Detection of Intrusions and Malware, and Vulnerability Assessment

The two-volume set LNCS 15747 and 15748 constitutes the refereed conference proceedings of the 12nd International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2025, held in Graz, Austria, during July 911, 2025.

The 25 revised full papers and 11 posters are presented in these proceedings were carefully reviewed and selected from 103 submissions. The papers are organized in the following topical sections:

Part I: Web Security; Vulnerability Detection; Side channels; and Obfuscation.

Part II: AI/ML & Security; Android & Patches; OS & Network; and Resilient Systems.

Klappentext

.- Web Security. .- ScamFerret: Detecting Scam Websites Autonomously with Large Language Models. .- Domain Name Encryption Does Not Ensure Privacy: Website Fingerprinting Attack With Only a Few Samples Using Siamese Network. .- Making (Only) the Right Calls: Preventing Remote Code Execution Attacks in PHP Applications with Contextual, State-Sensitive System Call Filtering. .- Poster: Generating the WEB-IDS23 Dataset. .- Vulnerability Detection. .- Sourcerer: channeling the void. .- CodeGrafter: Unifying Source and Binary Graphs for Robust Vulnerability Detection. .- SyzFroge: An Automated System Call Specification Generation Process for Efficient Kernel Fuzzing. .- Poster: Machine Learning for Vulnerability Detection as Target Oracle in Automated Fuzz Driver Generation. .- Side channels. .- Reverse-Engineering the Address Translation Caches. .- The HMB Timing Side Channel: Exploiting the SSD’s Host Memory Buffer. .- Cohere+Reload: Re-enabling High-Resolution Cache Attacks on AMD SEV-SNP. .- Poster: Extracting Cryptographic Keys from Windows Live Processes. .- Obfuscation. .- Experimental Study of Binary Diffing Resilience on Obfuscated Programs. .- Quantifying and Mitigating the Impact of Obfuscations on Machine-Learning-Based Decompilation Improvement. .- Exploring the Potential of LLMs for Code Deobfuscation. .- Poster: All Right Then, (Don’t) Keep Your Secrets: Exposing API Hashing in Malware.

Inhalt

.- Web Security.

.- ScamFerret: Detecting Scam Websites Autonomously with Large Language Models.

.- Domain Name Encryption Does Not Ensure Privacy: Website Fingerprinting Attack With Only a Few Samples Using Siamese Network.

.- Making (Only) the Right Calls: Preventing Remote Code Execution Attacks in PHP Applications with Contextual, State-Sensitive System Call Filtering.

.- Poster: Generating the WEB-IDS23 Dataset.

.- Vulnerability Detection.

.- Sourcerer: channeling the void.

.- CodeGrafter: Unifying Source and Binary Graphs for Robust Vulnerability Detection.

.- SyzFroge: An Automated System Call Specification Generation Process for Efficient Kernel Fuzzing.

.- Poster: Machine Learning for Vulnerability Detection as Target Oracle in Automated Fuzz Driver Generation.

.- Side channels.

.- Reverse-Engineering the Address Translation Caches.

.- The HMB Timing Side Channel: Exploiting the SSD's Host Memory Buffer.

.- Cohere+Reload: Re-enabling High-Resolution Cache Attacks on AMD SEV-SNP.

.- Poster: Extracting Cryptographic Keys from Windows Live Processes.

.- Obfuscation.

.- Experimental Study of Binary Diffing Resilience on Obfuscated Programs.

.- Quantifying and Mitigating the Impact of Obfuscations on Machine-Learning-Based Decompilation Improvement.

.- Exploring the Potential of LLMs for Code Deobfuscation.

.- Poster: All Right Then, (Don't) Keep Your Secrets: Exposing API Hashing in Malware.