Table of Contents

• Be Sensitive and Collaborative: Analyzing Impact of Coverage Metrics in Greybox FuzzingJinghan Wang, Yue Duan, Wei Song, Heng Yin, Chengyu Song. 1-15 [doi]
• On Design Inference from Binaries Compiled using Modern C++ DefensesRukayat Ayomide Erinfolami, Anh Quach, Aravind Prakash. 15-30 [doi]
• DECAF++: Elastic Whole-System Dynamic Taint AnalysisAli Davanian, Zhenxiao Qi, Yu Qu, Heng Yin. 31-45 [doi]
• Towards a First Step to Understand the Cryptocurrency Stealing Attack on EthereumZhen Cheng, Xinrui Hou, Runhuai Li, Yajin Zhou, Xiapu Luo, Jinku Li, Kui Ren. 47-60 [doi]
• Fingerprinting Tooling used for SSH Compromisation AttemptsVincent Ghiëtte, Harm Griffioen, Christian Doerr. 61-71 [doi]
• Timing Patterns and Correlations in Spontaneous SCADA Traffic for Anomaly DetectionChih-Yuan Lin, Simin Nadjm-Tehrani. 73-88 [doi]
• USBESAFE: An End-Point Solution to Protect Against USB-Based AttacksAmin Kharraz, Brandon L. Daley, Graham Z. Baker, William Robertson 0002, Engin Kirda. 89-103 [doi]
• Minimal Kernel: An Operating System Architecture for TEE to Resist Board Level Physical AttacksShijun Zhao, Qianying Zhang, Yu Qin, Wei Feng, Dengguo Feng. 105-120 [doi]
• ScaRR: Scalable Runtime Remote Attestation for Complex SystemsFlavio Toffalini, Eleonora Losiouk, Andrea Biondo, Jianying Zhou 0001, Mauro Conti. 121-134 [doi]
• Toward the Analysis of Embedded Firmware through Automated Re-hostingEric Gustafson, Marius Muench, Chad Spensky, Nilo Redini, Aravind Machiry, Yanick Fratantonio, Davide Balzarotti, Aurélien Francillon, Yung Ryn Choe, Christopher Kruegel, Giovanni Vigna. 135-150 [doi]
• CryptoREX: Large-scale Analysis of Cryptographic Misuse in IoT DevicesLi Zhang, Jiongyi Chen, Wenrui Diao, Shanqing Guo, Jian Weng, Kehuan Zhang. 151-164 [doi]
• PAtt: Physics-based Attestation of Control SystemsHamid Reza Ghaeini, Matthew Chan, Raad Bahmani, Ferdinand Brasser, Luis Garcia, Jianying Zhou 0001, Ahmad-Reza Sadeghi, Nils Ole Tippenhauer, Saman A. Zonouz. 165-180 [doi]
• COMA: Communication and Obfuscation Management ArchitectureKimia Zamiri Azar, Farnoud Farahmand, Hadi Mardani Kamali, Shervin Roshanisefat, Houman Homayoun, William Diehl, Kris Gaj, Avesta Sasan. 181-195 [doi]
• PRO-ORAM: Practical Read-Only Oblivious RAMShruti Tople, Yaoqi Jia, Prateek Saxena. 197-211 [doi]
• The DUSTER Attack: Tor Onion Service Attribution Based on Flow Watermarking with Track HidingAlfonso Iacovazzi, Daniel Frassinelli, Yuval Elovici. 213-225 [doi]
• TALON: An Automated Framework for Cross-Device Tracking DetectionKonstantinos Solomos, Panagiotis Ilia, Sotiris Ioannidis, Nicolas Kourtellis. 227-241 [doi]
• Analysis of Location Data Leakage in the Internet Traffic of Android-based Mobile DevicesNir Sivan, Ron Bitton, Asaf Shabtai. 243-260 [doi]
• Kindness is a Risky Business: On the Usage of the Accessibility APIs in AndroidWenrui Diao, Yue Zhang, Li Zhang, Zhou Li 0001, Fenghao Xu, Xiaorui Pan, Xiangyu Liu, Jian Weng, Kehuan Zhang, Xiaofeng Wang 0001. 261-275 [doi]
• Automatic Generation of Non-intrusive Updates for Third-Party Libraries in Android ApplicationsYue Duan, Lian Gao, Jie Hu, Heng Yin. 277-292 [doi]
• Exploiting the Inherent Limitation of L0 Adversarial ExamplesFei Zuo, Bokai Yang, Xiaopeng Li, Qiang Zeng 0001. 293-307 [doi]
• NLP-EYE: Detecting Memory Corruptions via Semantic-Aware Memory Operation Function IdentificationJianqiang Wang, Siqi Ma, Yuanyuan Zhang, Juanru Li, Zheyu Ma, Long Mai, Tiancheng Chen, Dawu Gu. 309-321 [doi]
• Robust Optimization-Based Watermarking Scheme for Sequential DataErman Ayday, Emre Yilmaz, Arif Yilmaz. 323-336 [doi]
• Smart Malware that Uses Leaked Control Data of Robotic Applications: The Case of Raven-II Surgical RobotsKey-whan Chung, Xiao Li, Peicheng Tang, Zeran Zhu, Zbigniew T. Kalbarczyk, Ravishankar K. Iyer, Thenkurussi Kesavadas. 337-351 [doi]
• SGXJail: Defeating Enclave Malware via ConfinementSamuel Weiser, Luca Mayr, Michael Schwarz 0001, Daniel Gruss. 353-366 [doi]
• Fluorescence: Detecting Kernel-Resident Malware in CloudsRichard Li, Min Du, David Johnson 0004, Robert Ricci, Jacobus E. van der Merwe, Eric Eide. 367-382 [doi]
• Now You See It, Now You Don't: A Large-scale Analysis of Early Domain DeletionsTimothy Barron, Najmeh Miramirkhani, Nick Nikiforakis. 383-397 [doi]
• HinDom: A Robust Malicious Domain Detection System based on Heterogeneous Information Network with Transductive ClassificationXiaoqing Sun, Mingkai Tong, Jiahai Yang, Xinran Liu, Heng Liu. 399-412 [doi]
• DomainScouter: Understanding the Risks of Deceptive IDNsDaiki Chiba 0001, Ayako Akiyama Hasegawa, Takashi Koide, Yuta Sawabe, Shigeki Goto, Mitsuaki Akiyama. 413-426 [doi]
• Dynamically Finding Minimal Eviction Sets Can Be Quicker Than You Think for Side-Channel Attacks against the LLCWei Song, Peng Liu. 427-442 [doi]
• Time and Order: Towards Automatically Identifying Side-Channel Vulnerabilities in Enclave BinariesWubing Wang, Yinqian Zhang, Zhiqiang Lin. 443-457 [doi]
• Application level attacks on Connected Vehicle ProtocolsAhmed Abdo, Sakib Md. Bin Malek, Zhiyun Qian, Qi Zhu, Matthew Barth, Nael B. Abu-Ghazaleh. 459-471 [doi]
• S3: A DFW-based Scalable Security State Analysis Framework for Large-Scale Data Center NetworksAbdulhakim Sabur, Ankur Chowdhary, Dijiang Huang, Myong H. Kang, Anya Kim, Alexander Velazquez. 473-485 [doi]
• Container-IMA: A privacy-preserving Integrity Measurement Architecture for ContainersWu Luo, Qingni Shen, Yutang Xia, Zhonghai Wu. 487-500 [doi]
• Fingerprinting SDN Applications via Encrypted Control TrafficJiahao Cao, Zijie Yang, Kun Sun, Qi Li 0002, Mingwei Xu, Peiyi Han. 501-515 [doi]
• Exploring Syscall-Based Semantics Reconstruction of Android ApplicationsDario Nisi, Antonio Bianchi, Yanick Fratantonio. 517-531 [doi]
• Towards Large-Scale Hunting for Android Negative-Day MalwareLun-Pin Yuan, Wenjun Hu, Ting Yu, Peng Liu 0005, Sencun Zhu. 533-545 [doi]
• DroidScraper: A Tool for Android In-Memory Object Recovery and ReconstructionAisha I. Ali-Gombe, Sneha Sudhakaran, Andrew Case, Golden G. Richard III. 547-559 [doi]