USENIX Security Symposium A*

86 papers

YearTitle / Authors
2017"I Have No Idea What I'm Doing" - On the Usability of Deploying HTTPS.
Katharina Krombholz, Wilfried Mayer, Martin Schmiedecker, Edgar R. Weippl
201726th USENIX Security Symposium, USENIX Security 2017, Vancouver, BC, Canada, August 16-18, 2017.
Engin Kirda, Thomas Ristenpart
20176thSense: A Context-aware Sensor-based Attack Detector for Smart Devices.
Amit Kumar Sikder, Hidayet Aksu, A. Selcuk Uluagac
2017A Longitudinal, End-to-End View of the DNSSEC Ecosystem.
Taejoong Chung, Roland van Rijswijk-Deij, Balakrishnan Chandrasekaran, David R. Choffnes, Dave Levin, Bruce M. Maggs, Alan Mislove, Christo Wilson
2017A Privacy Analysis of Cross-device Tracking.
Sebastian Zimmeck, Jie S. Li, HyungTae Kim, Steven M. Bellovin, Tony Jebara
2017AWare: Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings.
Giuseppe Petracca, Ahmad Atamli-Reineh, Yuqiong Sun, Jens Grossklags, Trent Jaeger
2017Adaptive Android Kernel Live Patching.
Yue Chen, Yulong Zhang, Zhi Wang, Liangzhao Xia, Chenfu Bao, Tao Wei
2017Attacking the Brain: Races in the SDN Control Plane.
Lei Xu, Jeff Huang, Sungmin Hong, Jialong Zhang, Guofei Gu
2017AuthentiCall: Efficient Identity and Content Authentication for Phone Calls.
Bradley Reaves, Logan Blue, Hadi Abdullah, Luis Vargas, Patrick Traynor, Thomas Shrimpton
2017AutoLock: Why Cache Attacks on ARM Are Harder Than You Think.
Marc Green, Leandro Rodrigues Lima, Andreas Zankl, Gorka Irazoqui, Johann Heyszl, Thomas Eisenbarth
2017BLENDER: Enabling Local Search with a Hybrid Differential Privacy Model.
Brendan Avent, Aleksandra Korolova, David Zeber, Torgeir Hovden, Benjamin Livshits
2017Beauty and the Burst: Remote Identification of Encrypted Video Streams.
Roei Schuster, Vitaly Shmatikov, Eran Tromer
2017BinSim: Trace-based Semantic Binary Diffing via System Call Sliced Segment Equivalence Checking.
Jiang Ming, Dongpeng Xu, Yufei Jiang, Dinghao Wu
2017BootStomp: On the Security of Bootloaders in Mobile Devices.
Nilo Redini, Aravind Machiry, Dipanjan Das, Yanick Fratantonio, Antonio Bianchi, Eric Gustafson, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna
2017CAn't Touch This: Software-only Mitigation against Rowhammer Attacks targeting Kernel Memory.
Ferdinand Brasser, Lucas Davi, David Gens, Christopher Liebchen, Ahmad-Reza Sadeghi
2017CCSP: Controlled Relaxation of Content Security Policies by Runtime Policy Composition.
Stefano Calzavara, Alvise Rabitti, Michele Bugliesi
2017CHAINIAC: Proactive Software-Update Transparency via Collectively Signed Skipchains and Verified Builds.
Kirill Nikitin, Eleftherios Kokoris-Kogias, Philipp Jovanovic, Nicolas Gailly, Linus Gasser, Ismail Khoffi, Justin Cappos, Bryan Ford
2017CLKSCREW: Exposing the Perils of Security-Oblivious Energy Management.
Adrian Tang, Simha Sethumadhavan, Salvatore J. Stolfo
2017CacheD: Identifying Cache-Based Timing Channels in Production Software.
Shuai Wang, Pei Wang, Xiao Liu, Danfeng Zhang, Dinghao Wu
2017Characterizing the Nature and Dynamics of Tor Exit Blocking.
Rachee Singh, Rishab Nithyanand, Sadia Afroz, Paul Pearce, Michael Carl Tschantz, Phillipa Gill, Vern Paxson
2017Computer Security, Privacy, and DNA Sequencing: Compromising Computers with Synthesized DNA, Privacy Leaks, and More.
Peter Ney, Karl Koscher, Lee Organick, Luis Ceze, Tadayoshi Kohno
2017Constant-Time Callees with Variable-Time Callers.
Cesar Pereida García, Billy Bob Brumley
2017DR. CHECKER: A Soundy Analysis for Linux Kernel Drivers.
Aravind Machiry, Chad Spensky, Jake Corina, Nick Stephens, Christopher Kruegel, Giovanni Vigna
2017DeTor: Provably Avoiding Geographic Regions in Tor.
Zhihao Li, Stephen Herwig, Dave Levin
2017Dead Store Elimination (Still) Considered Harmful.
Zhaomo Yang, Brian Johannesmeyer, Anders Trier Olesen, Sorin Lerner, Kirill Levchenko
2017Detecting Android Root Exploits by Learning from Root Providers.
Ioannis Gasparis, Zhiyun Qian, Chengyu Song, Srikanth V. Krishnamurthy
2017Detecting Credential Spearphishing in Enterprise Settings.
Grant Ho, Aashish Sharma, Mobin Javed, Vern Paxson, David A. Wagner
2017Digtool: A Virtualization-Based Framework for Detecting Kernel Vulnerabilities.
Jianfeng Pan, Guanglu Yan, Xiaocao Fan
2017Efficient Protection of Path-Sensitive Control Security.
Ren Ding, Chenxiong Qian, Chengyu Song, William Harris, Taesoo Kim, Wenke Lee
2017Ensuring Authorized Updates in Multi-user Database-Backed Applications.
Kevin Eykholt, Atul Prakash, Barzan Mozafari
2017Exploring User Perceptions of Discrimination in Online Targeted Advertising.
Angelisa C. Plane, Elissa M. Redmiles, Michelle L. Mazurek, Michael Carl Tschantz
2017Extension Breakdown: Security Analysis of Browsers Extension Resources Control Policies.
Iskander Sánchez-Rola, Igor Santos, Davide Balzarotti
2017Game of Registrars: An Empirical Analysis of Post-Expiration Domain Name Takeovers.
Tobias Lauinger, Abdelberi Chaabane, Ahmet Salih Buyukkayhan, Kaan Onarlioglu, William Robertson
2017Global Measurement of DNS Manipulation.
Paul Pearce, Ben Jones, Frank Li, Roya Ensafi, Nick Feamster, Nicholas Weaver, Vern Paxson
2017HELP: Helper-Enabled In-Band Device Pairing Resistant Against Signal Cancellation.
Nirnimesh Ghose, Loukas Lazos, Ming Li
2017Hacking in Darkness: Return-oriented Programming against Secure Enclaves.
Jae-Hyuk Lee, Jin Soo Jang, Yeongjin Jang, Nohyun Kwak, Yeseul Choi, Changho Choi, Taesoo Kim, Marcus Peinado, Brent ByungHoon Kang
2017How Double-Fetch Situations turn into Double-Fetch Vulnerabilities: A Study of Double Fetches in the Linux Kernel.
Pengfei Wang, Jens Krinke, Kai Lu, Gen Li, Steve Dodier-Lazaro
2017How the Web Tangled Itself: Uncovering the History of Client-Side Web (In)Security.
Ben Stock, Martin Johns, Marius Steffens, Michael Backes
2017Identifier Binding Attacks and Defenses in Software-Defined Networks.
Samuel Jero, William Koch, Richard Skowyra, Hamed Okhravi, Cristina Nita-Rotaru, David Bigelow
2017Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing.
Sangho Lee, Ming-Wei Shih, Prasun Gera, Taesoo Kim, Hyesoon Kim, Marcus Peinado
2017Locally Differentially Private Protocols for Frequency Estimation.
Tianhao Wang, Jeremiah Blocki, Ninghui Li, Somesh Jha
2017Loophole: Timing Attacks on Shared Event Loops in Chrome.
Pepe Vila, Boris Köpf
2017MCMix: Anonymous Messaging via Secure Multiparty Computation.
Nikolaos Alexopoulos, Aggelos Kiayias, Riivo Talviste, Thomas Zacharias
2017MPI: Multiple Perspective Attack Investigation with Semantic Aware Execution Partitioning.
Shiqing Ma, Juan Zhai, Fei Wang, Kyu Hyung Lee, Xiangyu Zhang, Dongyan Xu
2017Malton: Towards On-Device Non-Invasive Mobile Malware Analysis for ART.
Lei Xue, Yajin Zhou, Ting Chen, Xiapu Luo, Guofei Gu
2017Measuring HTTPS Adoption on the Web.
Adrienne Porter Felt, Richard Barnes, April King, Chris Palmer, Chris Bentzel, Parisa Tabriz
2017Measuring the Insecurity of Mobile Deep Links of Android.
Fang Liu, Chun Wang, Andres Pico, Danfeng Yao, Gang Wang
2017Neural Nets Can Learn Function Type Signatures From Binaries.
Zheng Leong Chua, Shiqi Shen, Prateek Saxena, Zhenkai Liang
2017Ninja: Towards Transparent Tracing and Debugging on ARM.
Zhenyu Ning, Fengwei Zhang
2017ORide: A Privacy-Preserving yet Accountable Ride-Hailing Service.
Anh Pham, Italo Dacosta, Guillaume Endignoux, Juan Ramón Troncoso-Pastoriza, Kévin Huguenin, Jean-Pierre Hubaux
2017On the effectiveness of mitigations against floating-point timing channels.
David Kohlbrenner, Hovav Shacham
2017Oscar: A Practical Page-Permissions-Based Scheme for Thwarting Dangling Pointers.
Thurston H. Y. Dang, Petros Maniatis, David A. Wagner
2017PDF Mirage: Content Masking Attack Against Information-Based Online Services.
Ian D. Markwood, Dakun Shen, Yao Liu, Zhuo Lu
2017Phoenix: Rebirth of a Cryptographic Password-Hardening Service.
Russell W. F. Lai, Christoph Egger, Dominique Schröder, Sherman S. M. Chow
2017Picking Up My Tab: Understanding and Mitigating Synchronized Token Lifting and Spending in Mobile Payment.
Xiaolong Bai, Zhe Zhou, Xiaofeng Wang, Zhou Li, Xianghang Mi, Nan Zhang, Tongxin Li, Shi-Min Hu, Kehuan Zhang
2017PlatPal: Detecting Malicious Documents with Platform Diversity.
Meng Xu, Taesoo Kim
2017Postmortem Program Analysis with Hardware-Enhanced Post-Crash Artifacts.
Jun Xu, Dongliang Mu, Xinyu Xing, Peng Liu, Ping Chen, Bing Mao
2017Predicting the Resilience of Obfuscated Code Against Symbolic Execution Attacks via Machine Learning.
Sebastian Banescu, Christian S. Collberg, Alexander Pretschner
2017Prime+Abort: A Timer-Free High-Precision L3 Cache Attack using Intel TSX.
Craig Disselkoen, David Kohlbrenner, Leo Porter, Dean M. Tullsen
2017Qapla: Policy compliance for database-backed systems.
Aastha Mehta, Eslam Elnikety, Katura Harvey, Deepak Garg, Peter Druschel
2017REM: Resource-Efficient Mining for Blockchains.
Fan Zhang, Ittay Eyal, Robert Escriva, Ari Juels, Robbert van Renesse
2017ROTE: Rollback Protection for Trusted Execution.
Sinisa Matetic, Mansoor Ahmed, Kari Kostiainen, Aritra Dhar, David M. Sommer, Arthur Gervais, Ari Juels, Srdjan Capkun
2017Reverse Engineering x86 Processor Microcode.
Philipp Koppe, Benjamin Kollenda, Marc Fyrbiak, Christian Kison, Robert Gawlik, Christof Paar, Thorsten Holz
2017SLEUTH: Real-time Attack Scenario Reconstruction from COTS Audit Data.
Md Nahid Hossain, Sadegh M. Milajerdi, Junao Wang, Birhanu Eshete, Rigel Gjomemo, R. Sekar, Scott D. Stoller, V. N. Venkatakrishnan
2017Same-Origin Policy: Evaluation in Modern Browsers.
Jörg Schwenk, Marcus Niemietz, Christian Mainka
2017See No Evil, Hear No Evil, Feel No Evil, Print No Evil? Malicious Fill Patterns Detection in Additive Manufacturing.
Christian Bayens, Tuan Le, Luis Garcia, Raheem A. Beyah, Mehdi Javanmard, Saman A. Zonouz
2017Seeing Through The Same Lens: Introspecting Guest Address Space At Native Speed.
Siqi Zhao, Xuhua Ding, Wen Xu, Dawu Gu
2017SmartAuth: User-Centered Authorization for the Internet of Things.
Yuan Tian, Nan Zhang, Yue-Hsun Lin, Xiaofeng Wang, Blase Ur, Xianzheng Guo, Patrick Tague
2017SmartPool: Practical Decentralized Pooled Mining.
Loi Luu, Yaron Velner, Jason Teutsch, Prateek Saxena
2017Speeding up detection of SHA-1 collision attacks using unavoidable attack conditions.
Marc Stevens, Daniel Shumow
2017Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory.
Daniel Gruss, Julian Lettner, Felix Schuster, Olga Ohrimenko, István Haller, Manuel Costa
2017Syntia: Synthesizing the Semantics of Obfuscated Code.
Tim Blazytko, Moritz Contag, Cornelius Aschermann, Thorsten Holz
2017Telling Your Secrets without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution.
Jo Van Bulck, Nico Weichbrodt, Rüdiger Kapitza, Frank Piessens, Raoul Strackx
2017The Loopix Anonymity System.
Ania M. Piotrowska, Jamie Hayes, Tariq Elahi, Sebastian Meiser, George Danezis
2017Towards Efficient Heap Overflow Discovery.
Xiangkun Jia, Chao Zhang, Purui Su, Yi Yang, Huafeng Huang, Dengguo Feng
2017Towards Practical Tools for Side Channel Aware Software Engineering: 'Grey Box' Modelling for Instruction Leakages.
David McCann, Elisabeth Oswald, Carolyn Whitnall
2017Transcend: Detecting Concept Drift in Malware Classification Models.
Roberto Jordaney, Kumar Sharad, Santanu Kumar Dash, Zhi Wang, Davide Papini, Ilia Nouretdinov, Lorenzo Cavallaro
2017TrustBase: An Architecture to Repair and Strengthen Certificate-based Authentication.
Mark O'Neill, Scott Heidbrink, Scott Ruoti, Jordan Whitehead, Dan Bunker, Luke Dickinson, Travis Hendershot, Joshua Reynolds, Kent E. Seamons, Daniel Zappala
2017USB Snooping Made Easy: Crosstalk Leakage Attacks on USB Hubs.
Yang Su, Daniel Genkin, Damith Chinthana Ranasinghe, Yuval Yarom
2017Understanding the Mirai Botnet.
Manos Antonakakis, Tim April, Michael D. Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, Yi Zhou
2017Vale: Verifying High-Performance Cryptographic Assembly Code.
Barry Bond, Chris Hawblitzel, Manos Kapritsos, K. Rustan M. Leino, Jacob R. Lorch, Bryan Parno, Ashay Rane, Srinath T. V. Setty, Laure Thompson
2017Venerable Variadic Vulnerabilities Vanquished.
Priyam Biswas, Alessandro Di Federico, Scott A. Carr, Prabhu Rajasekaran, Stijn Volckaert, Yeoul Na, Michael Franz, Mathias Payer
2017Walkie-Talkie: An Efficient Defense Against Passive Website Fingerprinting Attacks.
Tao Wang, Ian Goldberg
2017When the Weakest Link is Strong: Secure Collaboration in the Case of the Panama Papers.
Susan E. McGregor, Elizabeth Anne Watkins, Mahdi Nasrullah Al-Ameen, Kelly Caine, Franziska Roesner
2017kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels.
Sergej Schumilo, Cornelius Aschermann, Robert Gawlik, Sebastian Schinzel, Thorsten Holz
2017vTZ: Virtualizing ARM TrustZone.
Zhichao Hua, Jinyu Gu, Yubin Xia, Haibo Chen, Binyu Zang, Haibing Guan