Abstract is missing.
- HDFI: Hardware-Assisted Data-Flow IsolationChengyu Song, Hyungon Moon, Monjur Alam, Insu Yun, Byoungyoung Lee, Taesoo Kim, Wenke Lee, Yunheung Paek. 1-17 [doi]
- A2: Analog Malicious HardwareKaiyuan Yang, Matthew Hicks, Qing Dong, Todd M. Austin, Dennis Sylvester. 18-37 [doi]
- Cache Storage Channels: Alias-Driven Attacks and Verified CountermeasuresRoberto Guanciale, Hamed Nemati, Christoph Baumann, Mads Dam. 38-55 [doi]
- Shreds: Fine-Grained Execution Units with Private MemoryYaohui Chen, Sebassujeen Reymondjohnson, Zhichuang Sun, Long Lu. 56-71 [doi]
- CaSE: Cache-Assisted Secure Execution on ARM ProcessorsNing Zhang, Kun Sun, Wenjing Lou, Yiwei Thomas Hou. 72-90 [doi]
- Back in Black: Towards Formal, Black Box Analysis of Sanitizers and FiltersGeorge Argyros, Ioannis Stais, Aggelos Kiayias, Angelos D. Keromytis. 91-109 [doi]
- LAVA: Large-Scale Automated Vulnerability AdditionBrendan Dolan-Gavitt, Patrick Hulin, Engin Kirda, Tim Leek, Andrea Mambretti, William K. Robertson, Frederick Ulrich, Ryan Whelan. 110-121 [doi]
- Prepose: Privacy, Security, and Reliability for Gesture-Based ProgrammingLucas Silva Figueiredo, Benjamin Livshits, David Molnar, Margus Veanes. 122-137 [doi]
- SOK: (State of) The Art of War: Offensive Techniques in Binary AnalysisYan Shoshitaishvili, Ruoyu Wang, Christopher Salls, Nick Stephens, Mario Polino, Andrew Dutcher, John Grosen, Siji Feng, Christophe Hauser, Christopher Krügel, Giovanni Vigna. 138-157 [doi]
- Helping Johnny to Analyze Malware: A Usability-Optimized Decompiler and Malware Analysis User StudyKhaled Yakdan, Sergej Dechand, Elmar Gerhards-Padilla, Matthew Smith 0001. 158-177 [doi]
- A Practical Oblivious Map Data Structure with Secure Deletion and History IndependenceDaniel S. Roche, Adam J. Aviv, Seung Geol Choi. 178-197 [doi]
- TaoStore: Overcoming Asynchronicity in Oblivious Data StorageCetin Sahin, Victor Zakhary, Amr El Abbadi, Huijia Lin, Stefano Tessaro. 198-217 [doi]
- Revisiting Square-Root ORAM: Efficient Random Access in Multi-party ComputationSamee Zahur, Xiao Shaun Wang, Mariana Raykova 0001, Adria Gascón, Jack Doerner, David Evans, Jonathan Katz. 218-234 [doi]
- Cinderella: Turning Shabby X.509 Certificates into Elegant Anonymous Credentials with the Magic of Verifiable ComputationAntoine Delignat-Lavaud, Cédric Fournet, Markulf Kohlweiss, Bryan Parno. 235-254 [doi]
- PhotoProof: Cryptographic Image Authentication for Any Set of Permissible TransformationsAssa Naveh, Eran Tromer. 255-271 [doi]
- I Think They're Trying to Tell Me Something: Advice Sources and Selection for Digital SecurityElissa M. Redmiles, Amelia R. Malone, Michelle L. Mazurek. 272-288 [doi]
- You Get Where You're Looking for: The Impact of Information Sources on Code SecurityYasemin Acar, Michael Backes, Sascha Fahl, Doowon Kim, Michelle L. Mazurek, Christian Stransky. 289-305 [doi]
- Users Really Do Plug in USB Drives They FindMatthew Tischer, Zakir Durumeric, Sam Foster, Sunny Duan, Alec Mori, Elie Bursztein, Michael Bailey. 306-319 [doi]
- SoK: Everyone Hates Robocalls: A Survey of Techniques Against Telephone SpamHuahong Tu, Adam Doupé, Ziming Zhao, Gail-Joon Ahn. 320-338 [doi]
- Sending Out an SMS: Characterizing the Security of the SMS Ecosystem with Public GatewaysBradley Reaves, Nolen Scaife, Dave Tian, Logan Blue, Patrick Traynor, Kevin R. B. Butler. 339-356 [doi]
- Following Devil's Footprints: Cross-Platform Analysis of Potentially Harmful Libraries on Android and iOSKai Chen, Xueqiang Wang, Yi Chen, Peng Wang, Yeonjoon Lee, Xiaofeng Wang, Bin Ma, Aohui Wang, Yingjun Zhang, Wei Zou. 357-376 [doi]
- TriggerScope: Towards Detecting Logic Bombs in Android ApplicationsYanick Fratantonio, Antonio Bianchi, William Robertson, Engin Kirda, Christopher Kruegel, Giovanni Vigna. 377-396 [doi]
- Inferring User Routes and Locations Using Zero-Permission Mobile SensorsSashank Narain, Triet D. Vo-Huu, Kenneth Block, Guevara Noubir. 397-413 [doi]
- No Pardon for the Interruption: New Inference Attacks on Android Through Interrupt Timing AnalysisWenrui Diao, Xiangyu Liu, Zhou Li, Kehuan Zhang. 414-432 [doi]
- SoK: Lessons Learned from Android Security Research for Appified Software PlatformsYasemin Acar, Michael Backes 0001, Sven Bugiel, Sascha Fahl, Patrick Drew McDaniel, Matthew Smith 0001. 433-451 [doi]
- Key Confirmation in Key Exchange: A Formal Treatment and Implications for TLS 1.3Marc Fischlin, Felix Günther, Benedikt Schmidt, Bogdan Warinschi. 452-469 [doi]
- Automated Analysis and Verification of TLS 1.3: 0-RTT, Resumption and Delayed AuthenticationCas Cremers, Marko Horvat, Sam Scott, Thyla Van der Merwe. 470-485 [doi]
- Multiple Handshakes Security of TLS 1.3 CandidatesXinyu Li, Jing Xu, Zhenfeng Zhang, Dengguo Feng, Honggang Hu. 486-505 [doi]
- Downgrade Resilience in Key-Exchange ProtocolsKarthikeyan Bhargavan, Christina Brzuska, Cédric Fournet, Matthew Green 0001, Markulf Kohlweiss, Santiago Zanella Béguelin. 506-525 [doi]
- Keeping Authorities "Honest or Bust" with Decentralized Witness CosigningEwa Syta, Iulia Tamas, Dylan Visher, David Isaac Wolinsky, Philipp Jovanovic, Linus Gasser, Nicolas Gailly, Ismail Khoffi, Bryan Ford. 526-545 [doi]
- Synthesizing Plausible Privacy-Preserving Location TracesVincent Bindschaedler, Reza Shokri. 546-563 [doi]
- A Method for Verifying Privacy-Type Properties: The Unbounded CaseLucca Hirschi, David Baelde, Stéphanie Delaune. 564-581 [doi]
- Distillation as a Defense to Adversarial Perturbations Against Deep Neural NetworksNicolas Papernot, Patrick Drew McDaniel, Xi Wu 0001, Somesh Jha, Ananthram Swami. 582-597 [doi]
- Algorithmic Transparency via Quantitative Input Influence: Theory and Experiments with Learning SystemsAnupam Datta, Shayak Sen, Yair Zick. 598-617 [doi]
- Talos: Neutralizing Vulnerabilities with Security Workarounds for Rapid ResponseZhen Huang, Mariana DAngelo, Dhaval Miyani, David Lie. 618-635 [doi]
- Security Analysis of Emerging Smart Home ApplicationsEarlence Fernandes, Jaeyeon Jung, Atul Prakash. 636-654 [doi]
- Staying Secure and Unprepared: Understanding and Mitigating the Security Risks of Apple ZeroConfXiaolong Bai, Luyi Xing, Nan Zhang, Xiaofeng Wang, Xiaojing Liao, Tongxin Li, Shi-Min Hu. 655-674 [doi]
- MitM Attack by Name Collision: Cause Analysis and Vulnerability Assessment in the New gTLD EraQi Alfred Chen, Eric Osterweil, Matthew Thomas, Zhuoqing Morley Mao. 675-690 [doi]
- Domain-Z: 28 Registrations Later Measuring the Exploitation of Residual Trust in DomainsChaz Lever, Robert J. Walls, Yacin Nadji, David Dagon, Patrick McDaniel, Manos Antonakakis. 691-706 [doi]
- Seeking Nonsense, Looking for Trouble: Efficient Promotional-Infection Detection through Semantic Inconsistency SearchXiaojing Liao, Kan Yuan, Xiaofeng Wang, Zhongyu Pei, Hao Yang, Jianjun Chen, Haixin Duan, Kun Du, Eihal Alowaisheq, Sumayah A. Alrwais, Luyi Xing, Raheem A. Beyah. 707-723 [doi]
- The Cracked Cookie Jar: HTTP Cookie Hijacking and the Exposure of Private InformationSuphannee Sivakorn, Iasonas Polakis, Angelos D. Keromytis. 724-742 [doi]
- Cloak of Visibility: Detecting When Machines Browse a Different WebLuca Invernizzi, Kurt Thomas, Alexandros Kapravelos, Oxana Comanescu, Jean Michel Picod, Elie Bursztein. 743-758 [doi]
- Verifiable ASICsRiad S. Wahby, Max Howald, Siddharth J. Garg, Abhi Shelat, Michael Walfish. 759-778 [doi]
- SoK: Verifiability Notions for E-Voting ProtocolsVéronique Cortier, David Galindo, Ralf Küsters, Johannes Mueller, Tomasz Truderung. 779-798 [doi]
- pASSWORD tYPOS and How to Correct Them SecurelyRahul Chatterjee, Anish Athayle, Devdatta Akhawe, Ari Juels, Thomas Ristenpart. 799-818 [doi]
- On the Practicality of Cryptographically Enforcing Dynamic Access Control Policies in the CloudWilliam C. Garrison III, Adam Shull, Steven Myers, Adam J. Lee. 819-838 [doi]
- Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart ContractsAhmed E. Kosba, Andrew Miller, Elaine Shi, Zikai Wen, Charalampos Papamanthou. 839-858 [doi]
- High-Speed Inter-Domain Fault LocalizationCristina Basescu, Yue-Hsun Lin, Haoming Zhang, Adrian Perrig. 859-877 [doi]
- Beauty and the Beast: Diverting Modern Web Browsers to Build Unique Browser FingerprintsPierre Laperdrix, Walter Rudametkin, Benoit Baudry. 878-894 [doi]
- Verena: End-to-End Integrity Protection for Web ApplicationsNikolaos Karapanos, Alexandros Filios, Raluca Ada Popa, Srdjan Capkun. 895-913 [doi]
- SoK: Towards Grounding Censorship Circumvention in EmpiricismMichael Carl Tschantz, Sadia Afroz, anonymous, Vern Paxson. 914-933 [doi]
- A Tough Call: Mitigating Advanced Code-Reuse Attacks at the Binary LevelVictor van der Veen, Enes Göktas, Moritz Contag, Andre Pawoloski, Xi Chen, Sanjay Rawat, Herbert Bos, Thorsten Holz, Elias Athanasopoulos, Cristiano Giuffrida. 934-953 [doi]
- Return to the Zombie Gadgets: Undermining Destructive Code Reads via Code Inference AttacksKevin Z. Snow, Roman Rogowski, Jan Werner, Hyungjoon Koo, Fabian Monrose, Michalis Polychronakis. 954-968 [doi]
- Data-Oriented Programming: On the Expressiveness of Non-control Data AttacksHong Hu, Shweta Shinde, Sendroiu Adrian, Zheng-Leong Chua, Prateek Saxena, Zhenkai Liang. 969-986 [doi]
- Dedup Est Machina: Memory Deduplication as an Advanced Exploitation VectorErik Bosman, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida. 987-1004 [doi]