| 2013 | 12th workshop on privacy in the electronic society (WPES 2013). Sara Foresti |
| 2013 | 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS'13, Berlin, Germany, November 4-8, 2013 Ahmad-Reza Sadeghi, Virgil D. Gligor, Moti Yung |
| 2013 | 25 million flows later: large-scale detection of DOM-based XSS. Sebastian Lekies, Ben Stock, Martin Johns |
| 2013 | A clinical study of risk factors related to malware infections. Fanny Lalonde Lévesque, Jude Nsiempba, José M. Fernandez, Sonia Chiasson, Anil Somayaji |
| 2013 | A footprint of third-party tracking on mobile web. Ashar Javed |
| 2013 | A new framework against privilege escalation attacks on android. Wenming Zhou, Yuqing Zhang, Xuefeng Liu |
| 2013 | A security framework for the analysis and design of software attestation. Frederik Armknecht, Ahmad-Reza Sadeghi, Steffen Schulz, Christian Wachsmann |
| 2013 | A semantic-aware approach to reasoning about network traffic relations. Hao Zhang, Danfeng (Daphne) Yao, Naren Ramakrishnan |
| 2013 | ASIST: architectural support for instruction set randomization. Antonis Papadogiannakis, Laertis Loutsis, Vassilis Papaefstathiou, Sotiris Ioannidis |
| 2013 | AUTOCRYPT: enabling homomorphic computation on servers to protect sensitive web content. Shruti Tople, Shweta Shinde, Zhaofeng Chen, Prateek Saxena |
| 2013 | AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks. Seungwon Shin, Vinod Yegneswaran, Phillip A. Porras, Guofei Gu |
| 2013 | Addressing the concerns of the lacks family: quantification of kin genomic privacy. Mathias Humbert, Erman Ayday, Jean-Pierre Hubaux, Amalio Telenti |
| 2013 | Adjustably encrypted in-memory column-store. Florian Kerschbaum, Patrick Grofig, Isabelle Hang, Martin Härterich, Mathias Kohler, Andreas Schaad, Axel Schröpfer, Walter Tighzert |
| 2013 | An IDS framework for internet of things empowered by 6LoWPAN. Prabhakaran Kasinathan, Gianfranco Costamagna, Hussein Khaleel, Claudio Pastrone, Maurizio A. Spirito |
| 2013 | An analysis of the EMV channel establishment protocol. Christina Brzuska, Nigel P. Smart, Bogdan Warinschi, Gaven J. Watson |
| 2013 | An architecture for practical actively secure MPC with dishonest majority. Marcel Keller, Peter Scholl, Nigel P. Smart |
| 2013 | An empirical study of cryptographic misuse in android applications. Manuel Egele, David Brumley, Yanick Fratantonio, Christopher Kruegel |
| 2013 | Anonymous credentials light. Foteini Baldimtsi, Anna Lysyanskaya |
| 2013 | AppIntent: analyzing sensitive data transmission in android for privacy leakage detection. Zhemin Yang, Min Yang, Yuan Zhang, Guofei Gu, Peng Ning, Xiaoyang Sean Wang |
| 2013 | Automatic verification of protocols with lists of unbounded length. Bruno Blanchet, Miriam Paiola |
| 2013 | BIOS chronomancy: fixing the core root of trust for measurement. John Butterworth, Corey Kallenberg, Xeno Kovah, Amy Herzog |
| 2013 | Beheading hydras: performing effective botnet takedowns. Yacin Nadji, Manos Antonakakis, Roberto Perdisci, David Dagon, Wenke Lee |
| 2013 | Belief semantics of authorization logic. Andrew K. Hirsch, Michael R. Clarkson |
| 2013 | Blackbox traceable CP-ABE: how to catch people leaking their keys by selling decryption devices on ebay. Zhen Liu, Zhenfu Cao, Duncan S. Wong |
| 2013 | BotFlex: a community-driven tool for botnetdetection. Sheharbano Khattak, Zaafar Ahmed, Affan A. Syed, Syed Ali Khayam |
| 2013 | Breaking and entering through the silicon. Clemens Helfmeier, Dmitry Nedospasov, Christopher Tarnovsky, Jan Starbug Krissler, Christian Boit, Jean-Pierre Seifert |
| 2013 | CCS'13 co-located workshop summary for SPSM 2013. Adrienne Porter Felt, N. Asokan |
| 2013 | CRYPTSERVER: strong data protection in commodity LAMP servers. Zhaofeng Chen, Xinshu Dong, Prateek Saxena, Zhenkai Liang |
| 2013 | Caching oblivious memory access: an extension to the HCRYPT virtual machine. Michael Brenner, Matthew Smith |
| 2013 | Certified computer-aided cryptography: efficient provably secure machine code from high-level implementations. José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, François Dupressoir |
| 2013 | Chucky: exposing missing checks in source code for vulnerability discovery. Fabian Yamaguchi, Christian Wressnegger, Hugo Gascon, Konrad Rieck |
| 2013 | Computationally complete symbolic attacker and key exchange. Gergei Bana, Koji Hasebe, Mitsuhiro Okada |
| 2013 | Configuration-based IDS for advanced metering infrastructure. Muhammad Qasim Ali, Ehab Al-Shaer |
| 2013 | Constructive and destructive aspects of embedded security in the internet of things. Christof Paar |
| 2013 | Content-based isolation: rethinking isolation policy design on client systems. Alexander Moshchuk, Helen J. Wang, Yunxin Liu |
| 2013 | Control-Alt-Hack: the design and evaluation of a card game for computer security awareness and education. Tamara Denning, Adam Lerner, Adam Shostack, Tadayoshi Kohno |
| 2013 | Cover your ACKs: pitfalls of covert channel censorship circumvention. John Geddes, Max Schuchard, Nicholas Hopper |
| 2013 | Critique of the CISSP common body of knowledge of cryptography. Stephan Neuhaus, Gabriela Gheorghe |
| 2013 | Cross-origin pixel stealing: timing attacks using CSS filters. Robert Kotcher, Yutong Pei, Pranjal Jumde, Collin Jackson |
| 2013 | Cross-platform malware: write once, infect everywhere. Martina Lindorfer, Matthias Neumayr, Juan Caballero, Christian Platzer |
| 2013 | CyCAR'2013: first international academic workshop on security, privacy and dependability for cybervehicles. Arslan Munir, Farinaz Koushanfar, Hervé Seudie, Ahmad-Reza Sadeghi |
| 2013 | Data quality evaluation: integrating security and accuracy. Leon Reznik, Elisa Bertino |
| 2013 | Deduction soundness: prove one, get five for free. Florian Böhl, Véronique Cortier, Bogdan Warinschi |
| 2013 | Delegatable pseudorandom functions and applications. Aggelos Kiayias, Stavros Papadopoulos, Nikos Triandopoulos, Thomas Zacharias |
| 2013 | Delta: automatic identification of unknown web-based infection campaigns. Kevin Borgolte, Christopher Kruegel, Giovanni Vigna |
| 2013 | Demonstrating a trust framework for evaluating GNSS signal integrity. Xihui Chen, Carlo Harpes, Gabriele Lenzini, Miguel Martins, Sjouke Mauw, Jun Pang |
| 2013 | Detecting malware through temporal function-based features. Eitan Menahem, Asaf Shabtai, Adi Levhar |
| 2013 | Detecting stealthy, distributed SSH brute-forcing. Mobin Javed, Vern Paxson |
| 2013 | Diglossia: detecting code injection attacks with precision and efficiency. Sooel Son, Kathryn S. McKinley, Vitaly Shmatikov |
| 2013 | Dr. Watson provides data for post-breach analysis. Wasim Ahmad Bhat, S. M. K. Quadri |
| 2013 | Düppel: retrofitting commodity operating systems to mitigate cache side channels in the cloud. Yinqian Zhang, Michael K. Reiter |
| 2013 | Easily instrumenting android applications for security purposes. Eric Bodden |
| 2013 | Efficient targeted key subset retrieval in fractal hash sequences. Kelsey Cairns, Thoshitha T. Gamage, Carl Hauser |
| 2013 | Eighth ACM workshop on digital identity management (DIM 2013): identity at the crossroads. Thomas Groß, Marit Hansen |
| 2013 | Elligator: elliptic-curve points indistinguishable from uniform random strings. Daniel J. Bernstein, Mike Hamburg, Anna Krasnova, Tanja Lange |
| 2013 | Enabling trusted stores for android. Yury Zhauniarovich, Olga Gadyatskaya, Bruno Crispo |
| 2013 | Enhanced embedded device security by combining hardware-based trust mechanisms. Martin Schramm, Karl Leidl, Andreas Grzemba, Nicolai Kuntze |
| 2013 | Ensuring high-quality randomness in cryptographic key generation. Henry Corrigan-Gibbs, Wendy Mu, Dan Boneh, Bryan Ford |
| 2013 | Event-based isolation of critical data in the cloud. Sebastian Biedermann, Stefan Katzenbeisser |
| 2013 | FANCI: identification of stealthy malicious logic using boolean functional analysis. Adam Waksman, Matthew Suozzo, Simha Sethumadhavan |
| 2013 | FPDetective: dusting the web for fingerprinters. Gunes Acar, Marc Juarez, Nick Nikiforakis, Claudia Díaz, Seda F. Gürses, Frank Piessens, Bart Preneel |
| 2013 | Fast two-party secure computation with minimal assumptions. Abhi Shelat, Chih-Hao Shen |
| 2013 | Fifth ACM cloud computing security workshop (CCSW 2013). Ari Juels, Bryan Parno |
| 2013 | Flexible and scalable digital signatures in TPM 2.0. Liqun Chen, Jiangtao Li |
| 2013 | Formal verification of information flow security for a simple arm-based separation kernel. Mads Dam, Roberto Guanciale, Narges Khakpour, Hamed Nemati, Oliver Schwarz |
| 2013 | Fully automated analysis of padding-based encryption in the computational model. Gilles Barthe, Juan Manuel Crespo, Benjamin Grégoire, César Kunz, Yassine Lakhnech, Benedikt Schmidt, Santiago Zanella-Béguelin |
| 2013 | Geo-indistinguishability: differential privacy for location-based systems. Miguel E. Andrés, Nicolás Emilio Bordenabe, Konstantinos Chatzikokolakis, Catuscia Palamidessi |
| 2013 | Gradiant asymmetric encryption and verification systems based on handwritten signature. Enrique Argones-Rúa, Francisco Javier García Salomón, Luis Pérez-Freire |
| 2013 | Graphical password using object-based image ranking. Cuong Xuan Nguyen, Hung-Hsuan Huang, Kyoji Kawagoe |
| 2013 | HIFS: history independence for file systems. Sumeet Bajaj, Radu Sion |
| 2013 | Hang with your buddies to resist intersection attacks. David Isaac Wolinsky, Ewa Syta, Bryan Ford |
| 2013 | Heart-to-heart (H2H): authentication for implanted medical devices. Masoud Rostami, Ari Juels, Farinaz Koushanfar |
| 2013 | Honeywords: making password-cracking detectable. Ari Juels, Ronald L. Rivest |
| 2013 | How to keep a secret: leakage deterring public-key cryptosystems. Aggelos Kiayias, Qiang Tang |
| 2013 | Identity, location, disease and more: inferring your secrets from android public resources. Xiao-yong Zhou, Soteris Demetriou, Dongjing He, Muhammad Naveed, Xiaorui Pan, Xiaofeng Wang, Carl A. Gunter, Klara Nahrstedt |
| 2013 | Identity-based steganography and its applications to censorship resistance. Tim Ruffing, Jonas Schneider, Aniket Kate |
| 2013 | Impact of integrity attacks on real-time pricing in smart grids. Rui Tan, Varun Badrinath Krishna, David K. Y. Yau, Zbigniew Kalbarczyk |
| 2013 | Inherent PUFs and secure PRNGs on commercial off-the-shelf microcontrollers. Anthony Van Herrewege, André Schaller, Stefan Katzenbeisser, Ingrid Verbauwhede |
| 2013 | Introducing pathogen: a real-time virtualmachine introspection framework. Anthony Roberts, Richard McClatchey, Saad Liaquat, Nigel Edwards, Mike Wray |
| 2013 | Librando: transparent code randomization for just-in-time compilers. Andrei Homescu, Stefan Brunthaler, Per Larsen, Michael Franz |
| 2013 | LogGC: garbage collecting audit log. Kyu Hyung Lee, Xiangyu Zhang, Dongyan Xu |
| 2013 | Low-fat pointers: compact encoding and efficient gate-level implementation of fat pointers for spatial safety and capability-based security. Albert Kwon, Udit Dhawan, Jonathan M. Smith, Thomas F. Knight Jr., André DeHon |
| 2013 | Measuring password guessability for an entire university. Michelle L. Mazurek, Saranga Komanduri, Timothy Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Patrick Gage Kelley, Richard Shay, Blase Ur |
| 2013 | Membership privacy: a unifying framework for privacy definitions. Ninghui Li, Wahbeh H. Qardaji, Dong Su, Yi Wu, Weining Yang |
| 2013 | MinimaLT: minimal-latency networking through better security. W. Michael Petullo, Xu Zhang, Jon A. Solworth, Daniel J. Bernstein, Tanja Lange |
| 2013 | Monitor integrity protection with space efficiency and separate compilation. Ben Niu, Gang Tan |
| 2013 | More efficient oblivious transfer and extensions for faster secure computation. Gilad Asharov, Yehuda Lindell, Thomas Schneider, Michael Zohner |
| 2013 | Multi-cloud oblivious storage. Emil Stefanov, Elaine Shi |
| 2013 | OAKE: a new family of implicitly authenticated diffie-hellman protocols. Andrew Chi-Chih Yao, Yunlei Zhao |
| 2013 | OASIS: on achieving a sanctuary for integrity and secrecy on untrusted platforms. Emmanuel Owusu, Jorge Guajardo, Jonathan M. McCune, James Newsome, Adrian Perrig, Amit Vasudevan |
| 2013 | Obfuscation resilient binary code reuse through trace-oriented programming. Junyuan Zeng, Yangchun Fu, Kenneth A. Miller, Zhiqiang Lin, Xiangyu Zhang, Dongyan Xu |
| 2013 | On the anonymity of Israel's general elections. Tomer Ashur, Orr Dunkelman |
| 2013 | On the real-time masking of the sound of credit cards using hot patching. Manish Shukla, Purushotam G. Radadia, Shirish Karande, Sachin Lodha |
| 2013 | On the security of TLS renegotiation. Florian Giesen, Florian Kohlar, Douglas Stebila |
| 2013 | Outsourced symmetric private information retrieval. Stanislaw Jarecki, Charanjit S. Jutla, Hugo Krawczyk, Marcel-Catalin Rosu, Michael Steiner |
| 2013 | PCTCP: per-circuit TCP-over-IPsec transport for anonymous communication overlay networks. Mashael AlSabah, Ian Goldberg |
| 2013 | PHANTOM: practical oblivious computation in a secure processor. Martin Maas, Eric Love, Emil Stefanov, Mohit Tiwari, Elaine Shi, Krste Asanovic, John Kubiatowicz, Dawn Song |
| 2013 | PICCO: a general-purpose compiler for private distributed computation. Yihua Zhang, Aaron Steele, Marina Blanton |
| 2013 | Passwords on flexible display devices. Sana Maqsood, Sonia Chiasson, Audrey Girouard |
| 2013 | Path ORAM: an extremely simple oblivious RAM protocol. Emil Stefanov, Marten van Dijk, Elaine Shi, Christopher W. Fletcher, Ling Ren, Xiangyao Yu, Srinivas Devadas |
| 2013 | Performance signatures of mobile phone browsers. Bilal Shebaro, Di Jin, Elisa Bertino |
| 2013 | PnP: improving web browsing performance over tor using web resource prefetch-and-push. Giang T. K. Nguyen, Xun Gong, Anupam Das, Nikita Borisov |
| 2013 | PoWerStore: proofs of writing for efficient and robust storage. Dan Dobre, Ghassan Karame, Wenting Li, Matthias Majuntke, Neeraj Suri, Marko Vukolic |
| 2013 | Policy-based secure deletion. Christian Cachin, Kristiyan Haralambiev, Hsu-Chun Hsiao, Alessandro Sorniotti |
| 2013 | Polyglots: crossing origins by crossing formats. Jonas Magazinius, Billy K. Rios, Andrei Sabelfeld |
| 2013 | Practical constructions and new proof methods for large universe attribute-based encryption. Yannis Rouselakis, Brent Waters |
| 2013 | Practical dynamic proofs of retrievability. Elaine Shi, Emil Stefanov, Charalampos Papamanthou |
| 2013 | Predictability of Android OpenSSL's pseudo random number generator. Soo Hyeon Kim, Daewan Han, Dong Hoon Lee |
| 2013 | Preserving privacy and accountability for personal devices. Gabriela Gheorghe, Stephan Neuhaus |
| 2013 | Preventing accidental data disclosure in modern operating systems. Adwait Nadkarni, William Enck |
| 2013 | Privacy-preserving matrix factorization. Valeria Nikolaenko, Stratis Ioannidis, Udi Weinsberg, Marc Joye, Nina Taft, Dan Boneh |
| 2013 | Protecting sensitive web content from client-side vulnerabilities with CRYPTONS. Xinshu Dong, Zhaofeng Chen, Hossein Siadati, Shruti Tople, Prateek Saxena, Zhenkai Liang |
| 2013 | Protocol misidentification made easy with format-transforming encryption. Kevin P. Dyer, Scott E. Coull, Thomas Ristenpart, Thomas Shrimpton |
| 2013 | Quantifying the security of graphical passwords: the case of android unlock patterns. Sebastian Uellenbeck, Markus Dürmuth, Christopher Wolf, Thorsten Holz |
| 2013 | Reflected attacks abusing honeypots. Martin Husák, Martin Vizváry |
| 2013 | Relational abstract interpretation for the verification of 2-hypersafety properties. Máté Kovács, Helmut Seidl, Bernd Finkbeiner |
| 2013 | Relational abstraction in community-based secure collaboration. Philip W. L. Fong, Pooya Mehregan, Ram Krishnan |
| 2013 | Rethinking SSL development in an appified world. Sascha Fahl, Marian Harbach, Henning Perl, Markus Koetter, Matthew Smith |
| 2013 | Revisiting anomaly detection system design philosophy. Ayesha Binte Ashfaq, Muhammad Qasim Ali, Ehab Al-Shaer, Syed Ali Khayam |
| 2013 | SAuth: protecting user accounts from password database leaks. Georgios Kontaxis, Elias Athanasopoulos, Georgios Portokalidis, Angelos D. Keromytis |
| 2013 | SHAMROCK: self contained cryptography and key management processor. Daniil M. Utin, Roger Khazan, Joshua Kramer, Michael Vai, David Whelihan |
| 2013 | Scheduling black-box mutational fuzzing. Maverick Woo, Sang Kil Cha, Samantha Gottlieb, David Brumley |
| 2013 | Sechduler: a security-aware kernel scheduler. Parisa Haghani, Saman A. Zonouz |
| 2013 | Secure and customizable web development in the safe activation framework. Raphael M. Reischuk, Florian Schröder, Johannes Gehrke |
| 2013 | Secure authentication from facial attributeswith no privacy loss. Orr Dunkelman, Margarita Osadchy, Mahmood Sharif |
| 2013 | Secure data deletion from persistent media. Joel Reardon, Hubert Ritzdorf, David A. Basin, Srdjan Capkun |
| 2013 | Security analysis of a widely deployed locking system. Michael Weiner, Maurice Massar, Erik Tews, Dennis Giese, Wolfgang Wieser |
| 2013 | Security analysis of integrated circuit camouflaging. Jeyavijayan Rajendran, Michael Sam, Ozgur Sinanoglu, Ramesh Karri |
| 2013 | Security analysis of pseudo-random number generators with input: /dev/random is not robust. Yevgeniy Dodis, David Pointcheval, Sylvain Ruhault, Damien Vergnaud, Daniel Wichs |
| 2013 | Seeing double: reconstructing obscured typed input from repeated compromising reflections. Yi Xu, Jared Heinly, Andrew M. White, Fabian Monrose, Jan-Michael Frahm |
| 2013 | ShadowReplica: efficient parallelization of dynamic data flow tracking. Kangkook Jee, Vasileios P. Kemerlis, Angelos D. Keromytis, Georgios Portokalidis |
| 2013 | Shady paths: leveraging surfing crowds to detect malicious web pages. Gianluca Stringhini, Christopher Kruegel, Giovanni Vigna |
| 2013 | Signal anomaly based attack detection in wireless sensor networks. Jeton Bacaj, Leon Reznik |
| 2013 | Smart energy grid security workshop (SEGS'13). Klaus Kursawe, Benessa Defend |
| 2013 | Sniffing and propagating malwares through WPAD deception in LANs. Dan Li, Chaoge Liu, Xu Cui, Xiang Cui |
| 2013 | Summary/overview for artificial intelligence and security (AISec'13). Blaine Nelson, Christos Dimitrakakis, Elaine Shi |
| 2013 | TRIPLEX: verifying data minimisation in communication systems. Meilof Veeningen, Mayla Brusò, Jerry den Hartog, Nicola Zannone |
| 2013 | Tappan Zee (north) bridge: mining memory accesses for introspection. Brendan Dolan-Gavitt, Tim Leek, Josh Hodosh, Wenke Lee |
| 2013 | The cyber arms race. Mikko Hypponen |
| 2013 | The first workshop on language support for privacy-enhancing technologies (PETShop'13). Martin Franz, Andreas Holzer, Rupak Majumdar, Bryan Parno, Helmut Veith |
| 2013 | The impact of vendor customizations on android security. Lei Wu, Michael C. Grace, Yajin Zhou, Chiachih Wu, Xuxian Jiang |
| 2013 | The robustness of hollow CAPTCHAs. Haichang Gao, Wei Wang, Jiao Qi, Xuqin Wang, Xiyang Liu, Jeff Yan |
| 2013 | The science, engineering and business of cyber security. Ravi S. Sandhu |
| 2013 | Third international workshop on trustworthy embedded devices (TrustED 2013). Frederik Armknecht, Jean-Pierre Seifert |
| 2013 | TouchCtrl: fine-grained access control for collaborative environments. Benjamin Güldenring, Volker Roth |
| 2013 | Towards reducing the attack surface of software backdoors. Felix Schuster, Thorsten Holz |
| 2013 | Trusted execution environments on mobile devices. Jan-Erik Ekberg, Kari Kostiainen, N. Asokan |
| 2013 | Unauthorized origin crossing on mobile platforms: threats and mitigation. Rui Wang, Luyi Xing, Xiaofeng Wang, Shuo Chen |
| 2013 | Users get routed: traffic correlation on tor by realistic adversaries. Aaron Johnson, Chris Wacek, Rob Jansen, Micah Sherr, Paul F. Syverson |
| 2013 | Using SMT solvers to automate design tasks for encryption and signature schemes. Joseph A. Akinyele, Matthew Green, Susan Hohenberger |
| 2013 | Verifiable delegation of computation on outsourced data. Michael Backes, Dario Fiore, Raphael M. Reischuk |
| 2013 | Vetting undesirable behaviors in android apps with permission use analysis. Yuan Zhang, Min Yang, Bingquan Xu, Zhemin Yang, Guofei Gu, Peng Ning, Xiaoyang Sean Wang, Binyu Zang |
| 2013 | ViceROI: catching click-spam in search ad networks. Vacha Dave, Saikat Guha, Yin Zhang |
| 2013 | When kids' toys breach mobile phone security. Abdul Serwadda, Vir V. Phoha |
| 2013 | When private set intersection meets big data: an efficient and scalable protocol. Changyu Dong, Liqun Chen, Zikai Wen |
| 2013 | Zero-knowledge using garbled circuits: how to prove non-algebraic statements efficiently. Marek Jawurek, Florian Kerschbaum, Claudio Orlandi |
| 2013 | deDacota: toward preventing server-side XSS via automatic code and data separation. Adam Doupé, Weidong Cui, Mariusz H. Jakubowski, Marcus Peinado, Christopher Kruegel, Giovanni Vigna |
| 2013 | mXSS attacks: attacking well-secured web-applications by using innerHTML mutations. Mario Heiderich, Jörg Schwenk, Tilman Frosch, Jonas Magazinius, Edward Z. Yang |
| 2013 | trend of online flash XSS vulnerabilities. Qixu Liu, Yuqing Zhang, Huan Yang |