NordSec 2024 Accepted Papers

Authentication

Are Swedish Passwords Tougher Than the Rest? Casper Jensen (Linköping University & FOI), Martin Karresand (FOI), Gurjot Singh Gaba (Linköping University), Andrei Gurtov (Linköping University), and Erik Öhrn (NFC)
Towards Exploring Cross-Regional and Cross-Platform Differences in Login Throttling Minjie Cai (Carleton University), Xavier de Carné de Carnavalet (Hong Kong Polytechnic University), Siqi Zhang (Vrije Universiteit Amsterdam), Lianying Zhao (Carleton University), and Mengyuan Zhang (Vrije Universiteit Amsterdam)

Determining the A5 encryption algorithms used in 2G (GSM) networks Danielle Morgan (University of Tartu)
Misbinding Raw Public Keys to Identities in TLS Mariam Moustafa (Aalto University), Mohit Sethi (Aalto University), and Tuomas Aura (Aalto University)
Small Private Exponent Attacks on Takagi Family Schemes George Teşeleanu (Advanced Technologies Institute & Simion Stoilow Institute of Mathematics of the Romanian Academy)

A Comparison of Deep Learning Approaches for Power-based Side-channel Attacks Roberto Capoferri (Politecnico di Milano), Alessandro Barenghi (Politecnico di Milano), Luca Breveglieri (Politecnico di Milano), Niccolò Izzo (Micron Semiconductor Italia Srl), and Gerardo Pelosi (Politecnico di Milano)
Binary-Level Code Injection for Automated Tool Support on the ESP32 Platform Benjamin Plach (FZI Research Center for Information Technology), Matthias Börsig (FZI Research Center for Information Technology), Maximilian Müller (FZI Research Center for Information Technology), Roland Gröll (FZI Research Center for Information Technology), Martin Dukek (FZI Research Center for Information Technology), and Ingmar Baumgart (FZI Research Center for Information Technology)
Detecting Cyber and Physical Attacks Against Mobile Robots Using Machine Learning: An Empirical Study Levente Nyusti (Institute for Energy Technology), Sabarathinam Chockalingam (Institute for Energy Technology), Patrick Bours (Norwegian University of Science and Technology), and Terje Bodal (Institute for Energy Technology)

A Gamified Learning Approach for IoT Security Education using Capture-the-Flag Competitions: Architecture and Insights Mohammad Hamad (Technical University of Munich), Andreas Finkenzeller (Technical University of Munich), Monowar Hasan (Washington State University), Marc-Oliver Pahl (IMT Atlantique), and Sebastian Steinhorst (Technical University of Munich)
NIS2 Directive in Sweden: A Report on the Readiness of Swedish Critical Infrastructure Ebba Rehnstam (Stockholm University), Wera Winquist (Stockholm University), and Simon Hacks (Stockholm University)
The Cyber Alliance Game: How Alliances Influence Cyber-Warfare Gergely Benkő (Budapest University of Technology and Economics) and Gergely Biczók (Budapest University of Technology and Economics & BME-HUN-REN Information Systems Research Group & University of Michigan)

Evaluating Large Language Models in Cybersecurity Knowledge with Cisco Certificates Gustav Keppler (Karlsruhe Institute of Technology), Jeremy Kunz (Karlsruhe Institute of Technology), Veit Hagenmeyer (Karlsruhe Institute of Technology), and Ghada Elbez (Karlsruhe Institute of Technology)
How to Train Your Llama - Efficient Grammar-Based Application Fuzzing Using Large Language Models Ibrahim Mhiri (1&1 Mail & Media), Matthias Börsig (FZI Research Center for Information Technology), Akim Stark (FZI Research Center for Information Technology), and Ingmar Baumgart (FZI Research Center for Information Technology)
The Dual-Edged Sword of Large Language Models in Phishing Alec Siemerink (Utrecht University), Slinger Jansen (Utrecht University & LUT University), and Katsiaryna Labunets (Utrecht University)

Analysing TLS Implementations using Full-Message Symbolic Execution Johannes Wilson (Linköping University & Sectra Communications) and Mikael Asplund (Linköping University)
Formal Verification of Browser Fingerprinting and Mitigation with Inlined Reference Monitors Nathan Joslin (University of Dayton), Phu H. Phung (University of Dayton), and Luan Viet Nguyen (University of Dayton)

Beware of the Rabbit Hole - A Digital Forensic Case Study of DIY Drones Samantha Klier (University of the Bundeswehr Munich) and Harald Baier (University of the Bundeswehr Munich)
GOTCHA: Physical Intrusion Detection with Active Acoustic Sensing using a Smart Speaker Hoang Quoc Viet Pham (University College Cork), Hoang D. Nguyen (University College Cork), amd Utz Roedig (University College Cork)
Security Analysis of Top-Ranked mHealth Fitness Apps: An Empirical Study Albin Forsberg (Karlstad University) and Leonardo Horn Iwaya (Karlstad University)

CCKex: High Bandwidth Covert Channels over Encrypted Network Traffic Christian Lindenmeier (Friedrich-Alexander-Universität Erlangen-Nürnberg), Sven Gebhard (Friedrich-Alexander-Universität Erlangen-Nürnberg), Jonas Röckl (Friedrich-Alexander-Universität Erlangen-Nürnberg), and Felix Freiling (Friedrich-Alexander-Universität Erlangen-Nürnberg)
Fingerprinting DNS Resolvers using Query Patterns from QNAME Minimization Jonathan Magnusson (Karlstad University)
Formally Discovering and Reproducing Network Protocols Vulnerabilities Christophe Crochet (Université catholique de Louvain), John Aoga (Université catholique de Louvain), and Axel Legay (Université catholique de Louvain)

Enhancing Noise Estimation for Statistical Disclosure Attacks using the Artificial Bee Colony Algorithm Alperen Aksoy (Friedrich-Alexander University of Erlangen-Nuremberg) and Dogan Kesdogan (University of Regensburg)
Left Alone Facing a Difficult Choice: An Expert Analysis of Websites Promoting Selected Privacy-Enhancing Technologies Shirin Shams (University of Göttingen), Sebastian Reinke (University of Göttingen), and Delphine Reinhardt (University of Göttingen)
Optimizing Onionbalance: Improving Scalability and Security for Tor Onion Services Laura Donah (FernUniversität in Hagen) and Pascal Tippe (FernUniversität in Hagen)