| 2018 | A Heuristic Framework to Detect Concurrency Vulnerabilities. Changming Liu, Deqing Zou, Peng Luo, Bin B. Zhu, Hai Jin |
| 2018 | A Large Scale Investigation of Obfuscation Use in Google Play. Dominik Wermke, Nicolas Huaman, Yasemin Acar, Bradley Reaves, Patrick Traynor, Sascha Fahl |
| 2018 | A Measurement Study of Authentication Rate-Limiting Mechanisms of Modern Websites. Bo Lu, Xiaokuan Zhang, Ziman Ling, Yinqian Zhang, Zhiqiang Lin |
| 2018 | A Measurement Study on Linux Container Security: Attacks and Countermeasures. Xin Lin, Lingguang Lei, Yuewu Wang, Jiwu Jing, Kun Sun, Quan Zhou |
| 2018 | A Multi-tab Website Fingerprinting Attack. Yixiao Xu, Tao Wang, Qi Li, Qingyuan Gong, Yang Chen, Yong Jiang |
| 2018 | Accurate Malware Detection by Extreme Abstraction. Fady Copty, Matan Danos, Orit Edelstein, Cindy Eisner, Dov Murik, Benjamin Zeltser |
| 2018 | An Extensive Evaluation of the Internet's Open Proxies. Akshaya Mani, Tavish Vaidya, David Dworken, Micah Sherr |
| 2018 | An Historical Analysis of the SEAndroid Policy Evolution. Bumjin Im, Ang Chen, Dan S. Wallach |
| 2018 | Analyzing Cache Side Channels Using Deep Neural Networks. Tianwei Zhang, Yinqian Zhang, Ruby B. Lee |
| 2018 | Beware of Your Screen: Anonymous Fingerprinting of Device Screens for Off-line Payment Protection. Zhe Zhou, Di Tang, Wenhao Wang, Xiaofeng Wang, Zhou Li, Kehuan Zhang |
| 2018 | Comparing Video Based Shoulder Surfing with Live Simulation. Adam J. Aviv, Flynn Wolf, Ravi Kuber |
| 2018 | Crystal (ball): I Look at Physics and Predict Control Flow! Just-Ahead-Of-Time Controller Recovery. Sriharsha Etigowni, Shamina Hossain-McKenzie, Maryam Kazerooni, Katherine R. Davis, Saman A. Zonouz |
| 2018 | DeDoS: Defusing DoS with Dispersion Oriented Software. Henri Maxime Demoulin, Tavish Vaidya, Isaac Pedisich, Bob DiMaiolo, Jingyu Qian, Chirag Shah, Yuankai Zhang, Ang Chen, Andreas Haeberlen, Boon Thau Loo, Linh Thi Xuan Phan, Micah Sherr, Clay Shields, Wenchao Zhou |
| 2018 | Do Social Disorders Facilitate Social Engineering?: A Case Study of Autism and Phishing Attacks. Ajaya Neupane, Kiavash Satvat, Nitesh Saxena, Despina Stavrinos, Haley Johnson Bishop |
| 2018 | Finding Dependencies between Cyber-Physical Domains for Security Testing of Industrial Control Systems. John Henry Castellanos, Martín Ochoa, Jianying Zhou |
| 2018 | Finding The Greedy, Prodigal, and Suicidal Contracts at Scale. Ivica Nikolic, Aashish Kolluri, Ilya Sergey, Prateek Saxena, Aquinas Hobor |
| 2018 | Hiding in the Shadows: Empowering ARM for Stealthy Virtual Machine Introspection. Sergej Proskurin, Tamas K. Lengyel, Marius Momeu, Claudia Eckert, Apostolis Zarras |
| 2018 | I Know What You See: Power Side-Channel Attack on Convolutional Neural Network Accelerators. Lingxiao Wei, Bo Luo, Yu Li, Yannan Liu, Qiang Xu |
| 2018 | I Need this Back, Later!: An Exploration of Practical Secret Sharing. Oliver Wiese, Christoph Weinhold, Jan-Ole Malchow, Volker Roth |
| 2018 | IAC: On the Feasibility of Utilizing Neural Signals for Access Control. Md. Lutfor Rahman, Ajaya Neupane, Chengyu Song |
| 2018 | ICSD: An Automatic System for Insecure Code Snippet Detection in Stack Overflow over Heterogeneous Information Network. Yanfang Ye, Shifu Hou, Lingwei Chen, Xin Li, Liang Zhao, Shouhuai Xu, Jiabin Wang, Qi Xiong |
| 2018 | Improving Accuracy of Android Malware Detection with Lightweight Contextual Awareness. Joey Allen, Matthew Landen, Sanya Chaba, Yang Ji, Simon Pak Ho Chung, Wenke Lee |
| 2018 | Improving security and usability of passphrases with guided word choice. Nikola K. Blanchard, Clément Malaingre, Ted Selker |
| 2018 | LOBO: Evaluation of Generalization Deficiencies in Twitter Bot Classifiers. Juan Echeverría, Emiliano De Cristofaro, Nicolas Kourtellis, Ilias Leontiadis, Gianluca Stringhini, Shi Zhou |
| 2018 | Latent Typing Biometrics in Online Collaboration Services. Shane McCulley, Vassil Roussev |
| 2018 | Lprov: Practical Library-aware Provenance Tracing. Fei Wang, Yonghwi Kwon, Shiqing Ma, Xiangyu Zhang, Dongyan Xu |
| 2018 | MADE: Security Analytics for Enterprise Threat Detection. Alina Oprea, Zhou Li, Robin Norris, Kevin D. Bowers |
| 2018 | Mapping to Bits: Efficiently Detecting Type Confusion Errors. Chengbin Pang, Yunlan Du, Bing Mao, Shanqing Guo |
| 2018 | MemCloak: Practical Access Obfuscation for Untrusted Memory. Weixin Liang, Kai Bu, Ke Li, Jinhong Li, Arya Tavakoli |
| 2018 | MicroWalk: A Framework for Finding Side Channels in Binaries. Jan Wichelmann, Ahmad Moghimi, Thomas Eisenbarth, Berk Sunar |
| 2018 | Model Extraction Warning in MLaaS Paradigm. Manish Kesarwani, Bhaskar Mukhoty, Vijay Arya, Sameep Mehta |
| 2018 | Noise Matters: Using Sensor and Process Noise Fingerprint to Detect Stealthy Cyber Attacks and Authenticate sensors in CPS. Chuadhry Mujeeb Ahmed, Jianying Zhou, Aditya P. Mathur |
| 2018 | Now You See Me: Real-time Dynamic Function Call Detection. Franck de Goër, Sanjay Rawat, Dennis Andriesse, Herbert Bos, Roland Groz |
| 2018 | Obscuro: A Bitcoin Mixer using Trusted Execution Environments. Muoi Tran, Loi Luu, Min Suk Kang, Iddo Bentov, Prateek Saxena |
| 2018 | On The Systematic Development and Evaluation Of Password Security Awareness-Raising Materials. Peter Mayer, Christian Schwartz, Melanie Volkamer |
| 2018 | On the Effectiveness of Type-based Control Flow Integrity. Reza Mirzazade Farkhani, Saman Jafari, Sajjad Arshad, William K. Robertson, Engin Kirda, Hamed Okhravi |
| 2018 | Osiris: Hunting for Integer Bugs in Ethereum Smart Contracts. Christof Ferreira Torres, Julian Schütte, Radu State |
| 2018 | Pointing in the Right Direction - Securing Memory Accesses in a Faulty World. Robert Schilling, Mario Werner, Pascal Nasahl, Stefan Mangard |
| 2018 | Poisoning Attacks to Graph-Based Recommender Systems. Minghong Fang, Guolei Yang, Neil Zhenqiang Gong, Jia Liu |
| 2018 | Practical Integrity Protection with Oblivious Hashing. Mohsen Ahmadvand, Anahit Hayrapetyan, Sebastian Banescu, Alexander Pretschner |
| 2018 | Prime+Count: Novel Cross-world Covert Channels on ARM TrustZone. Haehyun Cho, Penghui Zhang, Donguk Kim, Jinbum Park, Choong-Hoon Lee, Ziming Zhao, Adam Doupé, Gail-Joon Ahn |
| 2018 | Proceedings of the 34th Annual Computer Security Applications Conference, ACSAC 2018, San Juan, PR, USA, December 03-07, 2018 |
| 2018 | RAPID: Resource and API-Based Detection Against In-Browser Miners. Juan D. Parra Rodriguez, Joachim Posegga |
| 2018 | Raising the Bar: Evaluating Origin-wide Security Manifests. Steven Van Acker, Daniel Hausknecht, Andrei Sabelfeld |
| 2018 | SENSS Against Volumetric DDoS Attacks. Sivaramakrishnan Ramanathan, Jelena Mirkovic, Minlan Yu, Ying Zhang |
| 2018 | SHIELD: A Framework for Efficient and Secure Machine Learning Classification in Constrained Environments. Jan Henrik Ziegeldorf, Jan Metzke, Klaus Wehrle |
| 2018 | Secure Out-of-band Remote Management of Virtual Machines with Transparent Passthrough. Shota Futagami, Tomoya Unoki, Kenichi Kourai |
| 2018 | Shredder: Breaking Exploits through API Specialization. Shachee Mishra, Michalis Polychronakis |
| 2018 | Side-Channel Analysis of SM2: A Late-Stage Featurization Case Study. Nicola Tuveri, Sohaib ul Hassan, Cesar Pereida García, Billy Bob Brumley |
| 2018 | SmarTor: Smarter Tor with Smart Contracts: Improving resilience of topology distribution in the Tor network. André Greubel, Alexandra Dmitrienko, Samuel Kounev |
| 2018 | StateDroid: Stateful Detection of Stealthy Attacks in Android Apps via Horn-Clause Verification. Mohsin Junaid, Jiang Ming, David Chenho Kung |
| 2018 | TIFF: Using Input Type Inference To Improve Fuzzing. Vivek Jain, Sanjay Rawat, Cristiano Giuffrida, Herbert Bos |
| 2018 | Take It or Leave It: A Survey Study on Operating System Upgrade Practices. Sadegh Farhang, Jake Weidman, Mohammad Mahdi Kamani, Jens Grossklags, Peng Liu |
| 2018 | There's a Hole in that Bucket!: A Large-scale Analysis of Misconfigured S3 Buckets. Andrea Continella, Mario Polino, Marcello Pogliani, Stefano Zanero |
| 2018 | Towards Automated Generation of Exploitation Primitives for Web Browsers. Behrad Garmany, Martin Stoffel, Robert Gawlik, Philipp Koppe, Tim Blazytko, Thorsten Holz |
| 2018 | Tracking Users across the Web via TLS Session Resumption. Erik Sy, Christian Burkert, Hannes Federrath, Mathias Fischer |
| 2018 | Type-After-Type: Practical and Complete Type-Safe Memory Reuse. Erik van der Kouwe, Taddeus Kroes, Chris Ouwehand, Herbert Bos, Cristiano Giuffrida |
| 2018 | Typing-Proof: Usable, Secure and Low-Cost Two-Factor Authentication Based on Keystroke Timings. Ximing Liu, Yingjiu Li, Robert H. Deng |
| 2018 | Using Loops For Malware Classification Resilient to Feature-unaware Perturbations. Aravind Machiry, Nilo Redini, Eric Gustafson, Yanick Fratantonio, Yung Ryn Choe, Christopher Kruegel, Giovanni Vigna |
| 2018 | Why Johnny Can't Make Money With His Contents: Pitfalls of Designing and Implementing Content Delivery Apps. Sze Yiu Chau, Bincheng Wang, Jianxiong Wang, Omar Chowdhury, Aniket Kate, Ninghui Li |
| 2018 | Wi Not Calling: Practical Privacy and Availability Attacks in Wi-Fi Calling. Jaejong Baek, Sukwha Kyung, Haehyun Cho, Ziming Zhao, Yan Shoshitaishvili, Adam Doupé, Gail-Joon Ahn |