researchr
explore
Tags
Journals
Conferences
Authors
Profiles
Groups
calendar
New Conferences
Events
Deadlines
search
search
You are not signed in
Sign in
Sign up
Links
Filter by Year
OR
AND
NOT
1
2007
2009
2010
2012
2013
2014
2015
2016
2017
2018
2019
2020
Filter by Tag
Filter by Author
[+]
OR
AND
NOT
1
Alfredo Pironti
Andreas Noack
Andrew Fasano
Ang Cui
Christian Mainka
Christian Rossow
Dawn Song
J. Alex Halderman
Jean-Pierre Seifert
Jiska Classen
Johannes Obermaier
Juraj Somorovsky
Jörg Schwenk
Mathias Payer
Matthias Hollick
Roee Hay
Sergey Bratus
Vladislav Mladenov
Yongdae Kim
Yossi Oren
Filter by Top terms
[+]
OR
AND
NOT
1
analysis
android
attack
attacks
august
breaking
exploiting
low
offensive
security
smartphone
systems
technologies
usa
usenix
using
vulnerabilities
web
woot
workshop
WOOT (woot)
Editions
Publications
Viewing Publication 1 - 100 from 191
2020
Office Document Security and Privacy
Jens Müller 0007
,
Fabian Ising
,
Christian Mainka
,
Vladislav Mladenov
,
Sebastian Schinzel
,
Jörg Schwenk
.
woot 2020
:
[doi]
Unearthing the TrustedCore: A Critical Review on Huawei's Trusted Execution Environment
Marcel Busch
,
Johannes Westphal
,
Tilo Müller
.
woot 2020
:
[doi]
Exploiting Uses of Uninitialized Stack Variables in Linux Kernels to Leak Kernel Pointers
Haehyun Cho
,
Jinbum Park
,
Joonwon Kang
,
Tiffany Bao
,
Ruoyu Wang 0001
,
Yan Shoshitaishvili
,
Adam Doupé
,
Gail-Joon Ahn
.
woot 2020
:
[doi]
ToothPicker: Apple Picking in the iOS Bluetooth Stack
Dennis Heinze
,
Jiska Classen
,
Matthias Hollick
.
woot 2020
:
[doi]
OS Security Is Hard: Why All the Fuzzers in the World Won't Change the Way Platform Security Is Failing Us
Alex Ionescu
.
woot 2020
:
[doi]
NFCGate: Opening the Door for NFC Security Research with a Smartphone-Based Toolkit
Steffen Klee
,
Alexandros Roussos
,
Max Maass
,
Matthias Hollick
.
woot 2020
:
[doi]
AFL++ : Combining Incremental Steps of Fuzzing Research
Dominik Maier
,
Heiko Eißfeldt
,
Andrea Fioraldi
,
Marc Heuse
.
woot 2020
:
[doi]
Hardware Security Is Hard: How Hardware Boundaries Define Platform Security
Alex Matrosov
.
woot 2020
:
[doi]
One Exploit to Rule them All? On the Security of Drop-in Replacement and Counterfeit Microcontrollers
Johannes Obermaier
,
Marc Schink
,
Kosma Moczek
.
woot 2020
:
[doi]
Automatic Generation of Compact Printable Shellcodes for x86
Dhrumil Patel
,
Aditya Basu
,
Anish Mathuria
.
woot 2020
:
[doi]
When Oblivious is Not: Attacks against OPAM
Nirjhar Roy
,
Nikhil Bansal
,
Gourav Takhar
,
Nikhil Mittal
,
Pramod Subramanyan
.
woot 2020
:
[doi]
When Is a Proof Actually Not?
Vanessa Teague
.
woot 2020
:
[doi]
Firmware Insider: Bluetooth Randomness is Mostly Random
Jörn Tillmanns
,
Jiska Classen
,
Felix Rohrbach
,
Matthias Hollick
.
woot 2020
:
[doi]
Bankrupt Covert Channel: Turning Network Predictability into Vulnerability
Dmitrii Ustiugov
,
Plamen Petrov 0003
,
M. R. Siavash Katebzadeh
,
Boris Grot
.
woot 2020
:
[doi]
BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy
Jianliang Wu
,
Yuhong Nan
,
Vireshwar Kumar
,
Dave (Jing) Tian
,
Antonio Bianchi
,
Mathias Payer
,
Dongyan Xu
.
woot 2020
:
[doi]
14th USENIX Workshop on Offensive Technologies, WOOT 2020, August 11, 2020
Yuval Yarom
,
Sarah Zennou
, editors,
USENIX Association,
2020.
[doi]
2019
RISC-V: #AlphanumericShellcoding
Hadrien Barral
,
Rémi Géraud-Stewart
,
Georges-Axel Jaloyan
,
David Naccache
.
woot 2019
:
[doi]
A better zip bomb
David Fifield
.
woot 2019
:
[doi]
13th USENIX Workshop on Offensive Technologies, WOOT 2019, Santa Clara, CA, USA, August 12-13, 2019
Alex Gantman
,
Clémentine Maurice
, editors,
USENIX Association,
2019.
[doi]
Defeating Cisco Trust Anchor: A Case-Study of Recent Advancements in Direct FPGA Bitstream Manipulation
Jatin Kataria
,
Rick Housley
,
Joseph Pantoga
,
Ang Cui
.
woot 2019
:
[doi]
How Sharp is SHARP ?
Dixit Kumar
,
Chavhan Sujeet Yashavant
,
Biswabandan Panda
,
Vishal Gupta
.
woot 2019
:
[doi]
Who Spent My EOS? On the (In)Security of Resource Management of EOS.IO
Sangsup Lee
,
Daejun Kim
,
Dongkwan Kim
,
Sooel Son
,
Yongdae Kim
.
woot 2019
:
[doi]
Unicorefuzz: On the Viability of Emulation for Kernelspace Fuzzing
Dominik Maier
,
Benedikt Radtke
,
Bastian Harren
.
woot 2019
:
[doi]
Two methods for exploiting speculative control flow hijacks
Andrea Mambretti
,
Alexandra Sandulescu
,
Matthias Neugschwandtner
,
Alessandro Sorniotti
,
Anil Kurmus
.
woot 2019
:
[doi]
MIN()imum Failure: EMFI Attacks against USB Stacks
Colin O'Flynn
.
woot 2019
:
[doi]
Cross-Router Covert Channels
Adar Ovadia
,
Rom Ogen
,
Yakov Mallah
,
Niv Gilboa
,
Yossi Oren
.
woot 2019
:
[doi]
D-TIME: Distributed Threadless Independent Malware Execution for Runtime Obfuscation
Jithin Pavithran
,
Milan Patnaik
,
Chester Rebeiro
.
woot 2019
:
[doi]
Distributed Password Hash Computation on Commodity Heterogeneous Programmable Platforms
Branimir Pervan
,
Josip Knezovic
,
Katja Pericin
.
woot 2019
:
[doi]
Automatic Wireless Protocol Reverse Engineering
Johannes Pohl
,
Andreas Noack
.
woot 2019
:
[doi]
Taking a Look into Execute-Only Memory
Marc Schink
,
Johannes Obermaier
.
woot 2019
:
[doi]
Alternative (ab)uses for HTTP Alternative Services
Trishita Tiwari
,
Ari Trachtenberg
.
woot 2019
:
[doi]
Vacuums in the Cloud: Analyzing Security in a Hardened IoT Ecosystem
Fabian Ullrich
,
Jiska Classen
,
Johannes Eger
,
Matthias Hollick
.
woot 2019
:
[doi]
Breaking Turtles All the Way Down: An Exploitation Chain to Break out of VMware ESXi
Hanqing Zhao
,
Yanyu Zhang
,
Kun Yang
,
Taesoo Kim
.
woot 2019
:
[doi]
2018
Optimizing Recurrent Pulsing Attacks using Application-Layer Amplification of Open DNS Resolvers
Jonas Bushart
.
woot 2018
:
[doi]
Security Analysis of eIDAS - The Cross-Country Authentication Scheme in Europe
Nils Engelbertz
,
Nurullah Erinola
,
David Herring
,
Juraj Somorovsky
,
Vladislav Mladenov
,
Jörg Schwenk
.
woot 2018
:
[doi]
Swipe Your Fingerprints! How Biometric Authentication Simplifies Payment, Access and Identity Fraud
Julian Fietkau
,
Starbug
,
Jean-Pierre Seifert
.
woot 2018
:
[doi]
Fishy Faces: Crafting Adversarial Images to Poison Face Authentication
Giuseppe Garofalo
,
Vera Rimmer
,
Tim Van hamme
,
Davy Preuveneers
,
Wouter Joosen
.
woot 2018
:
[doi]
SoK: Make JIT-Spray Great Again
Robert Gawlik
,
Thorsten Holz
.
woot 2018
:
[doi]
NEMESYS: Network Message Syntax Reverse Engineering by Analysis of the Intrinsic Structure of Individual Messages
Stephan Kleber
,
Henning Kopp
,
Frank Kargl
.
woot 2018
:
[doi]
Spectre Returns! Speculation Attacks using the Return Stack Buffer
Esmaeil Mohammadian Koruyeh
,
Khaled N. Khasawneh
,
Chengyu Song
,
Nael B. Abu-Ghazaleh
.
woot 2018
:
[doi]
Tools for Active and Passive Network Side-Channel Detection for Web Applications
Michael Lescisin
,
Qusay H. Mahmoud
.
woot 2018
:
[doi]
You Snooze, You Lose: Measuring PLC Cycle Times under Attacks
Matthias Niedermaier
,
Jan-Ole Malchow
,
Florian Fischer
,
Daniel Marzin
,
Dominik Merli
,
Volker Roth 0002
,
Alexander von Bodisco
.
woot 2018
:
[doi]
Sensorless, Permissionless Information Exfiltration with Wi-Fi Micro-Jamming
Rom Ogen
,
Kfir Zvi
,
Omer Shwartz
,
Yossi Oren
.
woot 2018
:
[doi]
Universal Radio Hacker: A Suite for Analyzing and Attacking Stateful Wireless Protocols
Johannes Pohl
,
Andreas Noack
.
woot 2018
:
[doi]
12th USENIX Workshop on Offensive Technologies, WOOT 2018, Baltimore, MD, USA, August 13-14, 2018
Christian Rossow
,
Yves Younan
, editors,
USENIX Association,
2018.
[doi]
Browser history re: visited
Michael Smith
,
Craig Disselkoen
,
Shravan Narayan
,
Fraser Brown
,
Deian Stefan
.
woot 2018
:
[doi]
Physical Adversarial Examples for Object Detectors
Dawn Song
,
Kevin Eykholt
,
Ivan Evtimov
,
Earlence Fernandes
,
Bo Li 0044
,
Amir Rahmati
,
Florian Tramèr
,
Atul Prakash
,
Tadayoshi Kohno
.
woot 2018
:
[doi]
Symbolic Execution of Security Protocol Implementations: Handling Cryptographic Primitives
Mathy Vanhoef
,
Frank Piessens
.
woot 2018
:
[doi]
Hitag 2 Hell - Brutally Optimizing Guess-and-Determine Attacks
Aram Verstegen
,
Roel Verdult
,
Wouter Bokslag
.
woot 2018
:
[doi]
Bitter Harvest: Systematically Fingerprinting Low- and Medium-interaction Honeypots at Internet Scale
Alexander Vetterl
,
Richard Clayton
.
woot 2018
:
[doi]
A Feasibility Study of Radio-frequency Retroreflector Attack
Satohiro Wakabayashi
,
Seita Maruyama
,
Tatsuya Mori
,
Shigeki Goto
,
Masahiro Kinugawa
,
Yu-ichi Hayashi
.
woot 2018
:
[doi]
2017
Stalling Live Migrations on the Cloud
Ahmed Atya
,
Azeem Aqil
,
Karim Khalil
,
Zhiyun Qian
,
Srikanth V. Krishnamurthy
,
Thomas F. La Porta
.
woot 2017
:
[doi]
dr0wned - Cyber-Physical Attack with Additive Manufacturing
Sofia Belikovetsky
,
Mark Yampolskiy
,
Jinghui Toh
,
Jacob Gatlin
,
Yuval Elovici
.
woot 2017
:
[doi]
One Car, Two Frames: Attacks on Hitag-2 Remote Keyless Entry Systems Revisited
Ryad Benadjila
,
Mathieu Renard
,
José Lopes-Esteves
,
Chaouki Kasmi
.
woot 2017
:
[doi]
unCaptcha: A Low-Resource Defeat of reCaptcha's Audio Challenge
Kevin Bock
,
Daven Patel
,
George Hughey
,
Dave Levin
.
woot 2017
:
[doi]
Software Grand Exposure: SGX Cache Attacks Are Practical
Ferdinand Brasser
,
Urs Müller
,
Alexandra Dmitrienko
,
Kari Kostiainen
,
Srdjan Capkun
,
Ahmad-Reza Sadeghi
.
woot 2017
:
[doi]
BADFET: Defeating Modern Secure Boot Using Second-Order Pulsed Electromagnetic Fault Injection
Ang Cui
,
Rick Housley
.
woot 2017
:
[doi]
11th USENIX Workshop on Offensive Technologies, WOOT 2017, Vancouver, BC, Canada, August 14-15, 2017
William Enck
,
Collin Mulliner
, editors,
USENIX Association,
2017.
[doi]
Breaking and Fixing Gridcoin
Martin Grothe
,
Tobias Niemann
,
Juraj Somorovsky
,
Jörg Schwenk
.
woot 2017
:
[doi]
SPEAKE(a)R: Turn Speakers to Microphones for Fun and Profit
Mordechai Guri
,
Yosef A. Solewicz
,
Andrey Daidakulov
,
Yuval Elovici
.
woot 2017
:
[doi]
fastboot oem vuln: Android Bootloader Vulnerabilities in Vendor Customizations
Roee Hay
.
woot 2017
:
[doi]
Adversarial Example Defense: Ensembles of Weak Defenses are not Strong
Warren He
,
James Wei
,
Xinyun Chen
,
Nicholas Carlini
,
Dawn Song
.
woot 2017
:
[doi]
AutoCTF: Creating Diverse Pwnables via Automated Bug Injection
Patrick Hulin
,
Andy Davis
,
Rahul Sridhar
,
Andrew Fasano
,
Cody Gallagher
,
Aaron Sedlacek
,
Tim Leek
,
Brendan Dolan-Gavitt
.
woot 2017
:
[doi]
Automated PCB Reverse Engineering
Stephan Kleber
,
Henrik Ferdinand Nölscher
,
Frank Kargl
.
woot 2017
:
[doi]
From random block corruption to privilege escalation: A filesystem attack vector for rowhammer-like attacks
Anil Kurmus
,
Nikolas Ioannou
,
Nikolaos Papandreou
,
Thomas P. Parnell
.
woot 2017
:
[doi]
Shedding too much Light on a Microcontroller's Firmware Protection
Johannes Obermaier
,
Stefan Tatschner
.
woot 2017
:
[doi]
White-Stingray: Evaluating IMSI Catchers Detection Applications
Shinjo Park
,
Altaf Shaik
,
Ravishankar Borgaonkar
,
Andrew Martin
,
Jean-Pierre Seifert
.
woot 2017
:
[doi]
POTUS: Probing Off-The-Shelf USB Drivers with Symbolic Fault Injection
James Patrick-Evans
,
Lorenzo Cavallaro
,
Johannes Kinder
.
woot 2017
:
[doi]
Breaking (and Fixing) a Widely Used Continuous Glucose Monitoring System
Luca Reverberi
,
David Oswald
.
woot 2017
:
[doi]
Static Exploration of Taint-Style Vulnerabilities Found by Fuzzing
Bhargava Shastry
,
Federico Maggi
,
Fabian Yamaguchi
,
Konrad Rieck
,
Jean-Pierre Seifert
.
woot 2017
:
[doi]
Shattered Trust: When Replacement Smartphone Components Attack
Omer Shwartz
,
Amir Cohen
,
Asaf Shabtai
,
Yossi Oren
.
woot 2017
:
[doi]
Leveraging Flawed Tutorials for Seeding Large-Scale Web Vulnerability Discovery
Tommi Unruh
,
Bhargava Shastry
,
Malte Skoruppa
,
Federico Maggi
,
Konrad Rieck
,
Jean-Pierre Seifert
,
Fabian Yamaguchi
.
woot 2017
:
[doi]
One Side-Channel to Bring Them All and in the Darkness Bind Them: Associating Isolated Browsing Sessions
Tom van Goethem
,
Wouter Joosen
.
woot 2017
:
[doi]
Exploitations of Uninitialized Uses on macOS Sierra
Zhenquan Xu
,
Gongshen Liu
,
Tielei Wang
,
Hao Xu
.
woot 2017
:
[doi]
2016
10th USENIX Workshop on Offensive Technologies, WOOT 16, Austin, TX, August 8-9, 2016
USENIX Association,
2016.
[doi]
AVLeak: Fingerprinting Antivirus Emulators through Black-Box Testing
Jeremy Blackthorne
,
Alexei Bulazel
,
Andrew Fasano
,
Patrick Biernat
,
Bülent Yener
.
woot 2016
:
[doi]
A Rising Tide: Design Exploits in Industrial Control Systems
Alexander Bolshev
,
Jason Larsen
,
Marina Krotofil
,
Reid Wightman
.
woot 2016
:
[doi]
Fillory of PHY: Toward a Periodic Table of Signal Corruption Exploits and Polyglots in Digital Radio
Sergey Bratus
,
Travis Goodspeed
,
Ange Albertini
,
Debanjum S. Solanky
.
woot 2016
:
[doi]
Truck Hacking: An Experimental Analysis of the SAE J1939 Standard
Yelizaveta Burakova
,
Bill Hass
,
Leif Millar
,
André Weimerskirch
.
woot 2016
:
[doi]
Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS
Hanno Böck
,
Aaron Zauner
,
Sean Devlin
,
Juraj Somorovsky
,
Philipp Jovanovic
.
woot 2016
:
[doi]
Eavesdropping One-Time Tokens Over Magnetic Secure Transmission in Samsung Pay
Daeseon Choi
,
YounHo Lee
.
woot 2016
:
[doi]
Controlling UAVs with Sensor Input Spoofing Attacks
Drew Davidson
,
Hao Wu
,
Robert Jellinek
,
Vikas Singh
,
Thomas Ristenpart
.
woot 2016
:
[doi]
How to Phone Home with Someone Else's Phone: Information Exfiltration Using Intentional Sound Noise on Gyroscopic Sensors
Benyamin Farshteindiker
,
Nir Hasidim
,
Asaf Grosz
,
Yossi Oren
.
woot 2016
:
[doi]
How to Break Microsoft Rights Management Services
Martin Grothe
,
Christian Mainka
,
Paul Rösler
,
Jörg Schwenk
.
woot 2016
:
[doi]
Non-Deterministic Timers for Hardware Trojan Activation (or How a Little Randomness Can Go the Wrong Way)
Frank Imeson
,
Saeed Nejati
,
Siddharth Garg
,
Mahesh V. Tripunitara
.
woot 2016
:
[doi]
malWASH: Washing Malware to Evade Dynamic Analysis
Kyriakos K. Ispoglou
,
Mathias Payer
.
woot 2016
:
[doi]
A Security Analysis of an In-Vehicle Infotainment and App Platform
Sahar Mazloom
,
Mohammad Rezaeirad
,
Aaron Hunter
,
Damon McCoy
.
woot 2016
:
[doi]
This Ain't Your Dose: Sensor Spoofing Attack on Medical Infusion Pump
Young-Seok Park
,
Yunmok Son
,
Hocheol Shin
,
Dohyun Kim
,
Yongdae Kim
.
woot 2016
:
[doi]
Acceleration Attacks on PBKDF2: Or, What Is inside the Black-Box of oclHashcat?
Andrew Ruddick
,
Jeff Yan
.
woot 2016
:
[doi]
Putting LTE Security Functions to the Test: A Framework to Evaluate Implementation Correctness
David Rupprecht
,
Kai Jansen
,
Christina Pöpper
.
woot 2016
:
[doi]
Eavesdropping on Fine-Grained User Activities Within Smartphone Apps Over Encrypted Network Traffic
Brendan Saltaformaggio
,
Hongjun Choi
,
Kristen Johnson
,
Yonghwi Kwon
,
Qi Zhang
,
Xiangyu Zhang
,
Dongyan Xu
,
John Qian
.
woot 2016
:
[doi]
Sampling Race: Bypassing Timing-Based Analog Active Sensor Spoofing Detection on Analog-Digital Systems
Hocheol Shin
,
Yunmok Son
,
Young-Seok Park
,
Yujin Kwon
,
Yongdae Kim
.
woot 2016
:
[doi]
Hardware-Assisted Rootkits: Abusing Performance Counters on the ARM and x86 Architectures
Matt Spisak
.
woot 2016
:
[doi]
SoK: XML Parser Vulnerabilities
Christopher Späth
,
Christian Mainka
,
Vladislav Mladenov
,
Jörg Schwenk
.
woot 2016
:
[doi]
Abusing Public Third-Party Services for EDoS Attacks
Huangxin Wang
,
Zhonghua Xi
,
Fei Li
,
Songqing Chen
.
woot 2016
:
[doi]
DDoSCoin: Cryptocurrency with a Malicious Proof-of-Work
Eric Wustrow
,
Benjamin VanderSloot
.
woot 2016
:
[doi]
2015
9th USENIX Workshop on Offensive Technologies, WOOT '15, Washington, DC, USA, August 10-11, 2014
USENIX Association,
2015.
[doi]
P2P File-Sharing in Hell: Exploiting BitTorrent Vulnerabilities to Launch Distributed Reflective DoS Attacks
Florian Adamsky
,
Syed Ali Khayam
,
Rudolf Jäger
,
Muttukrishnan Rajarajan
.
woot 2015
:
[doi]
Prying Open Pandora's Box: KCI Attacks against TLS
Clemens Hlauschek
,
Markus Gruber
,
Florian Fankhauser
,
Christian Schanes
.
woot 2015
:
[doi]
How to Break XML Encryption - Automatically
Dennis Kupser
,
Christian Mainka
,
Jörg Schwenk
,
Juraj Somorovsky
.
woot 2015
:
[doi]
Sign in
or
sign up
to see more results.