| 2014 | A security evaluation of AIS automated identification system. Marco Balduzzi, Alessandro Pasta, Kyle Wilhoit |
| 2014 | A taste of tweets: reverse engineering Twitter spammers. Chao Yang, Jialong Zhang, Guofei Gu |
| 2014 | Advanced Wi-Fi attacks using commodity hardware. Mathy Vanhoef, Frank Piessens |
| 2014 | Android security framework: extensible multi-layered access control on Android. Michael Backes, Sven Bugiel, Sebastian Gerling, Philipp von Styp-Rekowsky |
| 2014 | Assisted deletion of related content. Hubert Ritzdorf, Nikolaos Karapanos, Srdjan Capkun |
| 2014 | CPS: beyond usability: applying value sensitive design based methods to investigate domain characteristics for security for implantable cardiac devices. Tamara Denning, Daniel B. Kramer, Batya Friedman, Matthew R. Reynolds, Brian T. Gill, Tadayoshi Kohno |
| 2014 | CPS: driving cyber-physical systems to unsafe operating conditions by timing DoS attacks on sensor signals. Marina Krotofil, Alvaro A. Cárdenas, Bradley Manning, Jason Larsen |
| 2014 | CPS: market analysis of attacks against demand response in the smart grid. Carlos A. Barreto, Alvaro A. Cárdenas, Nicanor Quijano, Eduardo Mojica-Nava |
| 2014 | Centrality metrics of importance in access behaviors and malware detections. Weixuan Mao, Zhongmin Cai, Xiaohong Guan, Don Towsley |
| 2014 | Challenges and implications of verifiable builds for security-critical open-source software. Xavier de Carné de Carnavalet, Mohammad Mannan |
| 2014 | Cloud radar: near real-time detection of security failures in dynamic virtualized infrastructures. Sören Bleikertz, Carsten Vogel, Thomas Groß |
| 2014 | DNS authentication as a service: preventing amplification attacks. Amir Herzberg, Haya Schulmann |
| 2014 | Design and implementation of an Android host-based intrusion prevention system. Mingshen Sun, Min Zheng, John C. S. Lui, Xuxian Jiang |
| 2014 | Differentially private data aggregation with optimal utility. Fabienne Eigner, Matteo Maffei, Ivan Pryvalov, Francesca Pampaloni, Aniket Kate |
| 2014 | Exploring and mitigating privacy threats of HTML5 geolocation API. Hyungsub Kim, Sangho Lee, Jong Kim |
| 2014 | Hot-hardening: getting more out of your security settings. Sebastian Biedermann, Stefan Katzenbeisser, Jakub Szefer |
| 2014 | ICE: a passive, high-speed, state-continuity scheme. Raoul Strackx, Bart Jacobs, Frank Piessens |
| 2014 | IMSI-catch me if you can: IMSI-catcher-catchers. Adrian Dabrowski, Nicola Pianta, Thomas Klepp, Martin Mulazzani, Edgar R. Weippl |
| 2014 | IntFlow: improving the accuracy of arithmetic error detection using information flow tracking. Marios Pomonis, Theofilos Petsios, Kangkook Jee, Michalis Polychronakis, Angelos D. Keromytis |
| 2014 | Interrupt-oriented bugdoor programming: a minimalist approach to bugdooring embedded systems firmware. Samuel Junjie Tan, Sergey Bratus, Travis Goodspeed |
| 2014 | It's the psychology stupid: how heuristics explain software vulnerabilities and how priming can illuminate developer's blind spots. Daniela Oliveira, Marissa Rosenthal, Nicole Morin, Kuo-Chuan (Martin) Yeh, Justin Cappos, Yanyan Zhuang |
| 2014 | JShield: towards real-time and vulnerability-based detection of polluted drive-by download attacks. Yinzhi Cao, Xiang Pan, Yan Chen, Jianwei Zhuge |
| 2014 | Less is more: cipher-suite negotiation for DNSSEC. Amir Herzberg, Haya Schulmann, Bruno Crispo |
| 2014 | Leveraging semantic signatures for bug search in binary programs. Jannik Pewny, Felix Schuster, Lukas Bernhard, Thorsten Holz, Christian Rossow |
| 2014 | Lightweight authentication of freshness in outsourced key-value stores. Yuzhe Richard Tang, Ting Wang, Ling Liu, Xin Hu, Jiyong Jang |
| 2014 | MACE: high-coverage and robust memory analysis for commodity operating systems. Qian Feng, Aravind Prakash, Heng Yin, Zhiqiang Lin |
| 2014 | MoRePriv: mobile OS support for application personalization and privacy. Drew Davidson, Matt Fredrikson, Benjamin Livshits |
| 2014 | Morpheus: automatically generating heuristics to detect Android emulators. Yiming Jing, Ziming Zhao, Gail-Joon Ahn, Hongxin Hu |
| 2014 | Network dialog minimization and network dialog diffing: two novel primitives for network security applications. M. Zubair Rafique, Juan Caballero, Christophe Huygens, Wouter Joosen |
| 2014 | New models of cache architectures characterizing information leakage from cache side channels. Tianwei Zhang, Ruby B. Lee |
| 2014 | NodeSentry: least-privilege library integration for server-side JavaScript. Willem De Groef, Fabio Massacci, Frank Piessens |
| 2014 | OSPF vulnerability to persistent poisoning attacks: a systematic analysis. Gabi Nakibly, Adi Sosnovich, Eitan Menahem, Ariel Waizel, Yuval Elovici |
| 2014 | On the privacy provisions of Bloom filters in lightweight bitcoin clients. Arthur Gervais, Srdjan Capkun, Ghassan O. Karame, Damian Gruber |
| 2014 | Proceedings of the 30th Annual Computer Security Applications Conference, ACSAC 2014, New Orleans, LA, USA, December 8-12, 2014 Charles N. Payne Jr., Adam Hahn, Kevin R. B. Butler, Micah Sherr |
| 2014 | Relation extraction for inferring access control rules from natural language artifacts. John Slankas, Xusheng Xiao, Laurie A. Williams, Tao Xie |
| 2014 | SEER: practical memory virus scanning as a service. Jason Gionta, Ahmed M. Azab, William Enck, Peng Ning, Xiaolan Zhang |
| 2014 | Scalability, fidelity and stealth in the DRAKVUF dynamic malware analysis system. Tamas K. Lengyel, Steve Maresca, Bryan D. Payne, George D. Webster, Sebastian Vogl, Aggelos Kiayias |
| 2014 | Scippa: system-centric IPC provenance on Android. Michael Backes, Sven Bugiel, Sebastian Gerling |
| 2014 | Spam ain't as diverse as it seems: throttling OSN spam with templates underneath. Hongyu Gao, Yi Yang, Kai Bu, Yan Chen, Doug Downey, Kathy Lee, Alok N. Choudhary |
| 2014 | Taking two-factor to the next level: protecting online poker, banking, healthcare and other applications. Aviel D. Rubin |
| 2014 | Through the eye of the PLC: semantic security monitoring for industrial processes. Dina Hadziosmanovic, Robin Sommer, Emmanuele Zambon, Pieter H. Hartel |
| 2014 | Towards a scalable resource-driven approach for detecting repackaged Android applications. Yuru Shao, Xiapu Luo, Chenxiong Qian, Pengfei Zhu, Lei Zhang |
| 2014 | Towards automated integrity protection of C++ virtual function tables in binary programs. Robert Gawlik, Thorsten Holz |
| 2014 | TroGuard: context-aware protection against web-based socially engineered trojans. Rui Han, Alejandro Mesa, Mihai Christodorescu, Saman A. Zonouz |
| 2014 | TrueClick: automatically distinguishing trick banners from genuine download links. Sevtap Duman, Kaan Onarlioglu, Ali Osman Ulusoy, William K. Robertson, Engin Kirda |
| 2014 | Uncovering network tarpits with degreaser. Lance Alt, Robert Beverly, Alberto Dainotti |
| 2014 | Understanding visual perceptions of usability and security of Android's graphical password pattern. Adam J. Aviv, Dane Fichter |
| 2014 | Using automatic speech recognition for attacking acoustic CAPTCHAs: the trade-off between usability and security. Hendrik Meutzner, Viet-Hung Nguyen, Thorsten Holz, Dorothea Kolossa |
| 2014 | Whitewash: outsourcing garbled circuit generation for mobile devices. Henry Carter, Charles Lever, Patrick Traynor |