Volume 2024

Issue 1

• Editors' Introduction
  Micah Sherr (Georgetown University), Zubair Shafiq (University of California, Davis)
• A Large-Scale Study of Cookie Banner Interaction Tools and their Impact on Users' Privacy [PDF]
  Nurullah Demir (Institute for Internet Security & KASTEL Security Research Labs & Karlsruhe Institute of Technology ), Tobias Urban (Institute for Internet Security & secunet Security Networks AG), Norbert Pohlmann (Institute for Internet Security), Christian Wressnegger (KASTEL Security Research Labs & Karlsruhe Institute of Technology)
• SoK: Data Privacy in Virtual Reality [PDF]
  Gonzalo Munilla Garrido (TUM), Vivek Nair (UC Berkeley), Dawn Song (UC Berkeley)
• Interest-disclosing Mechanisms for Advertising are Privacy-Exposing (not Preserving) [PDF]
  Yohan Beugin (University of Wisconsin-Madison), Patrick McDaniel (University of Wisconsin-Madison)
• QUICKeR: Quicker Updates Involving Continuous Key Rotation [PDF]
  Lawrence Lim (University of California, Santa Barbara), Wei-Yee Goh (University of California, Santa Barbara), Divyakant Agrawal (University of California, Santa Barbara), Amr El Abbadi (University of California, Santa Barbara), Trinabh Gupta (University of California, Santa Barbara)
• Efficiently Compiling Secure Computation Protocols From Passive to Active Security: Beyond Arithmetic Circuits [PDF]
  Marina Blanton (University at Buffalo), Dennis Murphy (University at Buffalo), Chen Yuan (Meta Platform, Inc.)
• DeTorrent: An Adversarial Padding-only Traffic Analysis Defense [PDF]
  James K Holland (University of Minnesota), Jason Carpenter (University of Minnesota), Se Eun Oh (Ewha Womans University), Nicholas Hopper (University of Minnesota)
• A False Sense of Privacy: Towards a Reliable Evaluation Methodology for the Anonymization of Biometric Data [PDF]
  Simon Hanisch (Center for Tactile Internet (CeTI), Technical University Dresden), Julian Todt (KASTEL, Karlsruhe Institute of Technology), Jose Patino (Cerence), Nicholas Evans (Digital Security Department, EURECOM), Thorsten Strufe (KASTEL, Karlsruhe Institute of Technology)
• Cross-Contextual Examination of Older Adults' Privacy Concerns, Behaviors, and Vulnerabilities [PDF]
  Yixin Zou (Max Planck Institute for Security and Privacy), Kaiwen Sun (University of Michigan), Tanisha Afnan (University of Michigan), Ruba Abu-Salma (King's College London), Robin Brewer (University of Michigan), Florian Schaub (University of Michigan)
• “Those things are written by lawyers, and programmers are reading that.” Mapping the Communication Gap Between Software Developers and Privacy Experts [PDF]
  Stefan Albert Horstmann (Ruhr University Bochum), Samuel Domiks (Independent), Marco Gutfleisch (Ruhr University Bochum), Mindy Tran (Paderborn University), Yasemin Acar (Paderborn University , The George Washington University), Veelasha Moonsamy (Ruhr University Bochum), Alena Naiakshina (Ruhr University Bochum)
• Supporting Informed Choices about Browser Cookies: The Impact of Personalised Cookie Banners [PDF]
  Tom Biselli (Science and Technology for Peace and Security (PEASEC), Technical University of Darmstadt), Laura Utz (Science and Technology for Peace and Security (PEASEC), Technical University of Darmstadt), Christian Reuter (Science and Technology for Peace and Security (PEASEC), Technical University of Darmstadt)
• Block Cookies, Not Websites: Analysing Mental Models and Usability of the Privacy-Preserving Browser Extension CookieBlock [PDF]
  Lorin Schöni (ETH Zürich), Karel Kubicek (ETH Zürich), Verena Zimmermann (ETH Zürich)
• Mitigating Inference Risks with the NIST Privacy Framework [PDF]
  Christopher B. Landis (Naval Postgraduate School), Joshua A. Kroll (Naval Postgraduate School)
• Why Privacy-Preserving Protocols Are Sometimes Not Enough: A Case Study of the Brisbane Toll Collection Infrastructure [PDF]
  Amirhossein Adavoudi Jolfaei (University of Luxembourg), Andy Rupp (University of Luxembourg and KASTEL SRL), Stefan Schiffner (Berufliche Hochschule Hamburg (BHH)), Thomas Engel (University of Luxembourg)
• Generalizable Active Privacy Choice: Designing a Graphical User Interface for Global Privacy Control [PDF]
  Sebastian Zimmeck (Wesleyan University), Eliza Kuller (Wesleyan University), Chunyue Ma (Wesleyan University), Bella Tassone (Wesleyan University), Joe Champeau (Wesleyan University)
• Opted Out, Yet Tracked: Are Regulations Enough to Protect Your Privacy? [PDF]
  Zengrui Liu (Texas A&M University), Umar Iqbal (Washington University in St. Louis), Nitesh Saxena (Texas A&M University)
• Privacy Preserving Feature Selection for Sparse Linear Regression [PDF]
  Adi Akavia (University of Haifa), Ben Galili (Technion), Hayim Shaul (IBM Research), Mor Weiss (Bar-Ilan University), Zohar Yakhini (Reichman University and Technion)
• Model-driven Privacy [PDF]
  Srdan Krstic (ETH Zurich), Hoang Nguyen (ETH Zurich), David Basin (ETH Zurich)
• DP-ACT: Decentralized Privacy-Preserving Asymmetric Digital Contact Tracing [PDF]
  Azra Abtahi (Lund University), Mathias Payer (EPFL), Amir Aminifar (Lund University)
• CoStricTor: Collaborative HTTP Strict Transport Security in Tor Browser [PDF]
  Killian Davitt (University College London), Dan Ristea (University College London), Duncan Russell (The Tor Project), Steven J. Murdoch (University College London)
• DeVoS: Deniable Yet Verifiable Vote Updating [PDF]
  Johannes Müller (University of Luxembourg), Balázs Pejó (Budapest University of Technology and Economics), Ivan Pryvalov (University of Luxembourg & Brandenburg University of Technology)
• Over Fences and Into Yards: Privacy Threats and Concerns of Commercial Satellites [PDF]
  Rachel McAmis (University of Washington), Mattea Sim (University of Indiana Bloomington), Mia Bennett (University of Washington), Tadayoshi Kohno (University of Washington)
• Constant-Round Private Decision Tree Evaluation for Secret Shared Data [PDF]
  Nan Cheng (University of St.Gallen), Naman Gupta (IIT Delhi), Aikaterini Mitrokotsa (University of St.Gallen), Hiraku Morita (Aarhus University and University of Copenhagen), Kazunari Tozawa (The University of Tokyo)
• Data Isotopes for Data Provenance in DNNs [PDF]
  Emily Wenger (The University of Chicago), Xiuyu Li (UC Berkeley), Ben Y. Zhao (The University of Chicago), Vitaly Shmatikov (Cornell Tech)
• MAPLE: MArkov Process Leakage attacks on Encrypted Search [PDF]
  Seny Kamara (MongoDB & Brown University), Abdelkarim Kati (Mohammed-VI Polytechnic University), Tarik Moataz (MongoDB), Jamie DeMaria (Elementl), Andrew Park (Carnegie Mellon University), Amos Treiber (Technical University of Darmstadt)
• SocIoTy: Practical Cryptography in Smart Home Contexts [PDF]
  Tushar M. Jois (City College of New York), Gabrielle Beck (Johns Hopkins University), Sofia Belikovetsky (Johns Hopkins University), Joseph Carrigan (Johns Hopkins University), Alishah Chator (Boston University), Logan Kostick (Johns Hopkins University), Maximilian Zinkus (Johns Hopkins University), Gabriel Kaptchuk (Boston University), Aviel D. Rubin (Johns Hopkins University)
• Communication Breakdown: Modularizing Application Tunneling for Signaling Around Censorship [PDF]
  Paul Vines (Two Six Technologies), Samuel McKay (Two Six Technologies), Jesse Jenter (Two Six Technologies), Suresh Krishnaswamy (Two Six Technologies)
• On the Quality of Privacy Policy Documents of Virtual Personal Assistant Applications [PDF]
  Chuan Yan (University of Queensland, Australia), Fuman Xie (University of Queensland, Australia), Mark Huasong Meng (Institute for Infocomm Research, Singapore), Yanjun Zhang (University of Technology Syndey, Australia), Guangdong Bai (University of Queensland, Australia)
• SEDMA: Self-Distillation with Model Aggregation for Membership Privacy [PDF]
  Tsunato Nakai (Mitsubishi Electric Corporation), Ye Wang (Mitsubishi Electric Research Laboratories), Kota Yoshida (Ritsumeikan University), Takeshi Fujino (Ritsumeikan University)
• SoK: Metadata-Protecting Communication Systems [PDF]
  Sajin Sasy (University of Waterloo), Ian Goldberg (University of Waterloo)
• A Cautionary Tale: On the Role of Reference Data in Empirical Privacy Defenses [PDF]
  Caelin Kaplan (SAP Labs France, Inria, Université Côte d’Azur), Chuan Xu (Inria, Université Côte d’Azur, CNRS, I3S), Othmane Marfoq (Inria, Université Côte d’Azur, Accenture Labs), Giovanni Neglia (Inria, Université Côte d’Azur), Anderson Santana de Oliveira (SAP Labs France)
• SWiSSSE: System-Wide Security for Searchable Symmetric Encryption [PDF]
  Zichen Gui (ETH Zurich), Kenneth G. Paterson (ETH Zurich), Sikhar Patranabis (IBM Research India), Bogdan Warinschi (University of Bristol and DFINITY)
• PRIVIC: A privacy-preserving method for incremental collection of location data [PDF]
  Sayan Biswas (INRIA and LIX, École Polytechnique), Catuscia Palamidessi (INRIA and LIX, École Polytechnique)
• User-Controlled Privacy: Taint, Track, and Control [PDF]
  François Hublet (ETH Zürich), David Basin (ETH Zürich), Srđan Krstić (ETH Zürich)
• SGXonerate:Finding (and Partially Fixing) Privacy Flaws in TEE-based Smart Contract Platforms Without Breaking the TEE [PDF]
  Nerla Jean-Louis (University of Illinois Urbana Champaign), Yunqi Li (University of Illinois Urbana Champaign), Yan Ji (Cornell University), Harjasleen Malvai (University of Illinois Urbana Champaign), Thomas Yurek (University of Illinois Urbana Champaign), Sylvain Bellemare (IC3 (Cornell University)), Andrew Miller (University of Illinois Urbana Champaign, IC3)
• Tailoring Digital Privacy Education Interventions for Older Adults: A Comparative Study on Modality Preferences and Effectiveness [PDF]
  Heba Aly (Clemson University), Yizhou Liu (Clemson University), Reza Ghaiumy Anaraky (New York University), Sushmita Khan (Clemson University), Moses Namara (Clemson University), Kaileigh Angela Byrne (Clemson University), Bart Knijnenburg (Clemson University)