Accepted papers for PETS 2022

Issue 1

Issue 2

Issue 3

  • "All apps do this": Comparing Privacy Concerns Towards Privacy Tools and Non-Privacy Tools for Social Media Content
    Vanessa Bracamonte (KDDI Research, Inc), Sebastian Pape (Goethe University Frankfurt), Sascha Loebner (Goethe University Frankfurt)
  • Leveraging Strategic Connection Migration-Powered Traffic Splitting for Privacy
    Mona Wang (Princeton University), Anunay Kulshrestha (Princeton University), Liang Wang (Princeton University), and Prateek Mittal (Princeton University)
  • A Multi-Region Investigation of Use and Perceptions of Smart Home Devices
    Patrick Bombik (Technical University of Munich), Tom Wenzel (Technical University of Munich), Jens Grossklags (Technical University of Munich), and Sameer Patil (University of Utah)
  • Charting App Developers' Journey Through Privacy Regulation Features in Ad Networks
    Mohammad Tahaei (University of Bristol), Kopo M. Ramokapane (University of Bristol), Tianshi Li (Carnegie Mellon University), Jason I. Hong (Carnegie Mellon University), and Awais Rashid (University of Bristol)
  • Athena: Probabilistic Verification of Machine Unlearning
    David Sommer (ETH Zurich), Liwei Song (Princeton University), Sameer Wagh (Princeton University), and Prateek Mittal (Princeton University)
  • Are You Really Muted?: A Privacy Analysis of Mute Buttons in Video Conferencing Apps
    Yucheng Yang (University of Wisconsin—Madison), Jack West (Loyola University Chicago), George K. Thiruvathukal (Loyola University Chicago), Neil Klingensmith (Loyola University Chicago), and Kassem Fawaz (University of Wisconsin—Madison)
  • “We may share the number of diaper changes”: A Privacy and Security Analysis of Mobile Child Care Applications
    Moritz Gruber (AWARE7), Christian Höfig (AWARE7), Maximilian Golla (Max Planck Institute for Security and Privacy), Tobias Urban (Institute for Internet Security), and Matteo Große-Kampmann (AWARE7, Institute for Internet Security, Ruhr University Bochum)
  • Deletion Inference, Reconstruction, and Compliance in Machine (Un)Learning
    Ji Gao (University of Virginia), Sanjam Garg (University of California, Berkeley), Mohammad Mahmoody (University of Virginia), and Prashant Nalini Vasudevan (National University of Singapore)
  • Leave no Data Behind - Empirical Insights into Data Erasure from Online Services
    Eduard Rupp (Technical University of Munich), Emmanuel Syrmoudis (Technical University of Munich), and Jens Grossklags (Technical University of Munich)
  • Mixnet optimization methods
    Iness BEN GUIRAT (imec-COSIC, KU Leuven) and Claudia Diaz (imec-COSIC, KU Leuven)
  • On dark patterns and manipulation of website publishers by CMPs
    Michael Toth (Inria, Univ. Grenoble Alpes), Nataliia Bielova (Inria, Université Côte d'Azur), and Vincent Roca (Inria, Univ. Grenoble Alpes)
  • DALock: Password Distribution-Aware Throttling
    Jeremiah Blocki (Purdue University) and Wuwei Zhang (Purdue University)
  • On Defeating Graph Analysis of Anonymous Transactions
    Christoph Egger (Friedrich-Alexander-Universität Erlangen-Nürnberg), Russell W. F. Lai (Friedrich-Alexander-Universität Erlangen-Nürnberg), Viktoria Ronge (Friedrich-Alexander-Universität Erlangen-Nürnberg), Ivy K. Y. Woo (Independent), and Hoover H. F. Yin (The Chinese University of Hong Kong)
  • User-friendly yet rarely read: A case study on the redesign of an online HIPAA authorization
    Sarah Pearman (Carnegie Mellon University), Ellie Young (New College of Florida), and Lorrie Cranor (Carnegie Mellon University)
  • OrgAn: Organizational Anonymity with Low Latency
    Debajyoti Das (KU Leuven), Easwar Vivek Mangipudi (Purdue University), and Aniket Kate (Purdue University)
  • FingerprinTV: Fingerprinting Smart TV Apps
    Janus Varmarken (University of California, Irvine), Jad Al Aaraj (University of California, Irvine), Rahmadi Trimananda (University of California, Irvine), and Athina Markopoulou (University of California, Irvine)
  • ZoomP$^3$: Privacy-Preserving Publishing of Online Video Conference Recordings
    Yuanyi Sun (Penn State University), Sencun Zhu (Penn State University), and Yu Chen (Binghamton University, SUNY)
  • PrivacyScout: Assessing Vulnerability to Shoulder Surfing on Mobile Devices
    Mihai Bâce (Institute for Visualisation and Interactive Systems, University of Stuttgart, Stuttgart, Germany), Alia Saad (HCI Group, University of Duisburg-Essen, Essen, Germany), Dr. Mohamed Khamis (University of Glasgow, Glasgow, United Kingdom), Stefan Schneegass (HCI Group, University of Duisburg-Essen, Essen, Germany), and Andreas Bulling (Institute for Visualisation and Interactive Systems, University of Stuttgart, Stuttgart, Germany)
  • SoK: Assumptions underlying Cryptocurrency Deanonymizations - A Taxonomy for Scientific Experts and Legal Practitioners
    Dominic Deuber (Friedrich-Alexander-Universität Erlangen-Nürnberg), Viktoria Ronge (Friedrich-Alexander-Universität Erlangen-Nürnberg), and Christian Rückert (Friedrich-Alexander-Universität Erlangen-Nürnberg)
  • Watch over your TV: A Security and Privacy Analysis of the Android TV ecosystem
    Marcos Tileria (Royal Holloway, University of London) and Jorge Blasco (Royal Holloway, University of London)
  • SoK: TEE-assisted Confidential Smart Contract
    Rujia Li (Southern University of Science and Technology & University of Birmingham), Qin Wang (Swinburne University of Technology & CSIRO Data61), Qi Wang (Southern University of Science and Technology), David Galindo (University of Birmingham), and Mark Ryan (University of Birmingham)
  • Privacy-Preserving and Efficient Verification of the Outcome in Genome-Wide Association Studies
    Anisa Halimi (IBM Research Europe - Ireland), Leonard Dervishi (Case Western Reserve University), Erman Ayday (Case Western Reserve University), Apostolos Pyrgelis (EPFL), Juan Ramon Troncoso-Pastoriza (Tune Insight), Jean-Pierre Hubaux (EPFL), Xiaoqian Jiang (University of Texas, Health Science Center), and Jaideep Vaidya (Rutgers Univeristy)
  • My Cookie is a phoenix: detection, measurement, and lawfulness of cookie respawning with browser fingerprinting
    Imane Fouad (Univ Lille, Inria), Cristiana Santos (Utrecht University), Arnaud Legout (Inria), and Nataliia Bielova (Inria)
  • Exploring the Privacy Concerns of Bystanders in Smart Homes from the Perspectives of both Owners and Bystanders
    Ahmed Alshehri (Colorado School of Mines), Joseph Spielman (Colorado School of Mines), Amiya Prasad (Colorado School of Mines), and Chuan Yue (Colorado School of Mines)
  • Adversarial Images Against Super-Resolution Convolutional Neural Networks for Free
    Arezoo Rajabi (University of Washington), Mahdieh Abbasi (Universté Laval), Rakesh B. Bobba (Oregon State University), and Kimia Tajik (Case Western Reserve University)
  • Integrating Privacy into the Electric Vehicle Charging Architecture
    Dustin Kern (Darmstadt University of Applied Sciences), Timm Lauser (Darmstadt University of Applied Sciences), and Christoph Krauß (Darmstadt University of Applied Sciences)
  • "It Feels Like Whack-a-mole": User Experiences of Data Removal from People Search Websites
    Kejsi Take (New York University), Kevin Gallagher (New York University), Andrea Forte (Drexel University), Damon McCoy (New York University), and Rachel Greenstadt (New York University)
  • Learning to Behave: Improving Covert Channel Security with Behavior-Based Designs
    Ryan Wails (Georgetown University, U.S. Naval Research Laboratory), Andrew Stange (Georgetown University), Eliana Troper (Georgetown University), Aylin Caliskan (University of Washington), Roger Dingledine (Tor Project), Rob Jansen (U.S. Naval Research Laboratory), and Micah Sherr (Georgetown University)
  • I know what you did on Venmo: Discovering privacy leaks in mobile social payments
    Rajat Tandon (University of Southern California Information Sciences Institute), Pithayuth Charnsethikul (University of Southern California Information Sciences Institute), Ishank Arora (University of Texas, Austin), Dhiraj Murthy (University of Texas, Austin), and Jelena Mirkovic (University of Southern California Information Sciences Institute)
  • Privacy accounting economics: Improving differential privacy composition via a posteriori bounds
    Valentin Hartmann (EPFL), Vincent Bindschaedler (University of Florida), Alexander Bentkamp (Vrije Universiteit Amsterdam & State Key Laboratory of Computer Science, Institute of Software, Chinese Academy of Sciences), and Robert West (EPFL)
  • Moby: A Blackout-resistant Anonymity Network for Mobile Devices
    Amogh Pradeep (Northeastern University), Hira Javaid (Northeastern University), Ryan Williams (Northeastern University), Antoine Rault (EPFL), David Choffnes (Northeastern University), Stevens Le Blond (EPFL), and Bryan Ford (EPFL)
  • Fully Secure PSI via MPC-in-the-Head
    S. Dov Gordon (George Mason University), Carmit Hazay (Bar-Ilan University), and Phi Hung Le (George Mason University)
  • Trace Oddity: Methodologies for Data-Driven Traffic Analysis on Tor
    Vera Rimmer (KU Leuven), Theodor Schnitzler (Ruhr-University Bochum), Tom Van Goethem (KU Leuven), Abel Rodríguez Romero (KU Leuven), Wouter Joosen (KU Leuven), and Katharina Kohls (Radboud University)
  • SoK: SCT Auditing in Certificate Transparency
    Sarah Meiklejohn (Google), Joe DeBlasio (Google), Devon O'Brien (Google), Chris Thompson (Google), Kevin Yeo (Google), and Emily Stark (Google)
  • In Search of Lost Utility: Private Location Data
    Szilvia Lestyan (Budapest University of Technology), Gergely Acs (Budapest University of Technology), and Gergely Biczok (Budapest University of Technology)

Issue 4

  • SoK: Privacy-enhancing Smart Home Hubs
    Igor Zavalyshyn (UCLouvain), Axel Legay (UCLouvain), Annanda Rath (Sirris), and Etienne Riviere (UCLouvain)
  • Blocked or Broken? Automatically Detecting When Privacy Interventions Break Websites
    Michael Smith (University of California, San Diego), Peter Snyder (Brave Software), Moritz Haller (Brave Software), Benjamin Livshits (Imperial College London), Deian Stefan (University of California, San Diego), and Hamed Haddadi (Imperial College London \ Brave Software)
  • Machine Learning with Differentially Private Labels: Mechanisms and Frameworks
    Xinyu Tang (Princeton University), Milad Nasr (University of Massachusetts Amherst), Saeed Mahloujifar (Princeton University), Virat Shejwalkar (University of Massachusetts Amherst), Liwei Song (Princeton University), Amir Houmansadr (University of Massachusetts Amherst), and Prateek Mittal (Princeton Univeristy)
  • Pika: Secure Computation using Function Secret Sharing over Rings
    Sameer Wagh (Devron Corporation)
  • Flexible and scalable privacy assessment for very large datasets with an application to official governmental microdata
    Mário S. Alvim (Department of Computer Science, UFMG), Natasha Fernandes (School of Computing, Macquarie University), Annabelle McIver (School of Computing, Macquarie University), Carroll Morgan (UNSW and Data61), and Gabriel H. Nunes (Department of Computer Science, UFMG)
  • "You offer privacy like you offer tea'': Investigating Mechanisms for Improving Guest Privacy in IoT-Equipped Households
    Karola Marky (University of Glasgow), Nina Gerber (Technical University of Darmstadt), Michelle Gabriela Pelzer (Technical University of Darmstadt), Mohamed Khamis (University of Glasgow), and Max Mühlhäuser (Technical University of Darmstadt)
  • Effects of privacy permissions on user choices in voice assistant app stores
    Gary Liu (University of California, Berkeley) and Nathan Malkin (University of California, Berkeley & University of Maryland, College Park)
  • Collection, Usage and Privacy of Mobility Data in the Enterprise and Public Administrations
    Alexandra Kapp (Hochschule für Technik und Wirtschaft Berlin)
  • Ctrl-Shift: How Privacy Sentiment Changed from 2019 to 2021
    Angelica Goetzen (Max Planck Institute for Software Systems), Samuel Dooley (University of Maryland), and Elissa M. Redmiles (Max Planck Institute for Software Systems)
  • Keeping Privacy Labels Honest
    Simon Koch (Technische Universität Braunschweig), Malte Wessels (Technische Universität Braunschweig), Benjamin Altpeter (Technische Universität Braunschweig), Madita Olvermann (Technische Universität Braunschweig), and Martin Johns (Technische Universität Braunschweig)
  • Zswap: zk-SNARK Based Non-Interactive Multi-Asset Swaps
    Felix Engelmann (Aarhus University), Thomas Kerber (IOHK), Markulf Kohlweiss (University of Edinburgh, IOHK), and Mikhail Volkhov (University of Edinburgh)
  • Formalizing and Estimating Distribution Inference Risks
    Anshuman Suri (University of Virginia) and David Evans (University of Virginia)
  • Connect the Dots: Tighter Discrete Approximations of Privacy Loss Distributions
    Vadym Doroshenko (Google), Badih Ghazi (Google Research), Pritish Kamath (Google Research), Ravi Kumar (Google Research), and Pasin Manurangsi (Google Research)
  • Hidden Issuer Anonymous Credential
    Mathieu Gestin (INRIA - IRISA - Université Rennes 1), Davide Frey (INRIA - IRISA - Université Rennes 1), Guillaume Piolle (INRIA - IRISA - CentraleSupelec), and Daniel Bosk (KTH)
  • A novel reconstruction attack on foreign-trade official statistics, with a Brazilian case study
    Danilo Fabrino Favato (Universidade Federal de Minas Gerais), Gabriel de Morais Coutinho (Universidade Federal de Minas Gerais), Mário S. Alvim (Universidade Federal de Minas Gerais), and Natasha Fernandes (Macquarie University)
  • Private Aggregation of Trajectories
    Badih Ghazi (Google), Neel Kamal (Google), Ravi Kumar (Google), Pasin Manurangsi (Google), and Annika Zhang (Google)
  • PriPeI – A Concise Privacy Persona Identification Questionnaire
    Tom Biselli (PEASEC, Technical University Darmstadt), Enno Steinbrink (PEASEC, Technical University Darmstadt), Franziska Herbert (PEASEC, Technical University Darmstadt), Gina Maria Schmidbauer-Wolf (PEASEC, Technical University Darmstadt), and Christian Reuter (PEASEC, Technical University Darmstadt)
  • Homomorphically counting elements with the same property
    Ilia Iliashenko (Ciphermode Labs, imec-COSIC - KU Leuven), Malika Izabachène (Cosmian), Axel Mertens (imec-COSIC - KU Leuven), and Hilder V. L. Pereira (imec-COSIC - KU Leuven)
  • Time- and Space-Efficient Aggregate Range Queries over Encrypted Databases
    Zachary Espiritu (Brown University), Evangelia Anna Markatou (Brown University), and Roberto Tamassia (Brown University)
  • How Not to Handle Keys: Timing Attacks on FIDO Authenticator Privacy
    Michal Kepkowski (Macquarie University), Lucjan Hanzlik (CISPA Helmholtz Center for Information Security), Ian D. Wood (Macquarie University), and Mohamed Ali Kaafar (Macquarie University)
  • Replay (Far) Away: Exploiting and Fixing Google/Apple Exposure Notification Contact Tracing
    Christopher Ellis (The Ohio State University), Haohuang Wen (The Ohio State University), Zhiqiang Lin (The Ohio State University), and Anish Arora (The Ohio State University)
  • Adam in Private: Secure and Fast Training of Deep Neural Networks with Adaptive Moment Estimation
    Nuttapong Attrapadung (AIST), Koki Hamada (NTT), Dai Ikarashi (NTT), Ryo Kikuchi (NTT), Takahiro Matsuda (AIST), Ibuki Mishina (NTT), Hiraku Morita (University of St. Gallen), and Jacob C. N. Schuldt (AIST)
  • Privately Connecting Mobility to Infectious Diseases via Applied Cryptography
    Alexandros Bampoulidis (), Alessandro Bruni (KU Leuven), Lukas Helminger (TU Graz/Know-Center), Daniel Kales (TU Graz), Christian Rechberger (TU Graz), and Roman Walch (TU Graz/Know-Center)
  • On the Cost of Suppressing Volume forEncrypted Multi-maps
    Megumi Ando (MITRE) and Marilyn George (Brown University)
  • XORBoost: Tree Boosting in the Multiparty Computation Setting
    Kevin Deforth (Inpher), Marc Desgroseilliers (Inpher), Nicolas Gama (Inpher), Mariya Georgieva (Inpher), Dimitar Jetchev (Inpher), and Marius Vuille (Inpher)
  • Neural Fuzzy Extractors: A Secure Way to Use Artificial Neural Networks for Biometric User Authentication
    Abhishek Jana (Kansas State University), Bipin Paudel (Kansas State University), Md Kamruzzaman Sarker (Kansas State University), Monireh Ebrahimi (Kansas State University), Pascal Hitzler (Kansas State University), and George T Amariucai (Kansas State University)
  • Analyzing the Monetization Ecosystem of Stalkerware
    Cassidy Gibson (University of Florida), Vanessa Frost (University of Florida), Katie Platt (University of Florida), Washington Garcia (University of Florida), Luis Vargas (University of Florida), Sara Rampazzi (University of Florida), Vincent Bindschaedler (University of Florida), Patrick Traynor (University of Florida), and Kevin R. B. Butler (University of Florida)
  • A Global Survey of Stalkerware Applications used in Intimate Partner Violence
    Majed Almansoori (University of Wisconsin-Madison), Andrea Gallardo (Carnegie Mellon University), Julio Poveda (University of Maryland), Adil Ahmed (University of Wisconsin-Madison), and Rahul Chatterjee (University of Wisconsin-Madison)
  • On the Feasibility of Linking Attack to Google/Apple Exposure Notification Framework
    Kazuki Nomoto (Waseda University), Mitsuaki Akiyama (NTT), Masashi Eto (Ministry of Internal Affairs and Communications (MIC)), Atsuo Inomata (Osaka University), and Tatsuya Mori (Waseda University/NICT/RIKEN AIP)
  • Towards Sparse Federated Analytics: Location Heatmaps under Distributed Differential Privacy with Secure Aggregation
    Eugene Bagdasaryan (Cornell Tech), Peter Kairouz (Google), Stefan Mellem (Google), Adrià Gascón (Google), Kallista Bonawitz (Google), Deborah Estrin (Google), and Marco Gruteser (Google)
  • 3LegRace: Privacy-Preserving DNN Training over TEEs and GPUs
    Yue Niu (University of Southern California), Ramy E. Ali (University of Southern California), and Salman Avestimehr (University of Southern California)
  • "This would be nice if there's a toggle'': Understanding the Usability Issues of Apple’s Privacy Labels
    Shikun Zhang (Carnegie Mellon University), Yuanyuan Feng (University of Vermont), Yaxing Yao (University of Maryland, Baltimore County), Lorrie Faith Cranor (Carnegie Mellon University), and Norman Sadeh (Carnegie Mellon University)
  • gOTzilla: Efficient Disjunctive Zero-Knowledge Proofs from MPC in the Head, with Application to Proofs of Assets in Cryptocurrencies
    Foteini Baldimtsi (George Mason University), Panagiotis Chatzigiannis (George Mason University), S. Dov Gordon (George Mason University), Phi Hung Le (George Mason University), and Daniel McVicker (George Mason University)
  • Developers Say the Darnedest Things: Privacy Compliance Processes Followed by Developers of Child-Directed Apps
    Noura Alomar (University of California, Berkeley), Serge Egelman (University of California, Berkeley and International Computer Science Institute), and Jordan L. Fischer (University of California, Berkeley and Drexel University)
  • LLAMA: A Low Latency Math Library for Secure Inference
    Kanav Gupta (Microsoft Research), Deepak Kumaraswamy (Microsoft Research), Divya Gupta (Microsoft Research), and Nishanth Chandran (Microsoft Research)
  • ATOM: A Generalizable Technique for Inferring Tracker-Advertiser Data Sharing in the Online Behavioral Advertising Ecosystem
    Maaz Bin Musa (University of Iowa) and Rishab Nithyanand (University of Iowa)
  • Investigating GDPR Fines in the Light of Dataflows
    Marlene Saemann (Bosh), Daniel Theis (Institute for Internet Security), Martin Degeling (Ruhr University Bochum), and Tobias Urban (Institute for Internet Security & secunet Security Networks AG)