Conference Program

Local Time (UTC-4)	Auditorium	Room 1102	Room 1104	Room 1105	Room 904	Room 905	Room 906
8:00 - 9:00	Registration
9:00 - 10:30	DSML 1	HAP 1	FORCE 1	CRAI+RASACC 1	Tutorial 1	Tutorial 2	Tutorial 4
10:30 - 11:00	Coffee Break
11:00 - 12:30	DSML 2	HAP 2	FORCE 2	CRAI + RASACC 2	Tutorial 1	Tutorial 2	Tutorial 4
12:30 - 14:00	Lunch
14:00 - 15:30	DSML 3	HAP 3	DSAS + DT4DRS 1	CRAI + RASACC 3	Tutorial 1	Tutorial 3	Tutorial 5
15:30 - 16:00	Coffee Break
16:00 - 17:30	DSML 4	HAP 4	DSAS + DT4DRS 2	CRAI + RASACC 4	Tutorial 1	Tutorial 3	Tutorial 5
18:30 - 20:00	Welcome Reception

NOTE: This is still a preliminary version of the program and may suffer some changes

DSML 1: Opening & Red-Teaming Generative AI at Auditorium, 9:00 - 10:30, June 22

Welcome to DSML 2026 by Pietro Liguori and Zitao Chen, PC Chairs
Keynote: AI and Dependability in Computing Systems: Friend or Foe? by Saurabh Bagchi, Professor, Purdue University and KeyByte
Trust Without Safeguards: A Red-Teaming Study of ProteinMPNN in Open Protein Design Pipelines by Tia Pope, Ahmad Patooghy (North Carolina A&T State University)

DSML 2: Trustworthy LLMs in Security-Critical Applications at Auditorium, 11:00 - 12:30, June 22

Drivers of Secure and Correct Code: A Factorial Study of Size, Pre-Training, and Data Quality by Pietro Liguori (University of Naples Federico II), Rrezarta Krasniqi (University of North Carolina at Charlotte), Domenico Cotroneo (University of North Carolina at Charlotte)
LLM-PEA: Leveraging Large Language Models Against Phishing Email Attacks by Najmul Hasan (University of North Carolina at Pembroke), Prashanth Busireddygari (University of North Carolina at Pembroke), Haitao Zhao (University of North Carolina at Pembroke), Yihao Ren (University of North Carolina at Pembroke), Jinsheng Xu (North Carolina A&T State University), Shaohu Zhang (North Carolina A&T State University)
On the Reliability of Targeted Unlearning in 4-Bit Quantized LLMs [Online presentation] by Syed Ahsan Ali (NED University of Engineering and Technology)
Establishing Zero-Shot LLM Performance at Network Tomography by India-Jane Barry (City St George's, University of London), Ilir Gashi (City St George's, University of London), Kizito Salako (City St George's, University of London), Pedro Marques (BT), Pranava Madhyastha (City St George's, University of London)
Latent Space Probing for Adult Content Detection in Video Generative Models by Alizishaan Khatri (Wrynx Inc.), Chiquita Prabhu (Independent Researcher)

DSML 3: From Practice to Research - Dependable ML in Production at Auditorium, 14:00 - 15:30, June 22

Keynote: When the Pager Goes Off: Dependable and Secure ML in Regulated Enterprise Operations by Pramod Muppala, Vice President and Middleware Team Lead, Enterprise Engineering & Technology, Bank of America
AdROD: Adaptive Redundancy for Object Detection in Autonomous Driving by Shunsuke Nagao, Fumio Machida (University of Tsukuba)
[Research Proposal] Resilience Assessment of AI Accelerators: A Driver-Level Fault Injection Methodology by Marcello Cinque, Luigi De Simone, Nike Di Giacomo (University of Naples Federico II)

DSML 4: Federated Security & Model Robustness at Auditorium, 16:00 - 17:30, June 22

On the Extreme Variance of Certified Local Robustness Across Model Seeds by Minh Le (Georgia Institute of Technology), Phuong Cao (University of Illinois Urbana-Champaign)
Model Chunking in Decentralized Learning: From Privacy Defense to Privacy Leakage by Halil Betmezoglu, Bart Cox, Jérémie Decouchant (Delft University of Technology)
Color Matters: Trigger Color Affects Success in Federated Backdoor Attack by Kavindu Herath, Joshua Zhao, Saurabh Bagchi (Purdue University)
Seeing in Shades of Gray: Real-time Federated Image-Based Malicious Traffic Detection by Sapthak Mohajon Turjya (North Carolina A&T State University), Moaz Usama (The British University in Egypt), Mulham Fawakherji (North Carolina A&T State University), Mahmoud Abouyoussef (North Carolina A&T State University), Islam Obaidat (North Carolina A&T State University)
FlowMamba: A Dependable and Predictable Streaming Graph Framework for Energy IoT Intrusion Detection by Chuang Huo, Gang Wang (Inner Mongolia University of Technology)
Closing Remarks by Pietro Liguori and Zitao Chen, PC Chairs

HAP 1 at Room 1102, 9:00 - 10:30, June 22

Opening
Keynote: Toward Holistic System Security: Isolation and Practical Analysis Across the Stack by Takahiro Shinagawa (Tokyo University)

HAP 2 at Room 1102, 11:00 - 12:30, June 22

ThermalQuest: Gamifying Thermal Side-Channel Attack Education with Interactive Pipeline and Memory Visualization by Jaswanth Chithu Sudharsan and Gokhan Kul
A Case for Unifying Trusted Execution Environments by Pierre-Louis Aublin, Thomas Prévost, Hajime Tazaki, and Kuniyasu Suzaki
Software-defined SEV for Confidential VMs Based on the Delegation Architecture in RISC-V by Junpei Matsushita, and Kenichi Kourai

HAP 3 at Room 1102, 14:00 - 15:30, June 22

Binding Application-Layer Provenance to CPU-rooted Attestation in Confidential VMs via a Kernel-resident Pseudo-CA by Zen Ishikura, Sakae Chikara, Fumiaki Kudoh, Gen Takahashi, Hiroki Itoh, and Kuniyasu Suzaki
Attestable Build Chain: Enabling Trust in Reproducible Builds by Kenichiro Muto and Kuniyasu Suzaki
Closing remarks

HAP 4 at Room 1102, 16:00 - 17:30, June 22

Open Discussions

FORCE 1: Keynote talk at Room 1104, 9:00 - 10:30, June 22

Keynote: The Good, the Bad, and the Ugly in Quantum Computing: Computational Power, Intrinsic Noise, and Transient Faults by Paolo Rech (University of Trento, Italy)

FORCE 2: Paper presentations at Room 1104, 11:00 - 12:30, June 23

Controller Placement in Hybrid SDN Networks: Classical Heuristics vs. Quantum-inspired Optimization by Salman Khan, Deborsi Basu, Uttam Ghosh and Raja Datta
Quantum Generative Adversarial Networks for EEG-Based Sleep Stage Classification in Noiseless and Noisy Scenarios by Ikram Khan, Sthefanie Passo and John Prevost
A Dependability Profile for Hybrid Quantum-Classical Systems by Piyush Sonawane, Andrew Kelly and Naveed Mahmud

DSAS + DT4DRS 1 at Room 1104, 14:00 - 15:30, June 22

Opening
Keynote: Trusting the System, Not Just the Model: A Perspective on AI-Enabled Autonomous Systems by Marco Vieira (University of North Carolina at Charlotte)

DSAS + DT4DRS 2 at Room 1104, 16:00 - 17:30, June 22

Session 1: AI Safety, Security & Risk Analysis

Safety Beyond the Interface: Detecting Harm via Latent States in Large Language Models by Alizishaan Khatri, Chiquita Prabhu and Omkar Neogi
From Threat Intelligence to Decision Theory: ATT&CK-Derived Utility Functions for Adversarial Risk Analysis in NIDS by Mayank Raj, Nathaniel Bastian and Gokhan Kul

Session 2: Dependable and Secure Cyber-Physical & Autonomous Systems

PACT: Predictive Approximate Computing with Temporal Guarantees by Gustavo Londono, Sibin Mohan, Sathish Gopalakrishnan and Radha Venkatagiri
Threat-Oriented Digital Twinning for Security Evaluation of Autonomous Platforms by Thomas Neubert, Laxima Niure Kandel and Berker Peköz
Consequence-Driven Dependability Models for Cyber-Physical Systems (CPS) by Ronan Oostveen, Stefano Simonetto, Peter Bosch, Alessandro Chiumento and Maarten van Steen

Closing Remarks

CRAI + RASACC 1 at Room 1105, 9:00 - 10:30, June 22

Opening remarks
Keynote: Using Trusted Execution Environments to accelerate and reinforce blockchain consensus by Jérémie Decouchant

CRAI + RASACC 2: Foundations of Resilient Agentic Systems at Room 1105, 11:00 - 12:30, June 22

Automated Resilience Assessment for Autonomous System-based System-on-Chip Architectures by Abigail Butka and Brian Butka
DisTrust: Adaptive Trust-Based Verification for Resilient Distributed Computation by Fouad Afiouni, Saurabh Bagchi, and Aravind Machiry
From Agent Failure Paths to Quantified Residual Risk: A Compositional Framework for Resilient Agentic AI by Hassan Karim, Deepti Gupta, Sai Sitharaman, and Danda Rawat
Agentic AI for Continuous Intelligence in Future Smart Connected Systems by Likhitha Annapurna Kavuri, Deepti Gupta, and Eman Hammad

CRAI + RASACC 3 at Room 1105, 14:00 - 15:30, June 22

Keynote talk (TBD)

CRAI + RASACC 4: Secure and Adaptive Agentic Systems at Room 1105, 16:00 - 17:30, June 22

Multi-Agent-based Failure Recovery Planning for a Connected Vehicle Platform by Aoi Matsuda, Ippo Hiroi, Fumio Machida, and Naohiro Ohtsuka
Composable Trust in Agentic AI: Bridging Architectural Capability and System-Level Assurance by Omar Al-Refai, Ibrahim Shahbaz, and Eman Hammad
NinjaShell: Skill-Aware Defense Against Malicious Agentic Skills by Haddy Alchaer, Joseph Ghanem, and Saurabh Bagchi

Tutorial 1: at Room 904, 09:00 - 17:30, June 22

RESIST: Resilience against Silent Silicon Threats - A Cross-Layer Perspective by Peter W. Deutsch (MIT), Vincent Quentin Ulitzsch (MIT), Mengjia Yan (MIT), Sudhanva Gurumurthi (AMD), Vilas Sridharan (AMD), Harish Dixit (Meta), Sriram Sankar (Meta)

Tutorial 2: at Room 905, 09:00 - 12:30, June 22

Fault Injection for ML Applications: From DNNs to LLMs by Karthik Pattabiraman (Univ. of British Columbia), Bo Fang (Univ. of Texas, Arlington), Lishan Yang (George Mason Univ.), Abraham Chan (Univ. of British Columbia), Yu Sun (George Mason University)

Tutorial 3: at Room 905, 14:00 - 17:30, June 22

Securing Your Airspace: The Interplay Between Cybersecurity, Sensing, and Safety by Alireza Famili (WayWave Inc), Amir Fakhim Babaei (WayWave Inc), Tolga O. Atalay (A2 Labs LLC), Angelos Stavrou (WayWave Inc, A2 Labs LLC, Virginia Tech, Arlingto)

Tutorial 4: at Room 906, 09:00 - 12:30, June 22

Confidential Computing: Fundamentals, Platforms, and Research by Zhongshu Gu, Julian Stephen, Enriquillo Valdez (IBM Research)

Tutorial 5: at Room 906, 14:00 - 17:30, June 22

Preventing Human Errors for Dependable Computer System Design by Fuqun Huang (Western Washington University)

Local Time (UTC-4)	Auditorium	Room 1102	Room 1104	Room 1105
8:00 - 9:00	Registration
9:00 - 9:45	Opening and Test of Time Award
9:45 - 10:30	Keynote 1: Michael Reiter "On the Dependability of ML for Security-Related Tasks"
10:30 - 11:00	Coffee Break
11:00 - 12:30	RS1 - Best Papers
12:30 - 14:00	Lunch
14:00 - 15:30	RS2	RS3	Poster Pitch	Industry 1
15:30 - 16:00	Coffee Break (with Posters)
16:00 - 17:30	RS4	RS5	Disrupt 1	Industry 2

Legend:

RS: Research

NOTE: This is still a preliminary version of the program and may suffer some changes

Opening, at Auditorium, 9:00 - 9:15, June 23

Bojan Cukic and Marco Vieira (University of North Carolina at Charlotte)

Miguel P. Correia (University of Lisbon) and Lydia Y. Chen (University of Neuchatel / TU Delft)

Test of Time (TOT) Award, at Auditorium, 09:15 - 09:45, June 23

Session Chair: Cristina Nita-Rotaru

Targeted Attacks on Teleoperated Surgical Robots: Dynamic Model-Based Detection and Mitigation by Homa Alemzadeh, Daniel Chen, Xiao Li, Thenkurussi Kesavadas, Zbigniew T. Kalbarczyk, Ravishankar K. Iyer
PARBOR: An Efficient System-Level Technique to Detect Data-Dependent Failures in DRAM by Samira Khan, Donghyuk Lee, Onur Mutlu

Keynote 1, at Auditorium, 9:45 - 10:30, June 23

Session Chair: Cristina Nita-Rotaru

On the Dependability of ML for Security-Related Tasks by Michael Reiter

RS1: Best Papers, at Auditorium, 11:00 - 12:30, June 23

Session Chair: Miguel Correia, Lydia Y. Chen

PRAXIS: Integrating Program Analysis with Observability for Root-Cause Analysis by S. Cui, R. Krishna, S. Jha, R. Iyer
Thinking Inside the Box: Injecting Realistic Radiation Faults in ML Accelerators by B. Coelho, M. Sadati, A. Chan, A. Hands, K. Pattabiraman, P. Rech
Q3Fuzz: Multi-Layered Stateful Fuzzing for the QUIC-HTTP/3 Protocol Stack by I. Jafarov, C. Lee, H. Lee, S. Dietrich

RS2: Making LLMs Safer, at Auditorium, 14:00 - 15:30, June 23

Session Chair: TBD

LUMEN: A Systems Approach to LLM-Guided Activation of Hidden Behaviors in Malware by K. Valakuzhy, M. Wong, D. Blough, M. Ahamad, F. Monrose
A First Look at the Security Issues in the Model Context Protocol Ecosystem by X. Li, X. Gao
RIPE-II: Retrieval In-Place Poisoning Evaluation with Indirect Injections by G. Malladi, G. Thamilarasu
Bypassing Safety Alignment via API Design: A Systematic Risk Analysis of Response Prefill in LLM systems by Y. Li, J. Hu, W. Sang, L. Ma, W. Zhang, A. Yu, Q. Zhou, Y. Su, D. Nie, Q. Huang

RS3: Dependability in Federated Learning, at Room 1102, 14:00 - 15:30, June 23

Session Chair: TBD

Beyond Corner Patches: Semantics-Aware Backdoor Attack in Federated Learning by K. Herath, J. Zhao, S. Bagchi
In-Depth Exploration of Differentially Private Quantization for Privacy-Preserving and Communication-Efficient Federated Learning by S. Huang, Z. Ye, J. Wang, Z. Zhang, J. Fu, W. Wang, S. Di, X. Yu
From Centralized Learning to Federated Setting: Keeping Reliability on Track by J. Yan, P. de Carvalho, J. Henriques, J. Loureiro, C. Lam, H. Madeira
Computationally Efficient Anomaly Detection and Exclusion for Practical and Robust Federated Learning by R. Zatsarenko, D. Korobeinikov, S. Chuprov, L. Reznik

RS4: Safer Learning, at Auditorium, 16:00 - 17:30, June 23

Session Chair: TBD

Generalizable Graph-based Reinforcement Learning Agents for Automated Cyber Defense by I. King, B. Bowman, H. Huang
LymphNode: A Plug-and-Play Access Control Method for Deep Neural Networks H. Pei, S. Liu, Z. Liu
Ruby: Unmasking Unsafe Rust in Stripped Binaries via Machine Learning by X. Cheng, S. Park, H. Han, X. Zhang, T. Kim
OptiMAC: Adaptive Security Optimization for Message Authentication Code in Adversarial Environment by S. Kashani, E. Khademnia, Görkem, Y. Dong, T. Wu, S. Kim, A. Khokhar, F. Nait-Abdesselam, S. Hussain

RS5: Vulnerability Detection, at Room 1102, 16:00 - 17:30, June 23

Session Chair: TBD

VulJSFormer: Learning to Detect JavaScript Vulnerabilities with Vulnerability-Relevant Graphs by K. Ren, H. He, H. Wang, W. Qiang, Y. Wu, D. Zou
VulStyle: A Multi-Modal Pre-Training for Code Stylometry-Augmented Vulnerability Detection by C. Biringa, A. Abbas, V. Selvaraj, G. Kul
VulLens: Enhancing Software Vulnerability Detection against Evasion Attacks by S. Sun, P. Sharma, S. Maitra, A. Stavrou, H. Wang
AnBridge: Protecting On-Device AI with Android Virtualization Framework by G. Farina, R. Corte, A. Machiry, M. Cinque, S. Bagchi

Industry 1: Distributed Systems and Networks, at Room 1105, 14:00 - 15:30, June 23

Session Chair: TBD

Decentralized Root Cause Analysis for Cloud-Native Microservices: Experience with Distributed PageRank in Production by Shabbir Hussain, Hari Charan Panjwani
PeerLumen: A Bitcoin P2P Honeypot Telescope by Wenjun Fan, Fei Du, Jungho Kim, and Sang-Yoon Chang
SNAS: A Multi-Layer Defense-in-Depth Architecture for Secure Egress in Sandboxed Workloads by Niranjan Kumar Sharma, S Muralidhar, Samy Boshra-Riad, Mike Halcrow, Yuxiong He, Nitya Kumar Sharma, Shawn Xia, Haowei Yu, Elliott Brossard, Derek Denny-Brown, Choden Konigsmark, Chenwei Xie, Bhanu Prakash, Brandon Baker, Andong Zhan
An IPsec Tunnel Recovery Protocol to Overcome QKD Key desynchronization by Hong-Sung Kim, Hyong-Shik Kim
Aegis: Preventing Cross-Domain Resource Abuse in MCP by Shriti Priya, Teryl Taylor, Frederico Araujo

Industry 2: Processors and Memories, at Room 1105, 16:00 - 17:30, June 23

Session Chair: TBD

Harpocrates-in-action: Using Simulation-based Functional Test Programs to Catch Marginal Defects in CPUs by Nikos Karystinos, Odysseas Chatzopoulos, Dimitris Gizopoulos, Ashish Kumar, Sankar Gurumurthy, Sudhanva Gurumurthi, Vilas Sridharan
The Anatomy of Silent Data Corruption: GPU Error Pattern Study and Modeling Guidance by Chung-Hsuan Tung, Yanxiang Huang, Nirmal Saxena, Philip Shirvani, Saurabh Hukerikar, Twinkle Jain, Abhishek Tyagi, Sanjay Gongalore
Enterprise-Scale RAS in IBM Z Memory Subsystem by Patrick Meaney, David Cadigan, Gary Van Huben, Stephen Powell, Kelvin Wong, Colleen Weller, Gary Tressler, Hailey Nicholson, Marc Gollub, Alper Buyuktosunoglu
HBM Errors at Scale: An Industrial Study by Shreya Varshini, Qintian Huang, Xun Jiao, Mihir Patel, Abhinav Pandey, Fred Lin
Redefining Page Offlining: Real-World Memory Failure Modes with Preemptive Strategies by Ankit Saxena, Jongmin Lee, Youngwook Ko, Stuti Patel, Grant Gambetta, Dankyu Kang, Yoon Kim, Ilgyu Jung, Paul Cho

Poster Pitch, at Room 1104, 14:00 - 15:30, June 23

Session Chair: José D'Abruzzo Pereira, Chenglong Fu

FGF: A Fact-Graph Feedback Loop Framework for Verifiable LLM-based Decision Making by Subi Kim, Jimin Ryu, Jieun Kang, Yong Ik Yoon
Adaptive Symbolic Execution with LLMs for Evasive Malware Analysis by Ajay Kumara Makanahalli Annaiah, Shahid Ali Lodin, William Setters
Co-evolving SQL Injection Attacks and ModSecurity Rules via Agentic AI by Vahid Babaey, Arun Ravindran
Why Are Anomalies Rare in RSS? Diagnosing Strict Serializability Violations in Spanner-RSS by Sejong Kim, Yon Dohn Chung
Towards Automated Detection of Latent Software Robustness Failures using Large Language Models by José Flauzino, Marco Vieira, Elias Duarte
by Optimal Fast-ReRoute: A Tool for Generating and Visualizing Arborescence-based Routes by Leon Okida, Elias P. Duarte Jr., André Vignatti
Making Binary Decisions in Decentralized Autonomous Organizations by Nuno Braz, Miguel Correia
Efficient Backdoor Sample Identification via Blend Transform for Untrusted Training Data by Shuhong Yang, Zhenyong Zhang, Zeyu Yang, Shuaiting Huang
Memory-Bandwidth Side Channels for Input Recovery in Edge-Deployed LLM Inference by Davis Ranney, Yashaswini Makaram, Yunsi Fei
Does the Knight and Leveson Hypothesis Hold for LLM-Based Code Generation? by Rodrigo Pato Nogueira, Karthik Pattabiraman, Marco Vieira, João R. Campos
The Overlooked Role of False Negatives in Reentrancy Detection by Alvise Spanò, Dalila Ressi, Sabina Rossi, Michele Bugliesi
LUMENating: Insights from an LLM-Guided System for Activating Hidden Behaviors in Malware by Kevin Valakuzhy, Abhinav Vemulapalli, Miuyin Yong Wong, Doug Blough, Mustaque Ahamad, Fabian Monrose
Mind the Driver: A Fault Injection Methodology for AI Systems by Marcello Cinque, Luigi De Simone, Nike Di Giacomo
On the Feasibility of Side-Channel Information for Malicious Traffic Detection in IoT Networks by Shadman Sakib Arnob, Ahmad Patooghy, Islam Obaidat
Edge-Based Privacy Auditing for Trustworthy Humanoid Robot Interaction by Bontu Geremew, Sharun Akter Khushbu, Shaohu Zhang
Evaluating Security Best Practices in the GitHub Actions Documentation by Lukas Boschanski, Marco Vieira
Demystifying Differentially Private Quantization in Federated Learning by Shan Huang, Zhijing Ye, Jiamin Wang, Zhaorui Zhang, Jie Fu, Wendy Hui Wang, Sheng Di, Xiaodong Yu
Investigating the Relationship Between Autonomous Driving System Disengagements and Crashes by Dev Patel, Arpan Swaroop, Saurabh Bagchi

Disrupt 1: Disruptive Distributed Systems and Networks, at Room 1104, 16:00 - 17:30, June 23

Session Chair: Elias Duarte

Trust, but Verify: ByzTwin-Range, a Digital Twin Cyber-Range for Byzantine Faults by Tadeu Freitas, João Soares and Rolando Martins
Taming the Airwaves: Resilient Spectrum Sharing with BFT by Xiaoxuan Qin, Prashant Krishnamurthy and Amy Babay
Network-Aware Differential Privacy by Zhou Li, Yu Zheng, Tianhao Wang and Sang-Woo Jun
Towards Security by Performance: Rethinking Cyber Risk Assessment for Distributed ML Systems by Alessandro Palma, Gianluca Capozzi, Silvia Bonomi and Giuseppe Antonio Di Luna

Local Time (UTC-4)	Auditorium	Room 1102	Room 1104	Room 1105
8:00 - 9:00	Registration
9:00 - 9:45	Jean-Claude Laprie Award
9:45 - 10:30	Keynote 2: Pradip Bose "Robust Power Management in AI-Centric Systems"
10:30 - 11:00	Coffee Break (with Posters)
11:00 - 12:30	RS6	RS7	Disrupt 2	Industry 3
12:30 - 14:00	Lunch
14:00 - 15:30	RS8	RS9	RS10	Industry 4
15:30 - 16:00	Coffee Break
16:00 - 17:10	RS11	RS12	RS13	Industry 5
17:10 - 22:00	Excursion and Banquet

Legend:

RS: Research

NOTE: This is still a preliminary version of the program and may suffer some changes

Jean-Claude Laprie (JCL) Award, at Auditorium, 09:00 - 09:45, June 24

Session Chair: Marco Vieira

Orthogonal Defect Classification – A Concept for In-Process Measurements by Ram Chillarege, Inderpal S. Bhandari, Jarir K. Chaar, Michael J. Halliday, Diane S. Moebus, Bonnie K. Ray, and Man-Yuen Wong. https://doi.org/10.1109/32.177364

Keynote 2, at Auditorium, 09:45 - 10:30, June 24

Session Chair: Marco Vieira

Robust Power Management in AI-Centric Systems by Pradip Bose

RS6: Cryptography & Privacy, at Auditorium, 11:00 - 12:30, June 24

Session Chair: TBD

Bringing Your Own Privacy: Towards Measurable Privacy in Mobile Device Management and Security by S. Liu, C. Shue
Accurate, Secure, and Efficient Semi-Constrained Navigation with Multiple Spatial Restrictions by M. Li, Y. Hu, Y. Qiao, Z. Zhang, L. Zhu, M. Conti
SpeechShield: Latency-Efficient and Robust Timbre-Aware Voice Protection Against Speech Synthesis Deepfake Attacks by J. Liu, S. Dong, H. Li, C. Gao, K. Shin, H. Wang, Y. Ren, L. Sun
One Error to Rule Them All: Can a Single Bit-Flip Disrupt Fully Homomorphic Encryption? by V. Chan, M. Mazzanti, K. Swaminathan, A. Vega, E. Mocskos, R. Venkatagiri

RS7: Binary Analysis & Program Understanding, at Room 1102, 11:00 - 12:30, June 24

Session Chair: TBD

Efficient Bug Detection by Inferring Implicit API Contract of Pointer State Transition by X. Deng, Y. Ma, X. Gao, H. Sun
Meta-Architecture Binary Code Analysis by C. Duan, J. Wang, Q. Zeng, L. Luo
MBA-Sniffer: Rapidly Locating Mixed Boolean-Arithmetic Obfuscation in Binary Code by Z. Feng, D. Xu
From MIRAGE to CLEAR: Component-Level Explainable Anomaly Reasoning for Autonomous Vehicle Perception Systems by D. Fernandez, P. MohajerAnsari, A. Salarpour, C. Kokenoz, B. Li, M. Pesé

RS8: Intrusion Detection & Traffic Analysis, at Auditorium, 14:00 - 15:30, June 24

Session Chair: TBD

I-DETECT: In-network Deep Packet Inspection for Timed Event Correlation in Industrial Control Systems by Z. Hu, H. Lin, Y. Qu, D. Jin
Beyond Token Attention: Contiguous and Interpretable Payload Identification for Web Attacks by Y. Yang, J. Zhao, C. Pei, W. Wan, C. Long, G. Du, Y. Liu, J. Li
DRIFT: Drift-Resilient Invariant-Feature Transformer for DGA Detection by C. Lee, C. Jung, S. Jeong
Hi-Fi Flow: Real-Time High-Granularity Flow Feature Extraction for Robust Network Monitoring by S. Bi, L. Zhou, T. Wang, T. Hou

RS9: DNS, Protocol & Network Security, at Room 1102, 14:00 - 15:30, June 24

Session Chair: TBD

Understanding and Exploiting DNS Relaying: Harnessing Legitimate Services for DNS Attacks by R. Duan, S. Wang, D. Liu, H. Xing, L. Sun, Y. Dai, Z. Su, M. Jiang, F. Fei, M. Zhang
Too Open to be Secure: An Evaluation of OpenNIC DNS Services and Domains by D. Yang, X. Liang, D. Liu, G. Liu, S. Hao, X. Gao
MeshGuard: MUD-Based Network Access Control for Large-Scale Thread-Powered IoT Networks by D. George, W. Van Hoof, H. Mostafaei, S. Sciancalepore
An (m,k)-firm Elevation Policy for Weakly Hard Real-Time in Converged 5G-TSN Networks by S. Egger, R. Laidig, H. Geppert, L. Haug, J. Herrmann, F. Dürr, C. Becker

RS10: Distributed Protocols, at Room 1104, 14:00 - 15:30, June 24

Session Chair: TBD

FORTIHTLC: Because a Atomic Swap Must Resist Bribery Attacks by N. Awathare
Efficient Merkle-Tree Consistent Accumulator by A. Mendonca, H. Shi, T. Huynh, I. Pryvalov, A. Herzberg
Robust and Automated Reconfiguration of Byzantine Wide-Area Replication by R. Chotkan, B. Nasrulin, J. Pouwelse, J. Decouchant
Fault-tolerant and Self-recovering Sharing of Multicast Transmission by S. Sengupta, A. Mukherjee, M. Perrin

RS11: Smart Contract Vulnerabilities, at Auditorium, 16:00 - 17:10, June 24

Session Chair: TBD

Zero-Shot Vulnerability Detection in Low-Resource Smart Contracts Through Solidity-Only Training by M. Hu, Q. Zeng, L. Luo
Large-Scale Security Analysis of Multi-Token Smart Contracts: Uncovering Hidden Flaws in Batch Transfers by A. Kasthuri, S. Meisami, L. Jiang, B. Wang, Y. Duan
ReSect: A Tool for Automated Analysis of Reentrancy Transactions on Blockchains by Y. Liu, R. Xi, K. Pattabiraman

RS12: Fuzzing & Bug Detection, at Room 1102, 16:00 - 17:10, June 24

Session Chair: TBD

RomeFuzz: Path-aware Directed Greybox Fuzzing via Dyna-Static Indirect Call analysis by X. Zhao, P. Feng, Y. Chao, Z. Jia, J. Ma
SnipleyFuzz: Enhancing Black-Box Fuzzing of IoT Devices with Shapley-Based Priority Selection by Y. Yang, F. Zou, J. Gui
Psyzkaller: Learning from Historical and On-the-Fly Execution Data for Smarter OS Kernel Fuzzing by B. Liu, Y. Zhang, L. Cheng, Y. Zhang, J. Fan, X. Sun, Y. Fu, Z. Li, D. Feng

RS13: Security aspects of using LLMs, at Room 1104, 16:00 - 17:10, June 24

Session Chair: TBD

Reentrancy Detection in the Age of LLMs by D. Ressi, A. Spanò, M. Rizzo, L. Benetollo, S. Rossi
Behavior-Guided Decompilation of AVR Firmware with Autonomous LLM Agents by C. Cao
SPDAgent: Leveraging LLM Agents for Context-Aware Binary Security Patch Detection via Pseudocode Diff Analysis by F. Yang, Z. Gao, X. Xiao, L. Ying, B. Yin, C. Zhang, Q. Li

Disrupt 2: Disruptive Dependable AI, Software, and Hardware, at Room 1104, 11:00 - 12:30, June 24

Session Chair: Fumio Machida

Fast or Slow? Human-Inspired Self-Evolving Framework for Resilient AI Systems byHaoran Qiu, Phuong Cao, Shengkun Cui, Archit Patke and Ravi Iyer
RO: Reliable Orchestration of LLM Programs via Deterministic-Generative Separation by Saurabh Jha
An Experimental Paradigm for Studying Cognitive Mechanisms behind Software Faults by Fuqun Huang and Owen Wright
In-DRAM Signature Generation Using Simultaneous Multiple-Row Activation: An Experimental Study of Off-The-Shelf DRAM Chips by Umut Başer, İsmail Emir Yüksel, F. Nisa Bostancı, Konstantinos Sgouras, Ataberk Olgun, Emre Hakan Demirli, Zhiheng Yue, Harsh Songara, Oğuz Ergin and Onur Mutlu

Industry 3: Security Threats and Countermeasures, at Room 1105, 11:00 - 12:30, June 24

Session Chair: TBD

Knowledge Transfer from LLMs to Provenance Analysis: Semantic-Augmented APT Detection by Fei Zuo, Junghwan Rhee, Yung Ryn Choe, Chung Hwan Kim
LLM4BP: A Collaborative LLM Framework for Insider-Resilient BPMN Workflows in Industrial Control Systems by Antonio Iannaccone, Chao Feng, Roberto Nardone, Burkhard Stiller
EgoLoc: Secure Ego-Agent Selection for Robust Collaborative Perception Against Privilege Hijacking by Kyeomhyeok Woo, Eun-Kyu Lee, Jiwoo Lee
A Secure, Manifest-Based Framework for Delegated Privilege Promotion by Rajarshi Chowdhury, Akshay Shah

Industry 4: Dependable AI and AI for Dependability, at Room 1105, 14:00 - 15:30, June 24

Session Chair: TBD

Harnessing Large Language Models for Seed Generation in Greybox Fuzzing by Yunhang Zhang, Wenxuan Shi, Xinyu Xing, Jun Xu
AIReSim: A Discrete Event Simulator for Large-scale AI Cluster Reliability Modeling by Karthik Pattabiraman, Mihir Patel, Fred Lin
From Security Standards to Adversary Emulation: An AI-Assisted Framework for ICS Security Assessment by Nima Faraji, Giovanni Mazzeo, Roberto Nardone, Francesco Brancati, Luigi Romano
Event Burst Trigger: An Availability Backdoor Attack on Event-Based SNN Object Detection by Jaesun Baek, Chanwook Lee, Eun-Kyu Lee
A Robustness Metric and Evaluation Approach for Machine Learning Components in Aviation by Casidhe Hutchison, Tomasz Swierzewski, Joshua Neighbor, Alex Johnson, Todd Grossaint, Liam Kruse, Xusheng Luo, Changliu Liu

Industry 5: Critical Systems and Sensors, at Room 1105, 16:00 - 17:10, June 24

Session Chair: TBD

A Configurable Logic Architecture Based on Micro-Electromechanical Relays for Safety Critical Nuclear Power Protection Systems by Coby Cockrell, Aidan Collins, Ben Smith, Umit Ozgur, Vitaliy Avrutin, Matt Gibson, Abhi Rajagopala, Carl Elks
A Polyglot OpenTelemetry Framework for Cloud-Native Reliability and Performance Engineering in Connected-Vehicle Platforms by Gaurav Saxena, Niladri Bihari Mohanty
CRISP: End-to-End Fingerprint Recognition Leveraging Hardware-Anchored Liveness Detection by Subin Ki, Kyuseung Han, Hyuk Kim, Taewook Kang, Kwang-Il Oh, Hyeonguk Jang, Sukho Lee, Jae-Jin Lee, Jaehyoung Lee, Woojoo Lee, Jinho Lee

Local Time (UTC-4)	Auditorium	Room 1102	Room 1104	Room 1105
8:00 - 9:00	Registration
9:00 - 9:45	Rising Star + William Carter Awards
9:45 - 10:30	Keynote 3: Bernard McShea "Self-Healing Mechanisms to Safeguard Critical Firmware Infrastructure"
10:30 - 11:00	Coffee Break
11:00 - 12:30	R14	RS15	Doctoral Forum 1	Industry 6
12:30 - 14:00	Lunch
14:00 - 15:30	RS16	RS17	Doctoral Forum 2
15:30 - 16:30	Business Meeting and Closure

Legend

RS: Research

NOTE: This is still a preliminary version of the program and may suffer some changes

Award: Rising Star and William Carter, at Auditorium, 09:00 - 09:45, June 25

Session Chair: Cristina Nita-Rotaru

Rising Star: Jianshan Yu (University of Sydney, Australia)
William Carter: “Software Solutions for Mitigating Physical Attacks against Robotic Autonomous Vehicles” by Pritam Dash (University of British Columbia, Canada)

Keynote 3, at Auditorium, 09:45 - 10:30, June 25

Session Chair: Bojan Cukic

Self-Healing Mechanisms to Safeguard Critical Firmware Infrastructure by Bernard McShea

RS14: Systems Dependability & Software Testing, at Auditorium, 11:00 - 12:30, June 25

Session Chair: TBD

Will It Break in Production? Metric-Driven Prediction of Residual Defects in Python Systems by G. De Rosa, P. Liguori
What Makes Software Bugs Escape Testing? Evidence from a Large-Scale Empirical Study by D. Cotroneo, G. De Rosa, C. Improta, B. Varriale
PDLogger: Automated Logging Framework for Practical Software Development by S. Duan, Y. Xu, S. Zhang, S. Wang, Y. Duan
Measuring Attack Observability in Cloud Telemetry Logs: A Cross-Platform Analysis by M. Dhooghe, M. Park, J. Rhee, Y. Choe, C. Kim

RS15: Emerging Dependability and Security Topics, at Room 1102, 11:00 - 12:30, June 25

Session Chair: TBD

TLG: Two-stage Layer-wise Gradient Inversion Attack in Federated Learning by C. Liu, J. Wang, Y. Yuan, H. Wang
ScaleDisturb: Exploiting Temporal Asymmetry to Amplify Read Disturbance in Modern DRAM Chips by J. Wang, H. Luo, A. Olgun, I. Yuksel, A. Yaglikci, Y. Liang, N. Bostanci, M. Sadrosadati, O. Mutlu
Automated Data Error Cleaning Impact on Federated Learning Utility and Fairness by J. Sudlow, B. Naline, S. Bouchenak
ShuttleCross: An Efficient Cross-Chain Smart Contract Invocation Framework by R. Zhang, Q. Ding, Q. Liu, S. Guan, Z. Xiao, J. Long
Exploring the Limits of Side-Channel Protections in ML-KEM Hardware Implementations by D. Ranney, Y. Makaram, A. Ding, Y. Fei

RS16: AI-Driven Security Analysis, at Auditorium, 14:00 - 15:30, June 25

Session Chair: TBD

LLM-Empowered Discovery of Windows APIs Exploitable for Persistent Storage in Fileless Attacks by S. Cheng, S. Meng, H. Xu, S. Hao, M. Han, Y. Jiang, W. Xu
NS-FirmID: A Neuro-Symbolic Multi-Agent Framework for Reliable Firmware Version Identification at Internet Scale by F. Zhang, Z. Li, S. Xu, Z. Zhang, Y. Chen, D. Fang, L. Sun
LLMGuard: Multi-Agent Fault Diagnosis for Reliable Language-Model-as-a-Service by Y. Zhong, G. Yu, Y. Huang, Q. Fu, R. Ren, C. Feng, Y. Yang, M. Lyu
LaserTag: A Tool for Autonomous XAI-Guided Physical Adversarial Perturbations in Industrial Vision Pipelines by G. Sánchez, L. Wei, V. Hagenmeyer

RS17: Mobile, Firmware & Supply Chain Security, at Room 1102, 14:00 - 15:30, June 25

Session Chair: TBD

Demystifying Progressive Web Application Permission Systems by M. Wang, J. Huang, G. Gu
VCAligner: Aligning Source Distribution Versions with Upstream Git Commits to Secure Supply Chain by Y. Li, N. Jiang, Q. Zhou, S. Xu, Y. Xie, X. Jia
MTFuzz: A Novel Efficacy Fuzzing Framework for Aerospace Monolithic Firmware by S. Wang, X. Xiao, G. Hu, K. Zhang, L. Yu, C. Tang, Q. Li, Y. Yin, Q. Xu
Whiplash on the Grid: Emulation of a Cyber-Physical Attack Misusing Inverter-Based Resources in a Distribution Grid by A. Attar, K. Bao, O. Gehrke, K. Heussen, V. Hagenmeyer

Industry 6: Smart Contracts and Blockchain, at Room 1105, 11:00 - 12:30, June 25

Session Chair: TBD

Cross-Referencing Whitepaper Claims and Smart Contract Code for Automated ICO Auditing by Chenglong Fu, Chi Zhang, Mengtian Li
Structural Compliance, Governed Adaptation: Dependable Evolution in the ePayroll Governmental Blockchain Platform by Attila Klenik, Imre Kocsis, Sándor Pap, Péter Tóth, László Gönczy, Ferenc Vágujhelyi, András Pataricza
VeriExist: Blockchain-Assisted Existence-Verifiable Protocol in User-Centric Data Sharing by Rui Han, Weizhong Qiang, Weijie Chen, Yulin Tang

Doctoral Forum 1: AI/ML Dependability and Security, at Room 1104, 11:00 - 12:30, June 25

Session Chair: Ilir Gashi

Location-Aware Prompt Injection in Semantically Routed Multi-Agent Systems by Jean Tonday Rodriguez, Muhammad Nadeem and Mohammad Ashiqur Rahman
Bridging the Research-Implementation Gap in Dependable Federated Learning with Autonomous Multi-Agent Orchestration by Raman Zatsarenko and Leon Reznik
Automating Research and Development of Dependable Federated Learning Systems by Dmitrii Korobeinikov and Leon Reznik
Data Quality and Fairness in Federated Learning by James Edward Sudlow and Sara Bouchenak
Agentic Reinforcement Learning for Adaptive Moving Target Defense in Cyber-Physical Systems by Mohammad Zakaria Haider and Mohammad Ashiqur Rahman

Doctoral Forum 2: Security and Reliability of Networked Systems, at Room 1104, 14:00 - 15:30, June 25

Session Chair: Long Wang

Securing Blockchain Applications by Transaction Analysis by Rui Xi
Dynamic Wakeup with Collision Costs by Umesh Biswas and Maxwell Young
Contention Resolution with Evictions by Umesh Biswas, Vini Chaudhary, Shafqat Hasan and Maxwell Young
Dependable Real-Time Guarantees in Converged 5G and Time-Sensitive Networks by Simon Egger, Frank Dürr and Christian Becker
Balancing Mutation Entropy and Session Continuity in SDN-Based Moving Target Defense by Souhail Chakkour, Umesh Biswas and Charan Gudla