Annual Computer Security Applications ConferenceApr 23
For this #ThrowbackThursday, we will look at #ACSAC2025's Application Security session. The links in this thread will lead you to the paper pdfs and the slide decks, so be sure to check them out! 1/6
Show threadAnnual Computer Security Applications ConferenceApr 23
The first paper in this session was Aoki & Shinagawa's "Sagitta: Facilitating Post-Fuzzing Root Cause Analysis via Data Flow Differencing" on easing post-fuzzing RCA by visualizing crash-causing data-flow differences. (https://www.acsac.org/2025/program/final/s228.html) 2/6
#Fuzzing #DataFlowAnalysis
Show threadAnnual Computer Security Applications Conference
Then came Kimura et al.'s "Gravity of the Situation: Security Analysis on Rocket.Chat E2EE" exposing flaws that let attackers break chat confidentiality and integrity. (https://www.acsac.org/2025/program/final/s237.html) 3/6
#E2EE #SecurityAnalysis #Crypto
Apr 23 at 2:00pmWeb
Show threadAnnual Computer Security Applications ConferenceApr 23
Next in the session was Moghimi et al.'s "DROIDCCT: Cryptographic Compliance Test via Trillion-Scale Measurement" revealing cryptographic flaws at massive Android scale. (https://www.acsac.org/2025/program/final/s267.html) 4/6
#AndroidSecurity #SideChannel
Show threadAnnual Computer Security Applications ConferenceApr 23
Fourth in the session was Kim et al.'s "Fuzzing Acceleration for Memory Safety Bug Discovery with Slicer," which speeds bug finding by slicing away irrelevant code. (https://www.acsac.org/2025/program/final/s448.html) 5/6
#Fuzzing #VulnerabilityDiscovery #MemorySafety
Show threadAnnual Computer Security Applications ConferenceApr 23
Concluding the session was Khatun et al.'s "AndroByte: LLM-Driven Privacy Analysis through Bytecode Summarization and Dynamic Dataflow Call Graph Generation," an AI-driven approach to explainable Android privacy leak detection. (https://www.acsac.org/2025/program/final/s435.html) 6/6
#AndroidSecurity