Resident Evil: Understanding Residential IP Proxy as a Dark Service
|
XiaoFeng Wang
,
Xiaojing Liao
,
Tsinghua University
,
Indiana University Bloomington
|
Spectre Attacks: Exploiting Speculative Execution
|
Jann Horn
,
Paul Kocher
,
Daniel Genkin
,
Daniel Gruss
,
Werner Haas
,
Anders Fogh
,
Google Project Zero
,
Graz University of Technology
,
University of Pennsylvania
,
University of Maryland
,
G DATA Advanced Analytics
|
PrivKV: Key-Value Data Collection with Local Differential Privacy
|
Hong Kong Polytechnic University
|
Helen: Maliciously Secure Coopetitive Learning for Linear Models
|
UC Berkeley
|
Iodine: Fast Dynamic Taint Tracking Using Rollback-free Optimistic Hybrid Analysis
|
University of Michigan
,
Georgia Institute of Technology
|
CaSym: Cache Aware Symbolic Execution for Side Channel Detection and Mitigation
|
Pennsylvania State University
|
DeepSec: A Uniform Platform for Security Analysis of Deep Learning Models
|
Bo Li
,
UC Berkeley
,
Zhejiang University
|
Measuring and Analyzing Search Engine Poisoning of Linguistic Collisions
|
Shuang Hao
,
Shanghai Jiao Tong University
,
University of Texas at Dallas
|
Attack Directories, Not Caches: Side Channel Attacks in a Non-Inclusive World
|
|
Learning to Reconstruct: Statistical Learning Theory and Encrypted Database Attacks
|
Royal Holloway
,
University of London
|
Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash?
|
Yongdae Kim
,
Yujin Kwon
,
Sungkyunkwan University
|
KHyperLogLog: Estimating Reidentifiability and Joinability of Large Data at Scale
|
Google Inc.
,
ETH Zurich
|
Characterizing Pixel Tracking through the Lens of Disposable Email Services
|
|
Breaking LTE on Layer Two
|
Thorsten Holz
,
David Rupprecht
,
Christina Pöpper
,
Ruhr-University Bochum
,
New York University Abu Dhabi
|
On the Feasibility of Rerouting-Based DDoS Defenses
|
National University of Singapore
|
Proof-of-Stake Sidechains
|
Dionysis Zindros
,
Aggelos Kiayias
,
University of Athens
,
University of Edinburgh
|
Razzer: Finding Kernel Race Bugs through Fuzzing
|
Byoungyoung Lee
,
Purdue University
|
Self-Encrypting Deception: Weaknesses in the Encryption of Solid State Drives
|
Carlo Meijer
,
Radboud University
|
HOLMES: Real-time APT Detection through Correlation of Suspicious Information Flows
|
University of Illinois at Chicago
|
Blind Certificate Authorities
|
Thomas Ristenpart
,
Northeastern University
,
Cornell Tech
|
Why Does Your Data Leak? Uncovering the Data Leakage in Cloud from Mobile Apps
|
Yinqian Zhang
,
The Ohio State University
|
On the Security of Two-Round Multi-Signatures
|
Ruhr-Universität Bochum
|
XCLAIM: Trustless, Interoperable, Cryptocurrency-Backed Assets
|
|
Does Certificate Transparency Break the Web? Measuring Adoption and Error Rate
|
Parisa Tabriz
,
Ryan Sleevi
|
Simple High-Level Code For Cryptographic Arithmetic -- With Proofs, Without Compromises
|
|
"Should I Worry?" A Cross-Cultural Examination of Account Security Incident Response
|
University of Maryland
|
Kiss from a Rogue: Evaluating Detectability of Pay-at-the-Pump Card Skimmers
|
Grant Hernandez
,
University of Florida
|
SoK: General Purpose Compilers for Secure Multi-Party Computation
|
University of Pennsylvania
|
Stealthy Porn: Understanding Real-World Adversarial Images for Illicit Online Promotion
|
XiaoFeng Wang
,
Xiaojing Liao
,
Indiana University Bloomington
|
ProFuzzer: On-the-fly Input Type Probing for Better Zero-day Vulnerability Discovery
|
Xueqiang Wang
,
XiaoFeng Wang
,
Xiangyu Zhang
,
Indiana University Bloomington
,
Purdue University
|
SoK: Shining Light on Shadow Stacks
|
Mathias Payer
,
Purdue University
|
"If HTTPS Were Secure, I Wouldn't Need 2FA" - End User and Administrator Mental Models of HTTPS
|
Katharina Krombholz
,
SBA Research
|
Security of GPS/INS based On-road Location Tracking Systems
|
Guevara Noubir
,
Northeastern University
|
Synesthesia: Detecting Screen Content via Remote Acoustic Side Channels
|
Daniel Genkin
,
University of Pennsylvania
,
University of Michigan
,
Columbia University
,
Tel Aviv University
,
Cornell Tech
|
New Primitives for Actively-Secure MPC mod $2^k$ with Applications to Private Machine Learning
|
|
Hard Drive of Hearing: Disks that Eavesdrop with a Synthesized Microphone
|
Wenyuan Xu
,
University of Michigan
,
Zhejiang University
|
NEUZZ: Efficient Fuzzing with Neural Program Smoothing
|
Suman Jana
,
Columbia University
|
Towards Practical Differentially Private Convex Optimization
|
Dawn Song
,
Boston University
,
Carnegie Mellon University
,
University of California, Berkeley
|
Certified Robustness to Adversarial Examples with Differential Privacy
|
Suman Jana
,
Columbia University
|
Ouroboros Crypsinous: Privacy-Preserving Proof-of-Stake
|
Aggelos Kiayias
,
Markulf Kohlweiss
|
Touching the Untouchables: Dynamic Security Analysis of the LTE Control Plane
|
Yongdae Kim
,
Korea Advanced Institute of Science and Technology
|
Theory and Practice of Finding Eviction Sets
|
Pepe Vila
,
IMDEA Software Institute
|
Using Safety Properties to Generate Vulnerability Patches
|
Pennsylvania State University
,
University of Toronto
|
Fuzzing File Systems via Two-Dimensional Input Space Exploration
|
Wen Xu
,
Taesoo Kim
,
Georgia Institute of Technology
|
An Extensive Formal Security Analysis of the OpenID Financial-grade API
|
University of Stuttgart
|
Dangerous Skills: Understanding and Mitigating Security Risks of Voice-Controlled Third-Party Functions on Virtual Personal Assistant Systems
|
Nan Zhang
,
Indiana University
,
Indiana University, Bloomington
|
Reasoning Analytically About Password-Cracking Software
|
Ruhr-University Bochum
|
The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations
|
Daniel Genkin
,
Yuval Yarom
,
David Wong
,
Adi Shamir
,
Eyal Ronen
,
NCC Group
,
Data61
,
University of Michigan
,
University of Adelaide
,
Tel Aviv University
|
Differentially Private Model Publishing For Deep Learning
|
Ling Liu
,
Georgia Institute of Technology
|
Perun: Virtual Payment Hubs over Cryptocurrencies
|
TU Darmstadt
,
University of Warsaw
|
PhishFarm: A Scalable Framework for Measuring the Effectiveness of Evasion Techniques Against Browser Phishing Blacklists
|
Arizona State University
|
Lay Down the Common Metrics: Evaluating Proof-of-Work Consensus Protocols' Security
|
Bart Preneel
,
KU Leuven
|
Fidelius: Protecting User Secrets from Compromised Browsers
|
Stanford University
|
F-BLEAU: Fast Black-box Leakage Estimation
|
|
Redactable Blockchain in the Permissionless Setting
|
|
Drones' Cryptanalysis - Smashing Cryptography with a Flicker
|
Adi Shamir
,
Yuval Elovici
,
Weizmann Institute of Science
,
Ben-Gurion University of the Negev
|
RIDL: Rogue In-Flight Data Load
|
Giorgi Maisuradze
,
Alyssa Milburn
,
Kaveh Razavi
,
Pietro Frigo
,
Vrije Universiteit Amsterdam
,
Saarland University
|
Full-speed Fuzzing: Reducing Fuzzing Overhead through Coverage-guided Tracing
|
|
Demystifying Hidden Privacy Settings in Mobile Apps
|
Nan Zhang
,
Indiana University Bloomington
,
Institute of Information Engineering, Chinese Academy of Sciences
|
SoK: Sanitizing for Security
|
Dokyung Song
,
University of California, Irvine
|
Asm2Vec: Boosting Static Representation Robustness for Binary Clone Search against Code Obfuscation and Compiler Optimization
|
McGill University
|
True2F: Backdoor-Resistant Authentication Tokens
|
Dan Boneh
,
Google Inc.
,
Stanford University
|
Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks
|
UC Santa Barbara
|
EmPoWeb: Empowering Web Applications with Browser Extensions
|
|
The Code That Never Ran: Modeling Attacks on Speculative Evaluation
|
Craig Disselkoen
,
University of California San Diego
|
Short Text, Large Effect: Measuring the Impact of User Reviews on Android App Security & Privacy
|
|
Towards Automated Safety Vetting of PLC Code in Real-World Plants
|
University of Michigan
,
University of Illinois at Urbana-Champaign
|
Data Recovery on Encrypted Databases With k-Nearest Neighbor Query Leakage
|
University of Maryland
|
Exploiting Correcting Codes: On the Effectiveness of ECC Memory Against Rowhammer Attacks
|
Herbert Bos
,
Kaveh Razavi
,
Cristiano Giuffrida
,
Vrije Universiteit Amsterdam
|
Beyond Credential Stuffing: Password Similarity Models using Neural Networks
|
Thomas Ristenpart
,
Cornell Tech
|
Formally Verified Cryptographic Web Applications in WebAssembly
|
Karthikeyan Bhargavan
,
Benjamin Beurdouche
|
Tap 'n Ghost: A Compilation of Novel Attack Techniques against Smartphone Touchscreens
|
Tatsuya Mori
,
Satohiro Wakabayashi
,
Seita Maruyama
,
Waseda University
|
Threshold ECDSA from ECDSA Assumptions: The Multiparty Case
|
Northeastern University
|
Understanding the Security of ARM Debugging Features
|
Zhenyu Ning
,
Wayne State University
|
How Well Do My Results Generalize? Comparing Security and Privacy Survey Results from MTurk, Web, and Telephone Samples
|
University of Maryland
,
University of California San Diego
|
LBM: A Security Framework for Peripherals within the Linux Kernel
|
Grant Hernandez
,
University of Florida
|
Comprehensive Privacy Analysis of Deep Learning
|
National University of Singapore
|
SoK: Security Evaluation of Home-Based IoT Deployment
|
Chaz Lever
,
Georgia Institute of Technology
,
University of North Carolina at Chapel Hill
|
Exploiting Unintended Feature Leakage in Collaborative Learning
|
University College London
,
Cornell Tech
|
Dominance as a New Trusted Computing Primitive for the Internet of Things
|
Sangho Lee
,
Georgia Institute of Technology
,
Northeastern University
|
Port Contention for Fun and Profit
|
Cesar Pereida García
|
Postcards from the Post-HTTP World: Amplification of HTTPS Vulnerabilities in the Web Ecosystem
|
Stefano Calzavara
,
Alvise Rabitti
,
Marco Squarcina
,
Riccardo Focardi
,
Masaryk University
|
SensorID: Sensor Calibration Fingerprinting for Smartphones
|
University of Cambridge
|
SoK: The Challenges, Pitfalls, and Perils of Using Hardware Performance Counters for Security
|
Michalis Polychronakis
,
Georgia Institute of Technology
,
University of North Carolina at Chapel Hill
|