| 2012 | 11th workshop on privacy in the electronic society. Nikita Borisov |
| 2012 | 4th cloud computing security workshop (CCSW 2012). Srdjan Capkun, Seny Kamara |
| 2012 | A covert channel construction in a virtualized environment. Jidong Xiao, Zhang Xu, Hai Huang, Haining Wang |
| 2012 | A cross-protocol attack on the TLS protocol. Nikos Mavrogiannopoulos, Frederik Vercauteren, Vesselin Velichkov, Bart Preneel |
| 2012 | A software-hardware architecture for self-protecting data. Yu-Yuan Chen, Pramod A. Jamkhedkar, Ruby B. Lee |
| 2012 | Adaptive defenses for commodity software through virtual application partitioning. Dimitris Geneiatakis, Georgios Portokalidis, Vasileios P. Kemerlis, Angelos D. Keromytis |
| 2012 | Advanced triple-channel botnets: model and implementation. Xiang Cui, Binxing Fang, Peng Liao, Chaoge Liu |
| 2012 | Aligot: cryptographic function identification in obfuscated binary programs. Joan Calvet, José M. Fernandez, Jean-Yves Marion |
| 2012 | An historical examination of open source releases and their vulnerabilities. Nigel Edwards, Liqun Chen |
| 2012 | Authenticated secret key extraction using channel characteristics for body area networks. Jiawei Yuan, Lu Shi, Shucheng Yu, Ming Li |
| 2012 | Automatic generation of vaccines for malware immunization. Zhaoyan Xu, Jialong Zhang, Guofei Gu, Zhiqiang Lin |
| 2012 | Before we knew it: an empirical study of zero-day attacks in the real world. Leyla Bilge, Tudor Dumitras |
| 2012 | Binary stirring: self-randomizing instruction addresses of legacy x86 binary code. Richard Wartell, Vishwath Mohan, Kevin W. Hamlen, Zhiqiang Lin |
| 2012 | Blacksheep: detecting compromised hosts in homogeneous crowds. Antonio Bianchi, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna |
| 2012 | CCS'12 co-located workshop summary for SPSM 2012. William Enck, Xuxian Jiang |
| 2012 | CHEX: statically vetting Android apps for component hijacking vulnerabilities. Long Lu, Zhichun Li, Zhenyu Wu, Wenke Lee, Guofei Jiang |
| 2012 | CensorSpoofer: asymmetric communication using IP spoofing for censorship-resistant web browsing. Qiyan Wang, Xun Gong, Giang T. K. Nguyen, Amir Houmansadr, Nikita Borisov |
| 2012 | Collaborative TCP sequence number inference attack: how to crack sequence number under a second. Zhiyun Qian, Zhuoqing Morley Mao, Yinglian Xie |
| 2012 | Computational soundness without protocol restrictions. Michael Backes, Ankit Malik, Dominique Unruh |
| 2012 | Computational verification of C protocol implementations by symbolic execution. Mihhail Aizatulin, Andrew D. Gordon, Jan Jürjens |
| 2012 | Context-aware web security threat prevention. Lung-Hao Lee, Yen-Cheng Juan, Kuei-Ching Lee, Wei-Lin Tseng, Hsin-Hsi Chen, Yuen-Hsien Tseng |
| 2012 | Cross-VM side channels and their use to extract private keys. Yinqian Zhang, Ari Juels, Michael K. Reiter, Thomas Ristenpart |
| 2012 | DCast: sustaining collaboration in overlay multicast despite rational collusion. Haifeng Yu, Phillip B. Gibbons, Chenwei Shi |
| 2012 | Deanonymizing mobility traces: using social network as a side-channel. Mudhakar Srivatsa, Michael Hicks |
| 2012 | Demonstrating a lightweight data provenance for sensor networks. Bilal Shebaro, Salmin Sultana, Shakthidhar Reddy Gopavaram, Elisa Bertino |
| 2012 | Demonstrating the effectiveness of MOSES for separation of execution modes. Giovanni Russello, Mauro Conti, Bruno Crispo, Earlence Fernandes, Yury Zhauniarovich |
| 2012 | Detecting money-stealing apps in alternative Android markets. Chao Yang, Vinod Yegneswaran, Phillip A. Porras, Guofei Gu |
| 2012 | Differentially private sequential data publication via variable-length n-grams. Rui Chen, Gergely Ács, Claude Castelluccia |
| 2012 | Double-spending fast payments in bitcoin. Ghassan Karame, Elli Androulaki, Srdjan Capkun |
| 2012 | Dynamic searchable symmetric encryption. Seny Kamara, Charalampos Papamanthou, Tom Roeder |
| 2012 | Enhancing Tor's performance using real-time traffic classification. Mashael AlSabah, Kevin S. Bauer, Ian Goldberg |
| 2012 | Fides: selectively hardening software application components against kernel-level or process-level malware. Raoul Strackx, Frank Piessens |
| 2012 | Fifth ACM workshop on artificial intelligence and security (AISec 2012). Alvaro A. Cárdenas, Blaine Nelson, Benjamin I. P. Rubinstein |
| 2012 | FlowFox: a web browser with flexible and precise information flow control. Willem De Groef, Dominique Devriese, Nick Nikiforakis, Frank Piessens |
| 2012 | Foundations of garbled circuits. Mihir Bellare, Viet Tung Hoang, Phillip Rogaway |
| 2012 | Full proof cryptography: verifiable compilation of efficient zero-knowledge protocols. José Bacelar Almeida, Manuel Barbosa, Endre Bangerter, Gilles Barthe, Stephan Krenn, Santiago Zanella-Béguelin |
| 2012 | GPS software attacks. Tyler Nighswander, Brent M. Ledvina, Jonathan Diamond, Robert Brumley, David Brumley |
| 2012 | Hardware enhanced security. Ruby B. Lee, Simha Sethumadhavan, G. Edward Suh |
| 2012 | Hourglass schemes: how to prove that cloud files are encrypted. Marten van Dijk, Ari Juels, Alina Oprea, Ronald L. Rivest, Emil Stefanov, Nikos Triandopoulos |
| 2012 | How privacy leaks from bluetooth mouse? Xian Pan, Zhen Ling, Aniket Pingley, Wei Yu, Nan Zhang, Xinwen Fu |
| 2012 | How secure are power network signature based time stamps? Wei-Hong Chuang, Ravi Garg, Min Wu |
| 2012 | Innocent by association: early recognition of legitimate users. Yinglian Xie, Fang Yu, Qifa Ke, Martín Abadi, Eliot Gillum, Krish Vitaldevaria, Jason Walter, Junxian Huang, Zhuoqing Morley Mao |
| 2012 | Intransitive noninterference in nondeterministic systems. Kai Engelhardt, Ron van der Meyden, Chenyi Zhang |
| 2012 | Kargus: a highly-scalable software-based intrusion detection system. Muhammad Asim Jamshed, Jihyung Lee, Sangwoo Moon, Insu Yun, Deokjin Kim, Sungryoul Lee, Yung Yi, KyoungSoo Park |
| 2012 | Knowing your enemy: understanding and detecting malicious web advertising. Zhou Li, Kehuan Zhang, Yinglian Xie, Fang Yu, Xiaofeng Wang |
| 2012 | Large-scale DNS data analysis. David Dagon |
| 2012 | Leveraging "choice" to automate authorization hook placement. Divya Muthukumaran, Trent Jaeger, Vinod Ganapathy |
| 2012 | Location privacy leaking from spectrum utilization information in database-driven cognitive radio network. Zhaoyu Gao, Haojin Zhu, Yao Liu, Muyuan Li, Zhenfu Cao |
| 2012 | Machine-generated algorithms, proofs and software for the batch verification of digital signature schemes. Joseph A. Akinyele, Matthew Green, Susan Hohenberger, Matthew W. Pagano |
| 2012 | Manufacturing compromise: the emergence of exploit-as-a-service. Chris Grier, Lucas Ballard, Juan Caballero, Neha Chachra, Christian J. Dietrich, Kirill Levchenko, Panayiotis Mavrommatis, Damon McCoy, Antonio Nappa, Andreas Pitsillidis, Niels Provos, M. Zubair Rafique, Moheeb Abu Rajab, Christian Rossow, Kurt Thomas, Vern Paxson, Stefan Savage, Geoffrey M. Voelker |
| 2012 | Marlin: making it harder to fish for gadgets. Aditi Gupta, Sam Kerr, Michael S. Kirkpatrick, Elisa Bertino |
| 2012 | Measuring vote privacy, revisited. David Bernhard, Véronique Cortier, Olivier Pereira, Bogdan Warinschi |
| 2012 | Minimizing private data disclosures in the smart grid. Weining Yang, Ninghui Li, Yuan Qi, Wahbeh H. Qardaji, Stephen E. McLaughlin, Patrick D. McDaniel |
| 2012 | Mobile data charging: new attacks and countermeasures. Chunyi Peng, Chi-Yu Li, Guan-Hua Tu, Songwu Lu, Lixia Zhang |
| 2012 | Model-based context privacy for personal data streams. Supriyo Chakraborty, Kasturi Rangan Raghavan, Mani B. Srivastava, Harris Teague |
| 2012 | Neighborhood watch: security and privacy analysis of automatic meter reading systems. Ishtiaq Rouf, Hossen Asiful Mustafa, Miao Xu, Wenyuan Xu, Robert D. Miller, Marco Gruteser |
| 2012 | Network-based intrusion detection systems go active! Eitan Menahem, Gabi Nakibly, Yuval Elovici |
| 2012 | New privacy issues in mobile telephony: fix and verification. Myrto Arapinis, Loretta Ilaria Mancini, Eike Ritter, Mark Ryan, Nico Golde, Kevin Redon, Ravishankar Borgaonkar |
| 2012 | Non-tracking web analytics. Istemi Ekin Akkus, Ruichuan Chen, Michaela Hardt, Paul Francis, Johannes Gehrke |
| 2012 | OTO: online trust oracle for user-centric trust establishment. Tiffany Hyun-Jin Kim, Payas Gupta, Jun Han, Emmanuel Owusu, Jason I. Hong, Adrian Perrig, Debin Gao |
| 2012 | On significance of the least significant bits for differential privacy. Ilya Mironov |
| 2012 | On the foundations of trust in networks of humans and computers. Virgil D. Gligor |
| 2012 | On the parameterized complexity of the workflow satisfiability problem. Jason Crampton, Gregory Z. Gutin, Anders Yeo |
| 2012 | Operating system framed in case of mistaken identity: measuring the success of web-based spoofing attacks on OS password-entry dialogs. Cristian Bravo-Lillo, Lorrie Faith Cranor, Julie S. Downs, Saranga Komanduri, Stuart E. Schechter, Manya Sleeper |
| 2012 | PERM: practical reputation-based blacklisting without TTPS. Man Ho Au, Apu Kapadia |
| 2012 | PScout: analyzing the Android permission specification. Kathy Wain Yee Au, Yi Fan Zhou, Zhen Huang, David Lie |
| 2012 | PeerPress: utilizing enemies' P2P strength against them. Zhaoyan Xu, Lingfeng Chen, Guofei Gu, Christopher Kruegel |
| 2012 | Populated IP addresses: classification and applications. Chi-Yao Hong, Fang Yu, Yinglian Xie |
| 2012 | Practical yet universally composable two-server password-authenticated secret sharing. Jan Camenisch, Anna Lysyanskaya, Gregory Neven |
| 2012 | Precise enforcement of progress-sensitive security. Scott Moore, Aslan Askarov, Stephen Chong |
| 2012 | Priceless: the role of payments in abuse-advertised goods. Damon McCoy, Hitesh Dharmdasani, Christian Kreibich, Geoffrey M. Voelker, Stefan Savage |
| 2012 | Privacy preserving boosting in the cloud with secure half-space queries. Shumin Guo, Keke Chen |
| 2012 | Privacy-aware personalization for mobile advertising. Michaela Hardt, Suman Nath |
| 2012 | PrivateFS: a parallel oblivious file system. Peter Williams, Radu Sion, Alin Tomescu |
| 2012 | Protecting access privacy of cached contents in information centric networks. Abedelaziz Mohaisen, Xinwen Zhang, Max Schuchard, Haiyong Xie, Yongdae Kim |
| 2012 | Protecting location privacy: optimal strategy against localization attacks. Reza Shokri, George Theodorakopoulos, Carmela Troncoso, Jean-Pierre Hubaux, Jean-Yves Le Boudec |
| 2012 | Provable security of S-BGP and other path vector protocols: model, analysis and extensions. Alexandra Boldyreva, Robert Lychev |
| 2012 | Publicly verifiable delegation of large polynomials and matrix computations, with applications. Dario Fiore, Rosario Gennaro |
| 2012 | Query encrypted databases practically. Dongxi Liu, Shenlu Wang |
| 2012 | Real-time continuous iris recognition for authentication using an eye tracker. Kenrick J. Mock, Bogdan Hoanca, Justin Weaver, Mikal Milton |
| 2012 | ReasONets: a fuzzy-based approach for reasoning on network incidents. Giuseppe Petracca, Anna Cinzia Squicciarini, William G. Horne, Marco Casassa Mont |
| 2012 | Resource-freeing attacks: improve your cloud performance (at your neighbor's expense). Venkatanathan Varadarajan, Thawan Kooburat, Benjamin Farley, Thomas Ristenpart, Michael M. Swift |
| 2012 | Revoke and let live: a secure key revocation api for cryptographic devices. Véronique Cortier, Graham Steel, Cyrille Wiedling |
| 2012 | Robust dynamic remote data checking for public clouds. Bo Chen, Reza Curtmola |
| 2012 | Routing around decoys. Max Schuchard, John Geddes, Christopher Thompson, Nicholas Hopper |
| 2012 | SABOT: specification-based payload generation for programmable logic controllers. Stephen E. McLaughlin, Patrick D. McDaniel |
| 2012 | STC 2012: the seventh ACM workshop on scalable trusted computing. Xinwen Zhang, Xuhua Ding |
| 2012 | Salus: a system for server-aided secure function evaluation. Seny Kamara, Payman Mohassel, Ben Riva |
| 2012 | Scriptless attacks: stealing the pie without touching the sill. Mario Heiderich, Marcus Niemietz, Felix Schuster, Thorsten Holz, Jörg Schwenk |
| 2012 | Second workshop on building analysis datasets and gathering experience returns for security (BADGERS'12). Mihai Christodorescu |
| 2012 | Secure two-party computation in sublinear (amortized) time. S. Dov Gordon, Jonathan Katz, Vladimir Kolesnikov, Fernando Krell, Tal Malkin, Mariana Raykova, Yevgeniy Vahlis |
| 2012 | Secure two-party computations in ANSI C. Andreas Holzer, Martin Franz, Stefan Katzenbeisser, Helmut Veith |
| 2012 | Self-service cloud computing. Shakeel Butt, H. Andrés Lagar-Cavilla, Abhinav Srivastava, Vinod Ganapathy |
| 2012 | Single round access privacy on outsourced storage. Peter Williams, Radu Sion |
| 2012 | SkypeMorph: protocol obfuscation for Tor bridges. Hooman Mohajeri Moghaddam, Baiyu Li, Mohammad Derakhshani, Ian Goldberg |
| 2012 | StegoTorus: a camouflage proxy for the Tor anonymity system. Zachary Weinberg, Jeffrey Wang, Vinod Yegneswaran, Linda Briesemeister, Steven Cheung, Frank Wang, Dan Boneh |
| 2012 | Strengthening user authentication through opportunistic cryptographic identity assertions. Alexei Czeskis, Michael Dietz, Tadayoshi Kohno, Dan S. Wallach, Dirk Balfanz |
| 2012 | The devil is in the (implementation) details: an empirical analysis of OAuth SSO systems. San-Tsai Sun, Konstantin Beznosov |
| 2012 | The most dangerous code in the world: validating SSL certificates in non-browser software. Martin Georgiev, Subodh Iyengar, Suman Jana, Rishita Anubhai, Dan Boneh, Vitaly Shmatikov |
| 2012 | The state and evolution of privacy by design. Stuart S. Shapiro |
| 2012 | Touching from a distance: website fingerprinting attacks and defenses. Xiang Cai, Xin Cheng Zhang, Brijesh Joshi, Rob Johnson |
| 2012 | Towards a bayesian network game framework for evaluating DDoS attacks and defense. Guanhua Yan, Ritchie Lee, Alex Kent, David H. Wolpert |
| 2012 | Towards measuring warning readability. Marian Harbach, Sascha Fahl, Thomas Muders, Matthew Smith |
| 2012 | TreeDroid: a tree automaton based approach to enforcing data processing policies. Mads Dam, Gurvan Le Guernic, Andreas Lundblad |
| 2012 | Understanding new anonymity networks from a user's perspective. Érik Archambault, Craig A. Shue |
| 2012 | Using probabilistic generative models for ranking risks of Android apps. Hao Peng, Christopher S. Gates, Bhaskar Pratim Sarma, Ninghui Li, Yuan Qi, Rahul Potharaju, Cristina Nita-Rotaru, Ian M. Molloy |
| 2012 | Vanity, cracks and malware: insights into the anti-copy protection ecosystem. Markus Kammerstetter, Christian Platzer, Gilbert Wondracek |
| 2012 | Verifiable data streaming. Dominique Schröder, Heike Schröder |
| 2012 | Verified security of redundancy-free encryption from Rabin and RSA. Gilles Barthe, David Pointcheval, Santiago Zanella-Béguelin |
| 2012 | Vigilare: toward snoop-based kernel integrity monitor. Hyungon Moon, Hojoon Lee, Jihoon Lee, Kihwan Kim, Yunheung Paek, Brent ByungHoon Kang |
| 2012 | Why eve and mallory love android: an analysis of android SSL (in)security. Sascha Fahl, Marian Harbach, Thomas Muders, Matthew Smith, Lars Baumgärtner, Bernd Freisleben |
| 2012 | You are what you include: large-scale evaluation of remote javascript inclusions. Nick Nikiforakis, Luca Invernizzi, Alexandros Kapravelos, Steven Van Acker, Wouter Joosen, Christopher Kruegel, Frank Piessens, Giovanni Vigna |
| 2012 | the ACM Conference on Computer and Communications Security, CCS'12, Raleigh, NC, USA, October 16-18, 2012 Ting Yu, George Danezis, Virgil D. Gligor |