On the Practicality of Cryptographically Enforcing Dynamic Access Control Policies in the Cloud
|
University of Pittsburgh
|
Staying Secure and Unprepared: Understanding and Mitigating the Security Risks of Apple ZeroConf
|
Xiaolong Bai
,
Tsinghua University
|
TaoStore: Overcoming Asynchronicity in Oblivious Data Storage
|
|
Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts
|
University of Maryland
|
SoK: Towards Grounding Censorship Circumvention in Empiricism
|
ICSI
|
Helping Johnny to Analyze Malware: A Usability-Optimized Decompiler and Malware Analysis User Study
|
University of Bonn
|
Multiple Handshakes Security of TLS 1.3 Candidates
|
SKLCS, Institute of Software, Chinese Academy of Sciences, Beijing, China
,
CAS Key Laboratory
|
Inferring User Routes and Locations using Zero-Permission Mobile Sensors
|
Guevara Noubir
,
Northeastern University
|
Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning
|
Yale University
|
Distillation as a Defense to Adversarial Perturbations against Deep Neural Networks
|
The Pennsylvania State University
|
Users Really Do Plug in USB Drives They Find
|
University of Illinois Urbana-Champaign
|
Data-Oriented Programming: On the Expressiveness of Non-Control Data Attacks
|
National University of Singapore
|
Cache Storage Channels: Alias-Driven Attacks and Verified Countermeasures
|
|
Verena: End-to-End Integrity Protection for Web Applications
|
ETH Zurich
|
High-Speed Inter-domain Fault Localization
|
ETH Zurich
|
Cinderella: Turning Shabby X.509 Certificates into Elegant Anonymous Credentials with the Magic of Verifiable Computation
|
Antoine Delignat-Lavaud
,
Cedric Fournet
,
Markulf Kohlweiss
,
Microsoft Research
|
No Pardon for the Interruption: New Inference Attacks on Android Through Interrupt Timing Analysis
|
Xiangyu Liu
,
The Chinese University of Hong Kong
|
Return to the Zombie Gadgets: Undermining Destructive Code Reads via Code-Inference Attacks
|
UNC Chapel Hill
|
MitM Attack by Name Collision: Cause Analysis and Vulnerability Assessment in the New gTLD Era
|
University of Michigan
|
Downgrade Resilience in Key-Exchange Protocols
|
Karthikeyan Bhargavan
,
Inria Paris-Rocquencourt
|
Verifiable ASICs
|
New York University
,
Stanford University
|
CaSE: Cache-Assisted Secure Execution on ARM Processors
|
Virginia Polytechnic Institute and State University
|
A Practical Oblivious Map Data Structure with Secure Deletion and History Independence
|
|
Security Analysis of Emerging Smart Home Applications
|
Earlence Fernandes
,
University of Michigan
|
Dedup Est Machina: Memory Deduplication as an Advanced Exploitation Vector
|
Herbert Bos
,
Erik Bosman
,
Kaveh Razavi
,
Cristiano Giuffrida
,
Vrije Universiteit Amsterdam
|
Domain-Z: 28 Registrations Later
|
Chaz Lever
,
Georgia Tech
|
Key Confirmation in Key Exchange: A Formal Treatment and Implications for TLS 1.3
|
Technische Universität Darmstadt
|
Beauty and the Beast: Diverting modern web browsers to build unique browser fingerprints
|
INSA - INRIA
|
Sending out an SMS: Characterizing the Security of the SMS Ecosystem with Public Gateways
|
University of Florida
|
The Cracked Cookie Jar: HTTP Cookie Hijacking and the Exposure of Private Information
|
Suphannee Sivakorn
,
Iasonas Polakis
,
Columbia University
|
SoK: Verifiability Notions for E-Voting Protocols
|
INRIA/Loria
|
Automated Analysis and Verification of TLS 1.3: 0-RTT, Resumption and Delayed Authentication
|
University of Oxford
|
LAVA: Large-scale Automated Vulnerability Addition
|
Brendan Dolan-Gavitt
,
NYU
|
I Think They're Trying to Tell Me Something: Advice Sources and Selection for Digital Security
|
University of Maryland
|
SoK: Everyone Hates Robocalls: A Survey of Techniques against Telephone Spam
|
Arizona State University
|
Synthesizing Plausible Privacy-Preserving Location Traces
|
UIUC
|
PhotoProof: Cryptographic Image Authentication for Any Set of Permissible Transformations
|
Tel Aviv University
|
Cloak of Visibility: Detecting When Machines Browse a Different Web
|
Luca Invernizzi
,
Google Inc.
|
SoK: (State of) The Art of War: Offensive Techniques in Binary Analysis
|
Mario Polino
,
Siji Feng
,
Yan Shoshitaishvili
,
Giovanni Vigna
,
Christopher Kruegel
,
Nick Stephens
,
UC Santa Barbara
|
Revisiting Square Root ORAM: Efficient Random Access in Multi-Party Computation
|
University of Virginia
|
Shreds: Fine-grained Execution Units with Private Memory
|
Long Lu
,
Stony brook University
|
Following Devil's Footprints: Cross-Platform Analysis of Potentially Harmful Libraries on Android and iOS
|
Kai Chen
,
Institute of Information Engineering, Chinese Academy of Sciences
|
Seeking Nonsense, Looking for Trouble: Efficient Promotional-Infection Detection through Semantic Inconsistency Search
|
Xiaojing Liao
,
Georgia Institute of Technology
|
A Method for Verifying Privacy-Type Properties: The Unbounded Case
|
Lucca Hirschi
,
ENS Cachan
|
Back in Black: Towards Formal, Black Box Analysis of Sanitizers and Filters
|
George Argyros
,
Columbia University
|
Algorithmic Transparency via Quantitative Input Influence: Theory and Experiments with Learning Systems
|
Carnegie Mellon University
|
pASSWORD tYPOS and How to Correct Them Securely
|
|
A2: Analog Malicious Hardware
|
Qing Dong
,
University of Michigan
|
TriggerScope: Towards Detecting Logic Bombs in Android Applications
|
Yanick Fratantonio
,
UC Santa Barbara
|
Prepose: Privacy, Security, and Reliability for Gesture-Based Programming
|
Federal University of Pernambuco
|
Talos: Neutralizing Vulnerabilities with Security Workarounds for Rapid Response
|
University of Toronto
|
HDFI: Hardware-Assisted Data-Flow Isolation
|
Chengyu Song
,
Georgia Institute of Technology
|
A Tough call: Mitigating Advanced Code-Reuse Attacks At The Binary Level
|
Enes Goktas
,
Victor van der Veen
,
Vrije Universiteit Amsterdam
|
SoK: Lessons Learned From Android Security Research For Appified Software Platforms
|
CISPA
,
Saarland University
|
You Get Where You're Looking For: The Impact Of Information Sources On Code Security
|
CISPA
,
Saarland University
|