Abstract is missing.
- Are You Going to Answer That? Measuring User Responses to Anti-Robocall Application IndicatorsImani N. Sherman, Jasmine Bowers, Keith McNamara Jr., Juan E. Gilbert, Jaime Ruiz, Patrick Traynor. [doi]
- Carnus: Exploring the Privacy Threats of Browser Extension FingerprintingSoroush Karami, Panagiotis Ilia, Konstantinos Solomos, Jason Polakis. [doi]
- Genotype Extraction and False Relative Attacks: Security Risks to Third-Party Genetic Genealogy Services Beyond Identity InferencePeter Ney, Luis Ceze, Tadayoshi Kohno. [doi]
- Dynamic Searchable Encryption with Small Client StorageIoannis Demertzis, Javad Ghareh Chamani, Dimitrios Papadopoulos, Charalampos Papamanthou. [doi]
- Melting Pot of Origins: Compromising the Intermediary Web Services that Rehost WebsitesTakuya Watanabe 0001, Eitaro Shioji, Mitsuaki Akiyama, Tatsuya Mori. [doi]
- SPEECHMINER: A Framework for Investigating and Measuring Speculative Execution VulnerabilitiesYuan Xiao, Yinqian Zhang, Radu Teodorescu. [doi]
- When Malware is Packin' Heat; Limits of Machine Learning Classifiers Based on Static Analysis FeaturesHojjat Aghakhani, Fabio Gritti, Francesco Mecca, Martina Lindorfer, Stefano Ortolani, Davide Balzarotti, Giovanni Vigna, Christopher Kruegel. [doi]
- SVLAN: Secure & Scalable Network VirtualizationJonghoon Kwon, Taeho Lee, Claude Hähni, Adrian Perrig. [doi]
- UIScope: Accurate, Instrumentation-free, and Visible Attack Investigation for GUI ApplicationsRunqing Yang, ShiQing Ma, Haitao Xu, Xiangyu Zhang, Yan Chen 0004. [doi]
- Overcoming the "Evil Twins" Attack: Lessons Learned from the Industrial BattlefieldPaul Forney. [doi]
- ABSynthe: Automatic Blackbox Side-channel Synthesis on Commodity MicroarchitecturesBen Gras, Cristiano Giuffrida, Michael Kurth, Herbert Bos, Kaveh Razavi. [doi]
- Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted ExecutionRiccardo Paccagnella, Pubali Datta, Wajih Ul Hassan, Adam Bates 0001, Christopher W. Fletcher, Andrew Miller, Dave Tian. [doi]
- Prevalence and Impact of Low-Entropy Packing Schemes in the Malware EcosystemAlessandro Mantovani, Simone Aonzo, Xabier Ugarte-Pedrero, Alessio Merlo, Davide Balzarotti. [doi]
- OcuLock: Exploring Human Visual System for Authentication in Virtual Reality Head-mounted DisplayShiqing Luo, Anh Nguyen, Chen Song 0001, Feng Lin 0004, Wenyao Xu, Zhisheng Yan. [doi]
- Snappy: Fast On-chain Payments with Practical CollateralsVasilios Mavroudis, Karl Wüst, Aritra Dhar, Kari Kostiainen, Srdjan Capkun. [doi]
- MassBrowser: Unblocking the Censored Web for the Masses, by the MassesMilad Nasr, Hadi Zolfaghari, Amir Houmansadr, Amirhossein Ghafari. [doi]
- EASI: Edge-Based Sender Identification on Resource-Constrained Platforms for Automotive NetworksMarcel Kneib, Oleg Schell, Christopher Huth. [doi]
- Complex Security Policy? A Longitudinal Analysis of Deployed Content Security PoliciesSebastian Roth, Timothy Barron, Stefano Calzavara, Nick Nikiforakis, Ben Stock. [doi]
- Precisely Characterizing Security Impact in a Flood of Patches via Symbolic Rule ComparisonQiushi Wu, Yang He, Stephen McCamant, Kangjie Lu. [doi]
- HFL: Hybrid Fuzzing on the Linux KernelKyungtae Kim, Dae R. Jeong, Chung Hwan Kim, Yeongjin Jang, Insik Shin, Byoungyoung Lee. [doi]
- Finding Safety in Numbers with Secure Allegation EscrowsVenkat Arun, Aniket Kate, Deepak Garg 0001, Peter Druschel, Bobby Bhattacharjee. [doi]
- On Using Application-Layer Middlebox Protocols for Peeking Behind NAT GatewaysTeemu Rytilahti, Thorsten Holz. [doi]
- Detecting Probe-resistant ProxiesSergey Frolov, Jack Wampler, Eric Wustrow. [doi]
- Adversarial Classification Under Differential PrivacyJairo Giraldo, Alvaro A. Cárdenas, Murat Kantarcioglu, Jonathan Katz. [doi]
- Withdrawing the BGP Re-Routing Curtain: Understanding the Security Impact of BGP Poisoning through Real-World MeasurementsJared M. Smith, Kyle Birkeland, Tyler McDaniel, Max Schuchard. [doi]
- Bobtail: Improved Blockchain Security with Low-Variance MiningGeorge Bissias, Brian Neil Levine. [doi]
- Secure Sublinear Time Differentially Private Median ComputationJonas Böhler, Florian Kerschbaum. [doi]
- Automated Cross-Platform Reverse Engineering of CAN Bus Commands From Mobile AppsHaohuang Wen, Qingchuan Zhao, Qi Alfred Chen, Zhiqiang Lin. [doi]
- BLAG: Improving the Accuracy of BlacklistsSivaramakrishnan Ramanathan, Jelena Mirkovic, Minlan Yu. [doi]
- HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-FuzzingWilliam Blair, Andrea Mambretti, Sajjad Arshad, Michael Weissbacher, William Robertson 0002, Engin Kirda, Manuel Egele. [doi]
- Trident: Efficient 4PC Framework for Privacy Preserving Machine LearningHarsh Chaudhari, Rahul Rachuri, Ajith Suresh. [doi]
- Practical Traffic Analysis Attacks on Secure Messaging ApplicationsAlireza Bahramali, Amir Houmansadr, Ramin Soltani, Dennis Goeckel, Don Towsley. [doi]
- Into the Deep Web: Understanding E-commerce Fraud from Autonomous Chat with CybercriminalsPeng Wang, Xiaojing Liao, Yue Qin, Xiaofeng Wang 0001. [doi]
- When Match Fields Do Not Need to Match: Buffered Packets Hijacking in SDNJiahao Cao, Renjie Xie, Kun Sun, Qi Li 0002, Guofei Gu, Mingwei Xu. [doi]
- A Practical Approach for Taking Down Avalanche Botnets Under Real-World ConstraintsVictor Le Pochat, Tim Van hamme, Sourena Maroofi, Tom van Goethem, Davy Preuveneers, Andrzej Duda, Wouter Joosen, Maciej Korczynski. [doi]
- Locally Differentially Private Frequency Estimation with ConsistencyTianhao Wang 0001, Milan Lopuhaä-Zwakenberg, Zitao Li, Boris Skoric, Ninghui Li. [doi]
- HYPER-CUBE: High-Dimensional Hypervisor FuzzingSergej Schumilo, Cornelius Aschermann, Ali Abbasi, Simon Wörner, Thorsten Holz. [doi]
- You Are What You Do: Hunting Stealthy Malware via Data Provenance AnalysisQi Wang, Wajih Ul Hassan, Ding Li, Kangkook Jee, Xiao Yu, Kexuan Zou, Junghwan Rhee, Zhengzhang Chen, Wei Cheng, Carl A. Gunter, Haifeng Chen. [doi]
- Automated Discovery of Cross-Plane Event-Based Vulnerabilities in Software-Defined NetworkingBenjamin E. Ujcich, Samuel Jero, Richard Skowyra, Steven R. Gomez, Adam Bates 0001, William H. Sanders, Hamed Okhravi. [doi]
- CloudLeak: Large-Scale Deep Learning Models Stealing Through Adversarial ExamplesHonggang Yu, Kaichen Yang, Teng Zhang, Yun-Yun Tsai, Tsung-Yi Ho, Yier Jin. [doi]
- DefRec: Establishing Physical Function Virtualization to Disrupt Reconnaissance of Power Grids' Cyber-Physical InfrastructuresHui Lin, Jianing Zhuang, Yih-Chun Hu, Huayu Zhou. [doi]
- Proof of Storage-Time: Efficiently Checking Continuous Data AvailabilityGiuseppe Ateniese, Long Chen, Mohammard Etemad, Qiang Tang 0005. [doi]
- Heterogeneous Private Information RetrievalHamid Mozaffari, Amir Houmansadr. [doi]
- Poseidon: Mitigating Volumetric DDoS Attacks with Programmable SwitchesMenghao Zhang, Guanyu Li, Shicheng Wang, Chang Liu, Ang Chen, Hongxin Hu, Guofei Gu, Qi Li 0002, Mingwei Xu, Jianping Wu. [doi]
- SymTCP: Eluding Stateful Deep Packet Inspection with Automated Discrepancy DiscoveryZhongjie Wang 0002, Shitong Zhu, Yue Cao 0003, Zhiyun Qian, Chengyu Song, Srikanth V. Krishnamurthy, Kevin S. Chan, Tracy D. Braun. [doi]
- Packet-Level Signatures for Smart Home DevicesRahmadi Trimananda, Janus Varmarken, Athina Markopoulou, Brian Demsky. [doi]
- Towards Plausible Graph AnonymizationYang Zhang 0016, Mathias Humbert, Bartlomiej Surma, Praveen Manoharan, Jilles Vreeken, Michael Backes 0001. [doi]
- Et Tu Alexa? When Commodity WiFi Devices Turn into Adversarial Motion SensorsYanzi Zhu, Zhujun Xiao, Yuxin Chen, Zhijing Li, Max Liu, Ben Y. Zhao, Heather Zheng. [doi]
- ConTExT: A Generic Approach for Mitigating SpectreMichael Schwarz 0001, Moritz Lipp, Claudio Canella, Robert Schilling, Florian Kargl, Daniel Gruss. [doi]
- OmegaLog: High-Fidelity Attack Investigation via Transparent Multi-layer Log AnalysisWajih Ul Hassan, Mohammad A. Noureddine, Pubali Datta, Adam Bates 0001. [doi]
- Metamorph: Injecting Inaudible Commands into Over-the-air Voice Controlled SystemsTao Chen, Longfei Shangguan, Zhenjiang Li, Kyle Jamieson. [doi]
- Metal: A Metadata-Hiding File-Sharing SystemWeikeng Chen, Raluca Ada Popa. [doi]
- DISCO: Sidestepping RPKI's Deployment BarriersTomas Hlavacek, Ítalo Cunha, Yossi Gilad, Amir Herzberg, Ethan Katz-Bassett, Michael Schapira, Haya Shulman. [doi]
- Deceptive Previews: A Study of the Link Preview Trustworthiness in Social PlatformsGiada Stivala, Giancarlo Pellegrino. [doi]
- Decentralized Control: A Case Study of RussiaReethika Ramesh, Ram Sundara Raman, Matthew Bernhard, Victor Ongkowijaya, Leonid Evdokimov, Anne Edmundson, Steven Sprecher, Muhammad Ikram, Roya Ensafi. [doi]
- Post-Quantum Authentication in TLS 1.3: A Performance StudyDimitrios Sikeridis, Panos Kampanakis, Michael Devetsikiotis. [doi]
- Designing a Better Browser for Tor with BLASTTao Wang. [doi]
- Encrypted DNS -> Privacy? A Traffic Analysis PerspectiveSandra Siby, Marc Juárez, Claudia Díaz, Narseo Vallina-Rodriguez, Carmela Troncoso. [doi]
- FUSE: Finding File Upload Bugs via Penetration TestingTaekjin Lee, SeongIl Wi, Suyoung Lee, Sooel Son. [doi]
- IMP4GT: IMPersonation Attacks in 4G NeTworksDavid Rupprecht, Katharina Kohls, Thorsten Holz, Christina Pöpper. [doi]
- A View from the Cockpit: Exploring Pilot Reactions to Attacks on Avionic SystemsMatthew Smith 0006, Martin Strohmeier, Jon Harman, Vincent Lenders, Ivan Martinovic. [doi]
- Mind the Portability: A Warriors Guide through Realistic Profiled Side-channel AnalysisShivam Bhasin, Anupam Chattopadhyay, Annelie Heuser, Dirmanto Jap, Stjepan Picek, Ritu Ranjan Shrivastwa. [doi]
- Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input PrioritizationYanhao Wang, Xiangkun Jia, Yuwei Liu, Kyle Zeng, Tiffany Bao, Dinghao Wu, Purui Su. [doi]
- SurfingAttack: Interactive Hidden Attack on Voice Assistants Using Ultrasonic Guided WavesQiben Yan, Kehai Liu, Qin Zhou, Hanqing Guo, Ning Zhang. [doi]
- On the Resilience of Biometric Authentication Systems against Random InputsBenjamin Zi Hao Zhao, Hassan Jameel Asghar, Mohamed Ali Kâafar. [doi]
- The Attack of the Clones Against Proof-of-AuthorityParinya Ekparinya, Vincent Gramoli, Guillaume Jourjon. [doi]
- Learning-based Practical Smartphone Eavesdropping with Built-in AccelerometerZhongjie Ba, Tianhang Zheng, Xinyu Zhang, Zhan Qin, Baochun Li, Xue Liu, Kui Ren 0001. [doi]
- FlowPrint: Semi-Supervised Mobile-App Fingerprinting on Encrypted Network TrafficThijs van Ede, Riccardo Bortolameotti, Andrea Continella, Jingjing Ren, Daniel J. Dubois, Martina Lindorfer, David R. Choffnes, Maarten van Steen, Andreas Peter. [doi]
- ProtectIOn: Root-of-Trust for IO in Compromised PlatformsAritra Dhar, Enis Ulqinaku, Kari Kostiainen, Srdjan Capkun. [doi]
- Strong Authentication without Temper-Resistant Hardware and Application to Federated IdentitiesZhenfeng Zhang, Yuchen Wang, Kang Yang. [doi]
- µRAI: Securing Embedded Systems with Return Address IntegrityNaif Saleh Almakhdhub, Abraham A. Clements, Saurabh Bagchi, Mathias Payer. [doi]
- BLAZE: Blazing Fast Privacy-Preserving Machine LearningArpita Patra, Ajith Suresh. [doi]
- TKPERM: Cross-platform Permission Knowledge Transfer to Detect Overprivileged Third-party ApplicationsFaysal Hossain Shezan, Kaiming Cheng, Zhen Zhang, Yinzhi Cao, Yuan Tian 0001. [doi]
- CDN Judo: Breaking the CDN DoS Protection with ItselfRun Guo, Weizhong Li, Baojun Liu, Shuang Hao, Jia Zhang, Haixin Duan, Kaiwen Sheng, Jianjun Chen, Ying Liu. [doi]
- Compliance Cautions: Investigating Security Issues Associated with U.S. Digital-Security StandardsRock Stevens, Josiah Dykstra, Wendy Knox Everette, James Chapman 0003, Garrett Bladow, Alexander Farmer, Kevin Halliday, Michelle L. Mazurek. [doi]
- MACAO: A Maliciously-Secure and Client-Efficient Active ORAM FrameworkThang Hoang, Jorge Guajardo, Attila A. Yavuz. [doi]
- Data-Driven Debugging for Functional Side ChannelsSaeid Tizpaz Niari, Pavol Cerný, Ashutosh Trivedi 0001. [doi]
- PhantomCache: Obfuscating Cache Conflicts with Localized RandomizationQinhan Tan, Zhihua Zeng, Kai Bu, Kui Ren 0001. [doi]
- Let's Revoke: Scalable Global Certificate RevocationTrevor-Smith, Luke Dickenson, Kent E. Seamons. [doi]
- Cross-Origin State Inference (COSI) Attacks: Leaking Web Site States through XS-LeaksAvinash Sudhodanan, Soheil Khodayari, Juan Caballero. [doi]
- NoJITsu: Locking Down JavaScript EnginesTaemin Park, Karel Dhondt, David Gens, Yeoul Na, Stijn Volckaert, Michael Franz. [doi]
- Unicorn: Runtime Provenance-Based Detector for Advanced Persistent ThreatsXueyuan Han, Thomas F. J.-M. Pasquier, Adam Bates 0001, James Mickens, Margo Seltzer. [doi]
- Measuring the Deployment of Network Censorship Filters at Global ScaleRam Sundara Raman, Adrian Stoll, Jakub Dalek, Reethika Ramesh, Will Scott, Roya Ensafi. [doi]
- DeepBinDiff: Learning Program-Wide Code Representations for Binary DiffingYue Duan, Xuezixiang Li, Jinghan Wang, Heng Yin. [doi]
- DESENSITIZATION: Privacy-Aware and Attack-Preserving Crash ReportRen Ding, Hong Hu, Wen Xu, Taesoo Kim. [doi]
- Broken Metre: Attacking Resource Metering in EVMDaniel Pérez 0002, Benjamin Livshits. [doi]
- SODA: A Generic Online Detection Framework for Smart ContractsTing Chen 0002, Rong Cao, Ting Li, Xiapu Luo, Guofei Gu, Yufei Zhang, Zhou Liao, Hang Zhu, Gang Chen, Zheyuan He, YuXing Tang, Xiaodong Lin, Xiaosong Zhang. [doi]
- Hold the Door! Fingerprinting Your Car Key to Prevent Keyless Entry Car TheftKyungho Joo, Wonsuk Choi, Dong Hoon Lee 0001. [doi]
- Revisiting Leakage Abuse AttacksLaura Blackstone, Seny Kamara, Tarik Moataz. [doi]