default search action
26th USENIX Security Symposium 2017: Vancouver, BC, Canada
- Engin Kirda, Thomas Ristenpart:
26th USENIX Security Symposium, USENIX Security 2017, Vancouver, BC, Canada, August 16-18, 2017. USENIX Association 2017
Bug Finding I
- Pengfei Wang, Jens Krinke, Kai Lu, Gen Li, Steve Dodier-Lazaro:
How Double-Fetch Situations turn into Double-Fetch Vulnerabilities: A Study of Double Fetches in the Linux Kernel. 1-16 - Jun Xu, Dongliang Mu, Xinyu Xing, Peng Liu, Ping Chen, Bing Mao:
Postmortem Program Analysis with Hardware-Enhanced Post-Crash Artifacts. 17-32 - Zhenyu Ning, Fengwei Zhang:
Ninja: Towards Transparent Tracing and Debugging on ARM. 33-49
Side-Channel Attacks I
- Craig Disselkoen, David Kohlbrenner, Leo Porter, Dean M. Tullsen:
Prime+Abort: A Timer-Free High-Precision L3 Cache Attack using Intel TSX. 51-67 - David Kohlbrenner, Hovav Shacham:
On the effectiveness of mitigations against floating-point timing channels. 69-81 - Cesar Pereida García, Billy Bob Brumley:
Constant-Time Callees with Variable-Time Callers. 83-98
Systems Security I
- Zheng Leong Chua, Shiqi Shen, Prateek Saxena, Zhenkai Liang:
Neural Nets Can Learn Function Type Signatures From Binaries. 99-116 - Ferdinand Brasser, Lucas Davi, David Gens, Christopher Liebchen, Ahmad-Reza Sadeghi:
CAn't Touch This: Software-only Mitigation against Rowhammer Attacks targeting Kernel Memory. 117-130 - Ren Ding, Chenxiong Qian, Chengyu Song, William Harris, Taesoo Kim, Wenke Lee:
Efficient Protection of Path-Sensitive Control Security. 131-148
Bug Finding II
- Jianfeng Pan, Guanglu Yan, Xiaocao Fan:
Digtool: A Virtualization-Based Framework for Detecting Kernel Vulnerabilities. 149-165 - Sergej Schumilo, Cornelius Aschermann, Robert Gawlik, Sebastian Schinzel, Thorsten Holz:
kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels. 167-182 - Priyam Biswas, Alessandro Di Federico, Scott A. Carr, Prabhu Rajasekaran, Stijn Volckaert, Yeoul Na, Michael Franz, Mathias Payer:
Venerable Variadic Vulnerabilities Vanquished. 186-198
Side-Channel Countermeasures
- David McCann, Elisabeth Oswald, Carolyn Whitnall:
Towards Practical Tools for Side Channel Aware Software Engineering: 'Grey Box' Modelling for Instruction Leakages. 199-216 - Daniel Gruss, Julian Lettner, Felix Schuster, Olga Ohrimenko
, István Haller, Manuel Costa:
Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory. 217-233 - Shuai Wang, Pei Wang, Xiao Liu, Danfeng Zhang, Dinghao Wu:
CacheD: Identifying Cache-Based Timing Channels in Production Software. 235-252
Malware and Binary Analysis
- Jiang Ming, Dongpeng Xu
BinSim: Trace-based Semantic Binary Diffing via System Call Sliced Segment Equivalence Checking. 253-270 - Meng Xu, Taesoo Kim:
PlatPal: Detecting Malicious Documents with Platform Diversity. 271-287 - Lei Xue, Yajin Zhou, Ting Chen, Xiapu Luo, Guofei Gu:
Malton: Towards On-Device Non-Invasive Mobile Malware Analysis for ART. 289-306
Censorship
- Paul Pearce, Ben Jones, Frank Li, Roya Ensafi, Nick Feamster, Nicholas Weaver, Vern Paxson:
Global Measurement of DNS Manipulation. 307-323 - Rachee Singh, Rishab Nithyanand, Sadia Afroz, Paul Pearce, Michael Carl Tschantz, Phillipa Gill, Vern Paxson:
Characterizing the Nature and Dynamics of Tor Exit Blocking. 325-341 - Zhihao Li, Stephen Herwig, Dave Levin:
DeTor: Provably Avoiding Geographic Regions in Tor. 343-359
Embedded Systems
- Yuan Tian, Nan Zhang, Yue-Hsun Lin, XiaoFeng Wang, Blase Ur, Xianzheng Guo, Patrick Tague:
SmartAuth: User-Centered Authorization for the Internet of Things. 361-378 - Giuseppe Petracca, Ahmad Atamli-Reineh, Yuqiong Sun, Jens Grossklags, Trent Jaeger:
AWare: Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings. 379-396 - Amit Kumar Sikder, Hidayet Aksu, A. Selcuk Uluagac:
6thSense: A Context-aware Sensor-based Attack Detector for Smart Devices. 397-414
Networking Security
- Samuel Jero, William Koch, Richard Skowyra, Hamed Okhravi, Cristina Nita-Rotaru, David Bigelow:
Identifier Binding Attacks and Defenses in Software-Defined Networks. 415-432 - Nirnimesh Ghose, Loukas Lazos, Ming Li:
HELP: Helper-Enabled In-Band Device Pairing Resistant Against Signal Cancellation. 433-450 - Lei Xu, Jeff Huang, Sungmin Hong, Jialong Zhang, Guofei Gu:
Attacking the Brain: Races in the SDN Control Plane. 451-468
Targeted Attacks
- Grant Ho, Aashish Sharma, Mobin Javed, Vern Paxson, David A. Wagner:
Detecting Credential Spearphishing in Enterprise Settings. 469-485 - Md Nahid Hossain, Sadegh M. Milajerdi, Junao Wang, Birhanu Eshete, Rigel Gjomemo, R. Sekar, Scott D. Stoller, V. N. Venkatakrishnan:
SLEUTH: Real-time Attack Scenario Reconstruction from COTS Audit Data. 487-504 - Susan E. McGregor, Elizabeth Anne Watkins, Mahdi Nasrullah Al-Ameen, Kelly Caine, Franziska Roesner:
When the Weakest Link is Strong: Secure Collaboration in the Case of the Panama Papers. 505-522
Trusted Hardware
- Jae-Hyuk Lee, Jin Soo Jang, Yeongjin Jang, Nohyun Kwak, Yeseul Choi, Changho Choi, Taesoo Kim, Marcus Peinado, Brent ByungHoon Kang:
Hacking in Darkness: Return-oriented Programming against Secure Enclaves. 523-539 - Zhichao Hua, Jinyu Gu, Yubin Xia, Haibo Chen, Binyu Zang, Haibing Guan:
vTZ: Virtualizing ARM TrustZone. 541-556 - Sangho Lee, Ming-Wei Shih, Prasun Gera, Taesoo Kim, Hyesoon Kim, Marcus Peinado:
Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing. 557-574
Authentication
- Bradley Reaves, Logan Blue, Hadi Abdullah, Luis Vargas, Patrick Traynor, Thomas Shrimpton:
AuthentiCall: Efficient Identity and Content Authentication for Phone Calls. 575-592 - Xiaolong Bai, Zhe Zhou, XiaoFeng Wang, Zhou Li
Picking Up My Tab: Understanding and Mitigating Synchronized Token Lifting and Spending in Mobile Payment. 593-608 - Mark O'Neill, Scott Heidbrink, Scott Ruoti, Jordan Whitehead, Dan Bunker, Luke Dickinson, Travis Hendershot, Joshua Reynolds, Kent E. Seamons, Daniel Zappala:
TrustBase: An Architecture to Repair and Strengthen Certificate-based Authentication. 609-624
Malware and Obfuscation
- Roberto Jordaney, Kumar Sharad, Santanu Kumar Dash, Zhi Wang, Davide Papini, Ilia Nouretdinov, Lorenzo Cavallaro:
Transcend: Detecting Concept Drift in Malware Classification Models. 625-642 - Tim Blazytko, Moritz Contag, Cornelius Aschermann, Thorsten Holz:
Syntia: Synthesizing the Semantics of Obfuscated Code. 643-659 - Sebastian Banescu, Christian S. Collberg, Alexander Pretschner:
Predicting the Resilience of Obfuscated Code Against Symbolic Execution Attacks via Machine Learning. 661-678
Web Security I
- Iskander Sánchez-Rola, Igor Santos, Davide Balzarotti:
Extension Breakdown: Security Analysis of Browsers Extension Resources Control Policies. 679-694 - Stefano Calzavara, Alvise Rabitti, Michele Bugliesi:
CCSP: Controlled Relaxation of Content Security Policies by Runtime Policy Composition. 695-712 - Jörg Schwenk, Marcus Niemietz, Christian Mainka:
Same-Origin Policy: Evaluation in Modern Browsers. 713-727
Privacy
- Tianhao Wang
Locally Differentially Private Protocols for Frequency Estimation. 729-745 - Brendan Avent, Aleksandra Korolova, David Zeber, Torgeir Hovden, Benjamin Livshits:
BLENDER: Enabling Local Search with a Hybrid Differential Privacy Model. 747-764 - Peter Ney, Karl Koscher, Lee Organick, Luis Ceze, Tadayoshi Kohno:
Computer Security, Privacy, and DNA Sequencing: Compromising Computers with Synthesized DNA, Privacy Leaks, and More. 765-779
Systems Security II
- Nilo Redini, Aravind Machiry, Dipanjan Das, Yanick Fratantonio, Antonio Bianchi, Eric Gustafson, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna:
BootStomp: On the Security of Bootloaders in Mobile Devices. 781-798 - Siqi Zhao, Xuhua Ding, Wen Xu, Dawu Gu:
Seeing Through The Same Lens: Introspecting Guest Address Space At Native Speed. 799-813 - Thurston H. Y. Dang, Petros Maniatis, David A. Wagner:
Oscar: A Practical Page-Permissions-Based Scheme for Thwarting Dangling Pointers. 815-832
Web Security II
- Ian D. Markwood, Dakun Shen, Yao Liu, Zhuo Lu:
PDF Mirage: Content Masking Attack Against Information-Based Online Services. 833-847 - Pepe Vila, Boris Köpf:
Loophole: Timing Attacks on Shared Event Loops in Chrome. 849-864 - Tobias Lauinger, Abdelberi Chaabane, Ahmet Salih Buyukkayhan, Kaan Onarlioglu, William Robertson:
Game of Registrars: An Empirical Analysis of Post-Expiration Domain Name Takeovers. 865-880
Applied Cryptography
- Marc Stevens
Speeding up detection of SHA-1 collision attacks using unavoidable attack conditions. 881-897 - Russell W. F. Lai, Christoph Egger, Dominique Schröder, Sherman S. M. Chow:
Phoenix: Rebirth of a Cryptographic Password-Hardening Service. 899-916 - Barry Bond, Chris Hawblitzel, Manos Kapritsos, K. Rustan M. Leino, Jacob R. Lorch, Bryan Parno, Ashay Rane, Srinath T. V. Setty, Laure Thompson:
Vale: Verifying High-Performance Cryptographic Assembly Code. 917-934
Web Security III
- Angelisa C. Plane, Elissa M. Redmiles, Michelle L. Mazurek, Michael Carl Tschantz:
Exploring User Perceptions of Discrimination in Online Targeted Advertising. 935-951 - Fang Liu, Chun Wang, Andres Pico, Danfeng Yao, Gang Wang:
Measuring the Insecurity of Mobile Deep Links of Android. 953-969 - Ben Stock, Martin Johns, Marius Steffens, Michael Backes:
How the Web Tangled Itself: Uncovering the History of Client-Side Web (In)Security. 971-987
Software Security
- Xiangkun Jia, Chao Zhang, Purui Su, Yi Yang, Huafeng Huang, Dengguo Feng:
Towards Efficient Heap Overflow Discovery. 989-1006 - Aravind Machiry, Chad Spensky, Jake Corina, Nick Stephens, Christopher Kruegel, Giovanni Vigna:
DR. CHECKER: A Soundy Analysis for Linux Kernel Drivers. 1007-1024 - Zhaomo Yang, Brian Johannesmeyer, Anders Trier Olesen, Sorin Lerner, Kirill Levchenko:
Dead Store Elimination (Still) Considered Harmful. 1025-1040
Side-Channel Attacks II
- Jo Van Bulck, Nico Weichbrodt, Rüdiger Kapitza, Frank Piessens, Raoul Strackx:
Telling Your Secrets without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution. 1041-1056 - Adrian Tang, Simha Sethumadhavan, Salvatore J. Stolfo:
CLKSCREW: Exposing the Perils of Security-Oblivious Energy Management. 1057-1074 - Marc Green, Leandro Rodrigues Lima, Andreas Zankl
AutoLock: Why Cache Attacks on ARM Are Harder Than You Think. 1075-1091
Understanding Attacks
- Manos Antonakakis, Tim April, Michael D. Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, Yi Zhou:
Understanding the Mirai Botnet. 1093-1110 - Shiqing Ma, Juan Zhai
MPI: Multiple Perspective Attack Investigation with Semantic Aware Execution Partitioning. 1111-1128 - Ioannis Gasparis, Zhiyun Qian, Chengyu Song, Srikanth V. Krishnamurthy:
Detecting Android Root Exploits by Learning from Root Providers. 1129-1144
Hardware Security
- Yang Su, Daniel Genkin, Damith Chinthana Ranasinghe, Yuval Yarom:
USB Snooping Made Easy: Crosstalk Leakage Attacks on USB Hubs. 1145-1161 - Philipp Koppe, Benjamin Kollenda, Marc Fyrbiak, Christian Kison, Robert Gawlik, Christof Paar, Thorsten Holz:
Reverse Engineering x86 Processor Microcode. 1163-1180 - Christian Bayens, Tuan Le, Luis Garcia, Raheem A. Beyah, Mehdi Javanmard, Saman A. Zonouz:
See No Evil, Hear No Evil, Feel No Evil, Print No Evil? Malicious Fill Patterns Detection in Additive Manufacturing. 1181-1198
Privacy & Anonymity Systems
- Ania M. Piotrowska, Jamie Hayes, Tariq Elahi, Sebastian Meiser, George Danezis:
The Loopix Anonymity System. 1199-1216 - Nikolaos Alexopoulos, Aggelos Kiayias, Riivo Talviste, Thomas Zacharias:
MCMix: Anonymous Messaging via Secure Multiparty Computation. 1217-1234 - Anh Pham, Italo Dacosta, Guillaume Endignoux, Juan Ramón Troncoso-Pastoriza, Kévin Huguenin, Jean-Pierre Hubaux:
ORide: A Privacy-Preserving yet Accountable Ride-Hailing Service. 1235-1252
Software Integrity
- Yue Chen, Yulong Zhang, Zhi Wang, Liangzhao Xia, Chenfu Bao, Tao Wei:
Adaptive Android Kernel Live Patching. 1253-1270 - Kirill Nikitin, Eleftherios Kokoris-Kogias, Philipp Jovanovic, Nicolas Gailly, Linus Gasser, Ismail Khoffi, Justin Cappos, Bryan Ford:
CHAINIAC: Proactive Software-Update Transparency via Collectively Signed Skipchains and Verified Builds. 1271-1287 - Sinisa Matetic, Mansoor Ahmed, Kari Kostiainen, Aritra Dhar, David M. Sommer, Arthur Gervais, Ari Juels, Srdjan Capkun:
ROTE: Rollback Protection for Trusted Execution. 1289-1306
Crypto Deployment
- Taejoong Chung, Roland van Rijswijk-Deij, Balakrishnan Chandrasekaran, David R. Choffnes, Dave Levin, Bruce M. Maggs, Alan Mislove, Christo Wilson:
A Longitudinal, End-to-End View of the DNSSEC Ecosystem. 1307-1322 - Adrienne Porter Felt, Richard Barnes, April King, Chris Palmer, Chris Bentzel, Parisa Tabriz:
Measuring HTTPS Adoption on the Web. 1323-1338 - Katharina Krombholz, Wilfried Mayer, Martin Schmiedecker, Edgar R. Weippl:
"I Have No Idea What I'm Doing" - On the Usability of Deploying HTTPS. 1339-1356
Privacy Attacks & Defense
- Roei Schuster, Vitaly Shmatikov, Eran Tromer:
Beauty and the Burst: Remote Identification of Encrypted Video Streams. 1357-1374 - Tao Wang, Ian Goldberg:
Walkie-Talkie: An Efficient Defense Against Passive Website Fingerprinting Attacks. 1375-1390 - Sebastian Zimmeck, Jie S. Li, Hyungtae Kim, Steven M. Bellovin, Tony Jebara:
A Privacy Analysis of Cross-device Tracking. 1391-1408
Blockchains
- Loi Luu, Yaron Velner, Jason Teutsch, Prateek Saxena:
SmartPool: Practical Decentralized Pooled Mining. 1409-1426 - Fan Zhang, Ittay Eyal, Robert Escriva, Ari Juels, Robbert van Renesse:
REM: Resource-Efficient Mining for Blockchains. 1427-1444
Databases
- Kevin Eykholt, Atul Prakash
Ensuring Authorized Updates in Multi-user Database-Backed Applications. 1445-1462 - Aastha Mehta, Eslam Elnikety, Katura Harvey, Deepak Garg, Peter Druschel:
Qapla: Policy compliance for database-backed systems. 1463-1479
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
last updated on 2024-11-22 19:31 CET by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint
dblp was originally created in 1993 at:
since 2018, dblp has been operated and maintained by:
the dblp computer science bibliography is funded and supported by: