Computer Security – ESORICS 2022 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26–30, 2022, Proceedings, Part III

The three volume set LNCS 13554, 13555, 13556 constitutes the proceedings of the 27th European Symposium on Research in Computer Security, ESORICS 2022, which took place in September 2022. The conference took place in Copenhagen, Denmark, in a hybrid mode.

The 104 full papers and 6 poster papers presented in these proceedings were carefully reviewed and selected from 562 submissions. They were organized in topical sections as follows:

Part I: Blockchain security; privacy; crypto; attacks; sidechannels;

Part II: Anonymity; cloud security; access control; authentication; digital signatures; IoT security; applications;

Part III: Formal analysis; Web security; hardware security; multiparty computation; ML techniques; cyber-physical systems security; network and software security; posters.

Formal Analysis.- A Formal Analysis of the FIDO2 Protocols.- Composable Security Treatment of ECVRF and Batch Verifications.- Effcient Proofs of Knowledge for Threshold Relations.- A tale of two models: formal verification of KEMTLS via Tamarin.- Web Security.- Browser-based CPU Fingerprinting.- Polymorphic Protocols at the Example of Mitigating Web Bots.- Unlinkable Delegation of WebAuthn Credentials.- Large Scale Analysis of DoH Deployment on the Internet.- Equivocal URLs: Understanding the Fragmented Space of URL Parser Implementations.- Exploring the Characteristics and Security Risks of Emerging Emoji Domain Names.- Hardware Security.- CPU Port Contention Without SMT.- Protocols for a Two-Tiered Trusted Computing Base.- Using Memristor Arrays as Physical Unclonable Functions.- Multiparty Computation.- SecureBiNN: 3-Party Secure Computation for Binarized Neural Network Inference.- MixedTechnique Multi-Party Computations Composed of Two-Party Computations.- PEA: Practical Private Epistasis Analysis using MPC.- ML Techniques.- Hide and Seek: on the Stealthiness of Attacks against Deep Learning Systems.- Precise Extraction of Deep Learning Models via Side-Channel Attacks on Edge/Endpoint Devices.- Real-time Adversarial Perturbations against Deep Reinforcement Learning Policies: Attacks and Defenses.- FLMJR: Improving Robustness of Federated Learning via Model Stability.- MaleficNet: Hiding Malware into Deep Neural Networks using Spread-Spectrum Channel Coding.- Long-Short History of Gradients is All You Need: Detecting Malicious and Unreliable Clients in Federated Learning.- MLFM: Machine Learning Meets Formal Method for Faster Identification of Security Breaches in Network Functions Virtualization (NFV).- Cyber-Physical Systems Security.- Perspectives from a Comprehensive Evaluation of Reconstruction-based Anomaly Detection in Industrial Control Systems.- A Novel High-performance Implementation of CRYSTALS-Kyber with AI Accelerator.- From Click To Sink: utilizing AIS for command and control in maritime cyber attacks.- Effcient Hash-Based Redactable Signature for Smart Grid Applications.- Can Industrial Intrusion Detection Be SIMPLE.- For your Voice Only: Exploiting Side Channels in Voice Messaging for Environment Detection.- Towards Effcient Auditing for Real-Time Systems.- Network and Software Security.- Towards a Systematic and Automatic Use of State Machine Inference to Uncover Security Flaws and Fingerprint TLS Stacks.- PanoptiCANs - Adversary-resilient Architectures for Controller Area Networks.- Detecting Cross-Language Memory Management Issues in Rust.- Reach Me if You Can: On Native Vulnerability Reachability in Android Apps.- Extensible Virtual Call Integrity.- Posters.- Is your password sexist? A gamification-based analysis of the cultural context of leaked passwords.- A Fast, Practical and Simple Shortest Path Protocol for Multiparty Computation.- Audio Spoofing Detection Using Constant-Q Spectral Sketches and Parallel-Attention SE-ResNet.- MixCT: Mixing Confidential Transactions from Homomorphic Commitment.- Multi-Freq-LDPy: Multiple Frequency Estimation Under Local Differential Privacy in Python.- The Devil is in the GAN: Backdoor Attacks and Defenses in Deep Generative Models.