antonis Michalas (Tampere University)
GCL-Leak: Link Membership Inference Attacks against Graph Contrastive Learning [PDF]
Xiuling Wang (Stevens Institute of Technology), Wendy Hui Wang (Stevens Institute of Technology)
Privacy-Preserving Membership Queries for Federated Anomaly Detection [PDF]
Jelle Vos (Delft University of Technology), Sikha Pentyala (University of Washington Tacoma), Steven Golob (University of Washington Tacoma), Ricardo Maia (University of Brasília), Dean Kelley (University of Washington Tacoma), Zekeriya Erkin (Delft University of Technology), Martine De Cock (University of Washington Tacoma, Ghent University), Anderson Nascimento (University of Washington Tacoma)
TMI! Finetuned Models Leak Private Information from their Pretraining Data [PDF] [Artifact: Reproduced]
John Abascal (Northeastern University), Stanley Wu (University of Chicago), Alina Oprea (Northeastern University), Jonathan Ullman (Northeastern University)
CheckOut: User-Controlled Anonymization for Customer Loyalty Programs [PDF] [Artifact: Reproduced]
Matthew Gregoire (University of North Carolina at Chapel Hill), Rachel Thomas (University of North Carolina at Chapel Hill), Saba Eskandarian (University of North Carolina at Chapel Hill)
MicroSecAgg: Streamlined Single-Server Secure Aggregation [PDF]
Yue Guo (J. P. Morgan AI Research), Antigoni Polychroniadou (J. P. Morgan AI Research), Elaine Shi (Carnegie Mellon University), David Byrd (Bowdoin College), Tucker Balch (J. P. Morgan AI Research)
Anonymous Complaint Aggregation for Secure Messaging [PDF] [Artifact: Reproduced]
Connor Bell (University of North Carolina at Chapel Hill), Saba Eskandarian (University of North Carolina at Chapel Hill)
SoK: Trusting Self-Sovereign Identity [PDF]
Evan Krul (University of New South Wales/Cyber Security Cooperative Research Centre), Hye-young Paik (University of New South Wales), Sushmita Ruj (University of New South Wales), Salil S. Kanhere (University of New South Wales)
SublonK: Sublinear Prover PlonK [PDF]
Arka Rai Choudhuri (NTT Research), Sanjam Garg (UC Berkeley), Aarushi Goel (NTT Research), Sruthi Sekar (IIT Bombay), Rohit Sinha (Swirlds Labs.)
GenAIPABench: A Benchmark for Generative AI-based Privacy Assistants [PDF] [Artifact: Available]
Aamir Hamid (Univ. of Maryland Baltimore County), Hemanth Reddy Samidi (Univ. of Maryland Baltimore County), Primal Pappachan (Portland State University), Tim Finin (Univ. of Maryland Baltimore County), Roberto Yus (Univ. of Maryland Baltimore County)
Please Unstalk Me: Understanding Stalking with Bluetooth Trackers and Democratizing Anti-Stalking Protection [PDF]
Alexander Heinrich (Secure Mobile Networking Lab, Department of Computer Science, TU Darmstadt), Leon Würsching (Secure Mobile Networking Lab, Department of Computer Science, TU Darmstadt), Matthias Hollick (Secure Mobile Networking Lab, Department of Computer Science, TU Darmstadt)
FedLAP-DP: Federated Learning by Sharing Differentially Private Loss Approximations [PDF]
Hui-Po Wang (CISPA Helmholtz Center for Information Security), Dingfan Chen (CISPA Helmholtz Center for Information Security), Raouf Kerkouche (CISPA Helmholtz Center for Information Security), Mario Fritz (CISPA Helmholtz Center for Information Security)
Edge Private Graph Neural Networks with Singular Value Perturbation [PDF] [Artifact: Reproduced]
Tingting Tang (University of Southern California), Yue Niu (University of Southern California), Salman Avestimehr (University of Southern California), Murali Annavaram (University of Southern California)
Investigating the Effect of Misalignment on Membership Privacy in the White-box Setting [PDF] [Artifact: Reproduced]
Ana-Maria Cretu (EPFL), Daniel Jones (M365 Research), Yves-Alexandre de Montjoye (Imperial College London), Shruti Tople (Azure Research)
Client-side and Server-side Tracking on Meta: Effectiveness and Accuracy [PDF]
Asmaa El fraihi (LIX, CNRS, Inria, École Polytechnique, IP Paris), Nardjes Amieur (LIX, CNRS, Inria, École Polytechnique, IP Paris), Walter Rudametkin (Univ. Rennes, Inria, CNRS, IRISA, IUF), Oana Goga (LIX, CNRS, Inria, École Polytechnique, IP Paris)
Snail: Secure Single Iteration Localization [PDF] [Artifact: Reproduced]
James Choncholas (Georgia Institute of Technology), Pujith Kachana (Georgia Institute of Technology), André Mateus (Ericsson Research), Gregoire Phillips (Ericsson Research), Ada Gavrilovska (Georgia Institute of Technology)
Physical Side-Channel Attacks against Intermittent Devices [PDF]
Muslum Ozgur Ozmen (Purdue University), Habiba Farrukh (University of California Irvine), Z. Berkay Celik (Purdue University)
PrivDNN: A Secure Multi-Party Computation Framework for Deep Learning using Partial DNN Encryption [PDF] [Artifact: Reproduced]
Liangqin Ren (The University of Kansas), Zeyan Liu (The University of Kansas), Fengjun Li (The University of Kansas), Kaitai Liang (Delft University of Technology), Zhu Li (University of Missouri--Kansas City), Bo Luo (The University of Kansas)
Connecting the Dots: Tracing Data Endpoints in IoT Devices [PDF] [Artifact: Available]
Md Jakaria (North Carolina State University), Danny Yuxing Huang (New York University), Anupam Das (North Carolina State University)
Selective Authenticated Pilot Location Disclosure for Remote ID-enabled Drones [PDF]
Pietro Tedeschi (Technology Innovation Institute), Siva Ganesh Ganti (Eindhoven University of Technology), Savio Sciancalepore (Eindhoven University of Technology)
FP-tracer: Fine-grained Browser Fingerprinting Detection via Taint-tracking and Entropy-based Thresholds [PDF] [Artifact: Available]
Soumaya Boussaha (SAP Security Research / EURECOM), Lukas Hock (SAP Security Research), Miguel Bermejo (UC3M), Ruben Cuevas Rumin (UC3M), Angel Cuevas Rumin (UC3M), David Klein (Technische Universität Braunschweig), Martin Johns (Technische Universität Braunschweig), Luca Compagna (SAP Security Research), Daniele Antonioli (EURECOM), Thomas Barber (SAP Security Research)
Crumbling Cookie Categories: Deconstructing Common Cookie Categories to Create Categories that People Understand [PDF]
Soha Jiwani (Carnegie Mellon University), Rachna Sasheendran (Carnegie Mellon University), Adhishree Abhyankar (Carnegie Mellon University), Elijah Bouma-Sims (Carnegie Mellon University), Lorrie Cranor (Carnegie Mellon University)
Generational Differences in Understandings of Privacy Terminology [PDF]
Charlotte Moremen (Pomona College), Jordan Hoogsteden (Harvard Law School), Eleanor Birrell (Pomona College)
PLAN: Variance-Aware Private Mean Estimation [PDF] [Artifact: Available]
Martin Aumüller (IT University of Copenhagen), Christian Janos Lebeda (Basic Algorithms Research Copenhagen and IT University of Copenhagen), Boel Nelson (Aarhus University), Rasmus Pagh (Basic Algorithms Research Copenhagen and University of Copenhagen)
Secure Range-Searching Using Copy-And-Recurse [PDF]
Eyal Kushnir (IBM Research, Israel), Guy Moshkowich (IBM Research, Israel), Hayim Shaul (IBM Research, Israel)
Compact Issuer-Hiding Authentication, Application to Anonymous Credential [PDF]
Olivier Sanders (Orange, Applied Crypto Group), Jacques Traoré (Orange, Applied Crypto Group)
Privacy-Preserving Fingerprinting Against Collusion and Correlation Threats in Genomic Data [PDF]
Tianxi Ji (Texas Tech University), Erman Ayday (Case Western Reserve University), Emre Yilmaz (University of Houston-Downtown), Pan Li (Case Western Reserve University)
A Black-Box Privacy Analysis of Messaging Service Providers' Chat Message Processing [PDF] [Artifact: Available]
Robin Kirchner (Technische Universität Braunschweig), Simon Koch (Technische Universität Braunschweig), Noah Kamangar (Technische Universität Braunschweig), David Klein (Technische Universität Braunschweig), Martin Johns (Technische Universität Braunschweig)
PRAC: Round-Efficient 3-Party MPC for Dynamic Data Structures [PDF] [Artifact: Reproduced]
Sajin Sasy (University of Waterloo), Adithya Vadapalli (IIT Kanpur), Ian Goldberg (University of Waterloo)
What Does It Mean to Be Creepy? Responses to Visualizations of Personal Browsing Activity, Online Tracking, and Targeted Ads [PDF] [Artifact: Reproduced]
Nathan Reitinger (University of Maryland), Bruce Wen (University of Chicago), Michelle Mazurek (University of Maryland), Blase Ur (University of Chicago)
I still know it's you! On Challenges in Anonymizing Source Code [PDF] [Artifact: Available]
Micha Horlboge (Technische Universität Berlin), Erwin Quiring (ICSI & Ruhr Universität Bochum), Roland Meyer (Technische Universität Braunschweig), Konrad Rieck (BIFOLD & Technische Universität Berlin)

Issue 4

Editors' Introduction
Micah Sherr (Georgetown University), Zubair Shafiq (University of California, Davis)
Divisible E-Cash for Billing in Private Ad Retargeting [PDF]
Kevin Liao (MIT and Harvard Law School), Henry Corrigan-Gibbs (MIT), Dan Boneh (Stanford University)
Fantômas: Understanding Face Anonymization Reversibility [PDF] [Artifact: Available]
Julian Todt (Karlsruhe Institute of Technology), Simon Hanisch (Technical University Dresden), Thorsten Strufe (Karlsruhe Institute of Technology)
Automatic Generation of Web Censorship Probe Lists [PDF]
Jenny Tang (Carnegie Mellon University), Léo Alvarez (EPFL and CMU), Arjun Brar (Carnegie Mellon University), Nguyen Phong Hoang (University of British Columbia), Nicolas Christin (Carnegie Mellon University)
SIGMA: Secure GPT Inference with Function Secret Sharing [PDF] [Artifact: Available]
Kanav Gupta (University of Maryland, College Park), Neha Jawalkar (Indian Institute of Science), Ananta Mukherjee (Microsoft Research), Nishanth Chandran (Microsoft Research), Divya Gupta (Microsoft Research), Ashish Panwar (Microsoft Research), Rahul Sharma (Microsoft Research)
A Zero Auxiliary Knowledge Membership Inference Attack on Aggregate Location Data [PDF]
Vincent Guan (Imperial College London), Florent Guépin (Imperial College London), Ana-Maria Cretu (EPFL), Yves-Alexandre de Montjoye (Imperial College London)
Media talks Privacy: Unraveling a Decade of Privacy Discourse around the World [PDF]
Shujaat Mirza (New York University), Corban Villa (New York University Abu Dhabi), Christina Pöpper (New York University Abu Dhabi)
Revealing the True Cost of Locally Differentially Private Protocols: An Auditing Perspective [PDF]
Héber H. Arcolezi (Inria Centre at the University Grenoble Alpes), Sébastien Gambs (Université du Québec à Montréal (UQAM))
Honesty is the Best Policy: On the Accuracy of Apple Privacy Labels Compared to Apps' Privacy Policies [PDF] [Artifact: Reproduced]
Mir Masood Ali (University of Illinois Chicago), David G. Balash (University of Richmond), Monica Kodwani (The George Washington University), Chris Kanich (University of Illinois Chicago), Adam J. Aviv (The George Washington University)
Raising the Bar: Improved Fingerprinting Attacks and Defenses for Video Streaming Traffic [PDF] [Artifact: Available]
David Hasselquist (Linköping University & Sectra Communications, Sweden), Ethan Witwer (Linköping University, Sweden), August Carlson (Linköping University, Sweden), Niklas Johansson (Linköping University & Sectra Communications, Sweden), Niklas Carlsson (Linköping University, Sweden)
Decision-based Data Distribution (D³): Enabling Users to Minimize Data Propagation in Privacy-sensitive Scenarios [PDF] [Artifact: Available]
Sebastian Linsner (PEASEC, TU Darmstadt), Kilian Demuth (PEASEC, TU Darmstadt), Marc Fischlin (Cryptoplexity, TU Darmstadt), Christian Reuter (PEASEC, TU Darmstadt)
Summation-based Private Segmented Membership Test from Threshold-Fully Homomorphic Encryption [PDF]
Nirajan Koirala (University of Notre Dame), Jonathan Takeshita (University of Notre Dame), Jeremy Stevens (University of Notre Dame), Taeho Jung (University of Notre Dame)
Unlinkable Policy-Compliant Signatures for Compliant and Decentralized Anonymous Payments [PDF]
Christian Badertscher (Input Output), Mahdi Sedaghat (COSIC, KU Leuven), Hendrik Waldner (University of Maryland)
Subgraph Structure Membership Inference Attacks against Graph Neural Networks [PDF]
Xiuling Wang (Stevens Institute of Technology), Wendy Hui Wang (Stevens Institute of Technology)
Onion Services in the Wild: A Study of Deanonymization Attacks [PDF]
Pascal Tippe (FernUniversität in Hagen), Adrian Tippe (Hochschule für Technik und Wirtschaft Berlin)
What to Expect When You’re Accessing: An Exploration of User Privacy Rights in People Search Websites [PDF]
Kejsi Take (New York University), Jordyn Young (University of Michigan), Rasika Bhalerao (Northeastern University), Kevin Gallagher (NOVA LINCS, NOVA School of Science and Technology), Andrea Forte (University of Michigan), Damon McCoy (New York University), Rachel Greenstadt (New York University)
Efficient Privacy-Preserving Machine Learning with Lightweight Trusted Hardware [PDF] [Artifact: Available]
Pengzhi Huang (Cornell University), Thang Hoang (Virginia Tech), Yueying Li (Cornell University), Elaine Shi (Carnegie Mellon University), G. Edward Suh (NVIDIA / Cornell University)
Johnny Still Can't Opt-out: Assessing the IAB CCPA Compliance Framework [PDF] [Artifact: Available]
Muhammad Abu Bakar Aziz (Northeastern University), Christo Wilson (Northeastern University)
Maui: Black-Box Edge Privacy Attack on Graph Neural Networks [PDF]
Haoyu He (The George Washington University), Isaiah J. King (The George Washington University), H. Howie Huang (The George Washington University)
Diversity-driven Privacy Protection Masks Against Unauthorized Face Recognition [PDF]
Ka-Ho Chow (The University of Hong Kong), Sihao Hu (Georgia Institute of Technology), Tiansheng Huang (Georgia Institute of Technology), Fatih Ilhan (Georgia Institute of Technology), Wenqi Wei (Georgia Institute of Technology), Ling Liu (Georgia Institute of Technology)
Sloth: Key Stretching and Deniable Encryption using Secure Elements on Smartphones [PDF] [Artifact: Reproduced]
Daniel Hugenroth (University of Cambridge), Alberto Sonnino (MystenLabs & University College London), Sam Cutler (The Guardian), Alastair R. Beresford (University of Cambridge)
"My Best Friend's Husband Sees and Knows Everything": A Cross-Contextual and Cross-Country Approach to Understanding Smart Home Privacy [PDF]
Tess Despres (University of California, Berkeley), Marcelino Ayala Constantino (El Colegio de la Frontera Norte), Naomi Zacarias Lizola (Universidad de Tijuana CUT), Gerardo Sánchez Romero (Mutua Social Research & Innovation), Shijing He (King's College London), Xiao Zhan (King's College London), Noura Abdi (Liverpool Hope University), Ruba Abu-Salma (King's College London), Jose Such (King's College London & Universitat Politecnica de Valencia), Julia Bernd (International Computer Science Inst.)
The Devil is in the Details: Detection, Measurement and Lawfulness of Server-Side Tracking on the Web [PDF]
Imane Fouad (Univ. Lille, Inria, CNRS, UMR CRIStAL), Cristiana Santos (Utrecht University), Pierre Laperdrix (Univ. Lille, Inria, CNRS, UMR CRIStAL)
What Do Privacy Advertisements Communicate to Consumers? [PDF]
Xiaoxin Shen (Carnegie Mellon University), Eman Alashwali (King Abdulaziz University (KAU) and King Abdullah University of Science and Technology (KAUST)), Lorrie Cranor (Carnegie Mellon University)
Understanding Leakage in Searchable Encryption: a Quantitative Approach [PDF]
Alexandra Boldyreva (Georgia Institute of Technology), Zichen Gui (ETH Zurich), Bogdan Warinschi (Dfinity & University of Bristol)
Post-quantum XML and SAML Single Sign-On [PDF] [Artifact: Reproduced]
Johannes Müller (CNRS/LORIA), Jan Oupický (SnT/University of Luxembourg)
Simply tell me how---On Trustworthiness and Technology Acceptance of Attribute-Based Credentials [PDF]
Rachel Crowder (Newcastle University, UK), George Price (Newcastle University, UK), Thomas Groß (Newcastle University, UK)
Provable Security Analysis of Butterfly Key Mechanism Protocol in IEEE 1609.2.1 Standard [PDF]
Alexandra Boldyreva (Georgia Institute of Technology), Virendra Kumar (Qualcomm), Jiahao Sun
Computational Differential Privacy for Encrypted Databases Supporting Linear Queries [PDF] [Artifact: Available]
Ferran Alborch Escobar (Applied Crypto Group, Orange Innovation), Sébastien Canard (LTCI, Télécom Paris, Institut Polytechnique de Paris), Fabien Laguillaumie (LIRMM, Université de Montpellier, CNRS), Duong Hieu Phan (LTCI, Télécom Paris, Institut Polytechnique de Paris)
Summary Reports Optimization in the Privacy Sandbox Attribution Reporting API [PDF]
Hidayet Aksu (Google), Badih Ghazi (Google), Pritish Kamath (Google), Ravi Kumar (Google), Pasin Manurangsi (Google), Adam Sealfon (Google), Avinash V. Varadarajan (Google)
Toward A Practical Multi-party Private Set Union [PDF]
Jiahui Gao (Arizona State University), Son Nguyen (Arizona State University), Ni Trieu (Arizona State University)
Deniability in Automated Contact Tracing: Impossibilities and Possibilities [PDF]
Christoph U. Günther (Institute of Science and Technology Austria), Krzysztof Pietrzak (Institute of Science and Technology Austria)
Scalable Metadata-Hiding for Privacy-Preserving IoT Systems [PDF]
Yunang Chen (University of Wisconsin-Madison), David Heath (University of Illinois Urbana-Champaign), Rahul Chatterjee (University of Wisconsin-Madison), Earlence Fernandes (University of California San Diego)
Are continuous stop-and-go mixnets provably secure? [PDF]
Debajyoti Das (COSIC, KU Leuven), Claudia Diaz (COSIC, KU Leuven and Nym Technologies SA), Aggelos Kiayias (University of Edinburgh and IOG), Thomas Zacharias (University of Glasgow)
AUTOLYCUS: Exploiting Explainable Artificial Intelligence (XAI) for Model Extraction Attacks against Interpretable Models [PDF] [Artifact: Reproduced]
Abdullah Caglar Oksuz (Case Western Reserve University), Anisa Halimi (IBM Research - Dublin), Erman Ayday (Case Western Reserve University)
Privacy Policies on the Fediverse: A Case Study of Mastodon Instances [PDF]
Emma Tosch (Northeastern University), Luis Garcia (Northeastern University), Cynthia Li (Independent Researcher), Chris Martens (Northeastern University)
Our Data, Our Solutions: A Participatory Approach for Enhancing Privacy in Wearable Activity Tracker Third-Party Apps [PDF]
Noé Zufferey (ETH Zurich), Kavous Salehzadeh Niksirat (University of Lausanne & EPFL), Mathias Humbert (University of Lausanne), Kévin Huguenin (University of Lausanne)
Provable Security for the Onion Routing and Mix Network Packet Format Sphinx [PDF]
Philip Scherer (KIT Karlsruhe), Christiane Weis (NEC Laboratories Europe), Thorsten Strufe (KIT Karlsruhe)
The Multiple Millionaires' Problem: New Algorithmic Approaches and Protocols [PDF]
Tamir Tassa (The Open University), Avishay Yanai (Soda Labs)
Support Personas: A Concept for Tailored Support of Users of Privacy-Enhancing Technologies [PDF]
Kilian Demuth (PEASEC, TU Darmstadt), Sebastian Linsner (PEASEC, TU Darmstadt), Tom Biselli (PEASEC, TU Darmstadt), Marc-André Kaufhold (PEASEC, TU Darmstadt), Christian Reuter (PEASEC, TU Darmstadt)
Link Stealing Attacks Against Inductive Graph Neural Networks [PDF]
Yixin Wu (CISPA Helmholtz Center for Information Security), Xinlei He (Hong Kong University of Science and Technology), Pascal Berrang (University of Birmingham), Mathias Humbert (University of Lausanne), Michael Backes (CISPA Helmholtz Center for Information Security), Neil Zhenqiang Gong (Duke University), Yang Zhang (CISPA Helmholtz Center for Information Security)
VFLGAN: Vertical Federated Learning-based Generative Adversarial Network for Vertically Partitioned Data Publication [PDF] [Artifact: Available]
Xun Yuan (National University of Singapore), Yang Yang (National University of Singapore), Prosanta Gope (University of Sheffield), Aryan Pasikhani (University of Sheffield), Biplab Sikdar (National University of Singapore)
Privacy Protection Behaviors from a New Angle: Exploratory Analysis on a Russian Sample [PDF] [Artifact: Available]
Denis Obrezkov (TIB – Leibniz Information Centre for Science and Technology)
PrivacyLens: On-Device PII Removal from RGB Images using Thermally-Enhanced Sensing [PDF]
Yasha Iravantchi (University of Michigan), Thomas Krolikowski (University of Michigan), William Wang (University of Michigan), Kang G. Shin (University of Michigan), Alanson Sample (University of Michigan)
Evaluating Google's Protected Audience Protocol [PDF] [Artifact: Reproduced]
Minjun Long (University of Virginia), David Evans (University of Virginia)
A Deniability Analysis of Signal’s Initial Handshake PQXDH [PDF]
Rune Fiedler (Technische Universität Darmstadt), Christian Janson (Technische Universität Darmstadt)
Overprofiling Analysis on Major Internet Players [PDF]
Francisco Caravaca (Universidad Carlos III de Madrid), José González-Cabañas (UC3M-Santander Big Data Institute), Ángel Cuevas (Universidad Carlos III de Madrid; UC3M-Santander Big Data Institute), Rubén Cuevas (Universidad Carlos III de Madrid; UC3M-Santander Big Data Institute)
Measuring Conditional Anonymity - A Global Study [PDF]
Pascal Berrang (University of Birmingham), Paul Gerhart (Friedrich-Alexander Universität Erlangen-Nürnberg), Dominique Schröder (TU Wien, Friedrich-Alexander Universität Erlangen-Nürnberg)
The Medium is the Message: How Secure Messaging Apps Leak Sensitive Data to Push Notification Services [PDF]
Nikita Samarin (University of California, Berkeley and International Computer Science Institute (ICSI)), Alex Sanchez (University of California, Berkeley), Trinity Chung (University of California, Berkeley), Akshay Dan Bhavish Juleemun (University of California, Berkeley), Conor Gilsenan (University of California, Berkeley), Nick Merrill (University of California, Berkeley), Joel Reardon (University of Calgary), Serge Egelman (University of California, Berkeley and International Computer Science Institute (ICSI))