Star 0


Title Humans
Practical Quantum-Safe Voting from Lattices
DUPLO: Unifying Cut-and-Choose for Garbled Circuits Oregon State University
Online algorithms for adaptive cyber defense on Bayesian attack graphs Peng Liu , Pennsylvania State University
Better Bounds for Block Cipher Modes of Operation via Nonce-Based Key Derivation★
A Framework for Constructing Fast MPC over Arithmetic Circuits with Malicious Adversaries and an Honest-Majority
RAIN: Refinable Attack Investigation with On-demand Inter-Process Information Flow Tracking Sangho Lee , Taesoo Kim , Wenke Lee , Georgia Institute of Technology
Verifying Security Policies in Multi-agent Workflows with Loops
Be Selfish and Avoid Dilemmas: Fork After Withholding (FAW) Attacks on Bitcoin Yongdae Kim , Yunmok Son , Dohyun Kim , Yujin Kwon
Verified Correctness and Security of mbedTLS HMAC-DRBG Matthew Green , Johns Hopkins University , Princeton University
The ART of App Compartmentalization: Compiler-based Library Privilege Separation on Stock Android Oliver Schranz
Nonmalleable Information Flow Control★
SlowFuzz: Automated Domain-Independent Detection of Algorithmic Complexity Vulnerabilities Suman Jana , Columbia University
Keep me Updated: An Empirical Study of Third-Party Library Updatability on Android
POISED: Spotting Twitter Spam Off the Beaten Paths University of California, Santa Barbara
No-Match Attacks and Robust Partnering Definitions — Defining Trivial Attacks for Security Protocols is Not Trivial Yong Li
U-TRI: Unlinkability Through Random Identifier for SDN Network
To BLISS-B or not to be - Attacking strongSwan's Implementation of Post-Quantum Signatures Yuval Yarom , Graz University of Technology , Data61 , University of Adelaide
FreeGuard: A Faster Secure Heap Allocator University of Texas at Dallas
Why Do Developers Get Password Storage Wrong? A Qualitative Usability Study University of Bonn
A Large-Scale Empirical Study of Security Patches Frank Li , University of California, Berkeley
TinyOLE: Efficient Actively Secure Two-Party Computation from Oblivious Linear Function Evaluation University of California, Berkeley
New Techniques for Structural Batch Verification in Bilinear Groups with Applications to Groth-Sahai Proofs Karlsruhe Institute of Technology
walk2friends: Inferring Social Links from Mobility Profiles CISPA , University of Luxembourg , Saarland University
Watch Me, but Don't Touch Me! Contactless Control Flow Monitoring via Electromagnetic Emanations Saman Zonouz , Rutgers University
Don't Let One Rotten Apple Spoil the Whole Barrel: Towards Automated Detection of Shadowed Domains Daiping Liu , Tsinghua University , University of Delaware
Private Information Retrieval Indiana University
Oblivious Neural Network Predictions via MiniONN transformations N. Asokan , Aalto University
JITGuard: Hardening Just-in-time Compilers with SGX Ahmad-Reza Sadeghi , Christopher Liebchen
Side-Channel Attacks on BLISS Lattice-Based Signatures: Exploiting Branch Tracing Against strongSwan and Electromagnetic Emanations in Microcontrollers
SGX Security and Privacy Taesoo Kim , Georgia Tech
Standardizing Bad Cryptographic Practice - A teardown of the IEEE standard for protecting electronic-design intellectual property University of Florida
A Study on Autoencoder-based Reconstruction Method for Wi-Fi Location Data with Erasures
Neural Network-based Graph Embedding for Cross-Platform Binary Code Similarity Detection Dawn Song , Samsung Research America , Georgia Institute of Technology , Shanghai Jiao Tong University , University of California, Riverside , University of California, Berkeley
The Waterfall of Liberty: Decoy Routing Circumvention that Resists Routing Attacks
T/Key: Second-Factor Authentication From Secure Hash Chains Dan Boneh , Stanford University
A Formal Foundation for Secure Remote Execution of Enclaves★ Massachusetts Institute of Technology , University of California, Berkeley
Concurrency and Privacy with Payment-Channel Networks Purdue University
Vulnerable Implicit Service: A Revisit Tsinghua University , George Mason University
Let's go in for a closer look: Observing passwords in their natural habitat Carnegie Mellon University , University of California, Berkeley
Post-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives Graz University of Technology , Princeton University
Querying for Queries: Indexes of Queries for Efficient and Expressive IT-PIR Indiana University
Revive: Rebalancing Off-Blockchain Payment Networks ETH Zürich
FirmUSB: Vetting USB Device Firmware using Domain Informed Symbolic Execution Grant Hernandez , University of Florida
Fast Private Set Intersection from Homomorphic Encryption Hao Chen , Oregon State University
FAME: Fast Attribute-based Message Encryption Visa Research
A Fast and Verified Software Stack for Secure Function Evaluation IMDEA Software Institute , University of Surrey
SemFuzz: Semantics-based Automatic Generation of Proof-of-Concept?Exploits XiaoFeng Wang , Kai Chen , Xiaojing Liao , Indiana University
Attribute-Based Encryption in the Generic Group Model: Automated Proofs and New Constructions IMDEA Software Institute
Practical Secure Aggregation for Privacy-Preserving Machine Learning Vladimir Ivanov , Google Inc.
Mutated Policies: Towards Proactive Attribute-based Defenses for Access Control Arizona State University
Exploiting a Thermal Side Channel for Power Attacks in Multi-Tenant Data Centers University of California, Riverside
Provably-Secure Logic Locking: From Theory To Practice New York University , University of Texas at Dallas
Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2★ Frank Piessens , Mathy Vanhoef , KU Leuven
Certified Verification of Algebraic Properties on Low-Level Mathematical Constructs in Cryptographic Programs
Full accounting for verifiable outsourcing New York University , Stanford University , Northeastern University , Georgetown University , University of Texas at Austin
Most Websites Don't Need to Vibrate: A Cost-Benefit Approach to Improving Browser Security University of Illinois at Chicago
A Type System for Privacy Properties
Bolt: Anonymous Payment Channels for Decentralized Currencies Matthew Green , Johns Hopkins University
Rise of the HaCRS: Augmenting Autonomous Cyber Reasoning Systems with Human Assistance Yan Shoshitaishvili , Giovanni Vigna , Christopher Kruegel , University of California, Santa Barbara , Arizona State University , Northeastern University
PeGaSus: Data-Adaptive Differentially Private Stream Processing
Certified Malware: Measuring Breaches of Trust in the Windows Code-Signing PKI University of Maryland
Detecting Spying and Fraud Browser Extensions
Predicting the Risk of Cyber Incidents
IMF: Inferred Model-based Fuzzer HyungSeok Han , Sang Kil Cha
Automated Crowdturfing Attacks and Defenses in Online Review Systems
Quantifying the Pressure of Legal Risks on Third-party Vulnerability Research Kirill Levchenko , Stefan Savage , University of California, San Diego
DolphinAttack: Inaudible Voice Commands★ Chen Yan , Wenyuan Xu , Zhejiang University
Efficient, Constant-Round and Actively Secure MPC: Beyond the Three-Party Case Visa Research
HexType: Efficient Detection of Type Confusion Errors for C++ Byoungyoung Lee , Mathias Payer , Purdue University
Checking Open-Source License Violation and 1-day Security Risk at Large Scale Taesoo Kim , Wenke Lee , Georgia Institute of Technology
Detecting Stealthy Botnets in a Resource-Constrained Environment using Reinforcement Learning George Mason University
A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components Vasilios Mavroudis , George Danezis , Petr Svenda , Dan Cvrcek , University College London , Masaryk University
Mixr: Flexible Runtime Rerandomization for Binaries University of Virginia
Presence Attestation: The Missing Link In Dynamic Trust Bootstrapping Gene Tsudik , Beihang University , University of California, Irvine , Singapore Management University
Synthesis of Probabilistic Privacy Enforcement ETH Zürich
A Practical Encrypted Data Analytic Framework With Trusted Processors University of Texas at Dallas
Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting KU Leuven , Delft University of Technology
Path Hopping: an MTD Strategy for Quantum-safe Communication University of Calgary
DIFUZE:Interface Aware Fuzzing for Kernel Drivers Aravind Machiry , Yan Shoshitaishvili , Shuang Hao , Jake Corina , Giovanni Vigna , Christopher Kruegel , University of California, Santa Barbara , Arizona State University , University of Texas at Dallas
Solidus: Confidential Distributed Ledger Transactions via PVORM University of Maryland , Cornell Tech
Forward and Backward Private Searchable Encryption from Constrained Cryptographic Primitives Royal Holloway , Microsoft Research , University of London
Composing Differential Privacy and Secure Computation: A case study on scaling private record linkage
An NSF View of Multimedia Privacy and Security
Performance Modeling of Moving Target Defenses George Mason University
Adversarial Data Mining: Big Data Meets Cyber Security Murat Kantarcioglu (University of Texas at Dallas) University of Texas at Dallas
Malicious-Secure Private Set Intersection via Dual Execution Oregon State University
Compressive Traffic Analysis: A New Paradigm for Scalable Traffic Analysis
CCCP: Closed Caption Crypto Phones to Resist MITM Attacks, Human Errors and Click-Through University of Alabama at Birmingham
Scaling ORAM for Secure Computation★ Northeastern University
Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse Georgia Institute of Technology
Where the Wild Warnings Are: Root Causes of Chrome HTTPS Certificate Errors Ryan Sleevi , Purdue University
Directed Greybox Fuzzing National University of Singapore
Deterministic, Stash-Free Write-Only ORAM
Multi-Stage Attack Graph Security Games: Heuristic Strategies, with Empirical Game-Theoretic Analysis University of Michigan
Hearing Your Voice Is Not Enough: An Articulatory Gesture Based Liveness Detection for Voice Authentication Florida State University
MagNet: a Two-Pronged Defense against Adversarial Examples Hao Chen
Detecting Structurally Anomalous Logins Within Enterprise Networks New York University
How Unique is Your .onion? An Analysis of the Fingerprintability of Tor Onion Services★ Rachel Greenstadt , Gunes Acar , KU Leuven , Drexel University
Pool: Scalable On-Demand Secure Computation Service Against Malicious Adversaries Indiana University , Carnegie Mellon University
Designing New Operating Primitives to Improve Fuzzing Performance Wen Xu , Taesoo Kim , Georgia Institute of Technology
Evaluation of Deception-based Web Attacks Detection Davide Balzarotti , Orange Labs
Back to the drawing board: Revisiting the design of optimal location privacy-preserving mechanisms IMDEA Software Institute
Betrayal, Distrust, and Rationality: Smart Counter-Collusion Contracts for Verifiable Cloud Computing
Deep Models Under the GAN: Information Leakage from Collaborative Deep Learning Stevens Institute of Technology
Ligero: Lightweight Sublinear Arguments Without a Trusted Setup
Distributed Measurement with Private Set-Union Cardinality Micah Sherr , Georgetown University
Forward Secure Dynamic Searchable Symmetric Encryption with Efficient Updates
BBA+: Improving the Security and Applicability of Privacy-Preserving Point Collection Karlsruhe Institute of Technology
Machine Learning Models that Remember Too Much Thomas Ristenpart , Cornell Tech
S3ORAM: A Computation-Efficient and Constant Client Bandwidth Blowup ORAM with Shamir Secret Sharing Oregon State University
Efficient Public Trace-and-Revoke from Standard Assumptions INRIA
Cliptography: Post-Snowden Cryptography
Data breaches, phishing, or malware? Understanding the risks of stolen credentials Luca Invernizzi , Frank Li , Angelika Moscicki , Google Inc. , University of California, Berkeley
FlashGuard: Leveraging Intrinsic Flash Properties to Defend Against Encryption Ransomware Xinyu Xing , Peng Liu , Georgia Institute of Technology , The Pennsylvania State University
Homomorphic Secret Sharing: Optimizations and Applications Michele Orru , Ben Gurion University
Zero-Knowledge Contingent Payments Revisited: Attacks and Payments for Services IMDEA Software Institute , Princeton University
DEFTL: Implementing Plausibly Deniable Encryption in Flash Translation Layer Peng Liu
Use Privacy in Data-Driven Systems: Theory and Experiments with Machine Learnt Programs Carnegie Mellon University
Deterministic Browser
Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX XiaoFeng Wang , Yinqian Zhang , Indiana University , University of Illinois at Urbana-Champaign , The Ohio State University
Global-Scale Secure Multiparty Computation University of Maryland , George Mason University
Authenticated Garbling and Efficient Maliciously Secure Two-Party Computation★ University of Maryland , George Mason University
Generating Synthetic Decentralized Social Graphs with Local Differential Privacy Nanyang Technological University
A Stitch in Time: Supporting Android Developers in Writing Secure Code Lancaster University
Approximate Thumbnail Preserving Encryption Intel Corporation
Viden: Attacker Identification on In-Vehicle Networks University of Michigan
Economic Factors of Vulnerability Trade and Exploitation: Empirical evidence from a prominent Russian cybercrime market
Hindsight: Understanding the Evolution of UI Vulnerabilities in Mobile Browsers
Attacking Automatic Video Analysis Algorithms: A Case Study of Google Cloud Video Intelligence API University of Washington
VibWrite: Towards Finger-input Authentication on Ubiquitous Surfaces via Physical Vibration Rutgers University , University of Alabama at Birmingham
Practical UC-Secure Delegatable Credentials with Attributes and Their Application to Blockchain
The TypTop System: Personalized Typo-tolerant Password Checking Thomas Ristenpart , Royal Holloway , Cornell Tech , University of London
PtrSplit: Supporting general pointers in automatic program partitioning The Pennsylvania State University
Practical Attacks Against Graph-based Clustering Yacin Nadji , University of Georgia , Georgia Institute of Technology , University of North Carolina at Chapel Hill
Practical Multi-party Private Set Intersection from Symmetric-Key Techniques Oregon State University
Fairness in an Unfair World: Fair Multiparty Computation from Public Bulletin Boards Matthew Green , Johns Hopkins University
Identity-Based Format-Preserving Encryption University of California, San Diego , Florida State University
Object Flow Integrity University of Texas at Dallas
Science, Security and Academic Literature: Can We Learn from History?
Cryptographically Secure Information Flow Control on Key-Value Stores
Evading Classifiers by Morphing in the Dark National University of Singapore
Practical Graphs for Optimal Side-Channel Resistant Memory-Hard Functions Purdue University
Cache Side Channels: State-of-the-Art and Research Opportunities Yinqian Zhang
DeepLog: Anomaly Detection and Diagnosis from System Logs through Deep Learning
If You Can't Measure It, You Can't Improve It: Moving Target Defense Metrics
Unwinding Ariadne's Identity Thread: Privacy Risks with Fitness Trackers and Online Social Networks University of Oxford, UK