{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T22:27:09Z","timestamp":1766442429565,"version":"3.48.0"},"publisher-location":"New York, NY, USA","reference-count":66,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,11,19]]},"DOI":"10.1145\/3719027.3765185","type":"proceedings-article","created":{"date-parts":[[2025,11,22]],"date-time":"2025-11-22T23:37:25Z","timestamp":1763854645000},"page":"2189-2203","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["VillainNet: Targeted Poisoning Attacks Against SuperNets Along the Accuracy-Latency Pareto Frontier"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0007-5404-3865","authenticated-orcid":false,"given":"David","family":"Oygenblik","sequence":"first","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-7873-2389","authenticated-orcid":false,"given":"Abhinav","family":"Vemulapalli","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-4994-6069","authenticated-orcid":false,"given":"Animesh","family":"Agrawal","sequence":"additional","affiliation":[{"name":"Meta, Menlo Park, CA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6761-1389","authenticated-orcid":false,"given":"Debopam","family":"Sanyal","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-7862-1477","authenticated-orcid":false,"given":"Alexey","family":"Tumanov","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5859-6925","authenticated-orcid":false,"given":"Brendan","family":"Saltaformaggio","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]}],"member":"320","published-online":{"date-parts":[[2025,11,22]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Proceedings of the 27th USENIX Security Symposium (Security)","author":"Adi Yossi","year":"2018","unstructured":"Yossi Adi, Carsten Baum, Moustapha Cisse, Benny Pinkas, and Joseph Keshet. 2018. Turning your weakness into a strength: watermarking deep neural networks by backdooring. In Proceedings of the 27th USENIX Security Symposium (Security). Baltimore, MD (Aug. 2018)."},{"key":"e_1_3_2_1_2_1","volume-title":"Proceedings of the 2024 European Conference on Computer Vision (ECCV). Malm\u00f6, Sweden (Sept.","author":"Annavajjala Aditya","year":"2024","unstructured":"Aditya Annavajjala, Alind Khare, Animesh Agrawal, Igor Fedorov, Hugo Latapie, Myungjin Lee, and Alexey Tumanov. 2024. Dps: delayed \u2208-shrinking for faster once-for-all training. In Proceedings of the 2024 European Conference on Computer Vision (ECCV). Malm\u00f6, Sweden (Sept. 2024)."},{"key":"e_1_3_2_1_3_1","volume-title":"Proceedings of the 23rd International Conference on Artificial Intelligence and Statistics (AISTATS). Virtual Conference.","author":"Bagdasaryan Eugene","year":"2018","unstructured":"Eugene Bagdasaryan, Andreas Veit, Yiqing Hua, Deborah Estrin, and Vitaly Shmatikov. 2018. How to backdoor federated learning. In Proceedings of the 23rd International Conference on Artificial Intelligence and Statistics (AISTATS). Virtual Conference."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","unstructured":"P. Behnam J. Tong A. Khare Y. Chen Y. Pan P. Gadikar A. Bambhaniya T. Krishna and A. Tumanov. 2023. Hardware-software co-design for real-time latency-accuracy navigation in tinyml applications. IEEE Micro 01 (Sept. 2023) 1--7. doi: 10.1109\/MM.2023.3317243.","DOI":"10.1109\/MM.2023.3317243"},{"key":"e_1_3_2_1_5_1","volume-title":"Proceedings of the 6th Conference on Machine Learning and Systems (MLSys'23)","author":"Behnam Payman","year":"2023","unstructured":"Payman Behnam, Jianming Tong, Alind Khare, Yangyu Chen, Yue Pan, Pranav Gadikar, Abhimanyu Bambhaniya, Tushar Krishna, and Alexey Tumanov. 2023. Subgraph stationary hardware-software inference co-design. In Proceedings of the 6th Conference on Machine Learning and Systems (MLSys'23). Miami, Florida."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.5555\/3042573.3042761"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3264418"},{"key":"e_1_3_2_1_8_1","unstructured":"Keith Bonawitz et al. 2019. Towards federated learning at scale: system design. arXiv preprint arXiv:1902.01046. https:\/\/arxiv.org\/abs\/1902.01046."},{"key":"e_1_3_2_1_9_1","volume-title":"Proceedings of the 8th International Conference on Learning Representations (ICLR). Virtual Conference (Apr.","author":"Cai Han","year":"2020","unstructured":"Han Cai, Chuang Gan, Tianzhe Wang, Zhekai Zhang, and Song Han. 2020. Once-for-all: train one network and specialize it for efficient deployment. In Proceedings of the 8th International Conference on Learning Representations (ICLR). Virtual Conference (Apr. 2020)."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICPADS47876.2019.00042"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPRW56347.2022.00383"},{"key":"e_1_3_2_1_12_1","volume-title":"Proceedings of the 30th USENIX Security Symposium (Security). Virtual Conference (Aug.","author":"Carlini Nicholas","year":"2021","unstructured":"Nicholas Carlini. 2021. Poisoning The Unlabeled Dataset of Semi-Supervised Learning. In Proceedings of the 30th USENIX Security Symposium (Security). Virtual Conference (Aug. 2021)."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP54263.2024.00179"},{"key":"e_1_3_2_1_14_1","unstructured":"Xinyun Chen Chang Liu Bo Li Kimberly Lu and Dawn Song. 2017. Targeted backdoor attacks on deep learning systems using data poisoning. arXiv preprint arXiv:1712.05526. https:\/\/arxiv.org\/abs\/1712.05526."},{"key":"e_1_3_2_1_15_1","volume-title":"Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI). Broomfield, Colorado (Oct.","author":"Chilimbi Trishul","year":"2014","unstructured":"Trishul Chilimbi, Yutaka Suzue, Johnson Apacible, and Karthik Kalyanaraman. 2014. Project adam: building an efficient and scalable deep learning training system. In Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI). Broomfield, Colorado (Oct. 2014)."},{"key":"e_1_3_2_1_16_1","unstructured":"[n.d.] Cifar-10 (canadian institute for advanced research). [Accessed: 2023-01- 19]. (). http:\/\/www.cs.toronto.edu\/~kriz\/cifar.html."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.5555\/3489212.3489304"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"crossref","unstructured":"Maxime Girard Victor Qu\u00e9tu Samuel Tardieu Van-Tam Nguyen and Enzo Tartaglione. 2024. Memory-optimized once-for-all network. Accessed: 2025-07- 11. (2024). https:\/\/github.com\/MaximeGirard\/memory-optimized-once-for-all.","DOI":"10.1007\/978-3-031-91979-4_19"},{"key":"e_1_3_2_1_19_1","unstructured":"[SW] GitHub GitHub 2024. url: https:\/\/github.com."},{"key":"e_1_3_2_1_20_1","unstructured":"Github. [n.d.] Github active malware or exploits. [Accessed: 2024--7--12]. (). https:\/\/docs.github.com\/en\/site-policy\/acceptable- use- policies\/github- active-malware-or-exploits."},{"key":"e_1_3_2_1_21_1","unstructured":"Tianyu Gu Brendan Dolan-Gavitt and Siddharth Garg. 2017. Badnets: identifying vulnerabilities in the machine learning model supply chain. arXiv preprint arXiv:1708.06733. https:\/\/arxiv.org\/abs\/1708.06733."},{"key":"e_1_3_2_1_22_1","volume-title":"Proceedings of the 10th International Conference on Learning Representations (ICLR). Virtual Conference (Apr.","author":"Guo Junfeng","year":"2022","unstructured":"Junfeng Guo, Ang Li, and Cong Liu. 2022. AEVA: black-box backdoor detection using adversarial extreme value analysis. In Proceedings of the 10th International Conference on Learning Representations (ICLR). Virtual Conference (Apr. 2022)."},{"key":"e_1_3_2_1_23_1","unstructured":"Chaoyang He Murali Annavaram and Salman Avestimehr. 2020. Towards non-iid and invisible data with fednas: federated deep learning via neural architecture search. arXiv preprint arXiv:2004.08546."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2016.90"},{"volume-title":"Proceedings of the IEEE\/CVF International Conference on Computer Vision","author":"Andrew","key":"e_1_3_2_1_25_1","unstructured":"Andrew Howard et al. 2019. Searching for MobileNetV3. In Proceedings of the IEEE\/CVF International Conference on Computer Vision. Seoul, South Korea."},{"key":"e_1_3_2_1_26_1","unstructured":"Hugging Face. [n.d.] [Accessed: 2023--10-06]. (). https:\/\/huggingface.co\/."},{"key":"e_1_3_2_1_27_1","unstructured":"Huggingface. [n.d.] Huggingface model safety. [Accessed: 2024--7--12]. (). https: \/\/huggingface.co\/docs\/text-generation-inference\/en\/basic_tutorials\/safety."},{"key":"e_1_3_2_1_28_1","unstructured":"Kristian Humble. 2024. War artificial intelligence and the future of conflict. Georgetown Journal of International Affairs. Accessed: 2025-01--31. https:\/\/gjia. georgetown.edu\/2024\/07\/12\/war-artificial-intelligence-and-the-future-of-conflict\/."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN60899.2024.10650685"},{"key":"e_1_3_2_1_30_1","volume-title":"Proceedings of the 2024 European Conference on Computer Vision (ECCV). Malm\u00f6, Sweden (Sept.","author":"Khare Alind","year":"2024","unstructured":"Alind Khare, Animesh Agrawal, Aditya Annavajjala, Payman Behnam, Myungjin Lee, Hugo Latapie, and Alexey Tumanov. 2024. Superfednas: cost-efficient federated neural architecture search for on-device inference. In Proceedings of the 2024 European Conference on Computer Vision (ECCV). Malm\u00f6, Sweden (Sept. 2024)."},{"key":"e_1_3_2_1_31_1","volume-title":"Proceedings of the 22nd USENIX Symposium on Networked Systems Design and Implementation (NSDI)","author":"Khare Alind","year":"2025","unstructured":"Alind Khare, Dhruv Garg, Sukrit Kalra, Snigdha Grandhi, Ion Stoica, and Alexey Tumanov. 2025. Superserve: fine-grained inference serving for unpredictable workloads. In Proceedings of the 22nd USENIX Symposium on Networked Systems Design and Implementation (NSDI). Philadelphia, PA (Apr. 2025)."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1214\/aoms\/1177729694"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP61157.2025.00060"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNNLS.2022.3182979"},{"key":"e_1_3_2_1_35_1","unstructured":"Hanxiao Liu Karen Simonyan and Yiming Yang. 2018. Darts: differentiable architecture search. arXiv preprint arXiv:1806.09055."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363216"},{"key":"e_1_3_2_1_37_1","volume-title":"Proceedings of the 32nd USENIX Security Symposium (Security). Anaheim, CA (Aug.","author":"Liu Zhibo","year":"2023","unstructured":"Zhibo Liu, Yuanyuan Yuan, Shuai Wang, Xiaofei Xie, and Lei Ma. 2023. Decompiling x86 deep neural network executables. In Proceedings of the 32nd USENIX Security Symposium (Security). Anaheim, CA (Aug. 2023)."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"crossref","unstructured":"Lotfi Abdelkrim Mecharbat Ibrahim Almakky Martin Takac and Mohammad Yaqub. 2025. Mednns: supernet-based medical task-adaptive neural network search. arXiv preprint arXiv:2504.15865.","DOI":"10.1007\/978-3-032-04978-0_43"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"crossref","unstructured":"Luis Mu\u00f1oz-Gonz\u00e1lez Battista Biggio Ambra Demontis Andrea Paudice Vasin Wongrassamee Emil C. Lupu and Fabio Roli. 2017. Towards poisoning of deep learning algorithms with back-gradient optimization. arXiv preprint arXiv:1708.08689. https:\/\/arxiv.org\/abs\/1710.00942.","DOI":"10.1145\/3128572.3140451"},{"key":"e_1_3_2_1_40_1","volume-title":"Proceedings of the 32nd USENIX Security Symposium (Security). Anaheim, CA (Aug.","author":"Neupane Shradha","year":"2023","unstructured":"Shradha Neupane, Grant Holmes, Elizabeth Wyss, Drew Davidson, and Lorenzo De Carli. 2023. Beyond typosquatting: an in-depth look at package confusion. In Proceedings of the 32nd USENIX Security Symposium (Security). Anaheim, CA (Aug. 2023)."},{"key":"e_1_3_2_1_41_1","volume-title":"Ana Paula Marques Ramos, L\u00facio Andr\u00e9 de Castro Jorge, Sarah Narges Fatholahi, and Jonathan de Andrade Silva.","author":"Osco Lucas Prado","year":"2021","unstructured":"Lucas Prado Osco, Jos\u00e9 Marcato Junior, Ana Paula Marques Ramos, L\u00facio Andr\u00e9 de Castro Jorge, Sarah Narges Fatholahi, and Jonathan de Andrade Silva. 2021. A review on deep learning in uav remote sensing. International Journal of Applied Earth Observation and Geoinformation, 102. doi: https:\/\/doi.org\/10.101 6\/j.jag.2021.102456."},{"key":"e_1_3_2_1_42_1","volume-title":"Proceedings of the 2026 Annual Network and Distributed System Security Symposium (NDSS)","author":"Oygenblik David","year":"2026","unstructured":"David Oygenblik, Dinko Dermenzhiev, Filippos Sofias, Mingxuan Yao, Haichuan Xu, Runze Zhang, Jeman Park, Amit Sikder, and Brendan Saltaformaggio. 2026. Achieving ZEN: Combining Mathematical and Programmatic Deep Learning Model Representations for Attribution and Reuse. In Proceedings of the 2026 Annual Network and Distributed System Security Symposium (NDSS). San Diego, CA (Feb. 2026)."},{"key":"e_1_3_2_1_43_1","volume-title":"Proceedings of the 33rd USENIX Security Symposium (Security)","author":"Oygenblik David","year":"2024","unstructured":"David Oygenblik, Carter Yagemann, Joseph Zhang, Arianna Mastali, Jeman Park, and Brendan Saltaformaggio. 2024. AI Psychiatry: Forensic Investigation of Deep Learning Networks in Memory Images. In Proceedings of the 33rd USENIX Security Symposium (Security). Philadelphia, PA (Aug. 2024)."},{"key":"e_1_3_2_1_44_1","volume-title":"International conference on machine learning. PMLR, 4095--4104","author":"Pham Hieu","year":"2018","unstructured":"Hieu Pham, Melody Guan, Barret Zoph, Quoc Le, and Jeff Dean. 2018. Efficient neural architecture search via parameters sharing. In International conference on machine learning. PMLR, 4095--4104."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v33i01.33014780"},{"key":"e_1_3_2_1_46_1","volume-title":"Proceedings of the 9th International Conference on Learning Representations (ICLR). Virtual Conference (May","author":"Sahni Manas","year":"2021","unstructured":"Manas Sahni, Shreya Varshini, Alind Khare, and Alexey Tumanov. 2021. Compofa: compound once-for-all networks for faster multi-platform deployment. In Proceedings of the 9th International Conference on Learning Representations (ICLR). Virtual Conference (May 2021)."},{"key":"e_1_3_2_1_47_1","unstructured":"Sentient Digital Inc. 2024. The most useful military applications of ai in 2024 and beyond. Accessed: 2025-01--31. (2024). https:\/\/sdi.ai\/blog\/the-most-useful- military-applications-of-ai\/."},{"key":"e_1_3_2_1_48_1","volume-title":"Proceedings of the 32nd Conference on Neural Information Processing Systems (NeurIPS). Montreal, Canada (Dec.","author":"Shafahi Ali","year":"2018","unstructured":"Ali Shafahi, W Ronny Huang, Mahyar Najibi, Octavian Suciu, Christoph Studer, Tudor Dumitras, and Tom Goldstein. 2018. Poison frogs! targeted clean-label poisoning attacks on neural networks. In Proceedings of the 32nd Conference on Neural Information Processing Systems (NeurIPS). Montreal, Canada (Dec. 2018)."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2021.24498"},{"key":"e_1_3_2_1_50_1","volume-title":"Elijah Lorenzo Tripp, Denis Khryashchev, and Amin Kharraz.","author":"Siadati Hossein","year":"2024","unstructured":"Hossein Siadati, Sima Jafarikhah, Elif Sahin, Terrence Brent Hernandez, Elijah Lorenzo Tripp, Denis Khryashchev, and Amin Kharraz. 2024. Devphish: exploring social engineering in software supply chain attacks on developers. 2402.18401. https:\/\/arxiv.org\/abs\/2402.18401."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN.2011.6033395"},{"key":"e_1_3_2_1_52_1","volume-title":"Proceedings of the 33rd USENIX Security Symposium (Security)","author":"Sun Bing","year":"2024","unstructured":"Bing Sun, Jun Sun, Wayne Koh, and Jie Shi. 2024. Neural network semantic backdoor detection and mitigation: a Causality-Based approach. In Proceedings of the 33rd USENIX Security Symposium (Security). Philadelphia, PA (Aug. 2024)."},{"key":"e_1_3_2_1_53_1","volume-title":"Proceedings of the 30th USENIX Security Symposium (Security). Virtual Conference (Aug.","author":"Sun Zhichuang","year":"2021","unstructured":"Zhichuang Sun, Ruimin Sun, Long Lu, and Alan Mislove. 2021. Mind your weight(s): a large-scale study on insufficient machine learning model protection in mobile apps. In Proceedings of the 30th USENIX Security Symposium (Security). Virtual Conference (Aug. 2021)."},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-58951-6_24"},{"key":"e_1_3_2_1_55_1","volume-title":"Proceedings of the 40th IEEE Symposium on Security and Privacy (S&P)","author":"Wang B.","year":"2019","unstructured":"B. Wang, Y. Yao, S. Shan, H. Li, B. Viswanath, H. Zheng, and B. Y. Zhao. 2019. Neural cleanse: identifying and mitigating backdoor attacks in neural networks. In Proceedings of the 40th IEEE Symposium on Security and Privacy (S&P). San Francisco, CA (May 2019)."},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2019.00507"},{"key":"e_1_3_2_1_57_1","unstructured":"Xingxing Wei Ying Guo and Jie Yu. 2022. Adversarial sticker: a stealthy attack method in the physical world. 2104.06728. https:\/\/arxiv.org\/abs\/2104.06728."},{"key":"e_1_3_2_1_58_1","unstructured":"Robert Wu Nayan Saxena and Rohan Jain. 2021. Poisoning the search space in neural architecture search. arXiv:2106.14406. https:\/\/arxiv.org\/abs\/2106.14406."},{"key":"e_1_3_2_1_59_1","volume-title":"Proceedings of the 31st USENIX Security Symposium (Security)","author":"Wu Ruoyu","year":"2022","unstructured":"Ruoyu Wu, Taegyu Kim, Dave (Jing) Tian, Antonio Bianchi, and Dongyan Xu. 2022. DnD: a Cross-Architecture deep neural network decompiler. In Proceedings of the 31st USENIX Security Symposium (Security). Boston, MA (Aug. 2022)."},{"key":"e_1_3_2_1_60_1","volume-title":"Proceedings of the 26th ACM Conference on Computer and Communications Security (CCS)","author":"Yao Yuanshun","year":"2019","unstructured":"Yuanshun Yao, Huiying Li, Haitao Zheng, and Ben Y. Zhao. 2019. Latent backdoor attacks on deep neural networks. In Proceedings of the 26th ACM Conference on Computer and Communications Security (CCS). London, UK (Nov. 2019)."},{"volume-title":"Proceedings, Part VII 16","author":"Jiahui","key":"e_1_3_2_1_61_1","unstructured":"Jiahui Yu et al. 2020. Bignas: scaling up neural architecture search with big single-stage models. In Computer Vision--ECCV 2020: 16th European Conference, Glasgow, UK, August 23--28, 2020, Proceedings, Part VII 16. Springer, 702--717."},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"crossref","unstructured":"Jingyuan Zhao et al. 2024. Autonomous driving system: a comprehensive survey. Expert Systems with Applications 242. doi: 2023.122836.","DOI":"10.1016\/j.eswa.2023.122836"},{"key":"e_1_3_2_1_63_1","unstructured":"P. Zhou. 2024. How to make hugging face to hug worms: discovering and exploiting unsafe pickle.loads over pre-trained large model hubs. BlackHat Asia. (2024)."},{"key":"e_1_3_2_1_64_1","volume-title":"Proceedings of the 28th USENIX Security Symposium (Security). Santa Clara, CA (Aug.","author":"Zimmermann Markus","year":"2019","unstructured":"Markus Zimmermann, Cristian-Alexandru Staicu, Cam Tenny, and Michael Pradel. 2019. Small world with high risks: a study of security threats in the npm ecosystem. In Proceedings of the 28th USENIX Security Symposium (Security). Santa Clara, CA (Aug. 2019)."},{"key":"e_1_3_2_1_65_1","unstructured":"Barret Zoph and Quoc V Le. 2016. Neural architecture search with reinforcement learning. arXiv preprint arXiv:1611.01578."},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2018.00907"}],"event":{"name":"CCS '25: ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Taipei Taiwan","acronym":"CCS '25"},"container-title":["Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3719027.3765185","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T22:23:20Z","timestamp":1766442200000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3719027.3765185"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,11,19]]},"references-count":66,"alternative-id":["10.1145\/3719027.3765185","10.1145\/3719027"],"URL":"https:\/\/doi.org\/10.1145\/3719027.3765185","relation":{},"subject":[],"published":{"date-parts":[[2025,11,19]]},"assertion":[{"value":"2025-11-22","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}