Star 0


Title Humans
Resident Evil: Understanding Residential IP Proxy as a Dark Service XiaoFeng Wang , Xiaojing Liao , Tsinghua University , Indiana University Bloomington
Spectre Attacks: Exploiting Speculative Execution Jann Horn , Paul Kocher , Daniel Genkin , Daniel Gruss , Werner Haas , Anders Fogh , Google Project Zero , Graz University of Technology , University of Pennsylvania , University of Maryland , G DATA Advanced Analytics
PrivKV: Key-Value Data Collection with Local Differential Privacy Hong Kong Polytechnic University
Helen: Maliciously Secure Coopetitive Learning for Linear Models UC Berkeley
Iodine: Fast Dynamic Taint Tracking Using Rollback-free Optimistic Hybrid Analysis University of Michigan , Georgia Institute of Technology
CaSym: Cache Aware Symbolic Execution for Side Channel Detection and Mitigation Pennsylvania State University
DeepSec: A Uniform Platform for Security Analysis of Deep Learning Models Bo Li , UC Berkeley , Zhejiang University
Measuring and Analyzing Search Engine Poisoning of Linguistic Collisions Shuang Hao , Shanghai Jiao Tong University , University of Texas at Dallas
Attack Directories, Not Caches: Side Channel Attacks in a Non-Inclusive World
Learning to Reconstruct: Statistical Learning Theory and Encrypted Database Attacks Royal Holloway , University of London
Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash? Yongdae Kim , Yujin Kwon , Sungkyunkwan University
KHyperLogLog: Estimating Reidentifiability and Joinability of Large Data at Scale Google Inc. , ETH Zurich
Characterizing Pixel Tracking through the Lens of Disposable Email Services
Breaking LTE on Layer Two Thorsten Holz , David Rupprecht , Christina Pöpper , Ruhr-University Bochum , New York University Abu Dhabi
On the Feasibility of Rerouting-Based DDoS Defenses National University of Singapore
Proof-of-Stake Sidechains Dionysis Zindros , Aggelos Kiayias , University of Athens , University of Edinburgh
Razzer: Finding Kernel Race Bugs through Fuzzing Byoungyoung Lee , Purdue University
Self-Encrypting Deception: Weaknesses in the Encryption of Solid State Drives Carlo Meijer , Radboud University
HOLMES: Real-time APT Detection through Correlation of Suspicious Information Flows University of Illinois at Chicago
Blind Certificate Authorities Thomas Ristenpart , Northeastern University , Cornell Tech
Why Does Your Data Leak? Uncovering the Data Leakage in Cloud from Mobile Apps Yinqian Zhang , The Ohio State University
On the Security of Two-Round Multi-Signatures Ruhr-Universität Bochum
XCLAIM: Trustless, Interoperable, Cryptocurrency-Backed Assets
Does Certificate Transparency Break the Web? Measuring Adoption and Error Rate Parisa Tabriz , Ryan Sleevi
Simple High-Level Code For Cryptographic Arithmetic -- With Proofs, Without Compromises
"Should I Worry?" A Cross-Cultural Examination of Account Security Incident Response University of Maryland
Kiss from a Rogue: Evaluating Detectability of Pay-at-the-Pump Card Skimmers Grant Hernandez , University of Florida
SoK: General Purpose Compilers for Secure Multi-Party Computation University of Pennsylvania
Stealthy Porn: Understanding Real-World Adversarial Images for Illicit Online Promotion XiaoFeng Wang , Xiaojing Liao , Indiana University Bloomington
ProFuzzer: On-the-fly Input Type Probing for Better Zero-day Vulnerability Discovery Xueqiang Wang , XiaoFeng Wang , Xiangyu Zhang , Indiana University Bloomington , Purdue University
SoK: Shining Light on Shadow Stacks Mathias Payer , Purdue University
"If HTTPS Were Secure, I Wouldn't Need 2FA" - End User and Administrator Mental Models of HTTPS Katharina Krombholz , SBA Research
Security of GPS/INS based On-road Location Tracking Systems Guevara Noubir , Northeastern University
Synesthesia: Detecting Screen Content via Remote Acoustic Side Channels Daniel Genkin , University of Pennsylvania , University of Michigan , Columbia University , Tel Aviv University , Cornell Tech
New Primitives for Actively-Secure MPC mod $2^k$ with Applications to Private Machine Learning
Hard Drive of Hearing: Disks that Eavesdrop with a Synthesized Microphone Wenyuan Xu , University of Michigan , Zhejiang University
NEUZZ: Efficient Fuzzing with Neural Program Smoothing Suman Jana , Columbia University
Towards Practical Differentially Private Convex Optimization Dawn Song , Boston University , Carnegie Mellon University , University of California, Berkeley
Certified Robustness to Adversarial Examples with Differential Privacy Suman Jana , Columbia University
Ouroboros Crypsinous: Privacy-Preserving Proof-of-Stake Aggelos Kiayias , Markulf Kohlweiss
Touching the Untouchables: Dynamic Security Analysis of the LTE Control Plane Yongdae Kim , Korea Advanced Institute of Science and Technology
Theory and Practice of Finding Eviction Sets Pepe Vila , IMDEA Software Institute
Using Safety Properties to Generate Vulnerability Patches Pennsylvania State University , University of Toronto
Fuzzing File Systems via Two-Dimensional Input Space Exploration Wen Xu , Taesoo Kim , Georgia Institute of Technology
An Extensive Formal Security Analysis of the OpenID Financial-grade API University of Stuttgart
Dangerous Skills: Understanding and Mitigating Security Risks of Voice-Controlled Third-Party Functions on Virtual Personal Assistant Systems Nan Zhang , Indiana University , Indiana University, Bloomington
Reasoning Analytically About Password-Cracking Software Ruhr-University Bochum
The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations Daniel Genkin , Yuval Yarom , David Wong , Adi Shamir , Eyal Ronen , NCC Group , Data61 , University of Michigan , University of Adelaide , Tel Aviv University
Differentially Private Model Publishing For Deep Learning Ling Liu , Georgia Institute of Technology
Perun: Virtual Payment Hubs over Cryptocurrencies TU Darmstadt , University of Warsaw
PhishFarm: A Scalable Framework for Measuring the Effectiveness of Evasion Techniques Against Browser Phishing Blacklists Arizona State University
Lay Down the Common Metrics: Evaluating Proof-of-Work Consensus Protocols' Security Bart Preneel , KU Leuven
Fidelius: Protecting User Secrets from Compromised Browsers Stanford University
F-BLEAU: Fast Black-box Leakage Estimation
Redactable Blockchain in the Permissionless Setting
Drones' Cryptanalysis - Smashing Cryptography with a Flicker Adi Shamir , Yuval Elovici , Weizmann Institute of Science , Ben-Gurion University of the Negev
RIDL: Rogue In-Flight Data Load Giorgi Maisuradze , Alyssa Milburn , Kaveh Razavi , Pietro Frigo , Vrije Universiteit Amsterdam , Saarland University
Full-speed Fuzzing: Reducing Fuzzing Overhead through Coverage-guided Tracing
Demystifying Hidden Privacy Settings in Mobile Apps Nan Zhang , Indiana University Bloomington , Institute of Information Engineering, Chinese Academy of Sciences
SoK: Sanitizing for Security Dokyung Song , University of California, Irvine
Asm2Vec: Boosting Static Representation Robustness for Binary Clone Search against Code Obfuscation and Compiler Optimization McGill University
True2F: Backdoor-Resistant Authentication Tokens Dan Boneh , Google Inc. , Stanford University
Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks UC Santa Barbara
EmPoWeb: Empowering Web Applications with Browser Extensions
The Code That Never Ran: Modeling Attacks on Speculative Evaluation Craig Disselkoen , University of California San Diego
Short Text, Large Effect: Measuring the Impact of User Reviews on Android App Security & Privacy
Towards Automated Safety Vetting of PLC Code in Real-World Plants University of Michigan , University of Illinois at Urbana-Champaign
Data Recovery on Encrypted Databases With k-Nearest Neighbor Query Leakage University of Maryland
Exploiting Correcting Codes: On the Effectiveness of ECC Memory Against Rowhammer Attacks Herbert Bos , Kaveh Razavi , Cristiano Giuffrida , Vrije Universiteit Amsterdam
Beyond Credential Stuffing: Password Similarity Models using Neural Networks Thomas Ristenpart , Cornell Tech
Formally Verified Cryptographic Web Applications in WebAssembly Karthikeyan Bhargavan , Benjamin Beurdouche
Tap 'n Ghost: A Compilation of Novel Attack Techniques against Smartphone Touchscreens Tatsuya Mori , Satohiro Wakabayashi , Seita Maruyama , Waseda University
Threshold ECDSA from ECDSA Assumptions: The Multiparty Case Northeastern University
Understanding the Security of ARM Debugging Features Zhenyu Ning , Wayne State University
How Well Do My Results Generalize? Comparing Security and Privacy Survey Results from MTurk, Web, and Telephone Samples University of Maryland , University of California San Diego
LBM: A Security Framework for Peripherals within the Linux Kernel Grant Hernandez , University of Florida
Comprehensive Privacy Analysis of Deep Learning National University of Singapore
SoK: Security Evaluation of Home-Based IoT Deployment Chaz Lever , Georgia Institute of Technology , University of North Carolina at Chapel Hill
Exploiting Unintended Feature Leakage in Collaborative Learning University College London , Cornell Tech
Dominance as a New Trusted Computing Primitive for the Internet of Things Sangho Lee , Georgia Institute of Technology , Northeastern University
Port Contention for Fun and Profit Cesar Pereida García
Postcards from the Post-HTTP World: Amplification of HTTPS Vulnerabilities in the Web Ecosystem Stefano Calzavara , Alvise Rabitti , Marco Squarcina , Riccardo Focardi , Masaryk University
SensorID: Sensor Calibration Fingerprinting for Smartphones University of Cambridge
SoK: The Challenges, Pitfalls, and Perils of Using Hardware Performance Counters for Security Michalis Polychronakis , Georgia Institute of Technology , University of North Carolina at Chapel Hill