Abstract is missing.
- Privee: An Architecture for Automatically Analyzing Web Privacy PoliciesSebastian Zimmeck, Steven M. Bellovin. 1-16 [doi]
- Privacy in Pharmacogenetics: An End-to-End Case Study of Personalized Warfarin DosingMatthew Fredrikson, Eric Lantz, Somesh Jha, Simon Lin, David Page, Thomas Ristenpart. 17-32 [doi]
- Mimesis Aegis: A Mimicry Privacy Shield-A System's Approach to Data Privacy on Public CloudBilly Lau, Simon Chung, Chengyu Song, Yeongjin Jang, Wenke Lee, Alexandra Boldyreva. 33-48 [doi]
- XRay: Enhancing the Web's Transparency with Differential CorrelationMathias Lécuyer, Guillaume Ducoffe , Francis Lan, Andrei Papancea, Theofilos Petsios, Riley Spahn, Augustin Chaintreau, Roxana Geambasu. 49-64 [doi]
- An Internet-Wide View of Internet-Wide ScanningZakir Durumeric, Michael Bailey, J. Alex Halderman. 65-78 [doi]
- On the Feasibility of Large-Scale Infections of iOS DevicesTielei Wang, Yeongjin Jang, Yizheng Chen, Simon Chung, Billy Lau, Wenke Lee. 79-93 [doi]
- A Large-Scale Analysis of the Security of Embedded FirmwaresAndrei Costin, Jonas Zaddach, Aurélien Francillon, Davide Balzarotti. 95-110 [doi]
- Exit from Hell? Reducing the Impact of Amplification DDoS AttacksMarc Kührer, Thomas Hupperich, Christian Rossow, Thorsten Holz. 111-125 [doi]
- Never Been KIST: Tor's Congestion Management Blossoms with Kernel-Informed Socket TransportRob Jansen, John Geddes, Chris Wacek, Micah Sherr, Paul F. Syverson. 127-142 [doi]
- Effective Attacks and Provable Defenses for Website FingerprintingTao Wang, Xiang Cai, Rishab Nithyanand, Rob Johnson, Ian Goldberg. 143-157 [doi]
- TapDance: End-to-Middle Anticensorship without Flow BlockingEric Wustrow, Colleen Swanson, J. Alex Halderman. 159-174 [doi]
- A Bayesian Approach to Privacy Enforcement in SmartphonesOmer Tripp, Julia Rubin. 175-190 [doi]
- The Long "Taile" of Typosquatting Domain NamesJanos Szurdi, Balazs Kocso, Gabor Cseh, Jonathan Spring, Márk Félegyházi, Chris Kanich. 191-206 [doi]
- Understanding the Dark Side of Domain ParkingSumayah A. Alrwais, Kan Yuan, Eihal Alowaisheq, Zhou Li, Xiaofeng Wang. 207-222 [doi]
- Towards Detecting Anomalous User Behavior in Online Social NetworksBimal Viswanath, M. Ahmad Bashir, Mark Crovella, Saikat Guha, Krishna P. Gummadi, Balachander Krishnamurthy, Alan Mislove. 223-238 [doi]
- Man vs. Machine: Practical Adversarial Detection of Malicious Crowdsourcing WorkersGang Wang, Tianyi Wang, Haitao Zheng, Ben Y. Zhao. 239-254 [doi]
- DSCRETE: Automatic Rendering of Forensic Information from Memory Images via Application Logic ReuseBrendan Saltaformaggio, Zhongshu Gu, Xiangyu Zhang, Dongyan Xu. 255-269 [doi]
- Cardinal Pill Testing of System Virtual MachinesHao Shi, Abdulla Alwabel, Jelena Mirkovic. 271-285 [doi]
- BareCloud: Bare-metal Analysis-based Evasive Malware DetectionDhilung Kirat, Giovanni Vigna, Christopher Kruegel. 287-301 [doi]
- Blanket Execution: Dynamic Similarity Testing for Program Binaries and ComponentsManuel Egele, Maverick Woo, Peter Chapman, David Brumley. 303-317 [doi]
- On the Practical Exploitability of Dual EC in TLS ImplementationsStephen Checkoway, Ruben Niederhagen, Adam Everspaugh, Matthew Green 0001, Tanja Lange, Thomas Ristenpart, Daniel J. Bernstein, Jake Maskiewicz, Hovav Shacham, Matthew Fredrikson. 319-335 [doi]
- iSeeYou: Disabling the MacBook Webcam Indicator LEDMatthew Brocker, Stephen Checkoway. 337-352 [doi]
- From the Aether to the Ethernet - Attacking the Internet using Broadcast Digital TelevisionYossef Oren, Angelos D. Keromytis. 353-368 [doi]
- Security Analysis of a Full-Body ScannerKeaton Mowery, Eric Wustrow, Tom Wypych, Corey Singleton, Chris Comfort, Eric Rescorla, J. Alex Halderman, Hovav Shacham, Stephen Checkoway. 369-384 [doi]
- ROP is Still Dangerous: Breaking Modern DefensesNicholas Carlini, David Wagner. 385-399 [doi]
- Stitching the Gadgets: On the Ineffectiveness of Coarse-Grained Control-Flow Integrity ProtectionLucas Davi, Ahmad-Reza Sadeghi, Daniel Lehmann, Fabian Monrose. 401-416 [doi]
- Size Does Matter: Why Using Gadget-Chain Length to Prevent Code-Reuse Attacks is HardEnes Göktas, Elias Athanasopoulos, Michalis Polychronakis, Herbert Bos, Georgios Portokalidis. 417-432 [doi]
- Oxymoron: Making Fine-Grained Memory Randomization Practical by Allowing Code SharingMichael Backes, Stefan Nürnberger. 433-447 [doi]
- Password Managers: Attacks and DefensesDavid Silver, Suman Jana, Dan Boneh, Eric Yawei Chen, Collin Jackson. 449-464 [doi]
- The Emperor's New Password Manager: Security Analysis of Web-based Password ManagersZhiwei Li, Warren He, Devdatta Akhawe, Dawn Song. 465-479 [doi]
- SpanDex: Secure Password Tracking for AndroidLandon P. Cox, Peter Gilbert, Geoffrey Lawler, Valentin Pistol, Ali Razeen, Bi-Wu, Sai Cheemalapati. 481-494 [doi]
- SSOScan: Automated Testing of Web Applications for Single Sign-On VulnerabilitiesYuchen Zhou, David Evans. 495-510 [doi]
- When Governments Hack Opponents: A Look at Actors and TechnologyWilliam R. Marczak, John Scott-Railton, Morgan Marquis-Boire, Vern Paxson. 511-525 [doi]
- Targeted Threat Index: Characterizing and Quantifying Politically-Motivated Targeted MalwareSeth Hardy, Masashi Crete-Nishihata, Katharine Kleemola, Adam Senft, Byron Sonne, Greg Wiseman, Phillipa Gill, Ronald J. Deibert. 527-541 [doi]
- A Look at Targeted Attacks Through the Lense of an NGOStevens Le-Blond, Adina Uritesc, Cédric Gilbert, Zheng-Leong Chua, Prateek Saxena, Engin Kirda. 543-558 [doi]
- A Large-Scale Empirical Analysis of Chinese Web PasswordsZhigong Li, Weili Han, Wenyuan Xu. 559-574 [doi]
- Password Portfolios and the Finite-Effort User: Sustainably Managing Large Numbers of AccountsDinei Florêncio, Cormac Herley, Paul C. van Oorschot. 575-590 [doi]
- Telepathwords: Preventing Weak Passwords by Reading Users' MindsSaranga Komanduri, Richard Shay, Lorrie Faith Cranor, Cormac Herley, Stuart E. Schechter. 591-606 [doi]
- Towards Reliable Storage of 56-bit Secrets in Human MemoryJoseph Bonneau, Stuart E. Schechter. 607-623 [doi]
- Automatically Detecting Vulnerable Websites Before They Turn MaliciousKyle Soska, Nicolas Christin. 625-640 [doi]
- Hulk: Eliciting Malicious Behavior in Browser ExtensionsAlexandros Kapravelos, Chris Grier, Neha Chachra, Christopher Kruegel, Giovanni Vigna, Vern Paxson. 641-654 [doi]
- Precise Client-side Protection against DOM-based Cross-Site ScriptingBen Stock, Sebastian Lekies, Tobias Mueller, Patrick Spiegel, Martin Johns. 655-670 [doi]
- On the Effective Prevention of TLS Man-in-the-Middle Attacks in Web ApplicationsNikolaos Karapanos, Srdjan Capkun. 671-686 [doi]
- Scheduler-based Defenses against Cross-VM Side-channelsVenkatanathan Varadarajan, Thomas Ristenpart, Michael M. Swift. 687-702 [doi]
- Preventing Cryptographic Key Leakage in Cloud Virtual MachinesErman Pattuk, Murat Kantarcioglu, Zhiqiang Lin, Huseyin Ulusoy. 703-718 [doi]
- FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel AttackYuval Yarom, Katrina Falkner. 719-732 [doi]
- Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and AttacksChristopher Meyer, Juraj Somorovsky, Eugen Weiss, Jörg Schwenk, Sebastian Schinzel, Erik Tews. 733-748 [doi]
- Burst ORAM: Minimizing ORAM Response Times for Bursty Access PatternsJonathan L. Dautrich Jr., Emil Stefanov, Elaine Shi. 749-764 [doi]
- TRUESET: Faster Verifiable Set ComputationsAhmed E. Kosba, Dimitrios Papadopoulos, Charalampos Papamanthou, Mahmoud F. Sayed, Elaine Shi, Nikos Triandopoulos. 765-780 [doi]
- Succinct Non-Interactive Zero Knowledge for a von Neumann ArchitectureEli Ben-Sasson, Alessandro Chiesa, Eran Tromer, Madars Virza. 781-796 [doi]
- Faster Private Set Intersection Based on OT ExtensionBenny Pinkas, Thomas Schneider 0003, Michael Zohner. 797-812 [doi]
- Dynamic Hooks: Hiding Control Flow Changes within Non-Control DataSebastian Vogl, Robert Gawlik, Behrad Garmany, Thomas Kittel, Jonas Pfoh, Claudia Eckert, Thorsten Holz. 813-828 [doi]
- X-Force: Force-Executing Binary Programs for Security ApplicationsFei Peng, Zhui Deng, Xiangyu Zhang, Dongyan Xu, Zhiqiang Lin, Zhendong Su. 829-844 [doi]
- BYTEWEIGHT: Learning to Recognize Functions in Binary CodeTiffany Bao, Jonathan Burket, Maverick Woo, Rafael Turner, David Brumley. 845-860 [doi]
- Optimizing Seed Selection for FuzzingAlexandre Rebert, Sang Kil Cha, Thanassis Avgerinos, Jonathan Foote, David Warren, Gustavo Grieco, David Brumley. 861-875 [doi]
- LibFTE: A Toolkit for Constructing Practical, Format-Abiding Encryption SchemesDaniel Luchaup, Kevin P. Dyer, Somesh Jha, Thomas Ristenpart, Thomas Shrimpton. 877-891 [doi]
- Ad-Hoc Secure Two-Party Computation on Mobile Devices using Hardware TokensDaniel Demmler, Thomas Schneider 0003, Michael Zohner. 893-908 [doi]
- ZØ: An Optimizing Distributing Zero-Knowledge CompilerMatthew Fredrikson, Benjamin Livshits. 909-924 [doi]
- SDDR: Light-Weight, Secure Mobile EncountersMatthew Lentz, Viktor Erdélyi, Paarijaat Aditya, Elaine Shi, Peter Druschel, Bobby Bhattacharjee. 925-940 [doi]
- Enforcing Forward-Edge Control-Flow Integrity in GCC & LLVMCaroline Tice, Tom Roeder, Peter Collingbourne, Stephen Checkoway, Úlfar Erlingsson, Luis Lozano, Geoff Pike. 941-955 [doi]
- ret2dir: Rethinking Kernel IsolationVasileios P. Kemerlis, Michalis Polychronakis, Angelos D. Keromytis. 957-972 [doi]
- JIGSAW: Protecting Resource Access by Inferring Programmer ExpectationsHayawardh Vijayakumar, Xinyang Ge, Mathias Payer, Trent Jaeger. 973-988 [doi]
- Static Detection of Second-Order Vulnerabilities in Web ApplicationsJohannes Dahse, Thorsten Holz. 989-1003 [doi]
- ASM: A Programmable Interface for Extending Android SecurityStephan Heuser, Adwait Nadkarni, William Enck, Ahmad-Reza Sadeghi. 1005-1019 [doi]
- Brahmastra: Driving Apps to Test the Security of Third-Party ComponentsRavi Bhoraskar, Seungyeop Han, Jinseong Jeon, Tanzirul Azim, Shuo Chen, Jaeyeon Jung, Suman Nath, Rui Wang 0010, David Wetherall. 1021-1036 [doi]
- Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android AttacksQi Alfred Chen, Zhiyun Qian, Zhuoqing Morley Mao. 1037-1052 [doi]
- Gyrophone: Recognizing Speech from Gyroscope SignalsYan Michalevsky, Dan Boneh, Gabi Nakibly. 1053-1067 [doi]