Editor's Picks

Best Talks at Network and Distributed System Security (NDSS) Symposium 2026

Hand-picked from in-depth reviewer verdicts — the top 12 talks from this conference. Skip the noise, find the signal.

← All talks at Network and Distributed System Security (NDSS) Symposium 2026

  1. 1

    NeuroStrike: Neuron-Level Attacks on Aligned LLMs

    Lichao Wu

    This talk presents **NeuroStrike**, a neuron-level attack that jailbreaks aligned large language models by identifying and pruning **safety neurons** -- the specific neurons responsible for the model's refusal behavior when presented with malicious queries. By pruning just…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  2. 2

    Breaking Isolation: A New Perspective on Hypervisor Exploitation via Cross-Domain Attacks

    Gaoning Pan

    Virtual machine escape from hypervisors like **QEMU** and **VirtualBox** is one of the most consequential exploit classes in cloud security. This talk introduces **cross-domain attacks**, a systematic exploitation technique that makes previously unexploitable pointer corruption…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★☆
  3. 3

    Trust Me, I Know This Function: Hijacking LLM Static Analysis using Bias

    Shir Bernstein

    This talk presents a novel attack class called **Familiar Pattern Attacks (FPAs)** that exploits a fundamental weakness in how LLMs analyze code: **abstraction bias**. When LLMs encounter code patterns they have seen thousands of times during pre-training (like calculating the…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  4. 4

    IsolatOS: Detecting Double Fetch Bugs in COTS RTOS by Re-enabling Kernel Isolation

    Yingjie Cao

    Real-time operating systems (RTOS) are the invisible backbone of cyber-physical systems -- from automotive ECUs and aerospace systems to power plants and medical devices. With over **2.2 billion embedded devices** relying on RTOS, the security of these systems is critical. This…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  5. 5

    Unknown Target: Uncovering and Detecting Novel In-Flight Attacks to Collision Avoidance (TCAS)

    Giacomo Longo

    Giacomo Longo presents groundbreaking research analyzing what may be the **first real-world cyber attack against aircraft collision avoidance systems (TCAS)**. On March 1, 2025, at Washington National Airport (DCA), 10 aircraft experienced false Traffic Advisory (TA) and…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  6. 6

    ObliInjection: Order-Oblivious Prompt Injection Attack to LLM Agents with Multi-source Data

    Reachal Wang

    Most prompt injection attacks assume the attacker controls the entire data portion of an LLM's input. In real-world multi-source scenarios -- product review summarization, AI-powered search, multi-document QA -- the attacker controls only **one segment** among many, and…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  7. 7

    FlyTrap: Physical Distance-Pulling Attack Towards Camera-based Autonomous Target Tracking Systems

    Shaoyuan Xie

    FlyTrap is the first **distance-pulling attack** against camera-based autonomous drone tracking systems. By printing adversarial patterns on an ordinary **umbrella** ($20 on Amazon), an attacker can trick a tracking drone into progressively moving closer to the target by…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★☆
  8. 8

    SIPConfusion: Exploiting SIP Semantic Ambiguities for Caller ID and SMS Spoofing

    Qi Wang

    The **Session Initiation Protocol (SIP)** underpins modern voice, video, and messaging infrastructure -- from VoIP (projected at **$326 billion by 2032**) to **Rich Communication Services (RCS)** with over **1 billion active users** across 90 carriers in 60 countries. This talk…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  9. 9

    Actively Understanding the Dynamics and Risks of the Threat Intelligence Ecosystem

    Tillson Galloway

    The **threat intelligence (TI) ecosystem** is a multi-billion dollar industry where vendors ingest, analyze, and share malware samples and indicators of compromise (IoCs) through complex supply chain relationships. This talk presents a novel active probing methodology that maps…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  10. 10

    A Hard-Label Black-Box Evasion Attack against ML-based Malicious Traffic Detection Systems

    Zixuan Liu

    This talk introduces **NetMasquerade**, a practical hard-label black-box evasion attack against machine learning-based malicious traffic detection systems. The research addresses a critical gap in adversarial ML for network security: existing attacks either require white-box…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway MUST SEE ★★★★☆
  11. 11

    In-Context Probing for Membership Inference in Fine-Tuned Language Models

    Zhexi Lu

    This talk presents a novel **membership inference attack (MIA)** against fine-tuned language models that exploits a fundamental property of training dynamics called the **optimization gap**. The key insight is that member samples (data used in training) show diminishing returns…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway MUST SEE ★★★★☆
  12. 12

    Characterizing the Implementation of Censorship Policies in Chinese LLM Services

    Anna Ablove

    This talk presents a systematic study of how five major Chinese LLM services -- **DeepSeek**, **Kimi**, **Qwen**, **Doubao**, and **Baidu Chat (Wenxiaoyan)** -- implement censorship through combinations of **input filtering**, **search-phase filtering**, and **output…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway MUST SEE ★★★★★

View all talks at Network and Distributed System Security (NDSS) Symposium 2026 →