default search action
40th SP 2019: San Francisco, CA, USA
- 2019 IEEE Symposium on Security and Privacy, SP 2019, San Francisco, CA, USA, May 19-23, 2019. IEEE 2019, ISBN 978-1-5386-6660-9
Session 1: Hardware Security
- Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom
:
Spectre Attacks: Exploiting Speculative Execution. 1-19 - Sanjeev Das, Jan Werner, Manos Antonakakis, Michalis Polychronakis, Fabian Monrose:
SoK: The Challenges, Pitfalls, and Perils of Using Hardware Performance Counters for Security. 20-38 - Pepe Vila, Boris Köpf, José F. Morales
Theory and Practice of Finding Eviction Sets. 39-54 - Lucian Cojocar
Exploiting Correcting Codes: On the Effectiveness of ECC Memory Against Rowhammer Attacks. 55-71 - Carlo Meijer, Bernard van Gastel:
Self-Encrypting Deception: Weaknesses in the Encryption of Solid State Drives. 72-87 - Stephan van Schaik
RIDL: Rogue In-Flight Data Load. 88-105
Session 2: Blockchain & Cryptocurrency
- Stefan Dziembowski
Perun: Virtual Payment Hubs over Cryptocurrencies. 106-123 - Dominic Deuber
Redactable Blockchain in the Permissionless Setting. 124-138 - Peter Gazi, Aggelos Kiayias, Dionysis Zindros:
Proof-of-Stake Sidechains. 139-156 - Thomas Kerber, Aggelos Kiayias, Markulf Kohlweiss
Ouroboros Crypsinous: Privacy-Preserving Proof-of-Stake. 157-174 - Ren Zhang
Lay Down the Common Metrics: Evaluating Proof-of-Work Consensus Protocols' Security. 175-192 - Alexei Zamyatin, Dominik Harz, Joshua Lind, Panayiotis Panayiotou, Arthur Gervais, William J. Knottenbelt:
XCLAIM: Trustless, Interoperable, Cryptocurrency-Backed Assets. 193-210
Session 3: Web Security
- Emily Stark, Ryan Sleevi, Rijad Muminovic, Devon O'Brien, Eran Messeri, Adrienne Porter Felt, Brendan McMillion, Parisa Tabriz:
Does Certificate Transparency Break the Web? Measuring Adoption and Error Rate. 211-226 - Dolière Francis Somé
EmPoWeb: Empowering Web Applications with Browser Extensions. 227-245 - Katharina Krombholz, Karoline Busse
"If HTTPS Were Secure, I Wouldn't Need 2FA" - End User and Administrator Mental Models of HTTPS. 246-263 - Saba Eskandarian, Jonathan Cogan, Sawyer Birnbaum, Peh Chang Wei Brandon, Dillon Franke, Forest Fraser, Gaspar Garcia Jr., Eric Gong, Hung T. Nguyen, Taresh K. Sethi, Vishal Subbiah, Michael Backes, Giancarlo Pellegrino, Dan Boneh:
Fidelius: Protecting User Secrets from Compromised Browsers. 264-280 - Stefano Calzavara
Postcards from the Post-HTTP World: Amplification of HTTPS Vulnerabilities in the Web Ecosystem. 281-298
Session 4: Privacy
- Roger Iyengar, Joseph P. Near, Dawn Song, Om Thakkar, Abhradeep Thakurta, Lun Wang:
Towards Practical Differentially Private Convex Optimization. 299-316 - Qingqing Ye, Haibo Hu, Xiaofeng Meng, Huadi Zheng
PrivKV: Key-Value Data Collection with Local Differential Privacy. 317-331 - Lei Yu
Differentially Private Model Publishing for Deep Learning. 332-349 - Pern Hui Chia, Damien Desfontaines, Irippuge Milinda Perera, Daniel Simmons-Marengo, Chao Li, Wei-Yen Day, Qiushi Wang, Miguel Guevara:
KHyperLogLog: Estimating Reidentifiability and Joinability of Large Data at Scale. 350-364 - Hang Hu, Peng Peng, Gang Wang:
Characterizing Pixel Tracking through the Lens of Disposable Email Services. 365-379
Session 6: Protocols and Authentication
- Enze Liu
Reasoning Analytically about Password-Cracking Software. 380-397 - Emma Dauterman, Henry Corrigan-Gibbs, David Mazières, Dan Boneh, Dominic Rizzo:
True2F: Backdoor-Resistant Authentication Tokens. 398-416 - Bijeeta Pal, Tal Daniel, Rahul Chatterjee, Thomas Ristenpart:
Beyond Credential Stuffing: Password Similarity Models Using Neural Networks. 417-434 - Eyal Ronen, Robert Gillham, Daniel Genkin, Adi Shamir, David Wong, Yuval Yarom
The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations. 435-452 - Daniel Fett, Pedram Hosseyni, Ralf Küsters:
An Extensive Formal Security Analysis of the OpenID Financial-Grade API. 453-471
Session 5: Program Analysis
- Steven H. H. Ding, Benjamin C. M. Fung, Philippe Charland:
Asm2Vec: Boosting Static Representation Robustness for Binary Clone Search against Code Obfuscation and Compiler Optimization. 472-489 - Subarno Banerjee
Iodine: Fast Dynamic Taint Tracking Using Rollback-free Optimistic Hybrid Analysis. 490-504 - Robert Brotzman, Shen Liu
CaSym: Cache Aware Symbolic Execution for Side Channel Detection and Mitigation. 505-521 - Mu Zhang
Towards Automated Safety Vetting of PLC Code in Real-World Plants. 522-538 - Zhen Huang
Using Safety Properties to Generate Vulnerability Patches. 539-554
Session 7: Mobile and Location Security
- Duc Cuong Nguyen, Erik Derr, Michael Backes, Sven Bugiel:
Short Text, Large Effect: Measuring the Impact of User Reviews on Android App Security & Privacy. 555-569 - Yi Chen, Mingming Zha, Nan Zhang, Dandan Xu, Qianqian Zhao, Xuan Feng, Kan Yuan, Fnu Suya
Demystifying Hidden Privacy Settings in Mobile Apps. 570-586 - Sashank Narain, Aanjhan Ranganathan
Security of GPS/INS Based On-road Location Tracking Systems. 587-601 - Zhenyu Ning, Fengwei Zhang:
Understanding the Security of ARM Debugging Features. 602-619 - Seita Maruyama, Satohiro Wakabayashi, Tatsuya Mori
Tap 'n Ghost: A Compilation of Novel Attack Techniques against Smartphone Touchscreens. 620-637 - Jiexin Zhang, Alastair R. Beresford, Ian Sheret:
SensorID: Sensor Calibration Fingerprinting for Smartphones. 638-655
Session 8: Machine Learning
- Mathias Lécuyer, Vaggelis Atlidakis, Roxana Geambasu, Daniel Hsu, Suman Jana:
Certified Robustness to Adversarial Examples with Differential Privacy. 656-672 - Xiang Ling, Shouling Ji, Jiaxu Zou, Jiannan Wang
DEEPSEC: A Uniform Platform for Security Analysis of Deep Learning Model. 673-690 - Luca Melis, Congzheng Song, Emiliano De Cristofaro, Vitaly Shmatikov:
Exploiting Unintended Feature Leakage in Collaborative Learning. 691-706 - Bolun Wang, Yuanshun Yao, Shawn Shan, Huiying Li, Bimal Viswanath, Haitao Zheng, Ben Y. Zhao:
Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks. 707-723 - Wenting Zheng, Raluca Ada Popa, Joseph E. Gonzalez
Helen: Maliciously Secure Coopetitive Learning for Linear Models. 724-738 - Milad Nasr, Reza Shokri
Comprehensive Privacy Analysis of Deep Learning: Passive and Active White-box Inference Attacks against Centralized and Federated Learning. 739-753
Session 9: Fuzzing
- Dae R. Jeong, Kyungtae Kim, Basavesh Shivakumar, Byoungyoung Lee, Insik Shin:
Razzer: Finding Kernel Race Bugs through Fuzzing. 754-768 - Wei You, Xueqiang Wang
ProFuzzer: On-the-fly Input Type Probing for Better Zero-Day Vulnerability Discovery. 769-786 - Stefan Nagy
Full-Speed Fuzzing: Reducing Fuzzing Overhead through Coverage-Guided Tracing. 787-802 - Dongdong She, Kexin Pei, Dave Epstein, Junfeng Yang, Baishakhi Ray, Suman Jana:
NEUZZ: Efficient Fuzzing with Neural Program Smoothing. 803-817 - Wen Xu, Hyungon Moon, Sanidhya Kashyap, Po-Ning Tseng, Taesoo Kim:
Fuzzing File Systems via Two-Dimensional Input Space Exploration. 818-834
Session 10: Side Channels and Data Leakage
- Giovanni Cherubin, Konstantinos Chatzikokolakis, Catuscia Palamidessi
F-BLEAU: Fast Black-Box Leakage Estimation. 835-852 - Daniel Genkin, Mihir Pattani, Roei Schuster, Eran Tromer:
Synesthesia: Detecting Screen Content via Remote Acoustic Side Channels. 853-869 - Alejandro Cabrera Aldaya
Port Contention for Fun and Profit. 870-887 - Mengjia Yan
Attack Directories, Not Caches: Side Channel Attacks in a Non-Inclusive World. 888-904 - Andrew Kwong, Wenyuan Xu, Kevin Fu:
Hard Drive of Hearing: Disks that Eavesdrop with a Synthesized Microphone. 905-919
Session 11: Systems and Applied Security
- Elissa M. Redmiles:
"Should I Worry?" A Cross-Cultural Examination of Account Security Incident Response. 920-934 - Yujin Kwon, Hyoungshick Kim, Jinwoo Shin, Yongdae Kim
Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash? 935-951 - Kan Yuan, Di Tang, Xiaojing Liao, XiaoFeng Wang, Xuan Feng, Yi Chen, Menghan Sun, Haoran Lu, Kehuan Zhang:
Stealthy Porn: Understanding Real-World Adversarial Images for Illicit Online Promotion. 952-966 - Dave Jing Tian, Grant Hernandez, Joseph I. Choi, Vanessa Frost, Peter C. Johnson, Kevin R. B. Butler
LBM: A Security Framework for Peripherals within the Linux Kernel. 967-984 - Nathan Burow, Xinping Zhang, Mathias Payer:
SoK: Shining Light on Shadow Stacks. 985-999 - Nolen Scaife
Kiss from a Rogue: Evaluating Detectability of Pay-at-the-Pump Card Skimmers. 1000-1014
Session 12: Cryptography & Encrypted Data
- Liang Wang, Gilad Asharov
Blind Certificate Authorities. 1015-1032 - Evgenios M. Kornaropoulos
Data Recovery on Encrypted Databases with k-Nearest Neighbor Query Leakage. 1033-1050 - Jack Doerner, Yashvanth Kondi, Eysa Lee, Abhi Shelat:
Threshold ECDSA from ECDSA Assumptions: The Multiparty Case. 1051-1066 - Paul Grubbs, Marie-Sarah Lacharité, Brice Minaud, Kenneth G. Paterson:
Learning to Reconstruct: Statistical Learning Theory and Encrypted Database Attacks. 1067-1083 - Manu Drijvers, Kasra Edalatnejad, Bryan Ford
On the Security of Two-Round Multi-Signatures. 1084-1101 - Ivan Damgård, Daniel Escudero, Tore Kasper Frederiksen, Marcel Keller
New Primitives for Actively-Secure MPC over Rings with Applications to Private Machine Learning. 1102-1120
Session 13: Network Security
- David Rupprecht, Katharina Kohls, Thorsten Holz, Christina Pöpper
Breaking LTE on Layer Two. 1121-1136 - Sadegh Momeni Milajerdi, Rigel Gjomemo, Birhanu Eshete
HOLMES: Real-Time APT Detection through Correlation of Suspicious Information Flows. 1137-1152 - Hongil Kim, Jiho Lee, Eunkyu Lee, Yongdae Kim
Touching the Untouchables: Dynamic Security Analysis of the LTE Control Plane. 1153-1168 - Muoi Tran, Min Suk Kang, Hsu-Chun Hsiao, Wei-Hsuan Chiang, Shu-Po Tung, Yu-Su Wang:
On the Feasibility of Rerouting-Based DDoS Defenses. 1169-1184 - Xianghang Mi
Resident Evil: Understanding Residential IP Proxy as a Dark Service. 1185-1201
Session 14: Program Languages
- Andres Erbsen, Jade Philipoom, Jason Gross, Robert Sloan, Adam Chlipala:
Simple High-Level Code for Cryptographic Arithmetic - With Proofs, Without Compromises. 1202-1219 - Marcella Hastings, Brett Hemenway, Daniel Noble, Steve Zdancewic:
SoK: General Purpose Compilers for Secure Multi-Party Computation. 1220-1237 - Craig Disselkoen, Radha Jagadeesan, Alan Jeffrey, James Riely
The Code That Never Ran: Modeling Attacks on Speculative Evaluation. 1238-1255 - Jonathan Protzenko, Benjamin Beurdouche, Denis Merigoux
Formally Verified Cryptographic Web Applications in WebAssembly. 1256-1274 - Dokyung Song
SoK: Sanitizing for Security. 1275-1295
Session 15: Web and Cloud Security
- Chaoshun Zuo, Zhiqiang Lin, Yinqian Zhang:
Why Does Your Data Leak? Uncovering the Data Leakage in Cloud from Mobile Apps. 1296-1310 - Matthew Joslin, Neng Li, Shuang Hao, Minhui Xue
Measuring and Analyzing Search Engine Poisoning of Linguistic Collisions. 1311-1325 - Elissa M. Redmiles, Sean Kross, Michelle L. Mazurek:
How Well Do My Results Generalize? Comparing Security and Privacy Survey Results from MTurk, Web, and Telephone Samples. 1326-1343 - Adam Oest, Yeganeh Safaei, Adam Doupé, Gail-Joon Ahn
PhishFarm: A Scalable Framework for Measuring the Effectiveness of Evasion Techniques against Browser Phishing Blacklists. 1344-1361
Session 16: IoT Security
- Omar Alrawi, Chaz Lever, Manos Antonakakis, Fabian Monrose:
SoK: Security Evaluation of Home-Based IoT Deployments. 1362-1380 - Nan Zhang, Xianghang Mi
Dangerous Skills: Understanding and Mitigating Security Risks of Voice-Controlled Third-Party Functions on Virtual Personal Assistant Systems. 1381-1396 - Ben Nassi, Raz Ben-Netanel, Adi Shamir, Yuval Elovici:
Drones' Cryptanalysis - Smashing Cryptography with a Flicker. 1397-1414 - Meng Xu, Manuel Huber, Zhichuang Sun, Paul England, Marcus Peinado, Sangho Lee, Andrey Marochko, Dennis Mattoon, Rob Spiger, Stefan Thom:
Dominance as a New Trusted Computing Primitive for the Internet of Things. 1415-1430
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
last updated on 2024-11-18 20:32 CET by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint
dblp was originally created in 1993 at:
since 2018, dblp has been operated and maintained by:
the dblp computer science bibliography is funded and supported by: