Under the Shadow of Sunshine: Understanding and Detecting Bulletproof Hosting on Legitimate Service Provider Networks
|
Indiana University at Bloomington
|
SoK: Cryptographically Protected Database Search
|
University of Connecticut
|
IKP: Turning a PKI Around with Decentralized Automated Incentives
|
Carnegie Mellon University/ETH Zurich
|
Leakage-Abuse Attacks on Order-Revealing Encryption
|
Cornell Tech
|
Backward-bounded DSE: Targeting Infeasibility Questions on Obfuscated Codes
|
Sébastien Bardin
,
CEA LIST
|
vSQL: Verifying Arbitrary SQL Queries over Dynamic Outsourced Databases
|
University of Maryland
|
Side-Channel Attacks on Shared Search Indexes
|
University of Wisconsin, Madison
|
Implementing and Proving the TLS 1.3 Record Layer
|
Karthikeyan Bhargavan
,
Inria Paris-Rocquencourt
|
XHOUND: Quantifying the Fingerprintability of Browser Extensions
|
Stony Brook
|
SoK: Exploiting Network Printers
|
Jens Müller
,
Ruhr University Bochum
|
SysPal:System-guided Pattern Locks for Android
|
Sungkyunkwan University
|
The Password Reset MitM Attack
|
Nethanel Gelernter
,
Cyberpion & The College of Management Academic Studies
|
To Catch a Ratter: Monitoring the Behavior of Amateur DarkComet RAT Operators in the Wild
|
UC San Diego
|
A Lustrum of Malware Network Communication: Evolution and Insights
|
Chaz Lever
,
Georgia Tech
|
How to Learn Klingon Without Dictionary: Detection and Measurement of Black Keywords Used by Underground Economy
|
Tsinghua University
|
CoSMeDis: A Distributed Social Media Platform with Formally Verified Confidentiality Guarantees
|
DFKI
|
VUDDY: A Scalable Approach for Vulnerable Code Clone Discovery
|
Korea University
|
Finding and Preventing Bugs in JavaScript Bindings
|
Fraser Brown
,
Stanford University
|
IoT Goes Nuclear: Creating a Zigbee Chain Reaction
|
Eyal Ronen
,
Weizmann Institute of Science
|
Identifying Personal DNA Methylation Profiles by Genotype Inference
|
CISPA
,
Saarland University & MPI-SWS
|
Verifying and Synthesizing Constant-Resource Implementations with Types
|
Carnegie Mellon University
|
Securing Augmented Reality Output
|
University of Washington
|
Hardening Java's Access Control by Abolishing Implicit Privilege Elevation
|
Fraunhofer SIT
|
HVLearn: Automated Black-box Analysis of Hostname Verification in SSL/TLS Implementations
|
Suphannee Sivakorn
,
Columbia University
|
The Feasibility of Dynamically Granted Permissions: Aligning Mobile Privacy with User Preferences
|
University of British Columbia
|
An Experimental Security Analysis of an Industrial Robot Controller
|
Davide Quarta
,
Politecnico di Milano
|
A Framework for Universally Composable Diffie-Hellman Key Exchange
|
University of Stuttgart
|
Optimized Honest-Majority MPC for Malicious Adversaries - Breaking the 1 Billion-Gate Per Second Barrier
|
NEC
|
IVD: Automatic Learning and Enforcement of Authorization Rules in Online Social Networks
|
Facebook
|
Hijacking Bitcoin: Routing Attacks on Cryptocurrencies
|
ETH Zürich
|
SmarPer: Context-Aware and Automatic Runtime-Permissions for Mobile Devices
|
|
From Trash to Treasure: Timing-Sensitive Garbage Collection
|
|
Protecting Bare-metal Embedded Systems with Privilege Overlays
|
Sandia National Labs
|
Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits
|
CMU
|
Spotless Sandboxes: Evading Malware Analysis Systems using Wear-and-Tear Artifacts
|
Stony Brook
|
Cloak and Dagger: From Two Permissions to Complete Control of the UI Feedback Loop
|
Yanick Fratantonio
,
UC Santa Barbara
|
Skyfire: Data-Driven Seed Generation for Fuzzing
|
Nanyang Technological University
|
Augur: Internet-Wide Detection of Connectivity Disruptions
|
UC Berkeley
|
Norax: Enabling Execute-Only Memory for COTS Binaries on AArch64
|
Stony Brook
|
Scalable Bias-Resistant Distributed Randomness
|
Trinity College
|
Cryptographic Function Detection in Obfuscated Binaries via Bit-precise Symbolic Loop Mapping
|
The Pennsylvania State University
|
NEZHA: Efficient Domain-independent Differential Testing
|
Columbia University
|
Machine-Checked Proofs of Privacy for Electronic Voting Protocols
|
LORIA
,
CNRS & Inria
,
Université de Lorraine
|
One TPM to Bind Them All: Fixing TPM2.0 for Provably Secure Anonymous Attestation
|
IBM Research - Zurich
|
Pyramid: Enhancing Selectivity in Big Data Protection with Count Featurization
|
Columbia University
|
Stack Overflow Considered Harmful? --- The Impact of Copy&Paste on Android Application Security
|
AISEC, Fraunhofer
|
Catena: Efficient Non-equivocation via Bitcoin
|
MIT
|
SoK: Science, Security, and the Elusive Goal of Security as a Scientific Pursuit
|
Cormac Herley
,
Microsoft Research, USA
|
How They Did It: An Analysis of Emission Defeat Devices in Modern Automobiles
|
Moritz Contag
,
Ruhr University Bochum
|
Is Interaction Necessary for Distributed Private Learning?
|
Pennsylvania State University
|
Membership Inference Attacks against Machine Learning Models
|
Cornell Tech
|
Towards Evaluating the Robustness of Neural Networks
|
Nicholas Carlini
,
University of California, Berkeley
|
SymCerts: Practical Symbolic Execution For Exposing Noncompliance in X.509 Certificate Validation Implementations
|
Purdue University
|
Obstacles to the Adoption of Secure Communication Tools
|
UCL
|
Verified Models and Reference Implementations for the TLS 1.3 Standard Candidate
|
Karthikeyan Bhargavan
,
INRIA
|
Comparing the Usability of Cryptographic APIs
|
CISPA
,
Saarland University
|
Multi-touch Authentication Using Hand Geometry and Behavioral Information
|
|
Counter-RAPTOR: Safeguarding Tor Against Active Routing Attacks
|
Princeton University
|
SecureML: A System for Scalable Privacy-Preserving Machine Learning
|
Visa Research
|
CRLite: A Scalable System for Pushing All TLS Revocations to All Browsers
|
Northeastern University
|