Table of Contents

• Dirty Jobs: The Role of Freelance Labor in Web Service AbuseMarti Motoyama, Damon McCoy, Kirill Levchenko, Stefan Savage, Geoffrey M. Voelker. [doi]
• ADsafety: Type-Based Verification of JavaScript SandboxingJoe Gibbs Politz, Spiridon Aristides Eliopoulos, Arjun Guha, Shriram Krishnamurthi. [doi]
• Toward Secure Embedded Web InterfacesBaptiste Gourdin, Chinmay Soman, Hristo Bojinov, Elie Bursztein. [doi]
• Forensic Triage for Mobile Phones with DEC0DERobert J. Walls, Erik G. Learned-Miller, Brian Neil Levine. [doi]
• Dark Clouds on the Horizon: Using Cloud Storage as Attack Vector and Online Slack SpaceMartin Mulazzani, Sebastian Schrittwieser, Manuel Leithner, Markus Huber, Edgar Weippl. [doi]
• Differential Privacy Under FireAndreas Haeberlen, Benjamin C. Pierce, Arjun Narayan. [doi]
• Faster Secure Two-Party Computation Using Garbled CircuitsYan Huang, David Evans, Jonathan Katz, Lior Malka. [doi]
• Cloaking Malware with the Trusted Platform ModuleAlan M. Dunn, Owen S. Hofmann, Brent Waters, Emmett Witchel. [doi]
• PIR-Tor: Scalable Anonymous Communication Using Private Information RetrievalPrateek Mittal, Femi G. Olumofin, Carmela Troncoso, Nikita Borisov, Ian Goldberg. [doi]
• Static Detection of Access Control Vulnerabilities in Web ApplicationsFangqi Sun, Liang Xu, Zhendong Su. [doi]
• Why (Special Agent) Johnny (Still) Can't Encrypt: A Security Analysis of the APCO Project 25 Two-Way Radio SystemSandy Clark, Travis Goodspeed, Perry Metzger, Zachary Wasserman, Kevin Xu, Matt Blaze. [doi]
• Comprehensive Experimental Analyses of Automotive Attack SurfacesStephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner, Tadayoshi Kohno. [doi]
• QUIRE: Lightweight Provenance for Smart Phone Operating SystemsMichael Dietz, Shashi Shekhar, Yuliy Pisetsky, Anhei Shu, Dan S. Wallach. [doi]
• A Study of Android Application SecurityWilliam Enck, Damien Octeau, Patrick McDaniel, Swarat Chaudhuri. [doi]
• MACE: Model-inference-Assisted Concolic Exploration for Protocol and Vulnerability DiscoveryChia Yuan Cho, Domagoj Babic, Pongsin Poosankam, Kevin Zhijie Chen, Edward XueJun Wu, Dawn Song. [doi]
• Fast and Precise Sanitizer Analysis with BEKPieter Hooimeijer, Benjamin Livshits, David Molnar, Prateek Saxena, Margus Veanes. [doi]
• deSEO: Combating Search-Result PoisoningJohn P. John, Fang Yu, Yinglian Xie, Arvind Krishnamurthy, Martín Abadi. [doi]
• JACKSTRAWS: Picking Command and Control Connections from Bot TrafficGrégoire Jacob, Ralf Hund, Christopher Kruegel, Thorsten Holz. [doi]
• SHELLOS: Enabling Fast Detection and Forensic Analysis of Code Injection AttacksKevin Z. Snow, Srinivas Krishnan, Fabian Monrose, Niels Provos. [doi]
• Secure In-Band Wireless PairingShyamnath Gollakota, Nabeel Ahmed, Nickolai Zeldovich, Dina Katabi. [doi]
• Bubble Trouble: Off-Line De-Anonymization of Bubble FormsJoseph A. Calandrino, William Clarkson, Edward W. Felten. [doi]
• TRESOR Runs Encryption Securely Outside RAMTilo Müller, Felix C. Freiling, Andreas Dewald. [doi]
• ZOZZLE: Fast and Precise In-Browser JavaScript Malware DetectionCharlie Curtsinger, Benjamin Livshits, Benjamin G. Zorn, Christian Seifert. [doi]
• Measuring and Analyzing Search-Redirection Attacks in the Illicit Online Prescription Drug TradeNektarios Leontiadis, Tyler Moore, Nicolas Christin. [doi]
• BOTMAGNIFIER: Locating Spambots on the InternetGianluca Stringhini, Thorsten Holz, Brett Stone-Gross, Christopher Kruegel, Giovanni Vigna. [doi]
• SMS of Death: From Analyzing to Attacking Mobile Phones on a Large ScaleCollin Mulliner, Nico Golde, Jean-Pierre Seifert. [doi]
• Detecting Malware Domains at the Upper DNS HierarchyManos Antonakakis, Roberto Perdisci, Wenke Lee, Nikolaos Vasiloglou II, David Dagon. [doi]
• The Phantom Tollbooth: Privacy-Preserving Electronic Toll Collection in the Presence of Driver CollusionSarah Meiklejohn, Keaton Mowery, Stephen Checkoway, Hovav Shacham. [doi]
• Show Me the Money: Characterizing Spam-advertised RevenueChris Kanich, Nicholas Weaver, Damon McCoy, Tristan Halvorson, Christian Kreibich, Kirill Levchenko, Vern Paxson, Geoffrey M. Voelker, Stefan Savage. [doi]
• Q: Exploit Hardening Made EasyEdward J. Schwartz, Thanassis Avgerinos, David Brumley. [doi]
• mCarve: Carving Attributed Dump SetsTon van Deursen, Sjouke Mauw, Sasa Radomirovic. [doi]
• Measuring Pay-per-Install: The Commoditization of Malware DistributionJuan Caballero, Chris Grier, Christian Kreibich, Vern Paxson. [doi]
• Outsourcing the Decryption of ABE CiphertextsMatthew Green 0001, Susan Hohenberger, Brent Waters. [doi]
• Permission Re-Delegation: Attacks and DefensesAdrienne Porter Felt, Helen J. Wang, Alexander Moshchuk, Steve Hanna, Erika Chin. [doi]
• Telex: Anticensorship in the Network InfrastructureEric Wustrow, Scott Wolchok, Ian Goldberg, J. Alex Halderman. [doi]