| 2010 | A framework for testing hardware-software security architectures. Jeffrey S. Dwoskin, Mahadevan Gomathisankaran, Yu-Yuan Chen, Ruby B. Lee |
| 2010 | A multi-user steganographic file system on untrusted shared storage. Jin Han, Meng Pan, Debin Gao, HweeHwa Pang |
| 2010 | A quantitative analysis of the insecurity of embedded network devices: results of a wide-area scan. Ang Cui, Salvatore J. Stolfo |
| 2010 | Always up-to-date: scalable offline patching of VM images in a compute cloud. Wu Zhou, Peng Ning, Xiaolan Zhang, Glenn Ammons, Ruowen Wang, Vasanth Bala |
| 2010 | Analyzing and improving Linux kernel memory protection: a model checking approach. Siarhei Liakh, Michael C. Grace, Xuxian Jiang |
| 2010 | Back to Berferd. William R. Cheswick |
| 2010 | Barriers to science in security. Tom Longstaff, David M. Balenson, Mark Matties |
| 2010 | Breaking e-banking CAPTCHAs. Shujun Li, S. Amier Haider Shah, M. Asad Usman Khan, Syed Ali Khayam, Ahmad-Reza Sadeghi, Roland Schmitz |
| 2010 | Comprehensive shellcode detection using runtime heuristics. Michalis Polychronakis, Kostas G. Anagnostakis, Evangelos P. Markatos |
| 2010 | Conficker and beyond: a large-scale empirical study. Seungwon Shin, Guofei Gu |
| 2010 | Cross-layer comprehensive intrusion harm analysis for production workload server systems. Shengzhi Zhang, Xiaoqi Jia, Peng Liu, Jiwu Jing |
| 2010 | Cujo: efficient detection and prevention of drive-by-download attacks. Konrad Rieck, Tammo Krueger, Andreas Dewald |
| 2010 | Defending DSSS-based broadcast communication against insider jammers via delayed seed-disclosure. An Liu, Peng Ning, Huaiyu Dai, Yao Liu, Cliff Wang |
| 2010 | Detecting spammers on social networks. Gianluca Stringhini, Christopher Kruegel, Giovanni Vigna |
| 2010 | Exploiting smart-phone USB connectivity for fun and profit. Zhaohui Wang, Angelos Stavrou |
| 2010 | Exploring usability effects of increasing security in click-based graphical passwords. Elizabeth Stobert, Alain Forget, Sonia Chiasson, Paul C. van Oorschot, Robert Biddle |
| 2010 | FIRM: capability-based inline mediation of Flash behaviors. Zhou Li, Xiaofeng Wang |
| 2010 | Familiarity breeds contempt: the honeymoon effect and the role of legacy code in zero-day vulnerabilities. Sandy Clark, Stefan Frei, Matt Blaze, Jonathan M. Smith |
| 2010 | Fast and practical instruction-set randomization for commodity systems. Georgios Portokalidis, Angelos D. Keromytis |
| 2010 | Forenscope: a framework for live forensics. Ellick Chan, Shivaram Venkataraman, Francis M. David, Amey Chaugule, Roy H. Campbell |
| 2010 | Friends of an enemy: identifying local members of peer-to-peer botnets using mutual contacts. Baris Coskun, Sven Dietrich, Nasir D. Memon |
| 2010 | G-Free: defeating return-oriented programming through gadget-less binaries. Kaan Onarlioglu, Leyla Bilge, Andrea Lanzi, Davide Balzarotti, Engin Kirda |
| 2010 | Hardware assistance for trustworthy systems through 3-D integration. Jonathan Valamehr, Mohit Tiwari, Timothy Sherwood, Ryan Kastner, Ted Huffmire, Cynthia E. Irvine, Timothy E. Levin |
| 2010 | Heap Taichi: exploiting memory allocation granularity in heap-spraying attacks. Yu Ding, Tao Wei, Tielei Wang, Zhenkai Liang, Wei Zou |
| 2010 | Keeping data secret under full compromise using porter devices. Christina Pöpper, David A. Basin, Srdjan Capkun, Cas Cremers |
| 2010 | Kells: a protection framework for portable data. Kevin R. B. Butler, Stephen E. McLaughlin, Patrick D. McDaniel |
| 2010 | Multi-vendor penetration testing in the advanced metering infrastructure. Stephen E. McLaughlin, Dmitry Podkuiko, Sergei Miadzvezhanka, Adam Delozier, Patrick D. McDaniel |
| 2010 | Network intrusion detection: dead or alive? Giovanni Vigna |
| 2010 | Paranoid Android: versatile protection for smartphones. Georgios Portokalidis, Philip Homburg, Kostas Anagnostakis, Herbert Bos |
| 2010 | Porscha: policy oriented secure content handling in Android. Machigar Ongtang, Kevin R. B. Butler, Patrick D. McDaniel |
| 2010 | Quantifying information leaks in software. Jonathan Heusser, Pasquale Malacaria |
| 2010 | SCA-resistant embedded processors: the next generation. Stefan Tillich, Mario Kirschbaum, Alexander Szekely |
| 2010 | SCOBA: source code based attestation on custom software. Liang Gu, Yao Guo, Anbang Ruan, Qingni Shen, Hong Mei |
| 2010 | Securing interactive sessions using mobile device through visual channel and visual inspection. Chengfang Fang, Ee-Chien Chang |
| 2010 | Security analysis of a fingerprint-protected USB drive. Benjamin Rodes, Xunhua Wang |
| 2010 | Spam mitigation using spatio-temporal reputations from blacklist history. Andrew G. West, Adam J. Aviv, Jian Chang, Insup Lee |
| 2010 | T-DRE: a hardware trusted computing base for direct recording electronic vote machines. Roberto Gallo, Henrique Kawakami, Ricardo Dahab, Rafael Azevedo, Saulo Lima, Guido Araujo |
| 2010 | The case for in-the-lab botnet experimentation: creating and taking down a 3000-node botnet. Joan Calvet, Carlton R. Davis, José M. Fernandez, Jean-Yves Marion, Pier-Luc St-Onge, Wadie Guizani, Pierre-Marc Bureau, Anil Somayaji |
| 2010 | Toward worm detection in online social networks. Wei Xu, Fangfang Zhang, Sencun Zhu |
| 2010 | Towards practical anonymous password authentication. Yanjiang Yang, Jianying Zhou, Jun Wen Wong, Feng Bao |
| 2010 | Twenty-Sixth Annual Computer Security Applications Conference, ACSAC 2010, Austin, Texas, USA, 6-10 December 2010 Carrie Gates, Michael Franz, John P. McDermott |
| 2010 | Two methodologies for physical penetration testing using social engineering. Trajce Dimkov, Wolter Pieters, Pieter H. Hartel |
| 2010 | Who is tweeting on Twitter: human, bot, or cyborg? Zi Chu, Steven Gianvecchio, Haining Wang, Sushil Jajodia |