default search action
20th CCS 2013: Berlin, Germany
- Ahmad-Reza Sadeghi, Virgil D. Gligor, Moti Yung:
2013 ACM SIGSAC Conference on Computer and Communications Security, CCS'13, Berlin, Germany, November 4-8, 2013. ACM 2013, ISBN 978-1-4503-2477-9
Session 1-A: trusted systems
- Frederik Armknecht
, Ahmad-Reza Sadeghi, Steffen Schulz, Christian Wachsmann:
A security framework for the analysis and design of software attestation. 1-12 - Emmanuel Owusu, Jorge Guajardo, Jonathan M. McCune, James Newsome, Adrian Perrig, Amit Vasudevan:
OASIS: on achieving a sanctuary for integrity and secrecy on untrusted platforms. 13-24 - John Butterworth, Corey Kallenberg, Xeno Kovah, Amy Herzog:
BIOS chronomancy: fixing the core root of trust for measurement. 25-36 - Liqun Chen
Flexible and scalable digital signatures in TPM 2.0. 37-48
Session 1-B: how crypto breaks
- Sascha Fahl, Marian Harbach
Rethinking SSL development in an appified world. 49-60 - Kevin P. Dyer, Scott E. Coull, Thomas Ristenpart, Thomas Shrimpton:
Protocol misidentification made easy with format-transforming encryption. 61-72 - Manuel Egele, David Brumley, Yanick Fratantonio, Christopher Kruegel:
An empirical study of cryptographic misuse in android applications. 73-84 - Mobin Javed, Vern Paxson:
Detecting stealthy, distributed SSH brute-forcing. 85-96
Session 1-C: malware
- Fanny Lalonde Lévesque, Jude Nsiempba, José M. Fernandez
A clinical study of risk factors related to malware infections. 97-108 - Kevin Borgolte, Christopher Kruegel, Giovanni Vigna:
Delta: automatic identification of unknown web-based infection campaigns. 109-120 - Yacin Nadji, Manos Antonakakis, Roberto Perdisci
Beheading hydras: performing effective botnet takedowns. 121-132 - Gianluca Stringhini, Christopher Kruegel, Giovanni Vigna:
Shady paths: leveraging surfing crowds to detect malicious web pages. 133-144
Session 2-A: passwords
- Ari Juels, Ronald L. Rivest:
Honeywords: making password-cracking detectable. 145-160 - Sebastian Uellenbeck, Markus Dürmuth
Quantifying the security of graphical passwords: the case of android unlock patterns. 161-172 - Michelle L. Mazurek, Saranga Komanduri, Timothy Vidas, Lujo Bauer
Measuring password guessability for an entire university. 173-186 - Georgios Kontaxis, Elias Athanasopoulos, Georgios Portokalidis, Angelos D. Keromytis:
SAuth: protecting user accounts from password database leaks. 187-198
Session 2-B: control & information flow
- Ben Niu, Gang Tan
Monitor integrity protection with space efficiency and separate compilation. 199-210 - Máté Kovács, Helmut Seidl, Bernd Finkbeiner:
Relational abstract interpretation for the verification of 2-hypersafety properties. 211-222 - Mads Dam, Roberto Guanciale
Formal verification of information flow security for a simple arm-based separation kernel. 223-234 - Kangkook Jee, Vasileios P. Kemerlis
ShadowReplica: efficient parallelization of dynamic data flow tracking. 235-246
Session 2-C: storage security
- Emil Stefanov, Elaine Shi:
Multi-cloud oblivious storage. 247-258 - Christian Cachin, Kristiyan Haralambiev, Hsu-Chun Hsiao
Policy-based secure deletion. 259-270 - Joel Reardon, Hubert Ritzdorf, David A. Basin, Srdjan Capkun:
Secure data deletion from persistent media. 271-284 - Dan Dobre, Ghassan Karame, Wenting Li
PoWerStore: proofs of writing for efficient and robust storage. 285-298
Session 3-A: oblivious RAM and oblivious computation
- Emil Stefanov, Marten van Dijk
Path ORAM: an extremely simple oblivious RAM protocol. 299-310 - Martin Maas, Eric Love, Emil Stefanov, Mohit Tiwari
PHANTOM: practical oblivious computation in a secure processor. 311-324 - Elaine Shi, Emil Stefanov, Charalampos Papamanthou:
Practical dynamic proofs of retrievability. 325-336
Session 3-B: anonymous channels
- Aaron Johnson, Chris Wacek, Rob Jansen, Micah Sherr, Paul F. Syverson:
Users get routed: traffic correlation on tor by realistic adversaries. 337-348 - Mashael AlSabah, Ian Goldberg:
PCTCP: per-circuit TCP-over-IPsec transport for anonymous communication overlay networks. 349-360 - John Geddes, Max Schuchard, Nicholas Hopper:
Cover your ACKs: pitfalls of covert channel censorship circumvention. 361-372
Session 3-C: protocol analysis & synthesis
- Christina Brzuska, Nigel P. Smart, Bogdan Warinschi, Gaven J. Watson:
An analysis of the EMV channel establishment protocol. 373-386 - Florian Giesen, Florian Kohlar, Douglas Stebila
On the security of TLS renegotiation. 387-398 - Joseph A. Akinyele, Matthew Green, Susan Hohenberger:
Using SMT solvers to automate design tasks for encryption and signature schemes. 399-410
Keynote
- Ravi S. Sandhu:
The science, engineering and business of cyber security. 411-412
Session 4-A: network security
- Seungwon Shin, Vinod Yegneswaran, Phillip A. Porras, Guofei Gu:
AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks. 413-424 - W. Michael Petullo, Xu Zhang, Jon A. Solworth, Daniel J. Bernstein, Tanja Lange:
MinimaLT: minimal-latency networking through better security. 425-438
Session 4-B: critical infrastructures
- Rui Tan, Varun Badrinath Krishna, David K. Y. Yau, Zbigniew Kalbarczyk:
Impact of integrity attacks on real-time pricing in smart grids. 439-450 - Muhammad Qasim Ali, Ehab Al-Shaer:
Configuration-based IDS for advanced metering infrastructure. 451-462
Session 4-C: attribute-based encryption
- Yannis Rouselakis, Brent Waters:
Practical constructions and new proof methods for large universe attribute-based encryption. 463-474 - Zhen Liu, Zhenfu Cao
Blackbox traceable CP-ABE: how to catch people leaking their keys by selling decryption devices on ebay. 475-486
Session 5-A: programming securely
- Junyuan Zeng, Yangchun Fu, Kenneth A. Miller, Zhiqiang Lin, Xiangyu Zhang, Dongyan Xu:
Obfuscation resilient binary code reuse through trace-oriented programming. 487-498 - Fabian Yamaguchi, Christian Wressnegger, Hugo Gascon, Konrad Rieck:
Chucky: exposing missing checks in source code for vulnerability discovery. 499-510 - Maverick Woo, Sang Kil Cha, Samantha Gottlieb, David Brumley:
Scheduling black-box mutational fuzzing. 511-522
Session 5-B: secure multiparty computation
- Abhi Shelat, Chih-Hao Shen:
Fast two-party secure computation with minimal assumptions. 523-534 - Gilad Asharov
More efficient oblivious transfer and extensions for faster secure computation. 535-548 - Marcel Keller
An architecture for practical actively secure MPC with dishonest majority. 549-560
Session 5-C: formal methods
- Andrew K. Hirsch
Belief semantics of authorization logic. 561-572 - Bruno Blanchet
Automatic verification of protocols with lists of unbounded length. 573-584 - Philip W. L. Fong, Pooya Mehregan, Ram Krishnan:
Relational abstraction in community-based secure collaboration. 585-598
Session 6-A: mobile security issues
- Abdul Serwadda, Vir V. Phoha
When kids' toys breach mobile phone security. 599-610 - Yuan Zhang, Min Yang, Bingquan Xu, Zhemin Yang, Guofei Gu, Peng Ning, Xiaoyang Sean Wang, Binyu Zang:
Vetting undesirable behaviors in android apps with permission use analysis. 611-622 - Lei Wu, Michael C. Grace, Yajin Zhou, Chiachih Wu, Xuxian Jiang:
The impact of vendor customizations on android security. 623-634 - Rui Wang, Luyi Xing, XiaoFeng Wang, Shuo Chen:
Unauthorized origin crossing on mobile platforms: threats and mitigation. 635-646
Session 6-B: randomness
- Yevgeniy Dodis, David Pointcheval
Security analysis of pseudo-random number generators with input: /dev/random is not robust. 647-658 - Soo Hyeon Kim, Daewan Han, Dong Hoon Lee:
Predictability of Android OpenSSL's pseudo random number generator. 659-668 - Aggelos Kiayias, Stavros Papadopoulos, Nikos Triandopoulos, Thomas Zacharias
Delegatable pseudorandom functions and applications. 669-684 - Henry Corrigan-Gibbs, Wendy Mu, Dan Boneh, Bryan Ford
Ensuring high-quality randomness in cryptographic key generation. 685-696
Session 6-C: hardware security
- Adam Waksman, Matthew Suozzo, Simha Sethumadhavan:
FANCI: identification of stealthy malicious logic using boolean functional analysis. 697-708 - Jeyavijayan Rajendran, Michael Sam, Ozgur Sinanoglu
Security analysis of integrated circuit camouflaging. 709-720 - Albert Kwon, Udit Dhawan, Jonathan M. Smith, Thomas F. Knight Jr., André DeHon:
Low-fat pointers: compact encoding and efficient gate-level implementation of fat pointers for spatial safety and capability-based security. 721-732 - Clemens Helfmeier, Dmitry Nedospasov, Christopher Tarnovsky, Jan Starbug Krissler, Christian Boit, Jean-Pierre Seifert:
Breaking and entering through the silicon. 733-744
Session 7-A: web attacks
- Jonas Magazinius, Billy K. Rios, Andrei Sabelfeld:
Polyglots: crossing origins by crossing formats. 753-764 - Vacha Dave, Saikat Guha, Yin Zhang:
ViceROI: catching click-spam in search ad networks. 765-776 - Mario Heiderich, Jörg Schwenk, Tilman Frosch, Jonas Magazinius, Edward Z. Yang:
mXSS attacks: attacking well-secured web-applications by using innerHTML mutations. 777-788
Session 7-B: privacy-preserving protocols
- Changyu Dong, Liqun Chen
When private set intersection meets big data: an efficient and scalable protocol. 789-800 - Valeria Nikolaenko, Stratis Ioannidis
Privacy-preserving matrix factorization. 801-812 - Yihua Zhang, Aaron Steele, Marina Blanton:
PICCO: a general-purpose compiler for private distributed computation. 813-826
Session 7-C: systems' attack mitigation
- Yinqian Zhang, Michael K. Reiter:
Düppel: retrofitting commodity operating systems to mitigate cache side channels in the cloud. 827-838 - Brendan Dolan-Gavitt, Tim Leek, Josh Hodosh, Wenke Lee:
Tappan Zee (north) bridge: mining memory accesses for introspection. 839-850 - Felix Schuster, Thorsten Holz
Towards reducing the attack surface of software backdoors. 851-862
Session 8-A: secure outsourcing protocols
- Michael Backes, Dario Fiore, Raphael M. Reischuk:
Verifiable delegation of computation on outsourced data. 863-874 - Stanislaw Jarecki, Charanjit S. Jutla, Hugo Krawczyk, Marcel-Catalin Rosu, Michael Steiner:
Outsourced symmetric private information retrieval. 875-888
Session 8-B: privacy models
- Ninghui Li, Wahbeh H. Qardaji, Dong Su, Yi Wu, Weining Yang:
Membership privacy: a unifying framework for privacy definitions. 889-900 - Miguel E. Andrés, Nicolás Emilio Bordenabe, Konstantinos Chatzikokolakis, Catuscia Palamidessi
Geo-indistinguishability: differential privacy for location-based systems. 901-914
Session 8-C: be aware & beware
- Tamara Denning, Adam Lerner, Adam Shostack, Tadayoshi Kohno:
Control-Alt-Hack: the design and evaluation of a card game for computer security awareness and education. 915-928 - Michael Weiner, Maurice Massar, Erik Tews, Dennis Giese, Wolfgang Wieser:
Security analysis of a widely deployed locking system. 929-940
Keynote
- Mikko Hypponen:
The cyber arms race. 941-942
Session 9-A: crypto tools
- Aggelos Kiayias, Qiang Tang:
How to keep a secret: leakage deterring public-key cryptosystems. 943-954 - Marek Jawurek, Florian Kerschbaum, Claudio Orlandi
Zero-knowledge using garbled circuits: how to prove non-algebraic statements efficiently. 955-966 - Daniel J. Bernstein, Mike Hamburg, Anna Krasnova, Tanja Lange:
Elligator: elliptic-curve points indistinguishable from uniform random strings. 967-980
Session 9-B: audit & code randomization
- Antonis Papadogiannakis, Laertis Loutsis, Vassilis Papaefstathiou, Sotiris Ioannidis:
ASIST: architectural support for instruction set randomization. 981-992 - Andrei Homescu, Stefan Brunthaler
Librando: transparent code randomization for just-in-time compilers. 993-1004 - Kyu Hyung Lee, Xiangyu Zhang, Dongyan Xu:
LogGC: garbage collecting audit log. 1005-1016
Session 9-C: mobile privacy
- Xiao-yong Zhou, Soteris Demetriou
Identity, location, disease and more: inferring your secrets from android public resources. 1017-1028 - Adwait Nadkarni, William Enck:
Preventing accidental data disclosure in modern operating systems. 1029-1042 - Zhemin Yang, Min Yang, Yuan Zhang, Guofei Gu, Peng Ning, Xiaoyang Sean Wang:
AppIntent: analyzing sensitive data transmission in android for privacy leakage detection. 1043-1054
Session 10-A: graphics, vision & security
- Robert Kotcher, Yutong Pei, Pranjal Jumde, Collin Jackson:
Cross-origin pixel stealing: timing attacks using CSS filters. 1055-1062 - Yi Xu, Jared Heinly, Andrew M. White, Fabian Monrose, Jan-Michael Frahm:
Seeing double: reconstructing obscured typed input from repeated compromising reflections. 1063-1074 - Haichang Gao, Wei Wang, Jiao Qi, Xuqin Wang, Xiyang Liu, Jeff Yan:
The robustness of hollow CAPTCHAs. 1075-1086
Session 10-B: authentication
- Foteini Baldimtsi, Anna Lysyanskaya:
Anonymous credentials light. 1087-1098 - Masoud Rostami, Ari Juels, Farinaz Koushanfar
Heart-to-heart (H2H): authentication for implanted medical devices. 1099-1112 - Andrew Chi-Chih Yao, Yunlei Zhao:
OAKE: a new family of implicitly authenticated diffie-hellman protocols. 1113-1128
Session 10-C: privacy issues
- Gunes Acar, Marc Juarez
FPDetective: dusting the web for fingerprinters. 1129-1140 - Mathias Humbert, Erman Ayday, Jean-Pierre Hubaux, Amalio Telenti:
Addressing the concerns of the lacks family: quantification of kin genomic privacy. 1141-1152 - David Isaac Wolinsky, Ewa Syta
Hang with your buddies to resist intersection attacks. 1153-1166
Session 11-A: web and code security
- Alexander Moshchuk, Helen J. Wang, Yunxin Liu:
Content-based isolation: rethinking isolation policy design on client systems. 1167-1180 - Sooel Son
Diglossia: detecting code injection attacks with precision and efficiency. 1181-1192 - Sebastian Lekies, Ben Stock
25 million flows later: large-scale detection of DOM-based XSS. 1193-1204 - Adam Doupé, Weidong Cui, Mariusz H. Jakubowski, Marcus Peinado, Christopher Kruegel, Giovanni Vigna:
deDacota: toward preventing server-side XSS via automatic code and data separation. 1205-1216
Session 11-B: crypto symbolic analysis
- José Bacelar Almeida
Certified computer-aided cryptography: efficient provably secure machine code from high-level implementations. 1217-1230 - Gergei Bana, Koji Hasebe, Mitsuhiro Okada:
Computationally complete symbolic attacker and key exchange. 1231-1246 - Gilles Barthe
Fully automated analysis of padding-based encryption in the computational model. 1247-1260 - Florian Böhl, Véronique Cortier, Bogdan Warinschi:
Deduction soundness: prove one, get five for free. 1261-1272
Session 11-C: security/cryptographic utilities
- Kelsey Cairns, Thoshitha T. Gamage, Carl Hauser:
Efficient targeted key subset retrieval in fractal hash sequences. 1273-1284 - Sumeet Bajaj, Radu Sion:
HIFS: history independence for file systems. 1285-1296 - Shruti Tople, Shweta Shinde
AUTOCRYPT: enabling homomorphic computation on servers to protect sensitive web content. 1297-1310 - Xinshu Dong, Zhaofeng Chen, Hossein Siadati
Protecting sensitive web content from client-side vulnerabilities with CRYPTONS. 1311-1324
Demonstration presentations
- Florian Kerschbaum, Patrick Grofig, Isabelle Hang, Martin Härterich, Mathias Kohler, Andreas Schaad, Axel Schröpfer, Walter Tighzert:
Adjustably encrypted in-memory column-store. 1325-1328 - Xihui Chen, Carlo Harpes, Gabriele Lenzini, Miguel Martins, Sjouke Mauw
Demonstrating a trust framework for evaluating GNSS signal integrity. 1329-1332 - Anthony Van Herrewege, André Schaller, Stefan Katzenbeisser, Ingrid Verbauwhede
Inherent PUFs and secure PRNGs on commercial off-the-shelf microcontrollers. 1333-1336 - Prabhakaran Kasinathan, Gianfranco Costamagna, Hussein Khaleel, Claudio Pastrone
An IDS framework for internet of things empowered by 6LoWPAN. 1337-1340 - Raphael M. Reischuk, Florian Schröder, Johannes Gehrke:
Secure and customizable web development in the safe activation framework. 1341-1344 - Yury Zhauniarovich, Olga Gadyatskaya, Bruno Crispo:
Enabling trusted stores for android. 1345-1348 - Enrique Argones-Rúa, Francisco Javier García Salomón, Luis Pérez-Freire:
Gradiant asymmetric encryption and verification systems based on handwritten signature. 1349-1350 - Manish Shukla, Purushotam G. Radadia, Shirish Karande, Sachin Lodha:
On the real-time masking of the sound of credit cards using hot patching. 1351-1354
Poster presentations
- Stephan Neuhaus, Gabriela Gheorghe:
Critique of the CISSP common body of knowledge of cryptography. 1355-1358 - Gabriela Gheorghe, Stephan Neuhaus:
Preserving privacy and accountability for personal devices. 1359-1362 - Michael Brenner, Matthew Smith:
Caching oblivious memory access: an extension to the HCRYPT virtual machine. 1363-1366 - Leon Reznik
Data quality evaluation: integrating security and accuracy. 1367-1370 - Cuong Xuan Nguyen, Hung-Hsuan Huang, Kyoji Kawagoe:
Graphical password using object-based image ranking. 1371-1374 - Hao Zhang
A semantic-aware approach to reasoning about network traffic relations. 1375-1378 - Eitan Menahem, Asaf Shabtai, Adi Levhar:
Detecting malware through temporal function-based features. 1379-1382 - Sebastian Biedermann, Stefan Katzenbeisser:
Event-based isolation of critical data in the cloud. 1383-1386 - Sheharbano Khattak, Zaafar Ahmed, Affan A. Syed, Syed Ali Khayam:
BotFlex: a community-driven tool for botnetdetection. 1387-1390 - Jeton Bacaj, Leon Reznik
Signal anomaly based attack detection in wireless sensor networks. 1391-1394 - Martin Schramm, Karl Leidl, Andreas Grzemba, Nicolai Kuntze:
Enhanced embedded device security by combining hardware-based trust mechanisms. 1395-1398 - Tomer Ashur
On the anonymity of Israel's general elections. 1399-1402 - Orr Dunkelman, Margarita Osadchy, Mahmood Sharif:
Secure authentication from facial attributeswith no privacy loss. 1403-1406 - Bilal Shebaro, Di Jin, Elisa Bertino:
Performance signatures of mobile phone browsers. 1407-1410 - Wenming Zhou, Yuqing Zhang, Xuefeng Liu:
A new framework against privilege escalation attacks on android. 1411-1414 - Meilof Veeningen, Mayla Brusò, Jerry den Hartog, Nicola Zannone
TRIPLEX: verifying data minimisation in communication systems. 1415-1418 - Daniil M. Utin, Roger Khazan, Joshua Kramer, Michael Vai, David Whelihan:
SHAMROCK: self contained cryptography and key management processor. 1419-1420 - Qixu Liu, Yuqing Zhang, Huan Yang:
trend of online flash XSS vulnerabilities. 1421-1424 - Martina Lindorfer, Matthias Neumayr, Juan Caballero, Christian Platzer:
Cross-platform malware: write once, infect everywhere. 1425-1428 - Anthony Roberts, Richard McClatchey
Introducing pathogen: a real-time virtualmachine introspection framework. 1429-1432 - Giang T. K. Nguyen, Xun Gong, Anupam Das, Nikita Borisov:
PnP: improving web browsing performance over tor using web resource prefetch-and-push. 1433-1436 - Dan Li, Chaoge Liu, Xu Cui, Xiang Cui:
Sniffing and propagating malwares through WPAD deception in LANs. 1437-1440 - Ashar Javed:
A footprint of third-party tracking on mobile web. 1441-1444 - Wasim Ahmad Bhat
Dr. Watson provides data for post-breach analysis. 1445-1448 - Martin Husák
Reflected attacks abusing honeypots. 1449-1452 - Benjamin Güldenring, Volker Roth:
TouchCtrl: fine-grained access control for collaborative environments. 1453-1456 - Zhaofeng Chen, Xinshu Dong, Prateek Saxena, Zhenkai Liang
CRYPTSERVER: strong data protection in commodity LAMP servers. 1457-1460 - Tim Ruffing
Identity-based steganography and its applications to censorship resistance. 1461-1464 - Parisa Haghani, Saman A. Zonouz:
Sechduler: a security-aware kernel scheduler. 1465-1468 - Sana Maqsood, Sonia Chiasson, Audrey Girouard:
Passwords on flexible display devices. 1469-1472 - Ayesha Binte Ashfaq, Muhammad Qasim Ali, Ehab Al-Shaer, Syed Ali Khayam:
Revisiting anomaly detection system design philosophy. 1473-1476
Workshop summaries
- Sara Foresti
12th workshop on privacy in the electronic society (WPES 2013). 1477-1478 - Frederik Armknecht
Third international workshop on trustworthy embedded devices (TrustED 2013). 1479-1480 - Arslan Munir
CyCAR'2013: first international academic workshop on security, privacy and dependability for cybervehicles. 1481-1482 - Blaine Nelson, Christos Dimitrakakis
Summary/overview for artificial intelligence and security (AISec'13). 1483-1484 - Martin Franz, Andreas Holzer, Rupak Majumdar, Bryan Parno, Helmut Veith:
The first workshop on language support for privacy-enhancing technologies (PETShop'13). 1485-1486 - Ari Juels, Bryan Parno:
Fifth ACM cloud computing security workshop (CCSW 2013). 1487-1488 - Adrienne Porter Felt, N. Asokan
CCS'13 co-located workshop summary for SPSM 2013. 1489-1490 - Klaus Kursawe, Benessa Defend:
Smart energy grid security workshop (SEGS'13). 1491-1492 - Thomas Groß, Marit Hansen:
Eighth ACM workshop on digital identity management (DIM 2013): identity at the crossroads. 1493-1494
Tutorials
- Christof Paar:
Constructive and destructive aspects of embedded security in the internet of things. 1495-1496 - Jan-Erik Ekberg, Kari Kostiainen, N. Asokan
Trusted execution environments on mobile devices. 1497-1498 - Eric Bodden
Easily instrumenting android applications for security purposes. 1499-1502
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
last updated on 2024-11-22 19:30 CET by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint
dblp was originally created in 1993 at:
since 2018, dblp has been operated and maintained by:
the dblp computer science bibliography is funded and supported by: