“What was that site doing with my Facebook password?”, Designing Password-Reuse Notifications
|
Ruhr-University Bochum
,
University of Maryland
|
Examining Leakage of Access Counts in ORAM Constructions
|
TU Darmstadt
|
Pinto: Enabling Video Privacy for Commodity IoT Cameras
|
Hanyang University
|
Ohm’, s Law in Data Centers: A Voltage Side Channel for Timing Power Attacks
|
|
Trusted Execution on Leaky Hardware?
|
|
Using Logic Programming to Recover C++ Classes and Methods from Compiled Executables
|
Carnegie Mellon University
|
Scission: Signal Characteristic-Based Sender Identification and Intrusion Detection in Automotive Networks
|
|
Composition, Verification, and Differential Privacy
|
|
Enforcing Unique Code Target Property for Control-Flow Integrity
|
Taesoo Kim
,
Chenxiong Qian
,
Simon Pak Ho Chung
,
Georgia Institute of Technology
|
NRF: A Naive Re-identification Framework
|
|
On the Security of the PKCS#1 v1.5 Signature Scheme
|
Ruhr-University Bochum
|
Predicting Impending Exposure to Malicious Content from User Behavior
|
Carnegie Mellon University
|
Privacy Architectural Strategies: An Approach for Achieving Various Levels of Privacy Protection
|
|
MVG Mechanism: Differential Privacy under Matrix-Valued Query
|
Princeton University
|
Pseudo Constant Time Implementations of TLS Are Only Pseudo Secure
|
Adi Shamir
,
Eyal Ronen
,
Royal Holloway
,
Kenny Paterson
,
Weizmann Institute of Science
,
University of London
|
DeepCorr: Strong Flow Correlation Attacks on Tor Using Deep Learning
|
|
Secure Search via Sketching for Homomorphic Encryption
|
MIT
|
Issues Encountered Deploying Differential Privacy
|
MIT
|
DISE: DIstributed Symmetric-key Encryption
|
Oregon State University
|
Catch Me If You Can: Dynamic Concealment of Network Entities
|
|
Lost in the Digital Wild: Hiding Information in Digital Activities
|
|
Debin: Predicting Debug Information in Stripped Binaries
|
ETH Zurich
|
VMHunt: A Verifiable Approach to Partial-Virtualized Binary Code Simplification
|
The Pennsylvania State University
|
Towards Reactive Acoustic Jamming for Personal Voice Assistants
|
|
BitML: a calculus for Bitcoin smart contracts
|
|
Style Counsel: Seeing the (Random) Forest for the Trees in Adversarial Code Stylometry
|
|
ClickShield: Are You Hiding Something? Towards Eradicating Clickjacking on Android
|
Yanick Fratantonio
,
Simon Pak Ho Chung
,
Wenke Lee
,
Georgia Institute of Technology
|
Fraud De-Anonymization For Fun and Profit
|
|
Prime and Prejudice: Primality Testing Under Adversarial Conditions
|
Juraj Somorovsky
,
Royal Holloway
,
Jake Massimo
,
University of London
|
NodeMerge: Template Based Efficient Data Reduction For Big-Data Causality Analysis
|
|
vNIDS: Towards Elastic Security with Safe and Efficient Virtualization of Network Intrusion Detection Systems
|
Arizona State University
|
PrinTracker: Fingerprinting 3D Printers using Commodity Scanners
|
Northeastern University
,
Rutgers University
|
Evaluating Fuzz Testing
|
Andrew Ruef
,
University of Maryland
,
University of Texas at Dallas
|
Effective Program Debloating via Reinforcement Learning
|
University of Pennsylvania
,
Hanyang University
|
?On secure resource accounting for outsourced computation
|
|
Cloxy: A Context-aware Deception-as-a-Service Reverse Proxy for Web Services
|
|
Lawful Device Access without Mass Surveillance Risk: A Technical Design Discussion
|
Stefan Savage
,
UC San Diego
|
Deploying Differential Privacy for Learning on Sensitive Data
|
|
To Extend or not to Extend: On the Uniqueness of Browser Extensions and Web Logins
|
INRIA
|
Towards Efficient Privacy-Preserving Similar Sequence Queries on Outsourced Genomic Databases
|
TU Darmstadt
|
Faster PCA and Linear Regression through Hypercubes in HElib
|
|
Practical state recovery attacks against legacy RNG implementations
|
Nadia Heninger
,
Shaanan Cohney
,
University of Pennsylvania
,
Johns Hopkins University
|
Reinforcing System-Assigned Passphrases Through Implicit Learning
|
University of Ontario Institute of Technology
|
Analysis of Concurrent Moving Target Defenses
|
George Mason University
|
Quantifying the Effectiveness of Software Diversity using Near-Duplicate Detection Algorithms,
|
Johns Hopkins University
|
Truth Will Out: Departure-Based Process-Level Detection of Stealthy Attacks on Control Systems
|
|
In-design Resilient SDN Control Plane Against DDoS Attacks,
|
|
Detecting User Experience Issues of the Tor Browser In The Wild
|
Brendan Dolan-Gavitt
,
Damon McCoy
,
Indiana University Bloomington
,
New York University
|
SECURIFY: Practical Security Analysis of Smart Contracts
|
ETH Zurich
|
AIM-SDN: Attacking Information Mismanagement in SDN-datastores
|
Yan Shoshitaishvili
,
Vaibhav Hemant Dixit
,
Arizona State University
|
Deriving Privacy and Security Considerations for CORE: an Indoor IoT Adaptive Context Environment
|
|
An End-to-End System for Large Scale P2P MPC-as-a-Service and Low-Bandwidth MPC for Weak Participants
|
|
If This Then What? Controlling Flows in IoT Apps
|
KTH Royal Institute of Technology
|
Utility-aware synthesis of differentially private and attack-resilient location traces
|
Ling Liu
,
Georgia Institute of Technology
|
Towards Fine-grained Network Security Forensics and Diagnosis in the SDN Era
|
|
Preserving Both Privacy and Utility in Network Trace Anonymization
|
|
How You Get Bullets in Your Back: A Systematical Study about Cryptojacking in Real-world
|
Zhiyun Qian
,
Lei Zhang
,
Fudan University
|
Generalizing the SPDZ Compiler For Other Protocols
|
|
Family Reunion: Adversarial Machine Learning meets Digital Watermarking
|
Konrad Rieck
|
ret2spec: Speculative Execution Using Return Stack Buffers
|
Giorgi Maisuradze
,
Christian Rossow
|
Architectural Security and Side-Channel Attacks on Mordern Processor
|
Yier Jin
|
Double Embedding Steganalysis
|
|
Security-first architecture
|
|
Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary CPU Interrupt Logic
|
Raoul Strackx
,
Jo Van Bulck
,
Frank Piessens
|
Compressing Vector OLE
|
Ben Gurion University, Israel
|
Towards Usable Checksums: Automating the Integrity Verification of Web Downloads for the Masses
|
Google Inc.
,
ETH Zurich
|
nanoPI: Extreme-Scale Actively-Secure Multi-Party Computation
|
Indiana University
,
Carnegie Mellon University
|
The Accuracy of the Demographic Inferences Shown on Google's Ad Settings
|
|
Lord of the x86 Rings: A Portable User Mode Privilege Separation Architecture on x86
|
|
Investigating System Operators’ Perspective on Security Misconfigurations
|
Kevin Borgolte
,
Katharina Krombholz
,
Tobias Fiebig
,
TU Delft
,
Princeton University
|
Towards Paving the Way for Large-Scale Windows Malware Analysis: Generic Binary Unpacking with Orders-of-Magnitude Performance Boost
|
Wuhan University
|
Practical Backward-Secure Searchable Encryption from Symmetric Puncturable Encryption
|
|
Online Tracking of Kids and Teens by Means of Invisible Images: COPPA vs. GDPR
|
|
When Good Components Go Bad: Formally Secure Compilation Despite Dynamic Compromise
|
Carnegie Mellon University
,
Inria Paris
,
University of Virginia
|
Ensuring Deception Consistency for FTP Services Hardened against Advanced Persistent Threats,
|
|
The Multi-user Security of GCM, Revisited: Tight Bounds for Nonce Randomization
|
Florida State University
|
Invisible Pixels Are Dead, Long Live Invisible Pixels!
|
|
Lattice-Based Group Signatures and Zero-Knowledge Proofs of Automorphism Stability
|
|
HyCC: Compilation of Hybrid Protocols for Practical Secure Computation
|
TU Darmstadt
|
A Secure Hash Commitment Approach for Moving Target Defense of Security-critical Services
|
|
ABY3: A Mixed Protocol Framework for Machine Learning
|
Oregon State University
|
Towards Verified, Constant-time Floating Point Operations
|
Fraser Brown
,
Deian Stefan
,
University of California, San Diego
|
Milkomeda: Safeguarding the Mobile GPU Interface Using WebGL’s Security Checks
|
Mathias Payer
,
UC Irvine
|
HyperFlow: A High-Assurance Processor Architecture for Practical Timing-Safe Information Flow Security
|
|
Asking for a Friend: Evaluating Response Biases in Security User Studies
|
University of Maryland
,
University of California San Diego
|
Mitigating Risk while Complying with Data Retention Laws
|
University of Florida
|
PASTA: PASsword-based Threshold Authentication
|
Visa Research
|
PatternListener: Cracking Android Pattern Lock Using Acoustic Signals
|
Feng Xiao
,
Tsinghua University
,
Xidian University
,
Wuhan University
|
Pump up the Volume: Practical Database Reconstruction from Volume Leakage on Range Queries
|
Cornell Tech
|
RapidChain: Fast Blockchain Consensus via Full Sharding
|
Yale University
|
What's a little leakage between friends?
|
University of Pennsylvania
|
Faceted Secure Multi Execution
|
|
Local Differential Privacy for Evolving Data
|
|
Pinpointing Insecure Cryptographic Keys from Execution Traces
|
Shanghai Jiao Tong University
,
IMDEA Software Institute
|
Private Stateful Information Retrieval
|
|
Tight on Budget? Tight Bounds for r-Fold Approximate Differential Privacy
|
University College London
,
ETH Zurich
|
Unveiling Hardware-based Data Prefetcher, a Hidden Source of Information Leakage
|
Korea University
|
Measuring Information Leakage in Website Fingerprinting Attacks and Defenses
|
University of Minnesota
|
SGX Enforcement of Use-Based Privacy
|
|
The Gap Game
|
|
A Security SLA-driven Moving Target Defense Framework to Secure Cloud Applications
|
|
Situational Access Control in the Internet of Things
|
Columbia University
,
Tel Aviv University
,
Cornell Tech
|
Fast Multiparty Threshold ECDSA with Fast Trustless Setup
|
Princeton University
|
DeepMem: Learning Graph Neural Network Models for Fast and Robust Memory Forensic Analysis
|
Dawn Song
,
UC Berkeley
|
Threat Intelligence Computing
|
Jiyong Jang
,
IBM Research
|
Property Inference Attacks on Deep Neural Networks using Permutation Invariant Representations
|
University of Illinois at Urbana-Champaign
|
Screaming Channels: When Electromagnetic Side Channels Meet Radio Transceivers
|
Giovanni Camurati
,
Marius Muench
,
Sebastian Poeplau
,
Tom Hayes
,
Aurélien Francillon
,
EURECOM
|
On the Safety of IoT Device Physical Interaction Control
|
|
Are we there yet? Understanding the challenges faced in complying with the General Data Protection Regulation (GDPR)
|
University of Oxford, UK
|
Comparing Hypothetical and Realistic Privacy Valuations
|
|
Lattice-Based zk-SNARKs from Square Span Programs
|
Michele Orru
|
A better method to analyze blockchain consistency
|
Northeastern University
|
FRiCS: A Framework for Risk-driven Cloud Selection
|
|
Dynamic Defense against Adaptive and Persistent Adversaries
|
University of Washington
|
Labeled PSI from Fully Homomorphic Encryption with Malicious Security
|
Hao Chen
,
Oregon State University
|
Voting: you can’t have privacy without verifiability
|
Université de Lorraine
|
JN-SAF: Precise and Efficient NDK/JNI-aware Inter-language Static Analysis Framework for Security Vetting of Android Applications with Native Code
|
|
FairSwap: How to fairly exchange digital goods
|
TU Darmstadt
,
University of Warsaw
|
TACHYON: Fast Signatures from Compact Knapsack
|
Oregon State University
|
Pride and Prejudice in Progressive Web Apps: Abusing Native App-like Features in Web Applications
|
|
Toward Detecting Violations of Differential Privacy
|
|
Tiresias: Predicting Security Events Through Deep Learning
|
Yun Shen
,
University College London
|
Secure Opportunistic Multipath Key Exchange
|
ETH Zürich
|
Cross-App Poisoning in Software-Defined Networking
|
University of Illinois at Urbana-Champaign
,
MIT
,
Princeton University
,
MIT Lincoln Laboratory
|
Deep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning
|
Rochester Institute of Technology
|
ETERNAL: Encrypted Transmission with an Error-correcting, Real-time, Noise-resilient Apparatus on Lightweight devices
|
|
Runtime Analysis of Whole-System Provenance
|
University of Illinois at Urbana-Champaign
,
University of Cambridge
|
Expiring Decisions for Stream-based Data Access in a Declarative Privacy Policy Framework
|
|
Web’s Sixth Sense: A Study of Scripts Accessing Smartphone Sensors
|
Gunes Acar
,
Carnegie Mellon University
,
University of Illinois at Urbana-Champaign
,
Northeastern University
,
Princeton University
|
AMD x86 Memory Encryption Technologies
|
David Kaplan
|
Mechanism and Implementation of Watermarked Sample Scanning Method for Speech Data Tampering Detection
|
|
LEMNA: Explaining Deep Learning based Security Applications
|
Xinyu Xing
,
The Pennsylvania State University
,
Chinese Academy of Sciences
|
An Exploratory Analysis of Microcode as a Building Block for System Defenses
|
Benjamin Kollenda
,
Christof Paar
,
Thorsten Holz
|
General State Channel Networks
|
University of Warsaw
|
Secure Computation with Differentially Private Access Patterns
|
Sahar Mazloom
,
George Mason University
|
Mystique: Uncovering Information Leakage from Browser Extensions
|
North Carolina State University
|
Model-Reuse Attacks on Learning Systems
|
Zhejiang University
|
Rendered Insecure: GPU side channel attacks are practical
|
Zhiyun Qian
,
Nael Abu-Ghazaleh
,
University of California, Riverside
|
Revery: from Proof-of-Concept to Exploitable (One Step towards Automatic Exploit Generation)
|
Xiaobo Xiang
,
Tsinghua University
,
Institute of Information Engineering, Chinese Academy of Sciences
|
Improved Non-Interactive Zero Knowledge with Applications to Post-Quantum Signatures
|
University of Maryland
,
Georgia Tech
|
Invetter: Locating Insecure Input Validations in Android Services
|
Zhiyun Qian
,
Lei Zhang
,
Fudan University
|
Machine Learning with Membership Privacy using Adversarial Regularization
|
|
Comprehensive Security Assessment of Combined MTD Techniques for the Cloud,
|
|
Precise Android API Protection Mapping Derivation and Reasoning
|
Xiangyu Zhang
,
Purdue University
|
Formal Analysis of 5G Authentication
|
Lucca Hirschi
,
ETH Zurich
|
New Constructions for Forward and Backward Private Symmetric Searchable Encryption
|
University of Maryland
|
BEAT: Asynchronous BFT Made Practical
|
University of Maryland
,
University of North Carolina at Chapel Hill
|
DP-Finder: Finding Differential Privacy Violations by Sampling and Optimization
|
ETH Zürich
|
MineSweeper: An In-depth Look into Drive-by Cryptocurrency Mining and Its Defense
|
Herbert Bos
,
Christopher Kruegel
,
Veelasha Moonsamy
,
Vrije Universiteit Amsterdam
,
UC Santa Barbara
|
A Robust and Efficient Defense against Use-after-Free Exploits via Concurrent Pointer Sweeping
|
Mingwei Zhang
,
Daiping Liu
,
Intel Labs
,
University of Delaware
|
Reversible Image Watermarking Using Prediction Value Computation With Gradient Analysis
|
|
Symbolic Proofs for Lattice-Based Cryptography
|
IMDEA Software Institute
|
Partially specified channels: The TLS 1.3 record layer without elision
|
University of Florida
|
Block Oriented Programming: Automating Data-Only Attacks
|
Mathias Payer
,
Pennsylvania State University
,
Purdue University
|
ClaimChain: Improving the Security and Privacy of In-band Key Distribution for Messaging
|
|
No Training Hurdles: Fast Training-Agnostic Attacks to Infer Your Typing
|
Shanghai Jiao Tong University
|
Domain Validation ++ for MitM-Resilient PKI
|
Amit Klein
,
Haya Shulman
,
Fraunhofer Institute for Secure Information Technology SIT
|
Ouroboros Genesis: Composable Proof-of-Stake Blockchains with Dynamic Availability
|
Aggelos Kiayias
,
University of Edinburgh
,
ETH Zurich
,
University of Connecticut
|
Enhancing and Evaluating Identity Privacy and Authentication Strength by Utilizing the Identity Ecosystem
|
|
Can you find the one for me? Privacy-Preserving Matchmaking via Threshold PSI
|
|
Clock Around the Clock: Time-Based Device Fingerprinting
|
Davide Balzarotti
,
University of Deusto
|
Detecting Attacks Against Robotic Vehicles: A Control Invariant Approach
|
Hongjun Choi
,
Xiangyu Zhang
,
Dongyan Xu
,
Purdue University
|
On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees
|
University of Oxford
,
Facebook
|
Private PAC learning implies finite Littlestone dimension
|
|
EviHunter: Identifying Digital Evidence in the Permanent Storage of Android Devices via Static Analysis
|
Iowa State University
|
Bandwidth-Hard Functions: Reductions and Lower Bounds
|
|
Tracking and Tricking a Profiler: Automated Measuring and Influencing of Bluekai's Interest Profiling
|
|
ALCHEMY: A Language and Compiler for Homomorphic Encryption Made easY
|
University of Michigan
|
Security and Privacy Challenges for Mobile Data Protection
|
|
Check it Again: Detecting Lacking-Recheck Bugs in OS Kernels
|
Kangjie Lu
,
University of Minnesota
|
Phishing Attacks on Modern Android
|
Yanick Fratantonio
|
On the Accuracy of Password Strength Meters
|
Ruhr-University Bochum
|
TightRope: Towards Optimal Load-balancing of Paths in Anonymous Networks
|
|
Result Pattern Hiding Searchable Encryption for Conjunctive Queries
|
|
Fast Secure Computation for Small Population over the Internet
|
|
HoMonit: Monitoring Smart Home Apps from Encrypted Traffic
|
Xiaokuan Zhang
,
Yinqian Zhang
,
Shanghai Jiao Tong University
,
The Ohio State University
|
Fast Secure Multiparty ECDSA with Practical Distributed Key Generation and Applications to Cryptocurrency Custody
|
|
Privacy-preserving Dynamic Learning of Tor Network Traffic
|
University of Minnesota
|
Hawkeye: Towards a Desired Directed Grey-box Fuzzer
|
Nanyang Technological University
,
Fudan University
|
Yet Another Text Captcha Solver: A Generative Adversarial Network Based Approach
|
|
Detecting Both Machine and Human Created Fake Face Images In the Wild
|
Stonybrook University
|
Secure Outsourced Matrix Computation and Application to Neural Networks
|
University of California, San Diego
|
DynaFlow: An Efficient Website Fingerprinting Defense Based on Dynamically-Adjusting Flows
|
|
Release the Kraken: New KRACKs in the 802.11 Standard
|
Frank Piessens
,
Mathy Vanhoef
|
CALM: Consistent Adaptive Local Marginal for Marginal Release under Local Differential Privacy
|
Purdue University
,
Zhejiang University
|