Computer Security ¿ ESORICS 2020

The two volume set, LNCS 12308 + 12309, constitutes the proceedings of the 25th European Symposium on Research in Computer Security, ESORICS 2020, which was held in September 2020. The conference was planned to take place in Guildford, UK. Due to the COVID-19 pandemic, the conference changed to an online format.

The total of 72 full papers included in these proceedings was carefully reviewed and selected from 366 submissions. The papers were organized in topical sections named: database and Web security; system security; network security; software security; machine learning security; privacy; formal modelling; applied cryptography; analyzing attacks; post-quantum cryptogrphy; security analysis; and blockchain.

Database and Web Security.- Pine: Enabling Privacy-Preserving Deep Packet Inspection on TLS with Rule-Hiding and Fast Connection Establishment.- Bulwark: Holistic and Verified Security Monitoring of Web Protocols.- A Practical Model for Collaborative Databases: Securely Mixing, Searching and Computing.- Software Security.- Follow the blue bird: A study on threat data published on Twitter.- Dynamic and Secure Memory Transformation in Userspace.- Understanding the Security Risks of Docker Hub.- DE-auth of the blue! Transparent De-authentication using Bluetooth Low Energy Beacon.- Software Security.- Similarity of Binaries across Optimization Levels and Obfuscations.- HART: Hardware-assisted Kernel Module Tracing on Arm.- Zipper Stack: Shadow Stacks Without Shadow.- Restructured Cloning Vulnerability Detection Based on Function Semantic Reserving and Reiteration Screening.- LegIoT: Ledgered Trust Management Platform for IoT.- Machine Learning Security.- PrivColl: Practical Privacy-Preserving Collaborative Machine Learning.- An Efficient 3-Party Framework for Privacy-Preserving Neural Network Inference.- Deep Learning Side-Channel Analysis on Large-Scale Traces - A Case Study on a Polymorphic AES.- Towards Poisoning the Neural Collaborative Filtering-Based Recommender Systems.- Machine Learning Security.- Data Poisoning Attacks Against Federated Learning Systems.- Interpretable Probabilistic Password Strength Meters via Deep Learning.- Polisma - A Framework for Learning Attribute-based Access Control Policies.- A Framework for Evaluating Client Privacy Leakages in Federated Learning.- Network Security.- An Accountable Access Control Scheme for Hierarchical Content in Named Data Networks with Revocation.- PGC: Decentralized Con dential Payment System with Auditability.- Secure Cloud Auditing with Efficient Ownership Transfer.- Privacy.- Encrypt-to-self: Securely Outsourcing Storage.- PGLP: Customizable and Rigorous Location Privacy through Policy Graph.- Where are you Bob? Privacy-Preserving Proximity Testing with a Napping Party.- Password and Policy.- Distributed PCFG Password Cracking.- Your PIN Sounds Good! Augmentation of PIN Guessing Strategies Through Audio Leakage.- GDPR - Challenges for Reconciling Legal Rules with Technical Reality.