Proceedings of the 35th Annual Computer Security Applications Conference, ACSAC 2019, San Juan, PR, USA, December 09-13, 2019 - researchr publication

researchr

You are not signed in
Sign in
Sign up

David Balenson, editor, Proceedings of the 35th Annual Computer Security Applications Conference, ACSAC 2019, San Juan, PR, USA, December 09-13, 2019. ACM, 2019. [doi]

Conference: acsac2019

Abstract is missing.

Proof of alivenessChenglu Jin, Zheng Yang, Marten van Dijk, Jianying Zhou 0001. 1-16 [doi]

Co-evaluation of pattern matching algorithms on IoT devices with embedded GPUsCharalampos Stylianopoulos, Simon Kindström, Magnus Almgren, Olaf Landsiedel, Marina Papatriantafilou. 17-27 [doi]

Aegis: a context-aware security framework for smart home systemsAmit Kumar Sikder, Leonardo Babun, Hidayet Aksu, A. Selcuk Uluagac. 28-41 [doi]

Defeating hidden audio channel attacks on voice assistants via audio-induced surface vibrationsChen Wang, S. Abhishek Anand, Jian Liu, Payton Walker, Yingying Chen 0001, Nitesh Saxena. 42-56 [doi]

TF-BIV: transparent and fine-grained binary integrity verification in the cloudFangjie Jiang, Quanwei Cai 0001, Jingqiang Lin, Bo Luo, Le Guan, ZiQiang Ma. 57-69 [doi]

Nibbler: debloating binary shared librariesIoannis Agadakos, Di Jin, David Williams-King, Vasileios P. Kemerlis, Georgios Portokalidis. 70-83 [doi]

Function boundary detection in stripped binariesJim Alves-Foss, Jia Song. 84-96 [doi]

VPS: excavating high-level C++ constructs from low-level binaries to protect dynamic dispatchingAndre Pawlowski, Victor van der Veen, Dennis Andriesse, Erik van der Kouwe, Thorsten Holz, Cristiano Giuffrida, Herbert Bos. 97-112 [doi]

STRIP: a defence against trojan attacks on deep neural networksYansong Gao, Change Xu, Derui Wang, Shiping Chen 0001, Damith Chinthana Ranasinghe, Surya Nepal. 113-125 [doi]

How to prove your model belongs to you: a blind-watermark based framework to protect intellectual property of DNNZheng Li, Chengyu Hu, Yang Zhang, Shanqing Guo. 126-137 [doi]

D2NN: a fine-grained dual modular redundancy framework for deep neural networksYu Li, Yannan Liu, Min Li, Ye Tian, Bo Luo, Qiang Xu 0001. 138-147 [doi]

Model inversion attacks against collaborative inferenceZecheng He, Tianwei Zhang, Ruby B. Lee. 148-162 [doi]

Systematic comparison of symbolic execution systems: intermediate representation and its generationSebastian Poeplau, Aurélien Francillon. 163-176 [doi]

How to kill symbolic deobfuscation for free (or: unleashing the potential of path-oriented protections)Mathilde Ollivier, Sébastien Bardin, Richard Bonichon, Jean-Yves Marion. 177-189 [doi]

Sleak: automating address space layout derandomizationChristophe Hauser, Jayakrishna Menon, Yan Shoshitaishvili, Ruoyu Wang 0001, Giovanni Vigna, Christopher Kruegel. 190-202 [doi]

SIP shaker: software integrity protection compositionMohsen Ahmadvand, Dennis Fischer, Sebastian Banescu. 203-214 [doi]

Detecting organized eCommerce fraud using scalable categorical clusteringSamuel Marchal, Sebastian Szyller. 215-228 [doi]

SIMPLE: single-frame based physical layer identification for intrusion detection and prevention on in-vehicle networksMahsa Foruhandeh, Yanmao Man, Ryan M. Gerdes, Ming Li, Thidapat Chantem. 229-244 [doi]

Improving intrusion detectors by crook-sourcingFrederico Araujo, Gbadebo Ayoade, Khaled Al-Naami, Yang Gao, Kevin W. Hamlen, Latifur Khan. 245-256 [doi]

JStap: a static pre-filter for malicious JavaScript detectionAurore Fass, Michael Backes 0001, Ben Stock. 257-269 [doi]

Koinonia: verifiable e-voting with long-term privacyHuangyi Ge, Sze Yiu Chau, Victor E. Gonsalves, Huian Li, Tianhao Wang 0001, Xukai Zou, Ninghui Li. 270-285 [doi]

Whisper: a unilateral defense against VoIP traffic re-identification attacksTavish Vaidya, Tim Walsh, Micah Sherr. 286-296 [doi]

Privacy preserving substring search protocol with polylogarithmic communication costNicholas Mainardi, Alessandro Barenghi, Gerardo Pelosi. 297-312 [doi]

Revisiting utility metrics for location privacy-preserving mechanismsVirat Shejwalkar, Amir Houmansadr, Hossein Pishro-Nik, Dennis Goeckel. 313-327 [doi]

Detecting (absent) app-to-app authentication on cross-device short-distance channelsStefano Cristalli, Long Lu, Danilo Bruschi, Andrea Lanzi. 328-338 [doi]

An empirical study of SMS one-time password authentication in Android appsSiqi Ma, Runhan Feng, Juanru Li, Yang Liu, Surya Nepal, Diethelm Ostry, Elisa Bertino, Robert H. Deng, Zhuo Ma, Sanjay Jha. 339-354 [doi]

Challenge-response behavioral mobile authentication: a comparative study of graphical patterns and cognitive gamesManar Mohamed, Prakash Shrestha, Nitesh Saxena. 355-365 [doi]

AppVeto: mobile application self-defense through resource access vetoTousif Osman, Mohammad Mannan, Urs Hengartner, Amr M. Youssef. 366-377 [doi]

Progressive processing of system-behavioral queryJiaping Gui, Xusheng Xiao, Ding Li, Chung Hwan Kim, Haifeng Chen. 378-389 [doi]

SecDATAVIEW: a secure big data workflow management system for heterogeneous computing environmentsSaeid Mofrad, Ishtiaq Ahmed, Shiyong Lu, Ping Yang 0002, Heming Cui, Fengwei Zhang. 390-403 [doi]

Mining least privilege attribute based access control policiesMatthew W. Sanders, Chuan Yue. 404-416 [doi]

MalRank: a measure of maliciousness in SIEM-based knowledge graphsPejman Najafi, Alexander Mühle, Wenzel Pünter, Feng Cheng 0002, Christoph Meinel. 417-429 [doi]

Cubismo: decloaking server-side malware via cubist program analysisAbbas Naderi-Afooshteh, Yonghwi Kwon, Anh Nguyen-Tuong, Mandana Bagheri-Marzijarani, Jack W. Davidson. 430-443 [doi]

Neurlux: dynamic malware analysis without feature engineeringChani Jindal, Christopher Salls, Hojjat Aghakhani, Keith Long, Christopher Kruegel, Giovanni Vigna. 444-455 [doi]

A game of "Cut and Mouse": bypassing antivirus by simulating user inputsZiya Alper Genç, Gabriele Lenzini, Daniele Sgandurra. 456-465 [doi]

My script engines know what you did in the dark: converting engines into script API tracersToshinori Usui, Yuto Otsuki, Yuhei Kawakoya, Makoto Iwamura, Jun Miyoshi, Kanta Matsuura. 466-477 [doi]

BakingTimer: privacy analysis of server-side request processing timeIskander Sánchez-Rola, Davide Balzarotti, Igor Santos. 478-488 [doi]

PDoT: private DNS-over-TLS with TEE supportYoshimichi Nakatsuka, Andrew Paverd, Gene Tsudik. 489-499 [doi]

Casino royale: a deep exploration of illegal online gamblingHao Yang, Kun Du, Yubao Zhang, Shuang Hao, Zhou Li 0001, Mingxuan Liu, Haining Wang, Hai-Xin Duan, Yazhou Shi, XiaoDong Su, Guang Liu, Zhifeng Geng, Jianping Wu. 500-513 [doi]

Leveraging locality of reference for certificate revocationLuke Dickinson, Trevor-Smith, Kent E. Seamons. 514-528 [doi]

Opening Pandora's box through ATFuzzer: dynamic analysis of AT interface for Android smartphonesImtiaz Karim, Fabrizio Cicala, Syed Rafiul Hussain, Omar Chowdhury, Elisa Bertino. 529-543 [doi]

SRFuzzer: an automatic fuzzing framework for physical SOHO router devices to discover multi-type vulnerabilitiesYu Zhang, Wei Huo, Kunpeng Jian, Ji Shi, Haoliang Lu, Longquan Liu, Chen Wang, Dandan Sun, Chao Zhang, Baoxu Liu. 544-556 [doi]

Premadoma: an operational solution for DNS registries to prevent malicious domain registrationsJan Spooren, Thomas Vissers, Peter Janssen, Wouter Joosen, Lieven Desmet. 557-567 [doi]

Coordinated dataflow protection for ultra-high bandwidth science networksVasudevan Nagendra, Vinod Yegneswaran, Phillip A. Porras, Samir R. Das. 568-583 [doi]

Analyzing control flow integrity with LLVM-CFIPaul Muntean, Matthias Neumayer, Zhiqiang Lin, Gang Tan, Jens Grossklags, Claudia Eckert 0001. 584-597 [doi]

Mitigating data leakage by protecting memory-resident sensitive dataTapti Palit, Fabian Monrose, Michalis Polychronakis. 598-611 [doi]

FRAMER: a tagged-pointer capability system with memory safety applicationsMyoung Jin Nam, Periklis Akritidis, David J. Greaves. 612-626 [doi]

FuzzBuilder: automated building greybox fuzzing environment for C/C++ libraryJoonun Jang, Huy Kang Kim. 627-637 [doi]

The chatty-sensor: a provably-covert channel in cyber physical systemsAmir Herzberg, Yehonatan Kfir. 638-649 [doi]

HDMI-walk: attacking HDMI distribution networks via consumer electronic control protocolLuis Puche Rondon, Leonardo Babun, Kemal Akkaya, A. Selcuk Uluagac. 650-659 [doi]

Out of control: stealthy attacks against robotic vehicles protected by control-based techniquesPritam Dash, Mehdi Karimibiuki, Karthik Pattabiraman. 660-672 [doi]

WooKey: designing a trusted and efficient USB deviceRyad Benadjila, Arnauld Michelizza, Mathieu Renard, Philippe Thierry, Philippe Trebuchet. 673-686 [doi]

EIGER: automated IOC generation for accurate and interpretable endpoint malware detectionYuma Kurogome, Yuto Otsuki, Yuhei Kawakoya, Makoto Iwamura, Syogo Hayashi, Tatsuya Mori, Koushik Sen. 687-701 [doi]

Your hashed IP address: Ubuntu.": perspectives on transparency tools for online advertisingTobias Urban, Martin Degeling, Thorsten Holz, Norbert Pohlmann. 702-717 [doi]

Will you trust this TLS certificate?: perceptions of people working in ITMartin Ukrop, Lydia Kraus, Vashek Matyas, Heider Ahmad Mutleq Wahsheh. 718-731 [doi]

I know what you did last login: inconsistent messages tell existence of a target's account to insidersAyako Akiyama Hasegawa, Takuya Watanabe 0001, Eitaro Shioji, Mitsuaki Akiyama. 732-746 [doi]

Speculator: a tool to analyze speculative execution attacks and mitigationsAndrea Mambretti, Matthias Neugschwandtner, Alessandro Sorniotti, Engin Kirda, William K. Robertson, Anil Kurmus. 747-761 [doi]

Survivor: a fine-grained intrusion response and recovery approach for commodity operating systemsRonny Chevalier, David Plaquin, Chris I. Dalton, Guillaume Hiet. 762-775 [doi]

Robust keystroke transcription from the acoustic side-channelDavid Slater, Scott Novotney, Jessica Moore, Sean Morgan, Scott Tenaglia. 776-787 [doi]

DR.SGX: automated and adjustable side-channel protection for SGX using data location randomizationFerdinand Brasser, Srdjan Capkun, Alexandra Dmitrienko, Tommaso Frassetto, Kari Kostiainen, Ahmad-Reza Sadeghi. 788-800 [doi]

runs on WebDSL