Abstract is missing.
- Post-Mortem of a Zombie: Conficker Cleanup After Six YearsHadi Asghari, Michael Ciere, Michel J. G. van Eeten. 1-16 [doi]
- Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking Applications in the Developing WorldBradley Reaves, Nolen Scaife, Adam M. Bates, Patrick Traynor, Kevin R. B. Butler. 17-32 [doi]
- Measuring the Longitudinal Evolution of the Online Anonymous Marketplace EcosystemKyle Soska, Nicolas Christin. 33-48 [doi]
- Under-Constrained Symbolic Execution: Correctness Checking for Real CodeDavid A. Ramos, Dawson R. Engler. 49-64 [doi]
- TaintPipe: Pipelined Symbolic Taint AnalysisJiang Ming, Dinghao Wu, Gaoyao Xiao, Jun Wang, Peng Liu 0005. 65-80 [doi]
- Type Casting Verification: Stopping an Emerging Attack VectorByoungyoung Lee, Chengyu Song, Taesoo Kim, Wenke Lee. 81-96 [doi]
- All Your Biases Belong to Us: Breaking RC4 in WPA-TKIP and TLSMathy Vanhoef, Frank Piessens. 97-112 [doi]
- Attacks Only Get Better: Password Recovery Attacks Against RC4 in TLSChristina Garman, Kenneth G. Paterson, Thyla Van der Merwe. 113-128 [doi]
- Eclipse Attacks on Bitcoin's Peer-to-Peer NetworkEthan Heilman, Alison Kendler, Aviv Zohar, Sharon Goldberg. 129-144 [doi]
- Compiler-instrumented, Dynamic Secret-Redaction of Legacy Processes for Attacker DeceptionFrederico Araujo, Kevin W. Hamlen. 145-159 [doi]
- Control-Flow Bending: On the Effectiveness of Control-Flow IntegrityNicholas Carlini, Antonio Barresi, Mathias Payer, David Wagner, Thomas R. Gross. 161-176 [doi]
- Automatic Generation of Data-Oriented ExploitsHong Hu, Zheng-Leong Chua, Sendroiu Adrian, Prateek Saxena, Zhenkai Liang. 177-192 [doi]
- Protocol State Fuzzing of TLS ImplementationsJoeri de Ruiter, Erik Poll. 193-206 [doi]
- Verified Correctness and Security of OpenSSL HMACLennart Beringer, Adam Petcher, Katherine Q. Ye, Andrew W. Appel. 207-221 [doi]
- Not-Quite-So-Broken TLS: Lessons in Re-Engineering a Security Protocol Specification and ImplementationDavid Kaloper-Mersinjak, Hannes Mehnert, Anil Madhavapeddy, Peter Sewell. 223-238 [doi]
- To Pin or Not to Pin-Helping App Developers Bullet Proof Their TLS ConnectionsMarten Oltrogge, Yasemin Acar, Sergej Dechand, Matthew Smith 0001, Sascha Fahl. 239-254 [doi]
- De-anonymizing Programmers via Code StylometryAylin Caliskan Islam, Richard E. Harang, Andrew Liu, Arvind Narayanan, Clare R. Voss, Fabian Yamaguchi, Rachel Greenstadt. 255-270 [doi]
- RAPTOR: Routing Attacks on Privacy in TorYixin Sun, Anne Edmundson, Laurent Vanbever, Oscar Li, Jennifer Rexford, Mung Chiang, Prateek Mittal. 271-286 [doi]
- Circuit Fingerprinting Attacks: Passive Deanonymization of Tor Hidden ServicesAlbert Kwon, Mashael AlSabah, David Lazar, Marc Dacier, Srinivas Devadas. 287-302 [doi]
- SecGraph: A Uniform and Open-source Evaluation System for Graph Data Anonymization and De-anonymizationShouling Ji, Weiqing Li, Prateek Mittal, Xin Hu, Raheem A. Beyah. 303-318 [doi]
- Trustworthy Whole-System Provenance for the Linux KernelAdam M. Bates, Dave Tian, Kevin R. B. Butler, Thomas Moyer. 319-334 [doi]
- Securing Self-Virtualizing Ethernet DevicesIgor Smolyar, Muli Ben-Yehuda, Dan Tsafrir. 335-350 [doi]
- EASEAndroid: Automatic Policy Analysis and Refinement for Security Enhanced Android via Large-Scale Semi-Supervised LearningRuowen Wang, William Enck, Douglas S. Reeves, Xinwen Zhang, Peng Ning, Dingbang Xu, Wu Zhou, Ahmed M. Azab. 351-366 [doi]
- Marionette: A Programmable Network Traffic Obfuscation SystemKevin P. Dyer, Scott E. Coull, Thomas Shrimpton. 367-382 [doi]
- CONIKS: Bringing Key Transparency to End UsersMarcela S. Melara, Aaron Blankstein, Joseph Bonneau, Edward W. Felten, Michael J. Freedman. 383-398 [doi]
- Investigating the Computer Security Practices and Needs of JournalistsSusan E. McGregor, Polina Charters, Tobin Holliday, Franziska Roesner. 399-414 [doi]
- Constants Count: Practical Improvements to Oblivious RAMLing Ren, Christopher W. Fletcher, Albert Kwon, Emil Stefanov, Elaine Shi, Marten van Dijk, Srinivas Devadas. 415-430 [doi]
- Raccoon: Closing Digital Side-Channels through Obfuscated ExecutionAshay Rane, Calvin Lin, Mohit Tiwari. 431-446 [doi]
- M2R: Enabling Stronger Privacy in MapReduce ComputationTien Tuan Anh Dinh, Prateek Saxena, Ee-Chien Chang, Beng Chin Ooi, Chunwang Zhang. 447-462 [doi]
- Measuring Real-World Accuracies and Biases in Modeling Password GuessabilityBlase Ur, Sean M. Segreti, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Saranga Komanduri, Darya Kurilova, Michelle L. Mazurek, William Melicher, Richard Shay. 463-481 [doi]
- Sound-Proof: Usable Two-Factor Authentication Based on Ambient SoundNikolaos Karapanos, Claudio Marforio, Claudio Soriente, Srdjan Capkun. 483-498 [doi]
- Android Permissions Remystified: A Field Study on Contextual IntegrityPrimal Wijesekera, Arjun Baokar, Ashkan Hosseini, Serge Egelman, David Wagner, Konstantin Beznosov. 499-514 [doi]
- Phasing: Private Set Intersection Using Permutation-based HashingBenny Pinkas, Thomas Schneider 0003, Gil Segev, Michael Zohner. 515-530 [doi]
- Faster Secure Computation through Automatic ParallelizationNiklas Büscher, Stefan Katzenbeisser 0001. 531-546 [doi]
- The Pythia PRF ServiceAdam Everspaugh, Rahul Chaterjee, Samuel Scott, Ari Juels, Thomas Ristenpart. 547-562 [doi]
- EVILCOHORT: Detecting Communities of Malicious Accounts on Online ServicesGianluca Stringhini, Pierre Mourlanne, Grégoire Jacob, Manuel Egele, Christopher Kruegel, Giovanni Vigna. 563-578 [doi]
- Trends and Lessons from Three Years Fighting Malicious ExtensionsNav Jagpal, Eric Dingle, Jean-Philippe Gravel, Panayiotis Mavrommatis, Niels Provos, Moheeb Abu Rajab, Kurt Thomas. 579-593 [doi]
- Meerkat: Detecting Website Defacements through Image-based Object RecognitionKevin Borgolte, Christopher Kruegel, Giovanni Vigna. 595-610 [doi]
- Recognizing Functions in Binaries with Neural NetworksEui Chul Richard Shin, Dawn Song, Reza Moazzezi. 611-626 [doi]
- Reassembleable DisassemblingShuai Wang, Pei Wang, Dinghao Wu. 627-642 [doi]
- How the ELF Ruined ChristmasAlessandro Di Federico, Amat Cama, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna. 643-658 [doi]
- You Shouldn't Collect My Secrets: Thwarting Sensitive Keystroke Leakage in Mobile IME AppsJin Chen, Haibo Chen, Erick Bauman, Zhiqiang Lin, Binyu Zang, Haibing Guan. 657-690 [doi]
- Finding Unknown Malice in 10 Seconds: Mass Vetting for New Threats at the Google-Play ScaleKai Chen 0012, Peng Wang, Yeonjoon Lee, Xiaofeng Wang, Nan Zhang, Heqing Huang, Wei Zou, Peng Liu 0005. 659-674 [doi]
- Boxify: Full-fledged App Sandboxing for Stock AndroidMichael Backes 0001, Sven Bugiel, Christian Hammer 0001, Oliver Schranz, Philipp von Styp-Rekowsky. 691-706 [doi]
- Cookies Lack Integrity: Real-World ImplicationsXiaofeng Zheng, Jian Jiang, Jinjin Liang, Hai-Xin Duan, Shuo Chen, Tao Wan, Nicholas Weaver. 707-721 [doi]
- The Unexpected Dangers of Dynamic JavaScriptSebastian Lekies, Ben Stock, Martin Wentzel, Martin Johns. 723-735 [doi]
- ZigZag: Automatically Hardening Web Applications Against Client-side Validation VulnerabilitiesMichael Weissbacher, William K. Robertson, Engin Kirda, Christopher Kruegel, Giovanni Vigna. 737-752 [doi]
- Anatomization and Protection of Mobile Apps' Location Privacy ThreatsKassem Fawaz, Huan Feng, Kang G. Shin. 753-768 [doi]
- LinkDroid: Reducing Unregulated Aggregation of App Usage BehaviorsHuan Feng, Kassem Fawaz, Kang G. Shin. 769-783 [doi]
- PowerSpy: Location Tracking Using Mobile Device Power AnalysisYan Michalevsky, Aaron Schulman, Gunaa Arumugam Veerapandian, Dan Boneh, Gabi Nakibly. 785-800 [doi]
- In the Compression Hornet's Nest: A Security Study of Data Compression in Network ServicesGiancarlo Pellegrino, Davide Balzarotti, Stefan Winter, Neeraj Suri. 801-816 [doi]
- Bohatei: Flexible and Elastic DDoS DefenseSeyed Kaveh Fayaz, Yoshiaki Tobioka, Vyas Sekar, Michael Bailey. 817-832 [doi]
- Boxed Out: Blocking Cellular Interconnect Bypass Fraud at the Network EdgeBradley Reaves, Ethan Shernan, Adam M. Bates, Henry Carter, Patrick Traynor. 833-848 [doi]
- GSMem: Data Exfiltration from Air-Gapped Computers over GSM FrequenciesMordechai Guri, Assaf Kachlon, Ofer Hasson, Gabi Kedma, Yisroel Mirsky, Yuval Elovici. 849-864 [doi]
- Thermal Covert Channels on Multi-core PlatformsRamya Jayaram Masti, Devendra Rai, Aanjhan Ranganathan, Christian Müller, Lothar Thiele, Srdjan Capkun. 865-880 [doi]
- Rocking Drones with Intentional Sound Noise on Gyroscopic SensorsYunmok Son, Hocheol Shin, Dongkwan Kim, Young-Seok Park, Juhwan Noh, Kibum Choi, Jungwoo Choi, Yongdae Kim. 881-896 [doi]
- Cache Template Attacks: Automating Attacks on Inclusive Last-Level CachesDaniel Gruss, Raphael Spreitzer, Stefan Mangard. 897-912 [doi]
- A Placement Vulnerability Study in Multi-Tenant Public CloudsVenkatanathan Varadarajan, Yinqian Zhang, Thomas Ristenpart, Michael M. Swift. 913-928 [doi]
- A Measurement Study on Co-residence Threat inside the CloudZhang Xu, Haining Wang, Zhenyu Wu. 929-944 [doi]
- Towards Discovering and Understanding Task Hijacking in AndroidChuangang Ren, Yulong Zhang, Hui Xue, Tao Wei, Peng Liu 0005. 945-959 [doi]
- Cashtags: Protecting the Input and Display of Sensitive DataMichael Mitchell, An-I Andy Wang, Peter L. Reiher. 961-976 [doi]
- SUPOR: Precise and Scalable Sensitive User Input Detection for Android AppsJianJun Huang, Zhichun Li, Xusheng Xiao, Zhenyu Wu, Kangjie Lu, Xiangyu Zhang, Guofei Jiang. 977-992 [doi]
- UIPicker: User-Input Privacy Identification in Mobile ApplicationsYuhong Nan, Min Yang, Zhemin Yang, Shunfan Zhou, Guofei Gu, Xiaofeng Wang. 993-1008 [doi]
- Cloudy with a Chance of Breach: Forecasting Cyber Security IncidentsYang Liu, Armin Sarabi, Jing Zhang, Parinaz Naghizadeh, Manish Karir, Michael Bailey, Mingyan Liu. 1009-1024 [doi]
- WebWitness: Investigating, Categorizing, and Mitigating Malware Download PathsTerry Nelms, Roberto Perdisci, Manos Antonakakis, Mustaque Ahamad. 1025-1040 [doi]
- Vulnerability Disclosure in the Age of Social Media: Exploiting Twitter for Predicting Real-World ExploitsCarl Sabottke, Octavian Suciu, Tudor Dumitras. 1041-1056 [doi]
- Needles in a Haystack: Mining Information from Public Dynamic Analysis Sandboxes for Malware IntelligenceMariano Graziano, Davide Canali, Leyla Bilge, Andrea Lanzi, Davide Balzarotti. 1057-1072 [doi]