Abstract is missing.
- You are Not Your Developer, Either: A Research Agenda for Usable Security and Privacy Research Beyond End UsersYasemin Acar, Sascha Fahl, Michelle L. Mazurek. 3-8 [doi]
- Toward Semantic Cryptography APIsSoumya Indela, Mukul Kulkarni, Kartik Nayak, Tudor Dumitras. 9-14 [doi]
- Operational Security Log Analytics for Enterprise Breach DetectionZhou Li, Alina Oprea. 15-22 [doi]
- Hints for High-Assurance Cyber-Physical System DesignLee Pike. 25-29 [doi]
- Design Space Exploration for SecurityEunsuk Kang. 30-36 [doi]
- Static Analysis Alert Audits: Lexicon & RulesDavid Svoboda, Lori Flynn, Will Snavely. 37-44 [doi]
- The Seven Turrets of Babel: A Taxonomy of LangSec Errors and How to Expunge ThemFalcon Momot, Sergey Bratus, Sven M. Hallberg, Meredith L. Patterson. 45-52 [doi]
- Software Security Investment: The Right Amount of a Good ThingChad Heitzenrater, Andrew Simpson. 53-59 [doi]
- A Case for Combining Industrial Pragmatics with Formal MethodsEric L. McCorkle. 63-64 [doi]
- Avoiding Insecure C++ - How to Avoid Common C++ Security VulnerabilitiesAaron Ballman, David Svoboda. 65 [doi]
- Dependency-Based Attacks on Node.jsBrian Pfretzschner, Lotfi Ben Othmane. 66 [doi]
- Maintaining Authorization Hook Placements Across Program VersionsNirupama Talele, Divya Muthukumaran, Frank Capobianco, Trent Jaeger, Gang Tan. 67-68 [doi]
- MOSAIC: A Platform for Monitoring and Security Analytics in Public CloudsAlina Oprea, Ata Turk, Cristina Nita-Rotaru, Orran Krieger. 69-70 [doi]
- Secure Coding for Real-Time Embedded Systems: Cert Run-Time Profile for AdaMable Benjamin. 71-72 [doi]
- Secure MPC for Analytics as a Web ApplicationAndrei Lapets, Nikolaj Volgushev, Azer Bestavros, Frederick Jansen, Mayank Varia. 73-74 [doi]
- Secure Multiparty Computation for Cooperative Cyber Risk AssessmentKyle Hogan, Noah Luther, Nabil Schear, Emily Shen, David Stott, Sophia Yakoubov, Arkady Yerukhimovich. 75-76 [doi]
- Towards Building Practical Secure Multi-party DatabasesYuzhe Tang, Wenqing Zhuang. 77-78 [doi]
- Security Guarantees for the Execution Infrastructure of Software ApplicationsFrank Piessens, Dominique Devriese, Jan Tobias Mühlberg, Raoul Strackx. 81-87 [doi]
- Applying the Opacified Computation Model to Enforce Information Flow Policies in IoT ApplicationsAmir Rahmati, Earlence Fernandes, Atul Prakash. 88-93 [doi]
- Certified Lightweight Contextual Policies for AndroidMohamed Nassim Seghir, David Aspinall 0001, Lenka Marekova. 94-100 [doi]
- Enforcing Content Security by Default within Web BrowsersChristoph Kerschbaumer. 101-106 [doi]
- Leveraging Data Provenance to Enhance Cyber ResilienceThomas Moyer, Karishma Chadha, Robert K. Cunningham, Nabil Schear, Warren Smith, Adam M. Bates, Kevin R. B. Butler, Frank Capobianco, Trent Jaeger, Patrick T. Cable II. 107-114 [doi]
- Self-Verifying Execution (Position Paper)Matt McCutchen, Daniel Song, Shuo Chen, Shaz Qadeer. 117-123 [doi]
- Code Randomization: Haven't We Solved This Problem Yet?Stephen Crane, Andrei Homescu, Per Larsen. 124-129 [doi]
- Automated Code Repair Based on Inferred SpecificationsWilliam Klieber, Will Snavely. 130-137 [doi]
- Building Robust Distributed Systems and Network Protocols by Using Adversarial Testing and Behavioral AnalysisMd. Endadul Hoque, Cristina Nita-Rotaru. 138-145 [doi]
- Adopting Strict Content Security Policy for XSS ProtectionLukas Weichselbaum, Michele Spagnuolo, Artur Janc. 149 [doi]
- Safe Client/Server Web Development with HaskellMark Mazumder, Timothy Braje. 150 [doi]
- How to find and fix software vulnerabilities with coverity static analysisBill Baloglu. 153 [doi]
- Auditing Code for Security Vulnerabilities with CodeSonarDavid Vitek. 154 [doi]
- Continuous Fuzzing with libFuzzer and AddressSanitizerKosta Serebryany. 157 [doi]
- Using Dr. Fuzz, Dr. Memory, and Custom Dynamic Tools for Secure DevelopmentDerek Bruening, Qin Zhao. 158 [doi]
- Beyond errno: Error Handling in "C"David Svoboda. 161 [doi]
- Codiscope SecureAssistâ„¢ - The Developer's Security AssistantNivedita Murthy. 162 [doi]
- Software Vulnerabilities, Defects, and Design Flaws: A Technical Debt PerspectiveRobert L. Nord, Ipek Ozkaya. 165 [doi]
- Secure DevOps Process and ImplementationHasan Yasar, Kiriakos Kontostathis. 166 [doi]