Abstract is missing.
- 1 Trillion Dollar Refund: How To Spoof PDF SignaturesVladislav Mladenov, Christian Mainka, Karsten Meyer zu Selhausen, Martin Grothe, Jörg Schwenk. 1-14 [doi]
- Practical Decryption exFiltration: Breaking PDF EncryptionJens Müller 0007, Fabian Ising, Vladislav Mladenov, Christian Mainka, Sebastian Schinzel, Jörg Schwenk. 15-29 [doi]
- Omniring: Scaling Private Payments Without Trusted SetupRussell W. F. Lai, Viktoria Ronge, Tim Ruffing, Dominique Schröder, Sri Aravinda Krishnan Thyagarajan, Jiafan Wang. 31-48 [doi]
- WI Is Not Enough: Zero-Knowledge Contingent (Service) Payments RevisitedGeorg Fuchsbauer. 49-62 [doi]
- A Machine-Checked Proof of Security for AWS Key Management ServiceJosé Bacelar Almeida, Manuel Barbosa, Gilles Barthe, Matthew Campagna, Ernie Cohen, Benjamin Grégoire, Vitor Pereira, Bernardo Portela, Pierre-Yves Strub, Serdar Tasiran. 63-78 [doi]
- Mitigating Leakage in Secure Cloud-Hosted Data Structures: Volume-Hiding for Multi-Maps via HashingSarvar Patel, Giuseppe Persiano, Kevin Yeo, Moti Yung. 79-93 [doi]
- The Next 700 Policy Miners: A Universal Method for Building Policy MinersCarlos Cotrini, Luca Corinzia, Thilo Weghorn, David A. Basin. 95-112 [doi]
- Towards Continuous Access Control Validation and ForensicsChengcheng Xiang, Yudong Wu, Bingyu Shen, Mingyao Shen, Haochen Huang, Tianyin Xu, Yuanyuan Zhou 0001, Cindy Moore, Xinxin Jin, Tianwei Sheng. 113-129 [doi]
- Watching You Watch: The Tracking Ecosystem of Over-the-Top TV Streaming DevicesHooman Mohajeri Moghaddam, Gunes Acar, Ben Burgess, Arunesh Mathur, Danny Yuxing Huang, Nick Feamster, Edward W. Felten, Prateek Mittal, Arvind Narayanan. 131-147 [doi]
- Oh, the Places You've Been! User Reactions to Longitudinal Transparency About Third-Party Web Tracking and InferencingBen Weinshel, Miranda Wei, Mainack Mondal, Euirim Choi, Shawn Shan, Claire Dolin, Michelle L. Mazurek, Blase Ur. 149-166 [doi]
- Page Cache AttacksDaniel Gruss, Erik Kraft, Trishita Tiwari, Michael Schwarz 0001, Ari Trachtenberg, Jason Hennessey, Alex Ionescu, Anders Fogh. 167-180 [doi]
- Hardware-Backed Heist: Extracting ECDSA Keys from Qualcomm's TrustZoneKeegan Ryan. 181-194 [doi]
- VoltJockey: Breaching TrustZone by Software-Controlled Voltage Manipulation over Multi-core FrequenciesPengfei Qiu, Dongsheng Wang, Yongqiang Lyu, Gang Qu. 195-209 [doi]
- Principled Unearthing of TCP Side Channel VulnerabilitiesYue Cao 0003, Zhongjie Wang 0002, Zhiyun Qian, Chengyu Song, Srikanth V. Krishnamurthy, Paul Yu. 211-224 [doi]
- Neural Network Inversion in Adversarial Setting via Background Knowledge AlignmentZiqi Yang, Jiyi Zhang, Ee-Chien Chang, Zhenkai Liang. 225-240 [doi]
- Privacy Risks of Securing Machine Learning Models against Adversarial ExamplesLiwei Song, Reza Shokri, Prateek Mittal. 241-257 [doi]
- MemGuard: Defending against Black-Box Membership Inference Attacks via Adversarial ExamplesJinyuan Jia, Ahmed Salem, Michael Backes, Yang Zhang, Neil Zhenqiang Gong. 259-274 [doi]
- Procedural Noise Adversarial Examples for Black-Box Attacks on Deep Convolutional NetworksKenneth T. Co, Luis Muñoz-González, Sixte de Maupeou, Emil C. Lupu. 275-289 [doi]
- Efficient Two-Round OT Extension and Silent Non-Interactive Secure ComputationElette Boyle, Geoffroy Couteau, Niv Gilboa, Yuval Ishai, Lisa Kohl, Peter Rindal, Peter Scholl. 291-308 [doi]
- Endemic Oblivious TransferDaniel Masny, Peter Rindal. 309-326 [doi]
- LevioSA: Lightweight Secure Arithmetic ComputationCarmit Hazay, Yuval Ishai, Antonio Marcedone, Muthuramakrishnan Venkitasubramaniam. 327-344 [doi]
- Onion Ring ORAM: Efficient Constant Bandwidth Oblivious RAM from (Leveled) TFHEHao Chen 0030, Ilaria Chillotti, Ling Ren 0001. 345-360 [doi]
- Encrypted Databases: New Volume Attacks against Range QueriesZichen Gui, Oliver Johnson, Bogdan Warinschi. 361-378 [doi]
- Updatable Oblivious Key Management for Storage SystemsStanislaw Jarecki, Hugo Krawczyk, Jason K. Resch. 379-393 [doi]
- Efficient Multi-Key Homomorphic Encryption with Packed Ciphertexts with Application to Oblivious Neural Network InferenceHao Chen 0030, Wei Dai, Miran Kim, Yongsoo Song. 395-412 [doi]
- Traceback for End-to-End Encrypted MessagingNirvan Tyagi, Ian Miers, Thomas Ristenpart. 413-430 [doi]
- SICO: Surgical Interception Attacks by Manipulating BGP CommunitiesHenry Birge-Lee, Liang Wang, Jennifer Rexford, Prateek Mittal. 431-448 [doi]
- Just the Tip of the Iceberg: Internet-Scale Exploitation of Routers for CryptojackingHugo L. J. Bijmans, Tim M. Booij, Christian Doerr. 449-464 [doi]
- Network Hygiene, Incentives, and Regulation: Deployment of Source Address Validation in the InternetMatthew J. Luckie, Robert Beverly, Ryan Koga, Ken Keys, Joshua A. Kroll, kc claffy. 465-480 [doi]
- Security Certification in Payment Card Industry: Testbeds, Measurements, and RecommendationsSazzadur Rahaman, Gang Wang, Danfeng Daphne Yao. 481-498 [doi]
- Matryoshka: Fuzzing Deeply Nested BranchesPeng Chen, Jianzhong Liu, Hao Chen. 499-513 [doi]
- Intriguer: Field-Level Constraint Solving for Hybrid FuzzingMingi Cho, Seoyoung Kim, Taekyoung Kwon. 515-530 [doi]
- Learning to Fuzz from Symbolic Execution with Application to Smart ContractsJingxuan He, Mislav Balunovic, Nodar Ambroladze, Petar Tsankov, Martin T. Vechev. 531-548 [doi]
- HyperService: Interoperability and Programmability Across Heterogeneous BlockchainsZhuotao Liu, Yangxi Xiang, Jian Shi, Peng Gao, Haoyu Wang, Xusheng Xiao, Bihan Wen, Yih-Chun Hu. 549-566 [doi]
- MatRiCT: Efficient, Scalable and Post-Quantum Blockchain Confidential Transactions ProtocolMuhammed F. Esgin, Raymond K. Zhao, Ron Steinfeld, Joseph K. Liu, Dongxi Liu. 567-584 [doi]
- Prism: Deconstructing the Blockchain to Approach Physical LimitsVivek Kumar Bagaria, Sreeram Kannan, David Tse, Giulia C. Fanti, Pramod Viswanath. 585-602 [doi]
- Securely Sampling Biased Coins with Applications to Differential PrivacyJeffrey Champion, Abhi Shelat, Jonathan Ullman. 603-614 [doi]
- Stormy: Statistics in Tor by Measuring SecurelyRyan Wails, Aaron Johnson, Daniel Starin, Arkady Yerukhimovich, S. Dov Gordon. 615-632 [doi]
- Efficient Publicly Verifiable 2PC over a Blockchain with Applications to Financially-Secure ComputationsRuiyu Zhu, Changchang Ding, Yan Huang. 633-650 [doi]
- A Formal Treatment of Deterministic WalletsPoulami Das 0003, Sebastian Faust, Julian Loss. 651-668 [doi]
- 5GReasoner: A Property-Directed Security and Privacy Analysis Framework for 5G Cellular Network ProtocolSyed Rafiul Hussain, Mitziu Echeverria, Imtiaz Karim, Omar Chowdhury, Elisa Bertino. 669-684 [doi]
- Verified Verifiers for Verifying ElectionsThomas Haines, Rajeev Goré, Mukesh Tiwari. 685-702 [doi]
- Analyzing Subgraph Statistics from Extended Local Views with Decentralized Differential PrivacyHaipei Sun, Xiaokui Xiao, Issa Khalil, Yin Yang, Zhan Qin, Wendy Hui Wang, Ting Yu. 703-717 [doi]
- How to Accurately and Privately Identify AnomaliesHafiz Salman Asif, Periklis A. Papakonstantinou, Jaideep Vaidya. 719-736 [doi]
- Differentially Private Nonparametric Hypothesis TestingSimon Couch, Zeki Kazan, Kaiyan Shi, Andrew Bray, Adam Groce. 737-751 [doi]
- ZombieLoad: Cross-Privilege-Boundary Data SamplingMichael Schwarz 0001, Moritz Lipp, Daniel Moghimi, Jo Van Bulck, Julian Stecklina, Thomas Prescher 0002, Daniel Gruss. 753-768 [doi]
- Fallout: Leaking Data on Meltdown-resistant CPUsClaudio Canella, Daniel Genkin, Lukas Giner, Daniel Gruss, Moritz Lipp, Marina Minkin, Daniel Moghimi, Frank Piessens, Michael Schwarz 0001, Berk Sunar, Jo Van Bulck, Yuval Yarom. 769-784 [doi]
- SMoTherSpectre: Exploiting Speculative Execution through Port ContentionAtri Bhattacharyya, Alexandra Sandulescu, Matthias Neugschwandtner, Alessandro Sorniotti, Babak Falsafi, Mathias Payer, Anil Kurmus. 785-800 [doi]
- Atomic Multi-Channel Updates with Constant Collateral in Bitcoin-Compatible Payment-Channel NetworksChristoph Egger 0001, Pedro Moreno-Sanchez, Matteo Maffei. 801-815 [doi]
- Erlay: Efficient Transaction Relay for BitcoinGleb Naumenko, Gregory Maxwell, Pieter Wuille, Alexandra Fedorova, Ivan Beschastnikh. 817-831 [doi]
- Power Adjusting and Bribery Racing: Novel Mining Attacks in the Bitcoin SystemShang Gao, Zecheng Li, Zhe Peng, Bin Xiao 0001. 833-850 [doi]
- A High-Assurance Evaluator for Machine-Checked Secure Multiparty ComputationKarim Eldefrawy, Vitor Pereira. 851-868 [doi]
- Practical Fully Secure Three-Party Computation via Sublinear Distributed Zero-Knowledge ProofsElette Boyle, Niv Gilboa, Yuval Ishai, Ariel Nof. 869-886 [doi]
- HoneyBadgerMPC and AsynchroMix: Practical Asynchronous MPC and its Application to Anonymous CommunicationDonghang Lu, Thomas Yurek, Samarth Kulshreshtha, Rahul Govind, Aniket Kate, Andrew K. Miller. 887-903 [doi]
- Exploiting Symmetries When Proving Equivalence Properties for Security ProtocolsVincent Cheval, Steve Kremer, Itsaka Rakotonirina. 905-922 [doi]
- Are These Pairing Elements Correct?: Automated Verification and ApplicationsSusan Hohenberger, Satyanarayana Vusirikala. 923-939 [doi]
- Post-Collusion Security and Distance BoundingSjouke Mauw, Zach Smith, Jorge Toro-Pozo, Rolando Trujillo-Rasua. 941-958 [doi]
- Five Years of the Right to be ForgottenTheo Bertram, Elie Bursztein, Stephanie Caro, Hubert Chao, Rutledge Chin Feman, Peter Fleischer, Albin Gustafsson, Jess Hemerly, Chris Hibbert, Luca Invernizzi, Lanah Kammourieh Donnelly, Jason Ketover, Jay Laefer, Paul Nicholas, Yuan Niu, Harjinder Obhi, David Price, Andrew Strait, Kurt Thomas, Al Verney. 959-972 [doi]
- (Un)informed Consent: Studying GDPR Consent Notices in the FieldChristine Utz, Martin Degeling, Sascha Fahl, Florian Schaub, Thorsten Holz. 973-990 [doi]
- Moving Beyond Set-It-And-Forget-It Privacy Settings on Social MediaMainack Mondal, Günce Su Yilmaz, Noah Hirsch, Mohammad Taha Khan, Michael Tang, Christopher Tran, Chris Kanich, Blase Ur, Elena Zheleva. 991-1008 [doi]
- Binary Control-Flow TrimmingMasoud Ghaffarinia, Kevin W. Hamlen. 1009-1022 [doi]
- Program-mandering: Quantitative Privilege SeparationShen Liu, Dongrui Zeng, Yongzhe Huang, Frank Capobianco, Stephen McCamant, Trent Jaeger, Gang Tan. 1023-1040 [doi]
- Flexible Byzantine Fault ToleranceDahlia Malkhi, Kartik Nayak, Ling Ren 0001. 1041-1053 [doi]
- Distributed Vector-OLE: Improved Constructions and ImplementationPhillipp Schoppmann, Adrià Gascón, Leonie Reichert, Mariana Raykova 0001. 1055-1072 [doi]
- Houdini's Escape: Breaking the Resource Rein of Linux Control GroupsXing Gao, Zhongshu Gu, Zhengfa Li, Hani Jamjoom, Cong Wang. 1073-1086 [doi]
- Insecure Until Proven Updated: Analyzing AMD SEV's Remote AttestationRobert Buhren, Christian Werling, Jean-Pierre Seifert. 1087-1099 [doi]
- An In-depth Look Into SDN Topology Discovery Mechanisms: Novel Attacks and Practical CountermeasuresEduard Marin, Nicola Bucciol, Mauro Conti. 1101-1114 [doi]
- Proof-Carrying Network CodeChristian Skalka, John Ring, David Darias, Minseok Kwon, Sahil Gupta, Kyle Diller, Steffen Smolka, Nate Foster. 1115-1129 [doi]
- Triplet Fingerprinting: More Practical and Portable Website Fingerprinting with N-shot LearningPayap Sirinam, Nate Mathews, Mohammad Saidur Rahman, Matthew Wright 0001. 1131-1148 [doi]
- DeMiCPU: Device Fingerprinting with Magnetic Signals Radiated by CPUYushi Cheng, Xiaoyu Ji, Juchuan Zhang, Wenyuan Xu, Yi-Chao Chen. 1149-1170 [doi]
- Multisketches: Practical Secure Sketches Using Off-the-Shelf Biometric Matching AlgorithmsRahul Chatterjee 0001, M. Sadegh Riazi, Tanmoy Chowdhury, Emanuela Marasco, Farinaz Koushanfar, Ari Juels. 1171-1186 [doi]
- 28 Blinks Later: Tackling Practical Challenges of Eye Movement BiometricsSimon Eberz, Giulio Lovisotto, Kasper Bonne Rasmussen, Vincent Lenders, Ivan Martinovic. 1187-1199 [doi]
- Velody: Nonlinear Vibration Challenge-Response for Resilient User AuthenticationJingjie Li, Kassem Fawaz, Younghyun Kim. 1201-1213 [doi]
- The Catcher in the Field: A Fieldprint based Spoofing Detection for Text-Independent Speaker VerificationChen Yan, Yan Long, Xiaoyu Ji, Wenyuan Xu. 1215-1229 [doi]
- QUOTIENT: Two-Party Secure Neural Network Training and PredictionNitin Agrawal 0002, Ali Shahin Shamsabadi, Matt J. Kusner, Adrià Gascón. 1231-1247 [doi]
- Quantitative Verification of Neural Networks and Its Security ApplicationsTeodora Baluta, Shiqi Shen, Shweta Shinde, Kuldeep S. Meel, Prateek Saxena. 1249-1264 [doi]
- ABS: Scanning Neural Networks for Back-doors by Artificial Brain StimulationYingqi Liu, Wen-Chuan Lee, Guanhong Tao, ShiQing Ma, Yousra Aafer, Xiangyu Zhang. 1265-1282 [doi]
- Lifelong Anomaly Detection Through UnlearningMin Du, Zhi Chen, Chang Liu, Rajvardhan Oak, Dawn Song. 1283-1297 [doi]
- Transparency Logs via Append-Only Authenticated DictionariesAlin Tomescu, Vivek Bhupatiraju, Dimitrios Papadopoulos, Charalampos Papamanthou, Nikos Triandopoulos, Srinivas Devadas. 1299-1316 [doi]
- Probabilistic Data Structures in Adversarial EnvironmentsDavid Clayton, Christopher Patton, Thomas Shrimpton. 1317-1334 [doi]
- Make Some ROOM for the Zeros: Data Sparsity in Secure Distributed Machine LearningPhillipp Schoppmann, Adrià Gascón, Mariana Raykova 0001, Benny Pinkas. 1335-1350 [doi]
- PIEs: Public Incompressible Encodings for Decentralized StorageEthan Cecchetti, Ben Fisch, Ian Miers, Ari Juels. 1351-1367 [doi]
- How to (not) Share a Password: Privacy Preserving Protocols for Finding Heavy Hitters with Adversarial BehaviorMoni Naor, Benny Pinkas, Eyal Ronen. 1369-1386 [doi]
- Protocols for Checking Compromised CredentialsLucy Li, Bijeeta Pal, Junade Ali, Nick Sullivan, Rahul Chatterjee 0001, Thomas Ristenpart. 1387-1403 [doi]
- User Account Access GraphsSven Hammann, Sasa Radomirovic, Ralf Sasse, David A. Basin. 1405-1422 [doi]
- Detecting Fake Accounts in Online Social Networks at the Time of RegistrationsDong Yuan, Yuanli Miao, Neil Zhenqiang Gong, Zheng Yang, Qi Li, Dawn Song, Qian Wang, Xiao Liang. 1423-1438 [doi]
- Charting the Attack Surface of Trigger-Action IoT PlatformsQi Wang, Pubali Datta, Wei Yang, Si Liu, Adam Bates 0001, Carl A. Gunter. 1439-1453 [doi]
- Peeves: Physical Event Verification in Smart HomesSimon Birnbach, Simon Eberz, Ivan Martinovic. 1455-1467 [doi]
- Automatic Fingerprinting of Vulnerable BLE IoT Devices with Static UUIDs from Mobile AppsChaoshun Zuo, Haohuang Wen, Zhiqiang Lin, Yinqian Zhang. 1469-1483 [doi]
- Balance: Dynamic Adjustment of Cryptocurrency DepositsDominik Harz, Lewis Gudgeon, Arthur Gervais, William J. Knottenbelt. 1485-1502 [doi]
- TokenScope: Automatically Detecting Inconsistent Behaviors of Cryptocurrency Tokens in EthereumTing Chen 0002, Yufei Zhang, Zihao Li, Xiapu Luo, Ting Wang, Rong Cao, Xiuzhuo Xiao, Xiaosong Zhang. 1503-1520 [doi]
- Tesseract: Real-Time Cryptocurrency Exchange Using Trusted HardwareIddo Bentov, Yan Ji, Fan Zhang 0022, Lorenz Breidenbach, Philip Daian, Ari Juels. 1521-1538 [doi]
- Efficient MPC via Program Analysis: A Framework for Efficient Optimal MixingMuhammad Ishaq, Ana L. Milanova, Vassilis Zikas. 1539-1556 [doi]
- Two-Thirds Honest-Majority MPC for Malicious Adversaries at Almost the Cost of Semi-HonestJun Furukawa 0001, Yehuda Lindell. 1557-1571 [doi]
- Fast Actively Secure Five-Party Computation with Security Beyond AbortMegha Byali, Carmit Hazay, Arpita Patra, Swati Singla. 1573-1590 [doi]
- Signed Cryptographic Program Verification with Typed CryptoLineYu-Fu Fu, Jiaxiang Liu, Xiaomu Shi, Ming-Hsien Tsai, Bow-Yaw Wang, Bo-Yin Yang. 1591-1606 [doi]
- Machine-Checked Proofs for Cryptographic Standards: Indifferentiability of Sponge and Secure High-Assurance Implementations of SHA-3José Bacelar Almeida, Cecile Baritel-Ruet, Manuel Barbosa, Gilles Barthe, François Dupressoir, Benjamin Grégoire, Vincent Laporte, Tiago Oliveira 0004, Alley Stoughton, Pierre-Yves Strub. 1607-1622 [doi]
- VeriSketch: Synthesizing Secure Hardware Designs with Timing-Sensitive Information Flow PropertiesArmaiti Ardeshiricham, Yoshiki Takashima, Sicun Gao, Ryan Kastner. 1623-1638 [doi]
- SEEMless: Secure End-to-End Encrypted Messaging with less</> TrustMelissa Chase, Apoorvaa Deshpande, Esha Ghosh, Harjasleen Malvai. 1639-1656 [doi]
- PrivDPI: Privacy-Preserving Encrypted Traffic Inspection with Reusable Obfuscated RulesJianting Ning, Geong Sen Poh, Jia-Ch'ng Loh, Jason Chia, Ee-Chien Chang. 1657-1670 [doi]
- Updatable Anonymous Credentials and Applications to Incentive SystemsJohannes Blömer, Jan Bobolz, Denis Diemert, Fabian Eidens. 1671-1685 [doi]
- Hardware-assisted Trusted Execution Environments: Look Back, Look AheadN. Asokan. 1687 [doi]
- Gollum: Modular and Greybox Exploit Generation for Heap Overflows in InterpretersSean Heelan, Tom Melham, Daniel Kroening. 1689-1706 [doi]
- SLAKE: Facilitating Slab Manipulation for Exploiting Vulnerabilities in the Linux KernelYueqi Chen, Xinyu Xing. 1707-1722 [doi]
- SecTEE: A Software-based Approach to Secure Enclave Architecture Using TEEShijun Zhao, Qianying Zhang, Yu Qin, Wei Feng, Dengguo Feng. 1723-1740 [doi]
- A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding RuntimesJo Van Bulck, David Oswald, Eduard Marin, Abdulla Aldoseri, Flavio D. Garcia, Frank Piessens. 1741-1758 [doi]
- zkay: Specifying and Enforcing Data Privacy in Smart ContractsSamuel Steffen, Benjamin Bichsel, Mario Gersbach, Noa Melchior, Petar Tsankov, Martin T. Vechev. 1759-1776 [doi]
- Log2vec: A Heterogeneous Graph Embedding Based Approach for Detecting Cyber Threats within EnterpriseFucheng Liu, Yu Wen, Dongxue Zhang, Xihe Jiang, Xinyu Xing, Dan Meng. 1777-1794 [doi]
- Privacy Aspects and Subliminal Channels in ZcashAlex Biryukov, Daniel Feher, Giuseppe Vitto. 1795-1811 [doi]
- POIROT: Aligning Attack Behavior with Kernel Audit Records for Cyber Threat HuntingSadegh M. Milajerdi, Birhanu Eshete, Rigel Gjomemo, V. N. Venkatakrishnan. 1813-1830 [doi]
- Effective and Light-Weight Deobfuscation and Semantic-Aware Attack Detection for PowerShell ScriptsZhenyuan Li, Qi Alfred Chen, Chunlin Xiong, Yan Chen, Tiantian Zhu, Hai Yang. 1831-1847 [doi]
- MalMax: Multi-Aspect Execution for Automated Dynamic Web Server Malware AnalysisAbbas Naderi-Afooshteh, Yonghwi Kwon, Anh Nguyen-Tuong, Ali Razmjoo-Qalaei, Mohammad-Reza Zamiri-Gourabi, Jack W. Davidson. 1849-1866 [doi]
- Where Does It Go?: Refining Indirect-Call Targets with Multi-Layer Type AnalysisKangjie Lu, Hong Hu. 1867-1881 [doi]
- Different is Good: Detecting the Use of Uninitialized Variables through Differential ReplayMengchen Cao, Xiantong Hou, Tao Wang, Hunter Qu, Yajin Zhou, Xiaolong Bai, Fuwei Wang. 1883-1897 [doi]
- HideNoSeek: Camouflaging Malicious JavaScript in Benign ASTsAurore Fass, Michael Backes 0001, Ben Stock. 1899-1913 [doi]
- Your Cache Has Fallen: Cache-Poisoned Denial-of-Service AttackHoai Viet Nguyen, Luigi Lo Iacono, Hannes Federrath. 1915-1936 [doi]
- "I don't see why I would ever want to use it": Analyzing the Usability of Popular Smartphone Password ManagersSunyoung Seiler-Hwang, Patricia Arias Cabarcos, Andrés Marín, Florina Almenáres, Daniel Díaz Sánchez, Christian Becker. 1937-1953 [doi]
- Matched and Mismatched SOCs: A Qualitative Study on Security Operations Center IssuesFaris Bugra Kokulu, Ananta Soneji, Tiffany Bao, Yan Shoshitaishvili, Ziming Zhao 0001, Adam Doupé, Gail-Joon Ahn. 1955-1970 [doi]
- A Usability Evaluation of Let's Encrypt and Certbot: Usable Security Done RightChristian Tiefenau, Emanuel von Zezschwitz, Maximilian Häring, Katharina Krombholz, Matthew Smith 0001. 1971-1988 [doi]
- Seeing isn't Believing: Towards More Robust Adversarial Attack Against Real World Object DetectorsYue Zhao, Hong Zhu, Ruigang Liang, Qintao Shen, Shengzhi Zhang, Kai Chen 0012. 1989-2004 [doi]
- AdVersarial: Perceptual Ad Blocking meets Adversarial Machine LearningFlorian Tramèr, Pascal Dupré, Gili Rusak, Giancarlo Pellegrino, Dan Boneh. 2005-2021 [doi]
- Attacking Graph-based Classification via Manipulating the Graph StructureBinghui Wang, Neil Zhenqiang Gong. 2023-2040 [doi]
- Latent Backdoor Attacks on Deep Neural NetworksYuanshun Yao, Huiying Li, Haitao Zheng, Ben Y. Zhao. 2041-2055 [doi]
- Succinct Arguments for Bilinear Group Arithmetic: Practical Structure-Preserving CryptographyRussell W. F. Lai, Giulio Malavolta, Viktoria Ronge. 2057-2074 [doi]
- LegoSNARK: Modular Design and Composition of Succinct Zero-Knowledge ProofsMatteo Campanelli, Dario Fiore, Anaïs Querol. 2075-2092 [doi]
- Efficient Zero-Knowledge Arguments in the Discrete Log Setting, RevisitedMax Hoffmann 0001, Michael Klooß, Andy Rupp. 2093-2110 [doi]
- Sonic: Zero-Knowledge SNARKs from Linear-Size Universal and Updatable Structured Reference StringsMary Maller, Sean Bowe, Markulf Kohlweiss, Sarah Meiklejohn. 2111-2128 [doi]
- + Signature FrameworkDaniel J. Bernstein, Andreas Hülsing, Stefan Kölbl, Ruben Niederhagen, Joost Rijneveld, Peter Schwabe. 2129-2146 [doi]
- GALACTICS: Gaussian Sampling for Lattice-Based Constant- Time Implementation of Cryptographic Signatures, RevisitedGilles Barthe, Sonia Belaïd, Thomas Espitau, Pierre-Alain Fouque, Mélissa Rossi, Mehdi Tibouchi. 2147-2164 [doi]
- Seems Legit: Automated Analysis of Subtle Attacks on Protocols that Use SignaturesDennis Jackson, Cas Cremers, Katriel Cohn-Gordon, Ralf Sasse. 2165-2180 [doi]
- Membership Privacy for Fully Dynamic Group SignaturesMichael Backes 0001, Lucjan Hanzlik, Jonas Schneider-Bensch. 2181-2198 [doi]
- Geneva: Evolving Censorship Evasion StrategiesKevin Bock, George Hughey, Xiao-qiang, Dave Levin. 2199-2214 [doi]
- Conjure: Summoning Proxies from Unused Address SpaceSergey Frolov, Jack Wampler, Sze Chuen Tan, J. Alex Halderman, Nikita Borisov, Eric Wustrow. 2215-2229 [doi]
- You Shall Not Join: A Measurement Study of Cryptocurrency Peer-to-Peer Bootstrapping TechniquesAngelique Faye Loe, Elizabeth Anne Quaglia. 2231-2247 [doi]
- SAMPL: Scalable Auditability of Monitoring Processes using Public LedgersGaurav Panwar, Roopa Vishwanathan, Satyajayant Misra, Austin Bos. 2249-2266 [doi]
- Adversarial Sensor Attack on LiDAR-based Perception in Autonomous DrivingYulong Cao, Chaowei Xiao, Benjamin Cyr, Yimeng Zhou, won Park, Sara Rampazzi, Qi Alfred Chen, Kevin Fu, Z. Morley Mao. 2267-2281 [doi]
- LibreCAN: Automated CAN Message TranslatorMert D. Pesé, Troy Stacer, C. Andrés Campos, Eric Newberry, Dongyao Chen, Kang G. Shin. 2283-2300 [doi]
- Trick or Heat?: Manipulating Critical Temperature-Based Control Systems Using Rectification AttacksYazhou Tu, Sara Rampazzi, Bin Hao, Angel Rodriguez, Kevin Fu, Xiali Hei. 2301-2315 [doi]
- OPERA: Open Remote Attestation for Intel's Secure EnclavesGuoxing Chen, Yinqian Zhang, Ten-Hwang Lai. 2317-2331 [doi]
- Towards Memory Safe Enclave Programming with Rust-SGXHuibo Wang, Pei Wang, Yu Ding, Mingshen Sun, Yiming Jing, Ran Duan, Long Li, Yulong Zhang, Tao Wei, Zhiqiang Lin. 2333-2350 [doi]
- LightBox: Full-stack Protected Stateful Middlebox at Lightning SpeedHuayi Duan, Cong Wang, Xingliang Yuan, Yajin Zhou, Qian Wang, Kui Ren 0001. 2351-2367 [doi]
- CHURP: Dynamic-Committee Proactive Secret SharingSai Krishna Deepak Maram, Fan Zhang 0022, Lun Wang, Andrew Low, Yupeng Zhang 0001, Ari Juels, Dawn Song. 2369-2386 [doi]
- Efficient Verifiable Secret Sharing with Share Recovery in BFT ProtocolsSoumya Basu, Alin Tomescu, Ittai Abraham, Dahlia Malkhi, Michael K. Reiter, Emin Gün Sirer. 2387-2402 [doi]
- Two-party Private Set Intersection with an Untrusted Third PartyPhi-Hung Le, Samuel Ranellucci, S. Dov Gordon. 2403-2420 [doi]
- DeepIntent: Deep Icon-Behavior Learning for Detecting Intention-Behavior Discrepancy in Mobile AppsShengqu Xi, Shao Yang, Xusheng Xiao, Yuan Yao, Yayuan Xiong, Fengyuan Xu, Haoyu Wang, Peng Gao, Zhuotao Liu, Feng Xu 0007, Jian Lu. 2421-2436 [doi]
- The Art and Craft of Fraudulent App Promotion in Google PlayMizanur Rahman, Nestor Hernandez, Ruben Recabarren, Syed Ishtiaque Ahmed, Bogdan Carbunar. 2437-2454 [doi]
- CryptoGuard: High Precision Detection of Cryptographic Vulnerabilities in Massive-sized Java ProjectsSazzadur Rahaman, Ya Xiao, Sharmin Afrose, Fahad Shaon, Ke Tian, Miles Frantz, Murat Kantarcioglu, Danfeng (Daphne) Yao. 2455-2472 [doi]
- Let's Encrypt: An Automated Certificate Authority to Encrypt the Entire WebJosh Aas, Richard Barnes, Benton Case, Zakir Durumeric, Peter Eckersley, Alan Flores-López, J. Alex Halderman, Jacob Hoffman-Andrews, James Kasten, Eric Rescorla, Seth D. Schoen, Brad Warren. 2473-2487 [doi]
- You Are Who You Appear to Be: A Longitudinal Study of Domain Impersonation in TLS CertificatesRichard Roberts, Yaelle Goldschlag, Rachel Walter, Taejoong Chung, Alan Mislove, Dave Levin. 2489-2504 [doi]
- Certificate Transparency in the Wild: Exploring the Reliability of MonitorsBingyu Li, Jingqiang Lin, FengJun Li, Qiongxiao Wang, Qi Li, Jiwu Jing, Congli Wang. 2505-2520 [doi]
- POSTER: Detecting Audio Adversarial Example through Audio ModificationHyun Kwon, Hyunsoo Yoon, Ki-Woong Park. 2521-2523 [doi]
- Poster: Fuzzing IoT Firmware via Multi-stage Message GenerationBo Yu, Pengfei Wang, Tai Yue, Yong Tang. 2525-2527 [doi]
- Snout: An Extensible IoT Pen-Testing ToolJohn Mikulskis, Johannes K. Becker, Stefan Gvozdenovic, David Starobinski. 2529-2531 [doi]
- POSTER: Traffic Splitting to Counter Website FingerprintingWladimir De la Cadena, Asya Mitseva, Jan Pennekamp, Jens Hiller, Fabian Lanze, Thomas Engel 0001, Klaus Wehrle, Andriy Panchenko 0001. 2533-2535 [doi]
- Force vs. Nudge: Comparing Users' Pattern Choices on SysPal and TinPalHarshal Tupsamudre, Sukanya Vaddepalli, Vijayanand Banahatti, Sachin Lodha. 2537-2539 [doi]
- Poster: Framework for Semi-Private Function Evaluation with Application to Secure Insurance Rate CalculationDaniel Günther 0004, Ágnes Kiss, Lukas Scheidel, Thomas Schneider 0003. 2541-2543 [doi]
- Poster: Deployment-quality and Accessible Solutions for Cryptography Code DevelopmentSazzadur Rahaman, Ya Xiao, Sharmin Afrose, Ke Tian, Miles Frantz, Na Meng, Barton P. Miller, Fahad Shaon, Murat Kantarcioglu, Danfeng (Daphne) Yao. 2545-2547 [doi]
- Medical Protocol Security: DICOM Vulnerability Mining Based on Fuzzing TechnologyZhiqiang Wang, Quanqi Li, Yazhe Wang, Biao Liu, Jianyi Zhang, Qixu Liu. 2549-2551 [doi]
- Poster: A Proof-of-Stake (PoS) Blockchain Protocol using Fair and Dynamic Sharding ManagementDaehwa Rayer Lee, Yunhee Jang, Hyoungshick Kim. 2553-2555 [doi]
- Kerberoid: A Practical Android App Decompilation System with Multiple DecompilersHeejun Jang, Beomjin Jin, Sangwon Hyun, Hyoungshick Kim. 2557-2559 [doi]
- Poster: A Reliable and Accountable Privacy-Preserving Federated Learning Framework using the BlockchainSana Awan, FengJun Li, Bo Luo, Mei Liu. 2561-2563 [doi]
- Poster: Attacking Malware Classifiers by Crafting Gradient-Attacks that Preserve FunctionalityRaphael Labaca Castro, Battista Biggio, Gabi Dreo Rodosek. 2565-2567 [doi]
- simFIDO: FIDO2 User Authentication with simTPMDhiman Chakraborty, Sven Bugiel. 2569-2571 [doi]
- pFilter: Retrofitting Legacy Applications for Data PrivacyManish Shukla 0001, Kumar Vidhani, Gangadhara Sirigireddy, Vijayanand Banahatti, Sachin Lodha. 2573-2575 [doi]
- Poster: Towards a Framework for Assessing Vulnerabilities of Brainwave Authentication SystemsKaren Becker, Patricia Arias Cabarcos, Thilo Habrich, Christian Becker. 2577-2579 [doi]
- Poster: Network Message Field Type RecognitionStephan Kleber, Frank Kargl. 2581-2583 [doi]
- Poster: Towards a Data Centric Approach for the Design and Verification of Cryptographic ProtocolsLuca Arnaboldi, Roberto Metere. 2585-2587 [doi]
- ÆGIS: Smart Shielding of Smart ContractsChristof Ferreira Torres, Mathis Baden, Robert Norvill, Hugo Jonker. 2589-2591 [doi]
- Nickel to Lego: Using Foolgle</> to Create Adversarial Examples to Fool Google Cloud Speech-to-Text APIJoon Kuy Han, Hyoungshick Kim, Simon S. Woo. 2593-2595 [doi]
- Poster: Using Generative Adversarial Networks for Secure Pseudorandom Number GenerationRajvardhan Oak, Chaitanya Rahalkar, Dhaval Gujar. 2597-2599 [doi]
- Poster: Proofs of Retrievability with Low Server StorageMichael Hanling, Gaspard Anthoine, Jean-Guillaume Dumas, Aude Maignan, Clément Pernet, Daniel S. Roche. 2601-2603 [doi]
- Data Quality for Security Challenges: Case Studies of Phishing, Malware and Intrusion Detection DatasetsRakesh M. Verma, Victor Zeng, Houtan Faridi. 2605-2607 [doi]
- Poster: Finding JavaScript Name Conflicts on the WebMingxue Zhang, Wei Meng 0001, Yi Wang. 2609-2611 [doi]
- Poster: Towards Robust Open-World Detection of DeepfakesSaniat Javid Sohrawardi, Akash Chintha, Bao Thai, Sovantharith Seng, Andrea Hickerson, Raymond Ptucha, Matthew Wright 0001. 2613-2615 [doi]
- Poster: Understanding User's Decision to Interact with Potential Phishing Posts on Facebook using a Vignette StudySovantharith Seng, Huzeyfe Kocabas, Mahdi Nasrullah Al-Ameen, Matthew Wright 0001. 2617-2619 [doi]
- Poster: Adversarial Examples for Hate Speech ClassifiersRajvardhan Oak. 2621-2623 [doi]
- Poster: Evaluating Security Metrics for Website FingerprintingNate Mathews, Mohammad Saidur Rahman, Matthew Wright. 2625-2627 [doi]
- Poster: Video Fingerprinting in TorMohammad Saidur Rahman, Nate Matthews, Matthew Wright 0001. 2629-2631 [doi]
- Poster: A First Look at the Privacy Risks of Voice Assistant AppsAtsuko Natatsuka, Ryo Iijima, Takuya Watanabe 0001, Mitsuaki Akiyama, Tetsuya Sakai, Tatsuya Mori. 2633-2635 [doi]
- Poster: Directed Hybrid Fuzzing on Binary CodeJuhwan Kim, Joobeom Yun. 2637-2639 [doi]
- Poster: On the Application of NLP to Discover Relationships between Malicious Network EntitiesGiuseppe Siracusano, Martino Trevisan, Roberto Gonzalez, Roberto Bifulco. 2641-2643 [doi]
- Poster: SDN-based System to Filter Out DRDoS Amplification Traffic in ISP NetworksPriyanka Dodia, Yury Zhauniarovich. 2645-2647 [doi]
- Poster: GRANDPA Finality GadgetAlistair Stewart. 2649-2651 [doi]
- Poster: Towards Characterizing and Limiting Information Exposure in DNN LayersFan Mo, Ali Shahin Shamsabadi, Kleomenis Katevas, Andrea Cavallaro, Hamed Haddadi. 2653-2655 [doi]
- Poster: Recovering the Input of Neural Networks via Single Shot Side-channel AttacksLejla Batina, Shivam Bhasin, Dirmanto Jap, Stjepan Picek. 2657-2659 [doi]
- Poster: Challenges of Accurately Measuring Churn in P2P BotnetsLeon Böck, Shankar Karuppayah, Kory Fong, Max Mühlhäuser, Emmanouil Vasilomanolakis. 2661-2663 [doi]
- Poster: TCLP: Enforcing Least Privileges to Prevent Containers from Kernel VulnerabilitiesSuyeol Lee, Junsik Seo, Jaehyun Nam, Seungwon Shin. 2665-2667 [doi]
- Poster: Let History not Repeat Itself (this Time) - Tackling WebAuthn Developer Issues Early OnAftab Alam, Katharina Krombholz, Sven Bugiel. 2669-2671 [doi]
- Poster: When Adversary Becomes the Guardian - Towards Side-channel Security With Adversarial AttacksStjepan Picek, Dirmanto Jap, Shivam Bhasin. 2673-2675 [doi]
- Poster: Towards Automated Quantitative Analysis and Forecasting of Vulnerability Discoveries in Debian GNU/LinuxNikolaos Alexopoulos, Rolf Egert, Tim Grube, Max Mühlhäuser. 2677-2679 [doi]
- Poster: Effective Layers in Coverage Metrics for Deep Neural NetworksLeo Hyun Park, Sangjin Oh, Jaeuk Kim, Soochang Chung, Taekyoung Kwon 0002. 2681-2683 [doi]
- Poster: Detecting WebAssembly-based Cryptocurrency MiningWeikang Bian, Wei Meng, Yi Wang. 2685-2687 [doi]
- Poster: Evaluating Code Coverage for System Call FuzzersSeoyoung Kim, Seyeon Jeong, Mingi Cho, Soochang Chung, Taekyoung Kwon. 2689-2691 [doi]
- CCSW'19 Workshop Summary: 2019 Cloud Computing Security WorkshopRadu Sion, Charalampos Papamanthou. 2693-2694 [doi]
- CPS-SPC 2019: Fifth Workshop on Cyber-Physical Systems Security and PrivaCyNils Ole Tippenhauer, Avishai Wool. 2695-2696 [doi]
- MTD 2019: The 6th ACM Workshop on Moving Target DefenseZhuo Lu. 2697-2698 [doi]
- SSR'19: The 5th Conference on Security Standardisation ResearchMaryam Mehrnezhad, Thyla Van der Merwe, Feng Hao. 2699-2700 [doi]
- TIS'19: Theory of Implementation Security Workshop 2019Begül Bilgin, Svetla Nikova, Vincent Rijmen. 2701-2702 [doi]
- WAHC'19: 7th Workshop on Encrypted Computing & Applied Homomorphic CryptographMichael Brenner 0003, Tancrède Lepoint, Kurt Rohloff. 2703-2704 [doi]
- 18th Workshop on Privacy in the Electronic Society (WPES 2019)Josep Domingo-Ferrer. 2705-2706 [doi]
- AISec'19: 12th ACM Workshop on Artificial Intelligence and SecuritySadia Afroz, Battista Biggio, Nicholas Carlini, Yuval Elovici, Asaf Shabtai. 2707-2708 [doi]
- ASHES 2019: 3rd Workshop on Attacks and Solutions in Hardware SecurityChip-Hong Chang, Daniel E. Holcomb, Francesco Regazzoni, Ulrich Rührmair, Patrick Schaumont. 2709-2710 [doi]
- 1st Workshop on Cyber-Security Arms Race (CYSARM 2019)Thanassis Giannetsos, Daniele Sgandurra. 2711-2712 [doi]
- IoT S&P 2019: 2nd Workshop on the Internet of Things Security and PrivacyPeng Liu, Yuqing Zhang. 2713-2714 [doi]
- PLAS 2019: ACM SIGSAC Workshop on Programming Languages and Analysis for SecurityPiotr Mardziel, Niki Vazou. 2715 [doi]
- PPML '19: Privacy Preserving Machine LearningBorja Balle, Adrià Gascón, Olya Ohrimenko, Mariana Raykova 0001, Phillipp Schoppmann, Carmela Troncoso. 2717-2718 [doi]
- 3rd International Workshop on Software Protection (SPRO 2019)Paolo Falcarin, Michael Zunke. 2719-2720 [doi]