default search action
29th USENIX Security Symposium 2020
- Srdjan Capkun, Franziska Roesner:
29th USENIX Security Symposium, USENIX Security 2020, August 12-14, 2020. USENIX Association 2020, ISBN 978-1-939133-17-5
Wireless Security
- Cas Cremers, Benjamin Kiesl, Niklas Medinger:
A Formal Analysis of IEEE 802.11's WPA2: Countering the Kracks Caused by Cracking the Counters. 1-17 - Jan Ruge, Jiska Classen, Francesco Gringoli, Matthias Hollick:
Frankenstein: Advanced Wireless Fuzzing to Exploit New Bluetooth Escalation Targets. 19-36 - Yue Zhang, Jian Weng, Rajib Dey, Yier Jin, Zhiqiang Lin, Xinwen Fu:
Breaking Secure Pairing of Bluetooth Low Energy Using Downgrade Attacks. 37-54 - Lingjing Yu, Bo Luo, Jun Ma, Zhaoyu Zhou, Qingyun Liu:
You Are What You Broadcast: Identification of Mobile and IoT Devices from (Public) WiFi. 55-72 - David Rupprecht, Katharina Kohls, Thorsten Holz, Christina Pöpper:
Call Me Maybe: Eavesdropping Encrypted LTE Calls With ReVoLTE. 73-88
Human Factors
- Elissa M. Redmiles, Noel Warford, Amritha Jayanti, Aravind Koneru, Sean Kross, Miraida Morales, Rock Stevens, Michelle L. Mazurek:
A Comprehensive Quality Evaluation of Security and Privacy Advice on the Web. 89-108 - Daniel Votipka, Kelsey R. Fulton, James Parker, Matthew Hou, Michelle L. Mazurek, Michael Hicks:
Understanding security mistakes developers make: Qualitative analysis from Build It, Break It, Fix It. 109-126 - Joshua Reynolds, Nikita Samarin, Joseph D. Barnes, Taylor Judd, Joshua Mason, Michael D. Bailey, Serge Egelman:
Empirical Measurement of Systemic 2FA Usability. 127-143 - Miranda Wei, Madison Stamos, Sophie Veys, Nathan Reitinger, Justin Goodman, Margot Herman, Dorota Filipczuk, Ben Weinshel, Michelle L. Mazurek, Blase Ur:
What Twitter Knows: Characterizing Ad Targeting Practices, User Perceptions, and Ad Explanations Through Users' Own Twitter Data. 145-162 - Alisa Frik, Amelia Haviland, Alessandro Acquisti:
The Impact of Ad-Blockers on Product Search and Purchase Behavior: A Lab Experiment. 163-179
Software Security and Verification
- Sebastian Poeplau, Aurélien Francillon:
Symbolic execution with SymCC: Don't interpret, compile! 181-198 - Fraser Brown, Deian Stefan, Dawson R. Engler:
Sys: A Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code. 199-216 - Daniel Lehmann, Johannes Kinder, Michael Pradel:
Everything Old is New Again: Binary Security of WebAssembly. 217-234 - Tim Blazytko, Moritz Schlögel, Cornelius Aschermann, Ali Abbasi, Joel Frank, Simon Wörner, Thorsten Holz:
AURORA: Statistical Crash Analysis for Automated Root Cause Explanation. 235-252 - Yan Xiong, Cheng Su, Wenchao Huang, Fuyou Miao, Wansen Wang, Hengyi Ouyang:
SmartVerif: Push the Limit of Automation Capability of Verifying Security Protocols by Dynamic Strategies. 253-270
Mobile 1
- Grant Hernandez, Dave (Jing) Tian, Anurag Swarnim Yadav, Byron J. Williams, Kevin R. B. Butler:
BigMAC: Fine-Grained Policy Analysis of Android Firmware. 271-287 - Charles Weir, Ben Hermann, Sascha Fahl:
From Needs to Actions to Secure Apps? The Effect of Requirements and Developer Practices on App Security. 289-305 - Baozheng Liu, Chao Zhang, Guang Gong, Yishun Zeng, Haifeng Ruan, Jianwei Zhuge:
FANS: Fuzzing Android Native System Services via Automated Interface Analysis. 307-323 - Jiayi Chen, Urs Hengartner, Hassan Khan, Mohammad Mannan:
Chaperone: Real-time Locking and Loss Prevention for Smartphones. 325-342 - Andrea Possemato, Yanick Fratantonio:
Towards HTTPS Everywhere on Android: We Are Not There Yet. 343-360
Phishing, Spam, and Threat Intelligence
- Adam Oest, Penghui Zhang, Brad Wardman, Eric Nunes, Jakub Burgis, Ali Zand, Kurt Thomas, Adam Doupé, Gail-Joon Ahn:
Sunrise to Sunset: Analyzing the End-to-end Life Cycle and Effectiveness of Phishing Attacks at Scale. 361-377 - Adam Oest, Yeganeh Safaei, Penghui Zhang, Brad Wardman, Kevin Tyers, Yan Shoshitaishvili, Adam Doupé:
PhishTime: Continuous Longitudinal Measurement of the Effectiveness of Anti-phishing Blacklists. 379-396 - Sathvik Prasad, Elijah Robert Bouma-Sims, Athishay Kiran Mylappan, Bradley Reaves:
Who's Calling? Characterizing Robocalls through Audio and Metadata Analysis. 397-414 - Güliz Seray Tuncay, Jingyu Qian, Carl A. Gunter:
See No Evil: Phishing for Permissions with False Transparency. 415-432 - Xander Bouwman, Harm Griffioen, Jelle Egbers, Christian Doerr, Bram Klievink, Michel van Eeten:
A different cup of TI? The added value of commercial threat intelligence. 433-450
Trusted Execution Environments 1
- Ghada Dessouky, Tommaso Frassetto, Ahmad-Reza Sadeghi:
HybCache: Hybrid Side-Channel-Resilient Caches for Trusted Execution Environments. 451-468 - Daniel Moghimi, Jo Van Bulck, Nadia Heninger, Frank Piessens, Berk Sunar:
CopyCat: Controlled Instruction-Level Attacks on Enclaves. 469-486 - Dayeol Lee, Dongha Jung, Ian T. Fang, Chia-Che Tsai, Raluca Ada Popa:
An Off-Chip Attack on Hardware Enclaves via the Memory Bus. 487-504 - Chia-Che Tsai, Jeongseok Son, Bhushan Jain, John McAvey, Raluca Ada Popa, Donald E. Porter:
Civet: An Efficient Java Partitioning Framework for Hardware Enclaves. 505-522 - Shweta Shinde, Shengyi Wang, Pinghai Yuan, Aquinas Hobor, Abhik Roychoudhury, Prateek Saxena:
BesFS: A POSIX Filesystem for Enclaves with a Mechanized Safety Proof. 523-540
Network Security
- Markus Legner, Tobias Klenze, Marc Wyss, Christoph Sprenger
, Adrian Perrig:
EPIC: Every Packet Is Checked in the Data Plane of a Path-Aware Internet. 541-558 - Amirreza Niakanlahiji, Jinpeng Wei, Md Rabbi Alam, Qingyang Wang, Bei-Tseng Chu:
ShadowMove: A Stealthy Lateral Movement Strategy. 559-576 - Xiaofeng Zheng, Chaoyi Lu, Jian Peng, Qiushi Yang, Dongjie Zhou, Baojun Liu, Keyu Man, Shuang Hao, Haixin Duan, Zhiyun Qian:
Poison Over Troubled Forwarders: A Cache Poisoning Attack Targeting DNS Forwarding Devices. 577-593 - Qiao Kang, Lei Xue, Adam Morrison, Yuxin Tang, Ang Chen, Xiapu Luo:
Programmable In-Network Security for Context-aware BYOD Policies. 595-612 - Hyeonmin Lee, Aniketh Gireesh, Roland van Rijswijk-Deij, Taekyoung Kwon, Taejoong Chung:
A Longitudinal and Comprehensive Study of the DANE Ecosystem in Email. 613-630 - Yehuda Afek, Anat Bremler-Barr, Lior Shafir:
NXNSAttack: Recursive DNS Inefficiencies and Vulnerabilities. 631-648
Web Security and Privacy
- Frank Li:
Shim Shimmeny: Evaluating the Security and Privacy Contributions of Link Shimming in the Modern Web. 649-664 - Seyed Ali Mirheidari, Sajjad Arshad, Kaan Onarlioglu, Bruno Crispo, Engin Kirda, William Robertson:
Cached and Confused: Web Cache Deception in the Wild. 665-682 - Stefano Calzavara, Sebastian Roth, Alvise Rabitti, Michael Backes, Ben Stock:
A Tale of Two Headers: A Formal Analysis of Inconsistent Click-Jacking Protection on the Web. 683-697 - Shravan Narayan, Craig Disselkoen, Tal Garfinkel, Nathan Froyd, Eric Rahm, Sorin Lerner, Hovav Shacham, Deian Stefan:
Retrofitting Fine Grain Isolation in the Firefox Renderer. 699-716 - Jiajun Gong, Tao Wang:
Zero-delay Lightweight Defenses against Website Fingerprinting. 717-734 - Stephen Herwig, Christina Garman, Dave Levin:
Achieving Keyless CDNs with Conclaves. 735-751
Trusted Execution Environments 2
- Fabian Schwarz, Christian Rossow:
SENG, the SGX-Enforcing Network Gateway: Authorizing Communication from Shielded Clients. 753-770 - Ivan De Oliveira Nunes, Karim Eldefrawy, Norrathep Rattanavipanon, Gene Tsudik:
APEX: A Verified Architecture for Proofs of Execution on Remote Devices under Full Software Compromise. 771-788 - Lee Harrison, Hayawardh Vijayakumar, Rohan Padhye, Koushik Sen, Michael Grace:
PARTEMU: Enabling Dynamic Analysis of Real-World TrustZone Software Using Emulation. 789-806 - Leila Delshadtehrani, Sadullah Canakci, Boyou Zhou, Schuyler Eldridge, Ajay Joshi, Manuel Egele:
PHMon: A Programmable Hardware Monitor and Its Security Use Cases. 807-824 - Darius Suciu, Stephen E. McLaughlin, Laurent Simon, Radu Sion:
Horizontal Privilege Escalation in Trusted Applications. - Tobias Cloosters, Michael Rodler, Lucas Davi:
TeeRex: Discovery and Exploitation of Memory Corruption Vulnerabilities in SGX Enclaves. 841-858
Panel
- Avi Rubin:
The 2020 Election: Remote Voting, Disinformation, and Audit.
Automotive and Drone Security
- Mulong Luo, Andrew C. Myers, G. Edward Suh:
Stealthy Tracking of Autonomous Vehicles with Cache Side Channels. 859-876 - Jiachen Sun, Yulong Cao, Qi Alfred Chen, Z. Morley Mao:
Towards Robust LiDAR-based Perception in Autonomous Driving: General Black-box Adversarial Sensor Attack and Countermeasures. 877-894 - Raul Quinonez, Jairo Giraldo, Luis E. Salazar, Erick Bauman, Alvaro A. Cárdenas, Zhiqiang Lin:
SAVIOR: Securing Autonomous Vehicles with Robust Physical Invariants. 895-912 - Taegyu Kim, Chung Hwan Kim, Altay Ozen, Fan Fei, Zhan Tu, Xiangyu Zhang, Xinyan Deng, Dave (Jing) Tian, Dongyan Xu:
From Control Model to Program: Investigating Robotic Aerial Vehicle Accidents with MAYDAY. 913-930 - Junjie Shen, Jun Yeon Won, Zeyuan Chen, Qi Alfred Chen:
Drift with Devil: Security of Multi-Sensor Fusion based Localization in High-Level Autonomous Driving under GPS Spoofing. 931-948 - Haohuang Wen, Qi Alfred Chen, Zhiqiang Lin:
Plug-N-Pwned: Comprehensive Vulnerability Analysis of OBD-II Dongles as A New Over-the-Air Attack Surface in Automotive IoT. 949-965
Privacy Enhancing Technologies
- Xiaolan Gu, Ming Li, Yueqiang Cheng, Li Xiong, Yang Cao:
PCKV: Locally Differentially Private Correlated Key-Value Data Collection with Optimized Utility. 967-984 - Benjamin Andow, Samin Yaseer Mahmud, Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, Serge Egelman:
Actions Speak Louder than Words: Entity-Sensitive Privacy Policy and Data Flow Analysis with PoliCheck. 985-1002 - Chelsea Komlo, Nick Mathewson, Ian Goldberg:
Walking Onions: Scaling Anonymity Networks while Protecting Users. 1003-1020 - Hailong Zhang, Sufian Latif, Raef Bassily, Atanas Rountev:
Differentially-Private Control-Flow Node Coverage for Software Usage Analysis. 1021-1038 - Rishabh Poddar, Ganesh Ananthanarayanan, Srinath T. V. Setty, Stavros Volos, Raluca Ada Popa:
Visor: Privacy-Preserving Video Analytics as a Cloud Service. 1039-1056 - Katriel Cohn-Gordon, Georgios Damaskinos, Divino Neto, Joshi Cordova, Benoît Reitz, Benjamin Strahs, Daniel Obenshain, Paul Pearce, Ioannis Papagiannis, Available Media:
DELF: Safeguarding deletion correctness in Online Social Networks.
Software Security
- Antonio Flores-Montoya, Eric M. Schulte:
Datalog Disassembly. 1075-1092 - Weiteng Chen, Xiaochen Zou, Guoren Li, Zhiyun Qian:
KOOBE: Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities. 1093-1110 - Insu Yun, Dhaval Kapil, Taesoo Kim:
Automatic Techniques to Systematically Discover New Heap Exploitation Primitives. 1111-1128 - Timothy Nosco, Jared Ziegler, Zechariah Clark, Davy Marrero, Todd Finkler, Andrew Barbarello, W. Michael Petullo:
The Industrial Age of Hacking. 1129-1146 - Jiarun Dai, Yuan Zhang, Zheyue Jiang, Yingtian Zhou, Junyan Chen, Xinyu Xing, Xiaohan Zhang, Xin Tan, Min Yang, Zhemin Yang:
BScout: Direct Whole Patch Presence Test for Java Executables. 1147-1164 - Yang Xiao, Bihuan Chen, Chendong Yu, Zhengzi Xu, Zimu Yuan, Feng Li, Binghong Liu, Yang Liu, Wei Huo, Wei Zou, Wenchang Shi:
MVP: Detecting Vulnerabilities using Patch-Enhanced Vulnerability Signatures. 1165-1182
Embedded/IoT Security
- Bin Yuan, Yan Jia, Luyi Xing, Dongfang Zhao, XiaoFeng Wang, Deqing Zou, Hai Jin, Yuqing Zhang:
Shattered Chain of Trust: Understanding Security Risks in Cross-Cloud IoT Access Delegation. 1183-1200 - Abraham A. Clements, Eric Gustafson, Tobias Scharnowski, Paul Grosen, David Fritz, Christopher Kruegel, Giovanni Vigna, Saurabh Bagchi, Mathias Payer:
HALucinator: Firmware Re-hosting Through Abstraction Layer Emulation. 1201-1218 - Jie Zhou, Yufei Du, Zhuojia Shen, Lele Ma, John Criswell, Robert J. Walls:
Silhouette: Efficient Protected Shadow Stacks for Embedded Systems. 1219-1236 - Bo Feng, Alejandro Mera, Long Lu:
P2IM: Scalable and Hardware-independent Firmware Testing via Automatic Peripheral Interface Modeling. 1237-1254 - Siva Nishok Dhanuskodi, Xiang Li, Daniel E. Holcomb:
COUNTERFOIL: Verifying Provenance of Integrated Circuits using Intrinsic Package Fingerprints and Inexpensive Cameras. 1255-1272 - Anomadarshi Barua, Mohammad Abdullah Al Faruque:
Hall Spoofing: A Non-Invasive DoS Attack on Grid-Tied Solar Inverter. 1273-1290
Machine Learning 1
- Ahmed Salem, Apratim Bhattacharya, Michael Backes, Mario Fritz, Yang Zhang:
Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning. 1291-1308 - Varun Chandrasekaran, Kamalika Chaudhuri, Irene Giacomelli, Somesh Jha, Songbai Yan:
Exploring Connections Between Active Learning and Model Extraction. 1309-1326 - Fnu Suya, Jianfeng Chi, David Evans, Yuan Tian:
Hybrid Batch Attacks: Finding Black-box Adversarial Examples with Limited Queries. 1327-1344 - Matthew Jagielski, Nicholas Carlini, David Berthelot, Alex Kurakin, Nicolas Papernot:
High Accuracy and High Fidelity Extraction of Neural Networks. 1345-1362 - Erwin Quiring, David Klein, Daniel Arp, Martin Johns, Konrad Rieck:
Adversarial Preprocessing: Understanding and Preventing Image-Scaling Attacks in Machine Learning. 1363-1380 - Jinfeng Li, Tianyu Du, Shouling Ji, Rong Zhang, Quan Lu, Min Yang, Ting Wang:
TextShield: Robust Text Classification Based on Multimodal Embedding and Neural Machine Translation. 1381-1398
Microarchitectural Attacks
- Md. Mehedi Hasan, Biswajit Ray:
Data Recovery from "Scrubbed" NAND Flash Storage: Need for Analog Sanitization. 1399-1408 - R. Joseph Connor, Tyler McDaniel, Jared M. Smith, Max Schuchard:
PKU Pitfalls: Attacks on PKU-based Memory Isolation Systems. 1409-1426 - Daniel Moghimi, Moritz Lipp, Berk Sunar, Michael Schwarz:
Medusa: Microarchitectural Data Leakage via Automated Attack Synthesis. 1427-1444 - Zijo Kenjar, Tommaso Frassetto, David Gens, Michael Franz, Ahmad-Reza Sadeghi:
V0LTpwn: Attacking x86 Processor Integrity from Software. 1445-1461 - Fan Yao, Adnan Siraj Rakin, Deliang Fan:
DeepHammer: Depleting the Intelligence of Deep Neural Networks through Targeted Chain of Bit Flips. 1463-1480 - Oleksii Oleksenko, Bohdan Trach, Mark Silberstein, Christof Fetzer:
SpecFuzz: Bringing Spectre-type vulnerabilities to the surface. 1481-1498
Panel
- Srdjan Capkun:
Digital Contact Tracing.
Financial Tech and Voting
- Renuka Kumar, Sreesh Kishore, Hao Lu, Atul Prakash
Security Analysis of Unified Payments Interface and Payment Apps in India. 1499-1516 - Samin Yaseer Mahmud, Akhil Acharya, Benjamin Andow, William Enck, Bradley Reaves:
Cardpliance: PCI DSS Compliance of Android Applications. 1517-1533 - Michael A. Specter, James Koppel, Daniel J. Weitzner:
The Ballot is Busted Before the Blockchain: A Security Analysis of Voatz, the First Internet Voting Application Used in U.S. Federal Elections. 1535-1553 - Wouter Lueks, Iñigo Querejeta-Azurmendi, Carmela Troncoso:
VoteAgain: A scalable coercion-resistant voting system. 1553-1570 - Zain ul Abi Din, Hari Venugopalan, Jaime Park, Andy Li, Weisu Yin, Haohui Mai, Yong Jae Lee, Steven Liu, Samuel T. King:
Boxer: Preventing fraud by scanning credit cards. 1571-1588
Machine Learning 2
- Shawn Shan, Emily Wenger, Jiayun Zhang, Huiying Li, Haitao Zheng, Ben Y. Zhao:
Fawkes: Protecting Privacy against Unauthorized Deep Learning Models. 1589-1604 - Klas Leino, Matt Fredrikson:
Stolen Memories: Leveraging Model Memorization for Calibrated White-Box Membership Inference. 1605-1622 - Minghong Fang, Xiaoyu Cao, Jinyuan Jia, Neil Zhenqiang Gong:
Local Model Poisoning Attacks to Byzantine-Robust Federated Learning. 1605-1622 - Xudong Pan, Mi Zhang, Duocai Wu, Qifan Xiao, Shouling Ji, Min Yang:
Justinian's GAAvernor: Robust Distributed Learning with Gradient Aggregation Agent. 1641-1658 - Xinyang Zhang, Ningfei Wang, Hua Shen, Shouling Ji, Xiapu Luo, Ting Wang:
Interpretable Deep Learning under Fire. 1659-1676
Systems Security
- David Schrammel, Samuel Weiser, Stefan Steinegger, Martin Schwarzl, Michael Schwarz, Stefan Mangard, Daniel Gruss:
Donky: Domain Keys - Efficient In-Process Isolation for RISC-V and x86. 1677-1694 - Zeyu Mi, Dingji Li, Haibo Chen, Binyu Zang, Haibing Guan:
(Mostly) Exitless VM Protection from Untrusted Hypervisor through Disaggregated Nested Virtualization. 1695-1712 - Jake Christensen, Ionut Mugurel Anghel, Rob Taglang, Mihai Chiroiu, Radu Sion:
DECAF: Automatic, Adaptive De-bloating and Hardening of COTS Firmware. 1713-1730 - Daniel J. Bernstein, Tanja Lange:
McTiny: Fast High-Confidence Post-Quantum Key Erasure for Tiny Network Servers. 1731-1748 - Seyedhamed Ghavamnia, Tapti Palit, Shachee Mishra, Michalis Polychronakis:
Temporal System Call Specialization for Attack Surface Reduction. 1749-1766
Analysis of Crypto
- Samuel Weiser, David Schrammel, Lukas Bodner, Raphael Spreitzer
Big Numbers - Big Troubles: Systematically Analyzing Nonce Leakage in (EC)DSA Implementations. 1767-1784 - Arnis Parsovs:
Estonian Electronic Identity Card: Security Flaws in Key Management. 1785-1802 - Maik Ender, Amir Moradi, Christof Paar:
The Unpatchable Silicon: A Full Break of the Bitstream Encryption of Xilinx 7-Series FPGAs. 1803-1819 - Gabrielle Beck, Maximilian Zinkus, Matthew Green:
Automating the Development of Chosen Ciphertext Attacks. 1821-1837 - Gaëtan Leurent, Thomas Peyrin:
SHA-1 is a Shambles: First Chosen-Prefix Collision on SHA-1 and Application to the PGP Web of Trust. 1839-1856 - Guillaume Girol, Lucca Hirschi, Ralf Sasse, Dennis Jackson, Cas Cremers, David A. Basin:
A Spectral Analysis of Noise: A Comprehensive, Automated, Formal Analysis of Diffie-Hellman Protocols. 1857-1874
Specific User Populations
- Daniel Votipka, Seth M. Rabin, Kristopher K. Micinski, Jeffrey S. Foster, Michelle L. Mazurek:
An Observational Investigation of Reverse Engineers' Processes. 1875-1892 - Emily Tseng, Rosanna Bellini, Nora McDonald, Matan Danos, Rachel Greenstadt, Damon McCoy, Nicola Dell, Thomas Ristenpart:
The Tools and Tactics Used in Intimate Partner Surveillance: An Analysis of Online Infidelity Forums. 1893-1909 - Kasra Edalatnejad, Wouter Lueks, Julien Pierre Martin, Soline Ledésert, Anne L'Hôte, Bruno Thomas, Laurent Girod, Carmela Troncoso:
DatashareNetwork: A Decentralized Privacy-Preserving Search Engine for Investigative Journalists. 1911-1927 - Taslima Akter, Bryan Dosono, Tousif Ahmed, Apu Kapadia, Bryan C. Semaan:
"I am uncomfortable sharing what I can't see": Privacy Concerns of the Visually Impaired with Camera Based Assistive Applications. 1929-1948 - Jake Reichel, Fleming C. Peck, Mikako Inaba, Bisrat Moges, Brahmnoor Singh Chawla, Marshini Chetty:
'I have too much respect for my elders': Understanding South African Mobile Users' Perceptions of Privacy and Current Behaviors on Facebook and WhatsApp. 1949-1966
Side Channel Attacks
- Samira Briongos, Pedro Malagón, José Manuel Moya, Thomas Eisenbarth:
RELOAD+REFRESH: Abusing Cache Replacement Policies to Perform Stealthy Cache Attacks. 1967-1984 - Tom van Goethem, Christina Pöpper, Wouter Joosen, Mathy Vanhoef
Timeless Timing Attacks: Exploiting Concurrency to Leak Secrets over Remote Connections. 1985-2002 - Mengjia Yan, Christopher W. Fletcher, Josep Torrellas:
Cache Telepathy: Leveraging Shared Resource Attacks to Learn DNN Architectures. 2003-2020 - Cesar Pereida García, Sohaib ul Hassan, Nicola Tuveri, Iaroslav Gridin, Alejandro Cabrera Aldaya, Billy Bob Brumley
Certified Side Channels. 2021-2038 - Jiarong Xing, Qiao Kang, Ang Chen:
NetWarden: Mitigating Network Covert Channels while Preserving Performance. 2039-2056 - Daniel Moghimi, Berk Sunar, Thomas Eisenbarth, Nadia Heninger:
TPM-FAIL: TPM meets Timing and Lattice Attacks. 2057-2073
Implementations of Crypto
- Alex Ozdemir, Riad S. Wahby, Barry Whitehat, Dan Boneh:
Scaling Verifiable Computation Using Efficient Set Accumulators. 2075-2092 - Manu Drijvers, Sergey Gorbunov, Gregory Neven, Hoeteck Wee:
Pixel: Multi-signatures for Consensus. 2093-2110 - Hao Chen, Ilaria Chillotti, Yihe Dong, Oxana Poburinnaya, Ilya P. Razenshteyn, M. Sadegh Riazi:
SANNS: Scaling Up Secure Approximate k-Nearest Neighbors Search. 2111-2128 - Ahmed E. Kosba, Dimitrios Papadopoulos, Charalampos Papamanthou, Dawn Song:
MIRAGE: Succinct Arguments for Randomized Algorithms with Applications to Universal zk-SNARKs. 2129-2146 - Jonas Böhler, Florian Kerschbaum:
Secure Multi-party Computation of Differentially Private Median. 2147-2164
Authentication
- Sean Oesch, Scott Ruoti
That Was Then, This Is Now: A Security Evaluation of Password Generation, Storage, and Autofill in Browser-Based Password Managers. 2165-2182 - Jianjun Chen, Vern Paxson, Jian Jiang:
Composition Kills: A Case Study of Email Sender Authentication. 2183-2199 - Ke Coby Wang, Michael K. Reiter:
Detecting Stuffing of a User's Credentials at Her Own Accounts. 2201-2218 - Cong Wu, Kun He, Jing Chen, Ziming Zhao, Ruiying Du:
Liveness is Not Enough: Enhancing Fingerprint Authentication with Behavioral Biometrics to Defeat Puppet Attacks. 2219-2236 - Mozhgan Azimpourkivi, Umut Topkara, Bogdan Carbunar:
Human Distinguishable Visual Key Fingerprints. 2237-2254
Fuzzing 1
- Peiyuan Zong, Tao Lv, Dawei Wang, Zizhuang Deng, Ruigang Liang, Kai Chen:
FuzzGuard: Filtering out Unreachable Inputs in Directed Grey-box Fuzzing through Deep Learning. 2255-2269 - Kyriakos K. Ispoglou, Daniel Austin, Vishwath Mohan, Mathias Payer:
FuzzGen: Automatic Fuzzer Generation. 2271-2287 - Sebastian Österlund, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida:
ParmeSan: Sanitizer-guided Greybox Fuzzing. 2289-2306 - Tai Yue, Pengfei Wang, Yong Tang, Enze Wang, Bo Yu, Kai Lu, Xu Zhou:
EcoFuzz: Adaptive Energy-Saving Greybox Fuzzing as a Variant of the Adversarial Multi-Armed Bandit. 2307-2324 - Hongxu Chen, Shengjian Guo, Yinxing Xue, Yulei Sui, Cen Zhang, Yuekang Li, Haijun Wang, Yang Liu:
MUZZ: Thread-aware Grey-box Fuzzing for Effective Bug Hunting in Multithreaded Programs. 2325-2342
Mobile 2 and Malware
- Yizheng Chen, Shiqi Wang, Dongdong She, Suman Jana:
On Training Robust PDF Malware Classifiers. 2343-2360 - Shuofei Zhu, Jianjun Shi, Limin Yang, Boqin Qin, Ziyi Zhang, Linhai Song, Gang Wang:
Measuring and Modeling the Label Dynamics of Online Anti-Malware Engines. 2361-2378 - Mohamed Elsabagh, Ryan Johnson, Angelos Stavrou
FIRMSCOPE: Automatic Uncovering of Privilege-Escalation Vulnerabilities in Pre-Installed Apps in Android Firmware. 2379-2396 - Zhengzi Xu, Yulong Zhang, Longri Zheng, Liangzhao Xia, Chenfu Bao, Zhi Wang, Yang Liu:
Automatic Hot Patch Generation for Android Kernels. 2397-2414 - Zhushou Tang, Ke Tang, Minhui Xue, Yuan Tian, Sen Chen, Muhammad Ikram, Tielei Wang, Haojin Zhu:
iOS, Your OS, Everybody's OS: Vetting and Analyzing Network Services of iOS Applications. 2415-2432
Data Security/Secure Computation
- Ioannis Demertzis
SEAL: Attack Mitigation for Encrypted Databases via Adjustable Leakage. 2433-2450 - Paul Grubbs, Anurag Khandelwal, Marie-Sarah Lacharité, Lloyd Brown, Lucy Li, Rachit Agarwal, Thomas Ristenpart:
Pancake: Frequency Smoothing for Encrypted Data Stores. 2451-2468 - Hossein Shafagh, Lukas Burkhalter, Sylvia Ratnasamy, Anwar Hithnawi:
Droplet: Decentralized Authorization and Access Control for Encrypted Data Streams. 2469-2486 - Sahar Mazloom, Phi Hung Le, Samuel Ranellucci, S. Dov Gordon:
Secure parallel computation on national scale volumes of data. 2487-2504 - Pratyush Mishra, Ryan Lehmkuhl, Akshayaram Srinivasan, Wenting Zheng, Raluca Ada Popa:
Delphi: A Cryptographic Inference Service for Neural Networks. 2505-2522
Fuzzing 2
- Paul Fiterau-Brostean, Bengt Jonsson, Robert Merget, Joeri de Ruiter, Konstantinos Sagonas, Juraj Somorovsky:
Analysis of DTLS Implementations Using Protocol State Fuzzing. 2523-2540 - Dokyung Song, Felicitas Hetzelt, Jonghwan Kim, Brent ByungHoon Kang, Jean-Pierre Seifert, Michael Franz:
Agamotto: Accelerating Kernel Driver Fuzzing with Lightweight Virtual Machine Checkpoints. 2541-2557 - Hui Peng, Mathias Payer:
USBFuzz: A Framework for Fuzzing USB Drivers by Device Emulation. 2559-2575 - Shuitao Gan, Chao Zhang, Peng Chen, Bodong Zhao, Xiaojun Qin, Dong Wu, Zuoning Chen:
GREYONE: Data Flow Sensitive Fuzzing. 2577-2594 - Zu-Ming Jiang, Jia-Ju Bai, Kangjie Lu, Shi-Min Hu:
Fuzzing Error Handling Code using Context-Sensitive Software Fault Injection. 2595-2612 - Suyoung Lee, HyungSeok Han, Sang Kil Cha, Sooel Son:
Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer. 2613-2630
Voice and Speech
- Takeshi Sugawara, Benjamin Cyr, Sara Rampazzi, Daniel Genkin, Kevin Fu:
Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable Systems. 2631-2648 - Zhixiu Guo, Zijin Lin, Pan Li, Kai Chen:
SkillExplorer: Understanding the Behavior of Skills in Large Scale. 2649-2666 - Yuxuan Chen, Xuejing Yuan, Jiangshan Zhang, Yue Zhao, Shengzhi Zhang, Kai Chen, XiaoFeng Wang:
Devil's Whisper: A General Approach for Physical Adversarial Attacks against Commercial Black-box Speech Recognition Devices. 2667-2684 - Muhammad Ejaz Ahmed, Il-Youp Kwak, Jun Ho Huh, Iljoo Kim, Taekkyung Oh, Hyoungshick Kim:
Void: A fast and light voice liveness detection system. 2685-2702 - Shimaa Ahmed, Amrita Roy Chowdhury, Kassem Fawaz, Parmesh Ramanathan:
Preech: A System for Privacy-Preserving Speech Transcription. 2703-2720
Blockchains
- Harry A. Kalodner, Malte Möser, Kevin Lee, Steven Goldfeder, Martin Plattner, Alishah Chator, Arvind Narayanan:
BlockSci: Design and applications of a blockchain analysis platform. 2721-2738 - Florian Tramèr
Remote Side-Channel Attacks on Anonymous Transactions. 2739-2756 - Joel Frank, Cornelius Aschermann, Thorsten Holz:
ETHBMC: A Bounded Model Checker for Smart Contracts. 2757-2774 - Mengya Zhang, Xiaokuan Zhang, Yinqian Zhang, Zhiqiang Lin:
TXSPECTOR: Uncovering Attacks in Ethereum from Transactions. 2775-2792 - Shunfan Zhou, Zhemin Yang, Jie Xiang, Yinzhi Cao, Min Yang, Yuan Zhang:
An Ever-evolving Game: Evaluation of Real-world Attacks and Defenses in Ethereum Ecosystem. 2793-2810
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
last updated on 2024-11-04 20:30 CET by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint
dblp was originally created in 1993 at:
since 2018, dblp has been operated and maintained by:
the dblp computer science bibliography is funded and supported by: