| 2020 | 2020 IEEE Symposium on Security and Privacy, SP 2020, San Francisco, CA, USA, May 18-21, 2020 |
| 2020 | : Practical Cache Attacks from the Network. Michael Kurth, Ben Gras, Dennis Andriesse, Cristiano Giuffrida, Herbert Bos, Kaveh Razavi |
| 2020 | A Programming Framework for Differential Privacy with Accuracy Concentration Bounds. Elisabet Lobo Vesga, Alejandro Russo, Marco Gaboardi |
| 2020 | A Security Analysis of the Facebook Ad Library. Laura Edelson, Tobias Lauinger, Damon McCoy |
| 2020 | A Stealthier Partitioning Attack against Bitcoin Peer-to-Peer Network. Muoi Tran, Inho Choi, Gi Jun Moon, Anh V. Vu, Min Suk Kang |
| 2020 | A Tale of Sea and Sky On the Security of Maritime VSAT Communications. James Pavur, Daniel Moser, Martin Strohmeier, Vincent Lenders, Ivan Martinovic |
| 2020 | AdGraph: A Graph-Based Approach to Ad and Tracker Blocking. Umar Iqbal, Peter Snyder, Shitong Zhu, Benjamin Livshits, Zhiyun Qian, Zubair Shafiq |
| 2020 | An Analysis of Pre-installed Android Software. Julien Gamba, Mohammed Rashed, Abbas Razaghpanah, Juan Tapiador, Narseo Vallina-Rodriguez |
| 2020 | Are We Susceptible to Rowhammer? An End-to-End Methodology for Cloud Providers. Lucian Cojocar, Jeremie S. Kim, Minesh Patel, Lillian Tsai, Stefan Saroiu, Alec Wolman, Onur Mutlu |
| 2020 | Are anonymity-seekers just like everybody else? An analysis of contributions to Wikipedia from Tor. Chau Tran, Kaylea Champion, Andrea Forte, Benjamin Mako Hill, Rachel Greenstadt |
| 2020 | Ask the Experts: What Should Be on an IoT Privacy and Security Label? Pardis Emami Naeini, Yuvraj Agarwal, Lorrie Faith Cranor, Hanan Hibshi |
| 2020 | Automatic Uncovering of Hidden Behaviors From Input Validation in Mobile Apps. Qingchuan Zhao, Chaoshun Zuo, Brendan Dolan-Gavitt, Giancarlo Pellegrino, Zhiqiang Lin |
| 2020 | Automatically Detecting Bystanders in Photos to Reduce Privacy Risks. Rakibul Hasan, David J. Crandall, Mario Fritz, Apu Kapadia |
| 2020 | BIAS: Bluetooth Impersonation AttackS. Daniele Antonioli, Nils Ole Tippenhauer, Kasper Rasmussen |
| 2020 | Binsec/Rel: Efficient Relational Symbolic Execution for Constant-Time at Binary-Level. Lesly-Ann Daniel, Sébastien Bardin, Tamara Rezk |
| 2020 | Breaking and (Partially) Fixing Provably Secure Onion Routing. Christiane Kuhn, Martin Beck, Thorsten Strufe |
| 2020 | Browsing Unicity: On the Limits of Anonymizing Web Tracking Data. Clemens Deußer, Steffen Passmann, Thorsten Strufe |
| 2020 | Burglars' IoT Paradise: Understanding and Mitigating Security Risks of General Messaging Protocols on IoT Clouds. Yan Jia, Luyi Xing, Yuhang Mao, Dongfang Zhao, Xiaofeng Wang, Shangru Zhao, Yuqing Zhang |
| 2020 | C3APSULe: Cross-FPGA Covert-Channel Attacks through Power Supply Unit Leakage. Ilias Giechaskiel, Kasper Bonne Rasmussen, Jakub Szefer |
| 2020 | Can Voters Detect Malicious Manipulation of Ballot Marking Devices? Matthew Bernhard, Allison McDonald, Henry Meng, Jensen Hwa, Nakul Bajaj, Kevin Chang, J. Alex Halderman |
| 2020 | Combating Dependence Explosion in Forensic Analysis Using Alternative Tag Propagation Semantics. Md Nahid Hossain, Sanaz Sheikhi, R. Sekar |
| 2020 | Cornucopia: Temporal Safety for CHERI Heaps. Nathaniel Wesley Filardo, Brett F. Gutstein, Jonathan Woodruff, Sam Ainsworth, Lucian Paul-Trifu, Brooks Davis, Hongyan Xia, Edward Tomasz Napierala, Alexander Richardson, John Baldwin, David Chisnall, Jessica Clarke, Khilan Gudka, Alexandre Joannou, A. Theodore Markettos, Alfredo Mazzinghi, Robert M. Norton, Michael Roe, Peter Sewell, Stacey D. Son, Timothy M. Jones, Simon W. Moore, Peter G. Neumann, Robert N. M. Watson |
| 2020 | CrypTFlow: Secure TensorFlow Inference. Nishant Kumar, Mayank Rathee, Nishanth Chandran, Divya Gupta, Aseem Rastogi, Rahul Sharma |
| 2020 | Detection of Electromagnetic Interference Attacks on Sensor Systems. Youqian Zhang, Kasper Rasmussen |
| 2020 | Do Cookie Banners Respect my Choice? : Measuring Legal Compliance of Banners from IAB Europe's Transparency and Consent Framework. Célestin Matte, Nataliia Bielova, Cristiana Teixeira Santos |
| 2020 | Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd. Mathy Vanhoef, Eyal Ronen |
| 2020 | Efficient and Secure Multiparty Computation from Fixed-Key Block Ciphers. Chun Guo, Jonathan Katz, Xiao Wang, Yu Yu |
| 2020 | Enabling Rack-scale Confidential Computing using Heterogeneous Trusted Execution Environment. Jianping Zhu, Rui Hou, Xiaofeng Wang, Wenhao Wang, Jiangfeng Cao, Boyan Zhao, Zhongpu Wang, Yuhui Zhang, Jiameng Ying, Lixin Zhang, Dan Meng |
| 2020 | Even Black Cats Cannot Stay Hidden in the Dark: Full-band De-anonymization of Bluetooth Classic Devices. Marco Cominelli, Francesco Gringoli, Paul Patras, Margus Lind, Guevara Noubir |
| 2020 | EverCrypt: A Fast, Verified, Cross-Platform Cryptographic Provider. Jonathan Protzenko, Bryan Parno, Aymeric Fromherz, Chris Hawblitzel, Marina Polubelova, Karthikeyan Bhargavan, Benjamin Beurdouche, Joonwon Choi, Antoine Delignat-Lavaud, Cédric Fournet, Natalia Kulatova, Tahina Ramananandro, Aseem Rastogi, Nikhil Swamy, Christoph M. Wintersteiger, Santiago Zanella-Béguelin |
| 2020 | Ex-vivo dynamic analysis framework for Android device drivers. Ivan Pustogarov, Qian Wu, David Lie |
| 2020 | Flash Boys 2.0: Frontrunning in Decentralized Exchanges, Miner Extractable Value, and Consensus Instability. Philip Daian, Steven Goldfeder, Tyler Kell, Yunqi Li, Xueyuan Zhao, Iddo Bentov, Lorenz Breidenbach, Ari Juels |
| 2020 | Flaw Label: Exploiting IPv6 Flow Label. Jonathan Berger, Amit Klein, Benny Pinkas |
| 2020 | FlyClient: Super-Light Clients for Cryptocurrencies. Benedikt Bünz, Lucianna Kiffer, Loi Luu, Mahdi Zamani |
| 2020 | Fuzzing JavaScript Engines with Aspect-preserving Mutation. Soyeon Park, Wen Xu, Insu Yun, DaeHee Jang, Taesoo Kim |
| 2020 | Gesture Authentication for Smartphones: Evaluation of Gesture Password Selection Policies. Eunyong Cheon, Yonghwan Shin, Jun Ho Huh, Hyoungshick Kim, Ian Oakley |
| 2020 | High Precision Open-World Website Fingerprinting. Tao Wang |
| 2020 | HopSkipJumpAttack: A Query-Efficient Decision-Based Attack. Jianbo Chen, Michael I. Jordan, Martin J. Wainwright |
| 2020 | How not to prove your election outcome. Thomas Haines, Sarah Jamie Lewis, Olivier Pereira, Vanessa Teague |
| 2020 | Humpty Dumpty: Controlling Word Meanings via Corpus Poisoning. Roei Schuster, Tal Schuster, Yoav Meri, Vitaly Shmatikov |
| 2020 | HydRand: Efficient Continuous Distributed Randomness. Philipp Schindler, Aljosha Judmayer, Nicholas Stifter, Edgar R. Weippl |
| 2020 | I Know Where You Parked Last Summer : Automated Reverse Engineering and Privacy Analysis of Modern Cars. Daniel Frassinelli, Sohyeon Park, Stefan Nürnberger |
| 2020 | ICAS: an Extensible Framework for Estimating the Susceptibility of IC Layouts to Additive Trojans. Timothy Trippel, Kang G. Shin, Kevin B. Bush, Matthew Hicks |
| 2020 | ICLab: A Global, Longitudinal Internet Censorship Measurement Platform. Arian Akhavan Niaki, Shinyoung Cho, Zachary Weinberg, Nguyen Phong Hoang, Abbas Razaghpanah, Nicolas Christin, Phillipa Gill |
| 2020 | Ijon: Exploring Deep State Spaces via Fuzzing. Cornelius Aschermann, Sergej Schumilo, Ali Abbasi, Thorsten Holz |
| 2020 | Influencing Photo Sharing Decisions on Social Media: A Case of Paradoxical Findings. Mary Jean Amon, Rakibul Hasan, Kurt Hugenberg, Bennett I. Bertenthal, Apu Kapadia |
| 2020 | Intriguing Properties of Adversarial ML Attacks in the Problem Space. Fabio Pierazzi, Feargus Pendlebury, Jacopo Cortellazzi, Lorenzo Cavallaro |
| 2020 | Is FIDO2 the Kingslayer of User Authentication? A Comparative Usability Study of FIDO2 Passwordless Authentication. Sanam Ghorbani Lyastani, Michael Schilling, Michaela Neumayr, Michael Backes, Sven Bugiel |
| 2020 | JIT Leaks: Inducing Timing Side Channels through Just-In-Time Compilation. Tegan Brennan, Nicolás Rosner, Tevfik Bultan |
| 2020 | Karonte: Detecting Insecure Multi-binary Interactions in Embedded Firmware. Nilo Redini, Aravind Machiry, Ruoyu Wang, Chad Spensky, Andrea Continella, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna |
| 2020 | Kobold: Evaluating Decentralized Access Control for Remote NSXPC Methods on iOS. Luke Deshotels, Costin Carabas, Jordan Beichler, Razvan Deaconescu, William Enck |
| 2020 | Krace: Data Race Fuzzing for Kernel File Systems. Meng Xu, Sanidhya Kashyap, Hanqing Zhao, Taesoo Kim |
| 2020 | LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection. Jo Van Bulck, Daniel Moghimi, Michael Schwarz, Moritz Lipp, Marina Minkin, Daniel Genkin, Yuval Yarom, Berk Sunar, Daniel Gruss, Frank Piessens |
| 2020 | Leveraging EM Side-Channel Information to Detect Rowhammer Attacks. Zhenkai Zhang, Zihao Zhan, Daniel Balasubramanian, Bo Li, Péter Völgyesi, Xenofon D. Koutsoukos |
| 2020 | MarkUs: Drop-in use-after-free prevention for low-level languages. Sam Ainsworth, Timothy M. Jones |
| 2020 | Meddling Middlemen: Empirical Analysis of the Risks of Data-Saving Mobile Browsers. Brian Kondracki, Assel Aliyeva, Manuel Egele, Jason Polakis, Nick Nikiforakis |
| 2020 | Message Time of Arrival Codes: A Fundamental Primitive for Secure Distance Measurement. Patrick Leu, Mridula Singh, Marc Roeschlin, Kenneth G. Paterson, Srdjan Capkun |
| 2020 | Neutaint: Efficient Dynamic Taint Analysis with Neural Networks. Dongdong She, Yizheng Chen, Abhishek Shah, Baishakhi Ray, Suman Jana |
| 2020 | OAT: Attesting Operation Integrity of Embedded Devices. Zhichuang Sun, Bo Feng, Long Lu, Somesh Jha |
| 2020 | OHIE: Blockchain Scaling Made Simple. Haifeng Yu, Ivica Nikolic, Ruomu Hou, Prateek Saxena |
| 2020 | PMP: Cost-effective Forced Execution with Probabilistic Memory Pre-planning. Wei You, Zhuo Zhang, Yonghwi Kwon, Yousra Aafer, Fei Peng, Yu Shi, Carson Harmon, Xiangyu Zhang |
| 2020 | Pangolin: Incremental Hybrid Fuzzing with Polyhedral Path Abstraction. Heqing Huang, Peisen Yao, Rongxin Wu, Qingkai Shi, Charles Zhang |
| 2020 | Path Oblivious Heap: Optimal and Practical Oblivious Priority Queue. Elaine Shi |
| 2020 | Plundervolt: Software-based Fault Injection Attacks against Intel SGX. Kit Murdock, David F. Oswald, Flavio D. Garcia, Jo Van Bulck, Daniel Gruss, Frank Piessens |
| 2020 | Privacy Risks of General-Purpose Language Models. Xudong Pan, Mi Zhang, Shouling Ji, Min Yang |
| 2020 | Private resource allocators and their applications. Sebastian Angel, Sampath Kannan, Zachary B. Ratliff |
| 2020 | Pseudorandom Black Swans: Cache Attacks on CTR_DRBG. Shaanan Cohney, Andrew Kwong, Shahar Paz, Daniel Genkin, Nadia Heninger, Eyal Ronen, Yuval Yarom |
| 2020 | RAMBleed: Reading Bits in Memory Without Accessing Them. Andrew Kwong, Daniel Genkin, Daniel Gruss, Yuval Yarom |
| 2020 | Replicated state machines without replicated execution. Jonathan Lee, Kirill Nikitin, Srinath T. V. Setty |
| 2020 | RetroWrite: Statically Instrumenting COTS Binaries for Fuzzing and Sanitization. Sushant Dinesh, Nathan Burow, Dongyan Xu, Mathias Payer |
| 2020 | Rigorous engineering for hardware security: Formal modelling and proof in the CHERI design and implementation process. Kyndylan Nienhuis, Alexandre Joannou, Thomas Bauereiss, Anthony C. J. Fox, Michael Roe, Brian Campbell, Matthew Naylor, Robert M. Norton, Simon W. Moore, Peter G. Neumann, Ian Stark, Robert N. M. Watson, Peter Sewell |
| 2020 | SAVIOR: Towards Bug-Driven Hybrid Testing. Yaohui Chen, Peng Li, Jun Xu, Shengjian Guo, Rundong Zhou, Yulong Zhang, Tao Wei, Long Lu |
| 2020 | SEIMI: Efficient and Secure SMAP-Enabled Intra-process Memory Isolation. Zhe Wang, Chenggang Wu, Mengyao Xie, Yinqian Zhang, Kangjie Lu, Xiaofeng Zhang, Yuanming Lai, Yan Kang, Min Yang |
| 2020 | SEVurity: No Security Without Integrity : Breaking Integrity-Free Memory Encryption with Minimal Assumptions. Luca Wilke, Jan Wichelmann, Mathias Morbitzer, Thomas Eisenbarth |
| 2020 | SPIDER: Enabling Fast Patch Propagation In Related Software Repositories. Aravind Machiry, Nilo Redini, Eric Camellini, Christopher Kruegel, Giovanni Vigna |
| 2020 | Security Update Labels: Establishing Economic Incentives for Security Patching of IoT Consumer Products. Philipp Morgner, Christoph Mai, Nicole Koschate-Fischer, Felix C. Freiling, Zinaida Benenson |
| 2020 | Semantic Understanding of Smart Contracts: Executable Operational Semantics of Solidity. Jiao Jiao, Shuanglong Kan, Shang-Wei Lin, David Sanán, Yang Liu, Jun Sun |
| 2020 | SoK: A Minimalist Approach to Formalizing Analog Sensor Security. Chen Yan, Hocheol Shin, Connor Bolton, Wenyuan Xu, Yongdae Kim, Kevin Fu |
| 2020 | SoK: Cyber Insurance - Technical Challenges and a System Security Roadmap. Savino Dambra, Leyla Bilge, Davide Balzarotti |
| 2020 | SoK: Differential Privacy as a Causal Property. Michael Carl Tschantz, Shayak Sen, Anupam Datta |
| 2020 | SoK: Understanding the Prevailing Security Vulnerabilities in TrustZone-assisted TEE Systems. David Cerdeira, Nuno Santos, Pedro Fonseca, Sandro Pinto |
| 2020 | SpecCFI: Mitigating Spectre Attacks using CFI Informed Speculation. Esmaeil Mohammadian Koruyeh, Shirin Haji Amin Shirazi, Khaled N. Khasawneh, Chengyu Song, Nael B. Abu-Ghazaleh |
| 2020 | Spectector: Principled Detection of Speculative Information Flows. Marco Guarnieri, Boris Köpf, José F. Morales, Jan Reineke, Andrés Sánchez |
| 2020 | Sync HotStuff: Simple and Practical Synchronous State Machine Replication. Ittai Abraham, Dahlia Malkhi, Kartik Nayak, Ling Ren, Maofan Yin |
| 2020 | TARDIS: Rolling Back The Clock On CMS-Targeting Cyber Attacks. Ranjita Pai Kasturi, Yiting Sun, Ruian Duan, Omar Alrawi, Ehsan Asdar, Victor Zhu, Yonghwi Kwon, Brendan Saltaformaggio |
| 2020 | TRRespass: Exploiting the Many Sides of Target Row Refresh. Pietro Frigo, Emanuele Vannacci, Hasan Hassan, Victor van der Veen, Onur Mutlu, Cristiano Giuffrida, Herbert Bos, Kaveh Razavi |
| 2020 | Tactical Provenance Analysis for Endpoint Detection and Response Systems. Wajih Ul Hassan, Adam Bates, Daniel Marino |
| 2020 | TextExerciser: Feedback-driven Text Input Exercising for Android Applications. Yuyu He, Lei Zhang, Zhemin Yang, Yinzhi Cao, Keke Lian, Shuai Li, Wei Yang, Zhibo Zhang, Min Yang, Yuan Zhang, Haixin Duan |
| 2020 | The Last Mile: High-Assurance and High-Speed Cryptographic Implementations. José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, Benjamin Grégoire, Adrien Koutsos, Vincent Laporte, Tiago Oliveira, Pierre-Yves Strub |
| 2020 | The Many Kinds of Creepware Used for Interpersonal Attacks. Kevin A. Roundy, Paula Barmaimon Mendelberg, Nicola Dell, Damon McCoy, Daniel Nissani, Thomas Ristenpart, Acar Tamersoy |
| 2020 | The State of the Uniform: Attacks on Encrypted Databases Beyond the Uniform Query Distribution. Evgenios M. Kornaropoulos, Charalampos Papamanthou, Roberto Tamassia |
| 2020 | The Value of Collaboration in Convex Machine Learning with Differential Privacy. Nan Wu, Farhad Farokhi, David B. Smith, Mohamed Ali Kâafar |
| 2020 | This PIN Can Be Easily Guessed: Analyzing the Security of Smartphone Unlock PINs. Philipp Markert, Daniel V. Bailey, Maximilian Golla, Markus Dürmuth, Adam J. Aviv |
| 2020 | Throwing Darts in the Dark? Detecting Bots with Limited Data using Neural Data Augmentation. Steve T. K. Jan, Qingying Hao, Tianrui Hu, Jiameng Pu, Sonal Oswal, Gang Wang, Bimal Viswanath |
| 2020 | Towards Effective Differential Privacy Communication for Users' Data Sharing Decision and Comprehension. Aiping Xiong, Tianhao Wang, Ninghui Li, Somesh Jha |
| 2020 | Towards Scalable Threshold Cryptosystems. Alin Tomescu, Robert Chen, Yiming Zheng, Ittai Abraham, Benny Pinkas, Guy Golan-Gueta, Srinivas Devadas |
| 2020 | Towards a Natural Perspective of Smart Homes for Practical Security and Safety Analyses. Sunil Manandhar, Kevin Moran, Kaushal Kafle, Ruhao Tang, Denys Poshyvanyk, Adwait Nadkarni |
| 2020 | Transparent Polynomial Delegation and Its Applications to Zero Knowledge Proof. Jiaheng Zhang, Tiancheng Xie, Yupeng Zhang, Dawn Song |
| 2020 | Transys: Leveraging Common Security Properties Across Hardware Designs. Rui Zhang, Cynthia Sturton |
| 2020 | Unexpected Data Dependency Creation and Chaining: A New Attack to SDN. Feng Xiao, Jinquan Zhang, Jianwei Huang, Guofei Gu, Dinghao Wu, Peng Liu |
| 2020 | VERISMART: A Highly Precise Safety Verifier for Ethereum Smart Contracts. Sunbeom So, Myungho Lee, Jisu Park, Heejo Lee, Hakjoo Oh |
| 2020 | VerX: Safety Verification of Smart Contracts. Anton Permenev, Dimitar Dimitrov, Petar Tsankov, Dana Drachsler-Cohen, Martin T. Vechev |
| 2020 | WaveSpy: Remote and Through-wall Screen Attack via mmWave Sensing. Zhengxiong Li, Fenglong Ma, Aditya Singh Rathore, Zhuolin Yang, Baicheng Chen, Lu Su, Wenyao Xu |
| 2020 | ZEXE: Enabling Decentralized Private Computation. Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu |
| 2020 | xMP: Selective Memory Protection for Kernel and User Space. Sergej Proskurin, Marius Momeu, Seyedhamed Ghavamnia, Vasileios P. Kemerlis, Michalis Polychronakis |