Proceedings of the 33rd Annual Computer Security Applications Conference, Orlando, FL, USA, December 4-8, 2017 - researchr publication

researchr

You are not signed in
Sign in
Sign up

Proceedings of the 33rd Annual Computer Security Applications Conference, Orlando, FL, USA, December 4-8, 2017. ACM, 2017. [doi]

Conference: acsac2017

Abstract is missing.

n-Auth: Mobile Authentication Done RightRoel Peeters, Jens Hermans, Pieter Maene, Katri Grenman, Kimmo Halunen, Juha Häikiö. 1-15 [doi]

Exploitation and Mitigation of Authentication Schemes Based on Device-Public InformationAntonio Bianchi, Eric Gustafson, Yanick Fratantonio, Christopher Kruegel, Giovanni Vigna. 16-27 [doi]

A Secure Mobile Authentication Alternative to BiometricsMozhgan Azimpourkivi, Umut Topkara, Bogdan Carbunar. 28-41 [doi]

Machine-Learning-Guided Typestate Analysis for Static Use-After-Free DetectionHua Yan, Yulei Sui, Shiping Chen, Jingling Xue. 42-54 [doi]

Breaking and Fixing Destructive Code Read DefensesJannik Pewny, Philipp Koppe, Lucas Davi, Thorsten Holz. 55-67 [doi]

QUASAR: Quantitative Attack Space Analysis and ReasoningRichard Skowyra, Steven R. Gomez, David Bigelow, James Landry, Hamed Okhravi. 68-78 [doi]

Kakute: A Precise, Unified Information Flow Analysis System for Big-data SecurityJianyu Jiang, Shixiong Zhao, Danish Alsayed, Yuexuan Wang, Heming Cui, Feng Liang, Zhaoquan Gu. 79-90 [doi]

Marmite: Spreading Malicious File Reputation Through Download GraphsGianluca Stringhini, Yun Shen, Yufei Han, Xiangliang Zhang. 91-102 [doi]

TTPDrill: Automatic and Accurate Extraction of Threat Actions from Unstructured Text of CTI SourcesGhaith Husari, Ehab Al-Shaer, Mohiuddin Ahmed, Bill Chu, Xi Niu. 103-115 [doi]

Supplementing Modern Software Defenses with Stack-Pointer SanityAnh Quach, Matthew Cole, Aravind Prakash. 116-127 [doi]

Protecting COTS Binaries from Disclosure-guided Code Reuse AttacksMingwei Zhang, Michalis Polychronakis, R. Sekar. 128-140 [doi]

Piston: Uncooperative Remote Runtime PatchingChristopher Salls, Yan Shoshitaishvili, Nick Stephens, Christopher Kruegel, Giovanni Vigna. 141-153 [doi]

Proxy Re-Encryption Based on Homomorphic EncryptionReda Bellafqira, Gouenou Coatrieux, Dalel Bouslimi, Gwénolé Quellec, Michel Cozic. 154-161 [doi]

Measuring Popularity of Cryptographic Libraries in Internet-Wide ScansMatús Nemec, Dusan Klinec, Petr Svenda, Peter Sekan, Vashek Matyas. 162-175 [doi]

Spinner: Semi-Automatic Detection of Pinning without Hostname VerificationChris McMahon Stone, Tom Chothia, Flavio D. Garcia. 176-188 [doi]

Predicting Cyber Threats with Virtual Security ProductsShang-Tse Chen, Yufei Han, Duen Horng Chau, Christopher Gates, Michael Hart, Kevin A. Roundy. 189-199 [doi]

Smoke Detector: Cross-Product Intrusion Detection With Weak IndicatorsKevin A. Roundy, Acar Tamersoy, Michael Spertus, Michael Hart, Daniel Kats, Matteo Dell'Amico, Robert Scott. 200-211 [doi]

I Like It, but I Hate It: Employee Perceptions Towards an Institutional Transition to BYOD Second-Factor AuthenticationJake Weidman, Jens Grossklags. 212-224 [doi]

VulCAN: Efficient Component Authentication and Software Isolation for Automotive Control NetworksJo Van Bulck, Jan Tobias Mühlberg, Frank Piessens. 225-237 [doi]

Automated Analysis of Secure Internet of Things ProtocolsJun-Young Kim, Ralph Holz, Wen Hu, Sanjay Jha. 238-249 [doi]

HoloPair: Securing Shared Augmented Reality Using Microsoft HoloLensIvo Sluganovic, Matej Serbec, Ante Derek, Ivan Martinovic. 250-261 [doi]

Objective Metrics and Gradient Descent Algorithms for Adversarial Examples in Machine LearningUyeong Jang, Xi Wu 0001, Somesh Jha. 262-277 [doi]

Mitigating Evasion Attacks to Deep Neural Networks via Region-based ClassificationXiaoyu Cao, Neil Zhenqiang Gong. 278-287 [doi]

Malware Detection in Adversarial Settings: Exploiting Feature Evolutions and Confusions in Android AppsWei Yang, Deguang Kong, Tao Xie 0001, Carl A. Gunter. 288-302 [doi]

Grid Shock: Coordinated Load-Changing Attacks on Power Grids: The Non-Smart Power Grid is Vulnerable to Cyber Attacks as WellAdrian Dabrowski, Johanna Ullrich, Edgar R. Weippl. 303-314 [doi]

Orpheus: Enforcing Cyber-Physical Execution Semantics to Defend Against Data-Oriented AttacksLong Cheng, Ke Tian, Danfeng (Daphne) Yao. 315-326 [doi]

TRAKS: A Universal Key Management Scheme for ERTMSRichard J. Thomas, Mihai Ordean, Tom Chothia, Joeri de Ruiter. 327-338 [doi]

Supporting Transparent Snapshot for Bare-metal Malware Analysis on Mobile DevicesLe Guan, Shijie Jia, Bo Chen, Fengwei Zhang, Bo Luo, Jingqiang Lin, Peng Liu, Xinyu Xing, Luning Xia. 339-349 [doi]

Droid-AntiRM: Taming Control Flow Anti-analysis to Support Automated Dynamic Analysis of Android MalwareXiaolei Wang, Sencun Zhu, Dehua Zhou, Yuexiang Yang. 350-361 [doi]

SecureDroid: Enhancing Security of Machine Learning-based Detection against Adversarial Android Malware AttacksLingwei Chen, Shifu Hou, Yanfang Ye. 362-372 [doi]

DECANTeR: DEteCtion of Anomalous outbouNd HTTP TRaffic by Passive Application FingerprintingRiccardo Bortolameotti, Thijs van Ede, Marco Caselli, Maarten H. Everts, Pieter H. Hartel, Rick Hofstede, Willem Jonker, Andreas Peter. 373-386 [doi]

Picky Attackers: Quantifying the Role of System Properties on Intruder BehaviorTimothy Barron, Nick Nikiforakis. 387-398 [doi]

Co-processor-based Behavior Monitoring: Application to the Detection of Attacks Against the System Management ModeRonny Chevalier, Maugan Villatel, David Plaquin, Guillaume Hiet. 399-411 [doi]

RevARM: A Platform-Agnostic ARM Binary Rewriter for Security ApplicationsTaeGyu Kim, Chung Hwan Kim, Hongjun Choi, Yonghwi Kwon, Brendan Saltaformaggio, Xiangyu Zhang, Dongyan Xu. 412-424 [doi]

Secure and Efficient Software-based Attestation for Industrial Control Devices with ARM ProcessorsBinbin Chen, Xinshu Dong, Guangdong Bai, Sumeet Jauhar, Yueqiang Cheng. 425-436 [doi]

ECFI: Asynchronous Control Flow Integrity for Programmable Logic ControllersAli Abbasi, Thorsten Holz, Emmanuele Zambon, Sandro Etalle. 437-448 [doi]

Lean On Me: Mining Internet Service Dependencies From Large-Scale DNS DataMatteo Dell'Amico, Leyla Bilge, Ashwin Kayyoor, Petros Efstathopoulos, Pierre-Antoine Vervier. 449-460 [doi]

A Security-Mode for Carrier-Grade SDN ControllersChanghoon Yoon, Seungwon Shin, Phillip A. Porras, Vinod Yegneswaran, Heedo Kang, Martin W. Fong, Brian O'Connor, Thomas Vachuska. 461-473 [doi]

RESECT: Self-Learning Traffic Filters for IP Spoofing DefenseJelena Mirkovic, Erik Kline, Peter L. Reiher. 474-485 [doi]

Towards Baselines for Shoulder Surfing on Mobile AuthenticationAdam J. Aviv, John T. Davin, Flynn Wolf, Ravi Kuber. 486-498 [doi]

On the Pitfalls of End-to-End Encrypted Communications: A Study of Remote Key-Fingerprint VerificationMaliheh Shirvanian, Nitesh Saxena, Jesvin James George. 499-511 [doi]

Here Is Your Fingerprint!: Actual Risk versus User Perception of Latent Fingerprints and Smudges Remaining on SmartphonesHoyeon Lee, Seungyeon Kim, Taekyoung Kwon. 512-527 [doi]

Protecting Against Malicious Bits On the Wire: Automatically Generating a USB Protocol Parser for a Production KernelPeter C. Johnson, Sergey Bratus, Sean W. Smith. 528-541 [doi]

Nioh: Hardening The Hypervisor by Filtering Illegal I/O Requests to Virtual DevicesJunya Ogasawara, Kenji Kono. 542-552 [doi]

Analysis of SEAndroid Policies: Combining MAC and DAC in AndroidHaiNing Chen, Ninghui Li, William Enck, Yousra Aafer, Xiangyu Zhang. 553-565 [doi]

Commoner Privacy And A Study On Network TracesXiyue Deng, Jelena Mirkovic. 566-576 [doi]

The Devil's in The Details: Placing Decoy Routers in the InternetDevashish Gosain, Anshika Agarwal, Sambuddho Chakravarty, H. B. Acharya. 577-589 [doi]

Ex-Ray: Detection of History-Leaking Browser ExtensionsMichael Weissbacher, Enrico Mariconti, Guillermo Suarez-Tangil, Gianluca Stringhini, William K. Robertson, Engin Kirda. 590-602 [doi]

runs on WebDSL