MAY 18-21, 2026 AT THE HILTON SAN FRANCISCO UNION SQUARE, SAN FRANCISCO, CA

47th IEEE Symposium on
Security and Privacy

Accepted Artifacts

Artifact Available Badge Artifact Available Badge Artifact Available Badge
The following artifacts have been confirmed by the artifact evaluation committee
  • to be publicly and permanently available,
  • to be functional, complete, and usable, containing relevant documentation, code, and data,
  • and to reproduce the results claimed in their corresponding papers.


The Secrets Must Not Flow: Scaling Security Verification to Large Codebases
https://doi.org/10.5281/zenodo.17099763
Towards Practical Zero-Knowledge Proof for PSPACE
https://doi.org/10.5281/zenodo.17381317
SeqAss: Using Sequential Associative Caches to Mitigate Conflict-Based Cache Attacks With Reduced Cache Misses and Performance Overhead
https://doi.org/10.5281/zenodo.17248489
Fizzle: A Framework for Deterministic and Reproducible Network Fuzzing
https://archive.softwareheritage.org/browse/origin/directory/?origin_url=https://github.com/determsim/fizzle-artifact
WebCloak: Characterizing and Mitigating Threats from LLM-Driven Web Agents as Intelligent Scrapers
https://zenodo.org/records/17374123
deepSURF: Detecting Memory Safety Vulnerabilities in Rust Through Fuzzing LLM-Augmented Harnesses
https://zenodo.org/records/17115101
Transient Architectural Execution: From Weird Gates to Weird Programs
https://zenodo.org/records/17364183
Practical Covert Channel across Isolated Browser Instances via GPU Command Queue Contention
https://doi.org/10.5281/zenodo.17368240
VMSCAPE: Exposing and Exploiting Incomplete Branch Predictor Isolation in Cloud Environments
https://doi.org/10.5281/zenodo.17376076
KeyTAR: Practical Keystroke Timing Attacks and Input Reconstruction
https://zenodo.org/records/17254163
Mechanized Safety and Liveness Proofs for the Mysticeti Consensus Protocol under the LiDO-DAG Framework
https://zenodo.org/records/17345693
SoK: Robustness in Large Language Models against Jailbreak Attacks
https://zenodo.org/records/17163312
Phoenix: Rowhammer Attacks on DDR5 with Self-Correcting Synchronization
https://doi.org/10.5281/zenodo.17369838
2FiA: Towards WiFi Sensing-Based Authentication with Unique Biometrics
https://zenodo.org/records/17361618
Practical Anonymous Two-Party Gradient Boosting Decision Tree
https://zenodo.org/records/17373936
GHost in the SHELL: A GPU-to-Host Memory Attack and Its Mitigation
https://zenodo.org/records/17364307
Rain: Transiently Leaking Data from Public Clouds Using Old Vulnerabilities
https://zenodo.org/records/17366780
On the (In)Security of Loading Machine Learning Models
https://zenodo.org/records/19224108
Chorus: Secret Recovery with Ephemeral Client Committees
https://doi.org/10.5281/zenodo.19480357
GPUBreach: Privilege Escalation Attacks on GPUs using Rowhammer
https://doi.org/10.5281/zenodo.19004741
Fractal: An Operating System Designed for Microarchitecture Reverse Engineering
https://doi.org/10.5281/zenodo.19556693
The Interplay of Effective Model Checking and Secure Processor Design: From Insights to Practice
https://doi.org/10.5281/zenodo.19270883
AESpoly: Symmetric-Key Cryptographic Designs Using Instruction-Level Parallelism between AES and Polynomial Hash
https://doi.org/10.5281/zenodo.18993067
xDup: Privacy-Preserving Deduplication for Humanitarian Organizations using Fuzzy PSI
https://zenodo.org/records/19480020
APEX: Accurate Parallel Expressive Homomorphic Execution for Encrypted Databases
https://doi.org/10.5281/zenodo.19015208
Hardware Trojans from Invisible Inversions: On the Trojanizability of Standard Cell Libraries
https://zenodo.org/records/19565490
Papers, Please: A First Look at Age Verification on the Web
https://doi.org/10.5281/zenodo.19515393
SpecAuditor: Generating Audit Specifications for LLM-Driven Bug Detection
https://zenodo.org/records/19478814
Crashing Through Defenses: Exploiting Segfaults and Chaining around Intel CET
https://zenodo.org/records/19518987
PLATYPUS: Restricting Cross-Module Transitions to Mitigate Code-Reuse Attacks
https://zenodo.org/records/19501267
Scalable Registration-Based Encryption from Lattices
https://doi.org/10.5281/zenodo.19479490
TREVEX: A Black-Box Detection Framework For Generic Transient Execution Vulnerabilities
https://doi.org/10.5281/zenodo.19489147
Crucible: Retrofitting Commodity CPUs with Vulnerabilities via Transparent Software Emulation
https://doi.org/10.5281/zenodo.19498819
TDXRay: Microarchitectural Side-Channel Analysis of Intel TDX for Real-World Workloads
https://doi.org/10.5281/zenodo.19476314
Efficient Fuzzy Private Set Intersection from Secret-shared OPRF
https://zenodo.org/records/19478220
One Tap to Hijack Them All: A Security Analysis of the Google Fast Pair Protocol
https://rdr.kuleuven.be/dataset.xhtml?persistentId=doi:10.48804/CD30CC
Sealing the Window: Efficient Tamper Protection for Provenance Logs
https://doi.org/10.5281/zenodo.19371297




Artifact Available Badge Artifact Available Badge
The following artifacts have been confirmed by the artifact evaluation committee
  • to be publicly and permanently available,
  • and to be functional, complete, and usable, containing relevant documentation, code, and data.


Cosseter: GitHub Actions Permission Reduction Using Demand-Driven Static Analysis
https://doi.org/10.5281/zenodo.17345506
Artifact for "Best of Both Worlds: Effective Foreign Bridge Identification in V8 Embedders for Security Analysis"
https://doi.org/10.5281/zenodo.17348614
NanoTag: Systems Support for Efficient Byte-Granular Overflow Detection on ARM MTE
https://zenodo.org/records/19490033
KeyChaser: Unveiling API Keys in Browser Extensions
https://doi.org/10.6084/m9.figshare.31859023
On the Detectability of Active Gradient Inversion Attacks in Federated Learning
https://doi.org/10.5281/zenodo.19479725
GDDR: Greatly Disturbing DRAM Rows — Cross-Component Rowhammer Attacks from Modern GPUs
https://doi.org/10.5281/zenodo.19488504
Acoustic Hijacking Attacks on Gimbal-Stabilized Visual Tracking Systems
https://doi.org/10.5281/zenodo.19372980
RISCy Cache Coherence: Timer-Free Architectural Cache Attacks via Instruction/Data Cache Incoherence
https://doi.org/10.5281/zenodo.19127138
It’s a Feature, Not a Bug: Secure and Auditable State Rollback for Confidential Cloud Applications
https://doi.org/10.5281/zenodo.19009015




Artifact Available Badge
The following artifacts have been confirmed by the artifact evaluation committee
  • to be publicly and permanently available.


Leafblower: a Leakage Attack Against TEE-Based Encrypted Databases
https://doi.org/10.5281/zenodo.17114340
Bridge: High-Order Taint Vulnerabilities Detection in Linux-based IoT Firmware
https://zenodo.org/records/17232400
Battering RAM: Low-Cost Interposer Attacks on Confidential Computing via Dynamic Memory Aliasing
https://doi.org/10.48804/JTDMSJ
AEX-NStep: Probabilistic Interrupt Counting Attacks on Intel SGX
https://zenodo.org/records/17338383
InsPIRe: Communication-Efficient PIR with Server-side Preprocessing
https://zenodo.org/records/17361471
EnchTable: Unified Safety Alignment Transfer in Fine-tuned Large Language Models
https://zenodo.org/records/17230472
CenRL: A Framework for Performing Intelligent Censorship Measurements
https://doi.org/10.5281/zenodo.17382167
Sealing the Window: Efficient Tamper Protection for Provenance Logs
https://doi.org/10.5281/zenodo.17283436
Hijacking Large Audio-Language Models via Context-Agnostic and Imperceptible Auditory Prompt Injection
https://zenodo.org/records/19309781
The Person Behind the Sound: Demystifying Audio Private Attribute Profiling via Multimodal Large Language Models
https://zenodo.org/records/19103789