|
Practical Quantum-Safe Voting from Lattices
|
|
|
DUPLO: Unifying Cut-and-Choose for Garbled Circuits
|
Oregon State University
|
|
Online algorithms for adaptive cyber defense on Bayesian attack graphs
|
Peng Liu
,
Pennsylvania State University
|
|
Better Bounds for Block Cipher Modes of Operation via Nonce-Based Key Derivation★
|
|
|
A Framework for Constructing Fast MPC over Arithmetic Circuits with Malicious Adversaries and an Honest-Majority
|
|
|
RAIN: Refinable Attack Investigation with On-demand Inter-Process Information Flow Tracking
|
Sangho Lee
,
Taesoo Kim
,
Wenke Lee
,
Georgia Institute of Technology
|
|
Verifying Security Policies in Multi-agent Workflows with Loops
|
|
|
Be Selfish and Avoid Dilemmas: Fork After Withholding (FAW) Attacks on Bitcoin
|
Yongdae Kim
,
Yunmok Son
,
Dohyun Kim
,
Yujin Kwon
|
|
Verified Correctness and Security of mbedTLS HMAC-DRBG
|
Matthew Green
,
Johns Hopkins University
,
Princeton University
|
|
The ART of App Compartmentalization: Compiler-based Library Privilege Separation on Stock Android
|
Oliver Schranz
|
|
Nonmalleable Information Flow Control★
|
|
|
SlowFuzz: Automated Domain-Independent Detection of Algorithmic Complexity Vulnerabilities
|
Suman Jana
,
Columbia University
|
|
Keep me Updated: An Empirical Study of Third-Party Library Updatability on Android
|
|
|
POISED: Spotting Twitter Spam Off the Beaten Paths
|
University of California, Santa Barbara
|
|
No-Match Attacks and Robust Partnering Definitions — Defining Trivial Attacks for Security Protocols is Not Trivial
|
Yong Li
|
|
U-TRI: Unlinkability Through Random Identifier for SDN Network
|
|
|
To BLISS-B or not to be - Attacking strongSwan's Implementation of Post-Quantum Signatures
|
Yuval Yarom
,
Graz University of Technology
,
Data61
,
University of Adelaide
|
|
FreeGuard: A Faster Secure Heap Allocator
|
University of Texas at Dallas
|
|
Why Do Developers Get Password Storage Wrong? A Qualitative Usability Study
|
University of Bonn
|
|
A Large-Scale Empirical Study of Security Patches
|
Frank Li
,
University of California, Berkeley
|
|
TinyOLE: Efficient Actively Secure Two-Party Computation from Oblivious Linear Function Evaluation
|
University of California, Berkeley
|
|
New Techniques for Structural Batch Verification in Bilinear Groups with Applications to Groth-Sahai Proofs
|
Karlsruhe Institute of Technology
|
|
walk2friends: Inferring Social Links from Mobility Profiles
|
CISPA
,
University of Luxembourg
,
Saarland University
|
|
Watch Me, but Don't Touch Me! Contactless Control Flow Monitoring via Electromagnetic Emanations
|
Saman Zonouz
,
Rutgers University
|
|
Don't Let One Rotten Apple Spoil the Whole Barrel: Towards Automated Detection of Shadowed Domains
|
Daiping Liu
,
Tsinghua University
,
University of Delaware
|
|
Private Information Retrieval
|
Indiana University
|
|
Oblivious Neural Network Predictions via MiniONN transformations
|
N. Asokan
,
Aalto University
|
|
JITGuard: Hardening Just-in-time Compilers with SGX
|
Ahmad-Reza Sadeghi
,
Christopher Liebchen
|
|
Side-Channel Attacks on BLISS Lattice-Based Signatures: Exploiting Branch Tracing Against strongSwan and Electromagnetic Emanations in Microcontrollers
|
|
|
SGX Security and Privacy
|
Taesoo Kim
,
Georgia Tech
|
|
Standardizing Bad Cryptographic Practice - A teardown of the IEEE standard for protecting electronic-design intellectual property
|
University of Florida
|
|
A Study on Autoencoder-based Reconstruction Method for Wi-Fi Location Data with Erasures
|
|
|
Neural Network-based Graph Embedding for Cross-Platform Binary Code Similarity Detection
|
Dawn Song
,
Samsung Research America
,
Georgia Institute of Technology
,
Shanghai Jiao Tong University
,
University of California, Riverside
,
University of California, Berkeley
|
|
The Waterfall of Liberty: Decoy Routing Circumvention that Resists Routing Attacks
|
|
|
T/Key: Second-Factor Authentication From Secure Hash Chains
|
Dan Boneh
,
Stanford University
|
|
A Formal Foundation for Secure Remote Execution of Enclaves★
|
Massachusetts Institute of Technology
,
University of California, Berkeley
|
|
Concurrency and Privacy with Payment-Channel Networks
|
Purdue University
|
|
Vulnerable Implicit Service: A Revisit
|
Tsinghua University
,
George Mason University
|
|
Let's go in for a closer look: Observing passwords in their natural habitat
|
Carnegie Mellon University
,
University of California, Berkeley
|
|
Post-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives
|
Graz University of Technology
,
Princeton University
|
|
Querying for Queries: Indexes of Queries for Efficient and Expressive IT-PIR
|
Indiana University
|
|
Revive: Rebalancing Off-Blockchain Payment Networks
|
ETH Zürich
|
|
FirmUSB: Vetting USB Device Firmware using Domain Informed Symbolic Execution
|
Grant Hernandez
,
University of Florida
|
|
Fast Private Set Intersection from Homomorphic Encryption
|
Hao Chen
,
Oregon State University
|
|
FAME: Fast Attribute-based Message Encryption
|
Visa Research
|
|
A Fast and Verified Software Stack for Secure Function Evaluation
|
IMDEA Software Institute
,
University of Surrey
|
|
SemFuzz: Semantics-based Automatic Generation of Proof-of-Concept?Exploits
|
XiaoFeng Wang
,
Kai Chen
,
Xiaojing Liao
,
Indiana University
|
|
Attribute-Based Encryption in the Generic Group Model: Automated Proofs and New Constructions
|
IMDEA Software Institute
|
|
Practical Secure Aggregation for Privacy-Preserving Machine Learning
|
Vladimir Ivanov
,
Google Inc.
|
|
Mutated Policies: Towards Proactive Attribute-based Defenses for Access Control
|
Arizona State University
|
|
Exploiting a Thermal Side Channel for Power Attacks in Multi-Tenant Data Centers
|
University of California, Riverside
|
|
Provably-Secure Logic Locking: From Theory To Practice
|
New York University
,
University of Texas at Dallas
|
|
Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2★
|
Frank Piessens
,
Mathy Vanhoef
,
KU Leuven
|
|
Certified Verification of Algebraic Properties on Low-Level Mathematical Constructs in Cryptographic Programs
|
|
|
Full accounting for verifiable outsourcing
|
New York University
,
Stanford University
,
Northeastern University
,
Georgetown University
,
University of Texas at Austin
|
|
Most Websites Don't Need to Vibrate: A Cost-Benefit Approach to Improving Browser Security
|
University of Illinois at Chicago
|
|
A Type System for Privacy Properties
|
|
|
Bolt: Anonymous Payment Channels for Decentralized Currencies
|
Matthew Green
,
Johns Hopkins University
|
|
Rise of the HaCRS: Augmenting Autonomous Cyber Reasoning Systems with Human Assistance
|
Yan Shoshitaishvili
,
Giovanni Vigna
,
Christopher Kruegel
,
University of California, Santa Barbara
,
Arizona State University
,
Northeastern University
|
|
PeGaSus: Data-Adaptive Differentially Private Stream Processing
|
|
|
Certified Malware: Measuring Breaches of Trust in the Windows Code-Signing PKI
|
University of Maryland
|
|
Detecting Spying and Fraud Browser Extensions
|
|
|
Predicting the Risk of Cyber Incidents
|
|
|
IMF: Inferred Model-based Fuzzer
|
HyungSeok Han
,
Sang Kil Cha
|
|
Automated Crowdturfing Attacks and Defenses in Online Review Systems
|
|
|
Quantifying the Pressure of Legal Risks on Third-party Vulnerability Research
|
Kirill Levchenko
,
Stefan Savage
,
University of California, San Diego
|
|
DolphinAttack: Inaudible Voice Commands★
|
Chen Yan
,
Wenyuan Xu
,
Zhejiang University
|
|
Efficient, Constant-Round and Actively Secure MPC: Beyond the Three-Party Case
|
Visa Research
|
|
HexType: Efficient Detection of Type Confusion Errors for C++
|
Byoungyoung Lee
,
Mathias Payer
,
Purdue University
|
|
Checking Open-Source License Violation and 1-day Security Risk at Large Scale
|
Taesoo Kim
,
Wenke Lee
,
Georgia Institute of Technology
|
|
Detecting Stealthy Botnets in a Resource-Constrained Environment using Reinforcement Learning
|
George Mason University
|
|
A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components
|
Vasilios Mavroudis
,
George Danezis
,
Petr Svenda
,
Dan Cvrcek
,
University College London
,
Masaryk University
|
|
Mixr: Flexible Runtime Rerandomization for Binaries
|
University of Virginia
|
|
Presence Attestation: The Missing Link In Dynamic Trust Bootstrapping
|
Gene Tsudik
,
Beihang University
,
University of California, Irvine
,
Singapore Management University
|
|
Synthesis of Probabilistic Privacy Enforcement
|
ETH Zürich
|
|
A Practical Encrypted Data Analytic Framework With Trusted Processors
|
University of Texas at Dallas
|
|
Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting
|
KU Leuven
,
Delft University of Technology
|
|
Path Hopping: an MTD Strategy for Quantum-safe Communication
|
University of Calgary
|
|
DIFUZE:Interface Aware Fuzzing for Kernel Drivers
|
Aravind Machiry
,
Yan Shoshitaishvili
,
Shuang Hao
,
Jake Corina
,
Giovanni Vigna
,
Christopher Kruegel
,
University of California, Santa Barbara
,
Arizona State University
,
University of Texas at Dallas
|
|
Solidus: Confidential Distributed Ledger Transactions via PVORM
|
University of Maryland
,
Cornell Tech
|
|
Forward and Backward Private Searchable Encryption from Constrained Cryptographic Primitives
|
Royal Holloway
,
Microsoft Research
,
University of London
|
|
Composing Differential Privacy and Secure Computation: A case study on scaling private record linkage
|
|
|
An NSF View of Multimedia Privacy and Security
|
|
|
Performance Modeling of Moving Target Defenses
|
George Mason University
|
|
Adversarial Data Mining: Big Data Meets Cyber Security Murat Kantarcioglu (University of Texas at Dallas)
|
University of Texas at Dallas
|
|
Malicious-Secure Private Set Intersection via Dual Execution
|
Oregon State University
|
|
Compressive Traffic Analysis: A New Paradigm for Scalable Traffic Analysis
|
|
|
CCCP: Closed Caption Crypto Phones to Resist MITM Attacks, Human Errors and Click-Through
|
University of Alabama at Birmingham
|
|
Scaling ORAM for Secure Computation★
|
Northeastern University
|
|
Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse
|
Georgia Institute of Technology
|
|
Where the Wild Warnings Are: Root Causes of Chrome HTTPS Certificate Errors
|
Ryan Sleevi
,
Purdue University
|
|
Directed Greybox Fuzzing
|
National University of Singapore
|
|
Deterministic, Stash-Free Write-Only ORAM
|
|
|
Multi-Stage Attack Graph Security Games: Heuristic Strategies, with Empirical Game-Theoretic Analysis
|
University of Michigan
|
|
Hearing Your Voice Is Not Enough: An Articulatory Gesture Based Liveness Detection for Voice Authentication
|
Florida State University
|
|
MagNet: a Two-Pronged Defense against Adversarial Examples
|
Hao Chen
|
|
Detecting Structurally Anomalous Logins Within Enterprise Networks
|
New York University
|
|
How Unique is Your .onion? An Analysis of the Fingerprintability of Tor Onion Services★
|
Rachel Greenstadt
,
Gunes Acar
,
KU Leuven
,
Drexel University
|
|
Pool: Scalable On-Demand Secure Computation Service Against Malicious Adversaries
|
Indiana University
,
Carnegie Mellon University
|
|
Designing New Operating Primitives to Improve Fuzzing Performance
|
Wen Xu
,
Taesoo Kim
,
Georgia Institute of Technology
|
|
Evaluation of Deception-based Web Attacks Detection
|
Davide Balzarotti
,
Orange Labs
|
|
Back to the drawing board: Revisiting the design of optimal location privacy-preserving mechanisms
|
IMDEA Software Institute
|
|
Betrayal, Distrust, and Rationality: Smart Counter-Collusion Contracts for Verifiable Cloud Computing
|
|
|
Deep Models Under the GAN: Information Leakage from Collaborative Deep Learning
|
Stevens Institute of Technology
|
|
Ligero: Lightweight Sublinear Arguments Without a Trusted Setup
|
|
|
Distributed Measurement with Private Set-Union Cardinality
|
Micah Sherr
,
Georgetown University
|
|
Forward Secure Dynamic Searchable Symmetric Encryption with Efficient Updates
|
|
|
BBA+: Improving the Security and Applicability of Privacy-Preserving Point Collection
|
Karlsruhe Institute of Technology
|
|
Machine Learning Models that Remember Too Much
|
Thomas Ristenpart
,
Cornell Tech
|
|
S3ORAM: A Computation-Efficient and Constant Client Bandwidth Blowup ORAM with Shamir Secret Sharing
|
Oregon State University
|
|
Efficient Public Trace-and-Revoke from Standard Assumptions
|
INRIA
|
|
Cliptography: Post-Snowden Cryptography
|
|
|
Data breaches, phishing, or malware? Understanding the risks of stolen credentials
|
Luca Invernizzi
,
Frank Li
,
Angelika Moscicki
,
Google Inc.
,
University of California, Berkeley
|
|
FlashGuard: Leveraging Intrinsic Flash Properties to Defend Against Encryption Ransomware
|
Xinyu Xing
,
Peng Liu
,
Georgia Institute of Technology
,
The Pennsylvania State University
|
|
Homomorphic Secret Sharing: Optimizations and Applications
|
Michele Orru
,
Ben Gurion University
|
|
Zero-Knowledge Contingent Payments Revisited: Attacks and Payments for Services
|
IMDEA Software Institute
,
Princeton University
|
|
DEFTL: Implementing Plausibly Deniable Encryption in Flash Translation Layer
|
Peng Liu
|
|
Use Privacy in Data-Driven Systems: Theory and Experiments with Machine Learnt Programs
|
Carnegie Mellon University
|
|
Deterministic Browser
|
|
|
Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX
|
XiaoFeng Wang
,
Yinqian Zhang
,
Indiana University
,
University of Illinois at Urbana-Champaign
,
The Ohio State University
|
|
Global-Scale Secure Multiparty Computation
|
University of Maryland
,
George Mason University
|
|
Authenticated Garbling and Efficient Maliciously Secure Two-Party Computation★
|
University of Maryland
,
George Mason University
|
|
Generating Synthetic Decentralized Social Graphs with Local Differential Privacy
|
Nanyang Technological University
|
|
A Stitch in Time: Supporting Android Developers in Writing Secure Code
|
Lancaster University
|
|
Approximate Thumbnail Preserving Encryption
|
Intel Corporation
|
|
Viden: Attacker Identification on In-Vehicle Networks
|
University of Michigan
|
|
Economic Factors of Vulnerability Trade and Exploitation: Empirical evidence from a prominent Russian cybercrime market
|
|
|
Hindsight: Understanding the Evolution of UI Vulnerabilities in Mobile Browsers
|
|
|
Attacking Automatic Video Analysis Algorithms: A Case Study of Google Cloud Video Intelligence API
|
University of Washington
|
|
VibWrite: Towards Finger-input Authentication on Ubiquitous Surfaces via Physical Vibration
|
Rutgers University
,
University of Alabama at Birmingham
|
|
Practical UC-Secure Delegatable Credentials with Attributes and Their Application to Blockchain
|
|
|
The TypTop System: Personalized Typo-tolerant Password Checking
|
Thomas Ristenpart
,
Royal Holloway
,
Cornell Tech
,
University of London
|
|
PtrSplit: Supporting general pointers in automatic program partitioning
|
The Pennsylvania State University
|
|
Practical Attacks Against Graph-based Clustering
|
Yacin Nadji
,
University of Georgia
,
Georgia Institute of Technology
,
University of North Carolina at Chapel Hill
|
|
Practical Multi-party Private Set Intersection from Symmetric-Key Techniques
|
Oregon State University
|
|
Fairness in an Unfair World: Fair Multiparty Computation from Public Bulletin Boards
|
Matthew Green
,
Johns Hopkins University
|
|
Identity-Based Format-Preserving Encryption
|
University of California, San Diego
,
Florida State University
|
|
Object Flow Integrity
|
University of Texas at Dallas
|
|
Science, Security and Academic Literature: Can We Learn from History?
|
|
|
Cryptographically Secure Information Flow Control on Key-Value Stores
|
|
|
Evading Classifiers by Morphing in the Dark
|
National University of Singapore
|
|
Practical Graphs for Optimal Side-Channel Resistant Memory-Hard Functions
|
Purdue University
|
|
Cache Side Channels: State-of-the-Art and Research Opportunities
|
Yinqian Zhang
|
|
DeepLog: Anomaly Detection and Diagnosis from System Logs through Deep Learning
|
|
|
If You Can't Measure It, You Can't Improve It: Moving Target Defense Metrics
|
|
|
Unwinding Ariadne's Identity Thread: Privacy Risks with Fitness Trackers and Online Social Networks
|
University of Oxford, UK
|