Stagefright: An Android Exploitation Case Study
|
Joshua J. Drake
,
Zimperium
|
SoK: XML Parser Vulnerabilities
|
Vladislav Mladenov
,
Christopher Späth
,
Christian Mainka
,
Jörg Schwenk
,
Ruhr University Bochum
|
A Rising Tide: Design Exploits in Industrial Control Systems
|
Reid Wightman
,
Jason Larsen
,
Alexander Bolshev
,
Marina Krotofil
,
Digital Bond
,
IOActive, Inc.
,
Honeywell
|
Putting LTE Security Functions to the Test: A Framework to Evaluate Implementation Correctness
|
Christina Pöpper
,
Kai Jansen
,
David Rupprecht
,
New York University
,
Ruhr University Bochum
|
malWASH: Washing Malware to Evade Dynamic Analysis
|
Kyriakos K. Ispoglou
,
Mathias Payer
,
Purdue University
|
Sampling Race: Bypassing Timing-Based Analog Active Sensor Spoofing Detection on Analog-Digital Systems
|
Yujin Kwon
,
Hocheol Shin
,
Yunmok Son
,
Youngseok Park
,
Yongdae Kim
,
Korea Advanced Institute of Science and Technology
|
A Security Analysis of an In-Vehicle Infotainment and App Platform
|
Aaron Hunter
,
Mohammad Rezaeirad
,
Sahar Mazloom
,
Damon McCoy
,
George Mason University
,
New York University
|
AVLeak: Fingerprinting Antivirus Emulators through Black-Box Testing
|
Bülent Yener
,
Andrew Fasano
,
Jeremy Blackthorne
,
Patrick Biernat
,
Alexei Bulazel
,
Rensselaer Polytechnic Institute
|
Controlling UAVs with Sensor Input Spoofing Attacks
|
Vikas Singh
,
Robert Jellinek
,
Hao Wu
,
Drew Davidson
,
Thomas Ristenpart
,
Cornell Tech
,
University of Wisconsin—Madison
|
Abusing Public Third-Party Services for EDoS Attacks
|
Songqing Chen
,
Fei Li
,
Zhonghua Xi
,
Huangxin Wang
,
George Mason University
|
Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS
|
Juraj Somorovsky
,
Philipp Jovanovic
,
Aaron Zauner
,
Sean Devlin
,
Hanno Böck
,
École Polytechnique Fédérale de Lausanne
,
SBA Research
,
Ruhr University Bochum
|
Non-Deterministic Timers for Hardware Trojan Activation (or How a Little Randomness Can Go the Wrong Way)
|
Mahesh Tripunitara
,
Siddharth Garg
,
Saeed Nejati
,
Frank Imeson
,
New York University
,
University of Waterloo
|
How to Phone Home with Someone Else’s Phone: Information Exfiltration Using Intentional Sound Noise on Gyroscopic Sensors
|
Nir Hasidim
,
Asaf Grosz
,
Benyamin Farshteindiker
,
Yossi Oren
,
Ben-Gurion University of the Negev
|
Hardware-Assisted Rootkits: Abusing Performance Counters on the ARM and x86 Architectures
|
Matt Spisak
,
Endgame, Inc.
|
Retelling the Retail Security Story
|
Wendy Nather
,
Retail Cyber Intelligence Sharing Center
|
Fillory of PHY: Toward a Periodic Table of Signal Corruption Exploits and Polyglots in Digital Radio
|
Debanjum S. Solanky
,
Travis Goodspeed
,
Ange Albertini
,
Sergey Bratus
,
Bloomberg
,
Dartmouth College
|
DDoSCoin: Cryptocurrency with a Malicious Proof-of-Work
|
Benjamin VanderSloot
,
Eric Wustrow
,
University of Colorado Boulder
,
University of Michigan
|
This Ain't Your Dose: Sensor Spoofing Attack on Medical Infusion Pump
|
Dohyun Kim
,
Hocheol Shin
,
Yunmok Son
,
Youngseok Park
,
Yongdae Kim
,
Korea Advanced Institute of Science and Technology
|
Truck Hacking: An Experimental Analysis of the SAE J1939 Standard
|
André Weimerskirch
,
Leif Millar
,
Bill Hass
,
Yelizaveta Burakova
,
University of Michigan
|
Acceleration Attacks on PBKDF2: Or, What Is inside the Black-Box of oclHashcat?
|
Jeff Yan
,
Andrew Ruddick
,
Lancaster University
,
Oxford, UK
|
Eavesdropping One-Time Tokens Over Magnetic Secure Transmission in Samsung Pay
|
Younho Lee
,
Daeseon Choi
,
Seoul National University of Science and Technology
,
Kongju National University
|
Eavesdropping on Fine-Grained User Activities Within Smartphone Apps Over Encrypted Network Traffic
|
John Qian
,
Dongyan Xu
,
Xiangyu Zhang
,
Qi Zhang
,
Yonghwi Kwon
,
Kristen Johnson
,
Hongjun Choi
,
Brendan Saltaformaggio
,
Purdue University
,
Cisco Systems
|
How to Break Microsoft Rights Management Services
|
Paul Rösler
,
Martin Grothe
,
Christian Mainka
,
Jörg Schwenk
,
Ruhr University Bochum
|