default search action
23rd NDSS 2016: San Diego, California, USA
- 23rd Annual Network and Distributed System Security Symposium, NDSS 2016, San Diego, California, USA, February 21-24, 2016. The Internet Society 2016
- Matthew D. Green:
Keynote: On Subverting Trust.
Session 1: Transport Layer Security
- Karthikeyan Bhargavan, Gaëtan Leurent:
Transcript Collision Attacks: Breaking Authentication in TLS, IKE and SSH. - Ralph Holz, Johanna Amann, Olivier Mehani, Mohamed Ali Kâafar, Matthias Wachs:
TLS in the Wild: An Internet-wide Analysis of TLS-based Protocols for Electronic Communication.
Session 2: Network Security - Part I
- Cristina Basescu, Raphael M. Reischuk, Pawel Szalachowski, Adrian Perrig, Yao Zhang, Hsu-Chun Hsiao, Ayumu Kubota, Jumpei Urakawa:
SIBRA: Scalable Internet Bandwidth Reservation Architecture. - Jakub Czyz, Matthew J. Luckie, Mark Allman, Michael D. Bailey:
Don't Forget to Lock the Back Door! A Characterization of IPv6 Network Security Policy. - Aanchal Malhotra, Isaac E. Cohen, Erik Brakke, Sharon Goldberg:
Attacking the Network Time Protocol. - Min Suk Kang, Virgil D. Gligor, Vyas Sekar:
SPIFFY: Inducing Cost-Detectability Tradeoffs for Persistent Link-Flooding Attacks.
Session 3: Web Security
- Ahmet Salih Buyukkayhan, Kaan Onarlioglu, William K. Robertson, Engin Kirda:
CrossFire: An Analysis of Firefox Extension-Reuse Vulnerabilities. - M. Zubair Rafique, Tom van Goethem, Wouter Joosen, Christophe Huygens, Nick Nikiforakis:
It's Free for a Reason: Exploring the Ecosystem of Free Live Streaming Services. - Avinash Sudhodanan, Alessandro Armando, Roberto Carbone, Luca Compagna:
Attack Patterns for Black-Box Security Testing of Multi-Party Web Applications. - Vaibhav Rastogi, Rui Shao, Yan Chen, Xiang Pan, Shihong Zou, Ryan D. Riley:
Are these Ads Safe: Detecting Hidden Attacks through the Mobile App-Web Interfaces.
Session 4: Network Security Part II
- John Sonchack, Jonathan M. Smith, Adam J. Aviv, Eric Keller:
Enabling Practical Software-defined Networking Security Applications with OFX. - Jianjun Chen, Xiaofeng Zheng, Hai-Xin Duan, Jinjin Liang, Jian Jiang, Kang Li, Tao Wan, Vern Paxson:
Forwarding-Loop Attacks in Content Delivery Networks. - Yossi Gilad, Amir Herzberg, Michael Sudkovitch, Michael Goberman:
CDN-on-Demand: An affordable DDoS Defense via Untrusted Clouds. - Sungmin Hong, Robert Baykov, Lei Xu, Srinath Nadimpalli, Guofei Gu:
Towards SDN-Defined Programmable BYOD (Bring Your Own Device) Security.
Session 5: MISC: Cryptocurrencies, Captchas, and GameBots
- George Danezis, Sarah Meiklejohn:
Centrally Banked Cryptocurrencies. - Alex Biryukov, Dmitry Khovratovich:
Equihash: Asymmetric Proof-of-Work Based on the Generalized Birthday Problem. - Haichang Gao, Jeff Yan, Fang Cao, Zhengya Zhang, Lei Lei, Mengyun Tang, Ping Zhang, Xin Zhou, Xuqin Wang, Jiawei Li:
A Simple Generic Attack on Text Captchas. - Eunjo Lee, Jiyoung Woo, Hyoungshick Kim, Aziz Mohaisen, Huy Kang Kim:
You are a Game Bot!: Uncovering Game Bots in MMORPGs via Self-similarity in the Wild.
Session 6: Privacy in Mobile
- Anupam Das, Nikita Borisov, Matthew Caesar:
Tracking Mobile Web Users Through Motion Sensors: Attacks and Defenses. - Wei Meng, Ren Ding, Simon P. Chung, Steven Han, Wenke Lee:
The Price of Free: Privacy Leakage in Personalized Mobile In-Apps Ads. - Sooel Son, Daehyeok Kim, Vitaly Shmatikov:
What Mobile Ads Know About Mobile Users. - Soteris Demetriou, Whitney Merrill, Wei Yang, Aston Zhang, Carl A. Gunter:
Free for All! Assessing User Data Exposure to Advertising Libraries on Android. - Altaf Shaik, Jean-Pierre Seifert, Ravishankar Borgaonkar, N. Asokan, Valtteri Niemi:
Practical Attacks Against Privacy and Availability in 4G/LTE Mobile Communication Systems.
Session 7: Software Security
- Daming D. Chen, Maverick Woo, David Brumley, Manuel Egele:
Towards Automated Dynamic Analysis for Linux-based Embedded Firmware. - Sebastian Eschweiler, Khaled Yakdan, Elmar Gerhards-Padilla:
discovRE: Efficient Cross-Architecture Identification of Bugs in Binary Code. - Nick Stephens, John Grosen, Christopher Salls, Andrew Dutcher, Ruoyu Wang, Jacopo Corbetta, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna:
Driller: Augmenting Fuzzing Through Selective Symbolic Execution. - Chao Zhang, Dawn Song, Scott A. Carr, Mathias Payer, Tongxin Li, Yu Ding, Chengyu Song:
VTrust: Regaining Trust on Virtual Calls. - Dimitar Bounov, Rami Gökhan Kici, Sorin Lerner:
Protecting C++ Dynamic Dispatch Through VTable Interleaving.
Session 8: System Security - Part I
- Shiqing Ma, Xiangyu Zhang, Dongyan Xu:
ProTracer: Towards Practical Provenance Tracing by Alternating Between Logging and Tainting. - David Formby, Preethi Srinivasan, Andrew M. Leonard, Jonathan D. Rogers, Raheem A. Beyah:
Who's in Control of Your Control System? Device Fingerprinting for Cyber-Physical Systems. - Ahmed M. Azab, Kirk Swidowski, Rohan Bhutkar, Jia Ma, Wenbo Shen, Ruowen Wang, Peng Ning:
SKEE: A lightweight Secure Kernel-level Execution Environment for ARM. - Prerit Jain, Soham Jayesh Desai, Ming-Wei Shih, Taesoo Kim, Seong-Min Kim, Jae-Hyuk Lee, Changho Choi, Youjung Shin, Brent ByungHoon Kang, Dongsu Han:
OpenSGX: An Open Platform for SGX Research.
Session 9: Privacy - Part I
- Luca Melis, George Danezis, Emiliano De Cristofaro:
Efficient Private Statistics with Succinct Sketches. - Changchang Liu, Supriyo Chakraborty, Prateek Mittal:
Dependence Makes You Vulnberable: Differential Privacy Under Dependent Tuples. - David J. Wu, Joe Zimmerman, Jérémy Planul, John C. Mitchell:
Privacy-Preserving Shortest Path Computation. - Changchang Liu, Prateek Mittal:
LinkMirage: Enabling Privacy-preserving Analytics on Social Relationships.
Session 10: Privacy - Part II
- Sheharbano Khattak, David Fifield, Sadia Afroz, Mobin Javed, Srikanth Sundaresan, Damon McCoy, Vern Paxson, Steven J. Murdoch:
Do You See What I See? Differential Treatment of Anonymous Users. - Rishab Nithyanand, Oleksii Starov, Phillipa Gill, Adva Zair, Michael Schapira:
Measuring and Mitigating AS-level Adversaries Against Tor. - Andriy Panchenko, Fabian Lanze, Jan Pennekamp, Thomas Engel, Andreas Zinnen, Martin Henze, Klaus Wehrle:
Website Fingerprinting at Internet Scale.
Session 11: Malware
- Curtis Carmony, Xunchao Hu, Heng Yin, Abhishek Vasisht Bhaskar, Mu Zhang:
Extract Me If You Can: Abusing PDF Parsers in Malware Detectors. - Weilin Xu, Yanjun Qi, David Evans:
Automatically Evading Classifiers: A Case Study on PDF Malware Classifiers. - Teryl Taylor, Kevin Z. Snow, Nathan Otterness, Fabian Monrose:
Cache, Trigger, Impersonate: Enabling Context-Sensitive Honeyclient Analysis On-the-Wire. - Chad Spensky, Hongyi Hu, Kevin Leach:
LO-PHI: Low-Observable Physical Host Instrumentation for Malware Analysis. - Charles Smutz, Angelos Stavrou:
When a Tree Falls: Using Diversity in Ensemble Classifiers to Identify Evasion in Malware Detectors.
Session 12: System Security - Part II
- Yuru Shao, Qi Alfred Chen, Zhuoqing Morley Mao, Jason Ott, Zhiyun Qian:
Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework. - Kangjie Lu, Wenke Lee, Stefan Nürnberger, Michael Backes:
How to Make ASLR Win the Clone Wars: Runtime Re-Randomization. - Kjell Braden, Lucas Davi, Christopher Liebchen, Ahmad-Reza Sadeghi, Stephen Crane, Michael Franz, Per Larsen:
Leakage-Resilient Layout Randomization for Mobile Devices. - Robert Gawlik, Benjamin Kollenda, Philipp Koppe, Behrad Garmany, Thorsten Holz:
Enabling Client-Side Crash-Resistance to Overcome Diversification and Information Hiding. - Chengyu Song, Byoungyoung Lee, Kangjie Lu, William Harris, Taesoo Kim, Wenke Lee:
Enforcing Kernel Security Invariants with Data Flow Integrity.
Session 13: Android Security
- Vitor Monte Afonso, Paulo L. de Geus, Antonio Bianchi, Yanick Fratantonio, Christopher Kruegel, Giovanni Vigna, Adam Doupé, Mario Polino:
Going Native: Using a Large-Scale Analysis of Android Apps to Create a Practical Native-Code Sandboxing Policy. - Xiao Zhang, Kailiang Ying, Yousra Aafer, Zhenshen Qiu, Wenliang Du:
Life after App Uninstallation: Are the Data Still Alive? Data Residue Attacks on Android. - Jaebaek Seo, Daehyeok Kim, Donghyun Cho, Insik Shin, Taesoo Kim:
FLEXDROID: Enforcing In-App Privilege Separation in Android. - Michelle Y. Wong, David Lie:
IntelliDroid: A Targeted Input Generator for the Dynamic Analysis of Android Malware. - Siegfried Rasthofer, Steven Arzt, Marc Miltenberger, Eric Bodden:
Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques.
Session 14: User Authentication
- Chaoshun Zuo, Wubing Wang, Zhiqiang Lin, Rui Wang:
Automatic Forgery of Cryptographically Consistent Messages to Identify Security Vulnerabilities in Mobile Services. - Jeremiah Blocki, Anupam Datta, Joseph Bonneau:
Differentially Private Password Frequency Lists. - David Freeman, Sakshi Jain, Markus Dürmuth, Battista Biggio, Giorgio Giacinto:
Who Are You? A Statistical Approach to Measuring User Authenticity. - Otto Huhta, Swapnil Udar, Mika Juuti, Prakash Shrestha, Nitesh Saxena, N. Asokan:
Pitfalls in Designing Zero-Effort Deauthentication: Opportunistic Human Observation Attacks. - Jingchao Sun, Xiaocong Jin, Yimin Chen, Jinxue Zhang, Yanchao Zhang, Rui Zhang:
VISIBLE: Video-Assisted Keystroke Inference from Tablet Backside Motion.
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.