| 2019 | "Johnny, you are fired!" - Spoofing OpenPGP and S/MIME Signatures in Emails. Jens Müller, Marcus Brinkmann, Damian Poddebniak, Hanno Böck, Sebastian Schinzel, Juraj Somorovsky, Jörg Schwenk |
| 2019 | 28th USENIX Security Symposium, USENIX Security 2019, Santa Clara, CA, USA, August 14-16, 2019. Nadia Heninger, Patrick Traynor |
| 2019 | 50 Ways to Leak Your Data: An Exploration of Apps' Circumvention of the Android Permissions System. Joel Reardon, Álvaro Feal, Primal Wijesekera, Amit Elazari Bar On, Narseo Vallina-Rodriguez, Serge Egelman |
| 2019 | A Billion Open Interfaces for Eve and Mallory: MitM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link. Milan Stute, Sashank Narain, Alex Mariotto, Alexander Heinrich, David Kreitschmann, Guevara Noubir, Matthias Hollick |
| 2019 | A Study of the Feasibility of Co-located App Attacks against BLE and a Large-Scale Analysis of the Current Application-Layer Security Landscape. Pallavi Sivakumaran, Jorge Blasco |
| 2019 | A Systematic Evaluation of Transient Execution Attacks and Defenses. Claudio Canella, Jo Van Bulck, Michael Schwarz, Moritz Lipp, Benjamin von Berg, Philipp Ortner, Frank Piessens, Dmitry Evtyushkin, Daniel Gruss |
| 2019 | ALOHA: Auxiliary Loss Optimization for Hypothesis Augmentation. Ethan M. Rudd, Felipe N. Ducau, Cody Wild, Konstantin Berlin, Richard E. Harang |
| 2019 | ATTACK2VEC: Leveraging Temporal Word Embeddings to Understand the Evolution of Cyberattacks. Yun Shen, Gianluca Stringhini |
| 2019 | All Things Considered: An Analysis of IoT Devices on Home Networks. Deepak Kumar, Kelly Shen, Benton Case, Deepali Garg, Galina Alperovich, Dmitry Kuznetsov, Rajarshi Gupta, Zakir Durumeric |
| 2019 | All Your Clicks Belong to Me: Investigating Click Interception on the Web. Mingxue Zhang, Wei Meng, Sangho Lee, Byoungyoung Lee, Xinyu Xing |
| 2019 | AntiFuzz: Impeding Fuzzing Audits of Binary Executables. Emre Güler, Cornelius Aschermann, Ali Abbasi, Thorsten Holz |
| 2019 | BITE: Bitcoin Lightweight Client Privacy using Trusted Execution. Sinisa Matetic, Karl Wüst, Moritz Schneider, Kari Kostiainen, Ghassan Karame, Srdjan Capkun |
| 2019 | Back to the Whiteboard: a Principled Approach for the Assessment and Design of Memory Forensic Techniques. Fabio Pagani, Davide Balzarotti |
| 2019 | Birthday, Name and Bifacial-security: Understanding Passwords of Chinese Web Users. Ding Wang, Ping Wang, Debiao He, Yuan Tian |
| 2019 | Blind Bernoulli Trials: A Noninteractive Protocol For Hidden-Weight Coin Flips. R. Joseph Connor, Max Schuchard |
| 2019 | CANvas: Fast and Inexpensive Automotive Network Mapping. Sekar Kulandaivel, Tushar Goyal, Arnav Kumar Agrawal, Vyas Sekar |
| 2019 | CONFIRM: Evaluating Compatibility and Relevance of Control-flow Integrity Protections for Modern Software. Xiaoyang Xu, Masoud Ghaffarinia, Wenhao Wang, Kevin W. Hamlen, Zhiqiang Lin |
| 2019 | CSI NN: Reverse Engineering of Neural Network Architectures Through Electromagnetic Side Channel. Lejla Batina, Shivam Bhasin, Dirmanto Jap, Stjepan Picek |
| 2019 | CT-GAN: Malicious Tampering of 3D Medical Imagery using Deep Learning. Yisroel Mirsky, Tom Mahler, Ilan Shelef, Yuval Elovici |
| 2019 | Clinical Computer Security for Victims of Intimate Partner Violence. Sam Havron, Diana Freed, Rahul Chatterjee, Damon McCoy, Nicola Dell, Thomas Ristenpart |
| 2019 | Cognitive Triaging of Phishing Attacks. Amber van der Heijden, Luca Allodi |
| 2019 | Computer Security and Privacy in the Interactions Between Victim Service Providers and Human Trafficking Survivors. Christine Chen, Nicola Dell, Franziska Roesner |
| 2019 | DEEPVSA: Facilitating Value-set Analysis with Deep Learning for Postmortem Program Analysis. Wenbo Guo, Dongliang Mu, Xinyu Xing, Min Du, Dawn Song |
| 2019 | Detecting Missing-Check Bugs via Semantic- and Context-Aware Criticalness and Constraints Inferences. Kangjie Lu, Aditya Pakki, Qiushi Wu |
| 2019 | Detecting and Characterizing Lateral Phishing at Scale. Grant Ho, Asaf Cidon, Lior Gavish, Marco Schweighauser, Vern Paxson, Stefan Savage, Geoffrey M. Voelker, David A. Wagner |
| 2019 | Devils in the Guidance: Predicting Logic Vulnerabilities in Payment Syndication Services through Automated Documentation Analysis. Yi Chen, Luyi Xing, Yue Qin, Xiaojing Liao, Xiaofeng Wang, Kai Chen, Wei Zou |
| 2019 | Discovering and Understanding the Security Hazards in the Interactions between IoT Devices, Mobile Apps, and Clouds on Smart Home Platforms. Wei Zhou, Yan Jia, Yao Yao, Lipeng Zhu, Le Guan, Yuhang Mao, Peng Liu, Yuqing Zhang |
| 2019 | ERIM: Secure, Efficient In-process Isolation with Protection Keys (MPK). Anjo Vahldiek-Oberwagner, Eslam Elnikety, Nuno O. Duarte, Michael Sammler, Peter Druschel, Deepak Garg |
| 2019 | EnFuzz: Ensemble Fuzzing with Seed Synchronization among Diverse Fuzzers. Yuanliang Chen, Yu Jiang, Fuchen Ma, Jie Liang, Mingzhe Wang, Chijin Zhou, Xun Jiao, Zhuo Su |
| 2019 | EnTrust: Regulating Sensor Access by Cooperating Programs via Delegation Graphs. Giuseppe Petracca, Yuqiong Sun, Ahmad Atamli-Reineh, Patrick D. McDaniel, Jens Grossklags, Trent Jaeger |
| 2019 | Evaluating Differentially Private Machine Learning in Practice. Bargav Jayaraman, David Evans |
| 2019 | Evaluating the Contextual Integrity of Privacy Regulation: Parents' IoT Toy Privacy Norms Versus COPPA. Noah J. Apthorpe, Sarah Varghese, Nick Feamster |
| 2019 | EverParse: Verified Secure Zero-Copy Parsers for Authenticated Message Formats. Tahina Ramananandro, Antoine Delignat-Lavaud, Cédric Fournet, Nikhil Swamy, Tej Chajed, Nadim Kobeissi, Jonathan Protzenko |
| 2019 | Everyone is Different: Client-side Diversification for Defending Against Extension Fingerprinting. Erik Trickel, Oleksii Starov, Alexandros Kapravelos, Nick Nikiforakis, Adam Doupé |
| 2019 | Exploiting Unprotected I/O Operations in AMD's Secure Encrypted Virtualization. Mengyuan Li, Yinqian Zhang, Zhiqiang Lin, Yan Solihin |
| 2019 | FIRM-AFL: High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation. Yaowen Zheng, Ali Davanian, Heng Yin, Chengyu Song, Hongsong Zhu, Limin Sun |
| 2019 | FastKitten: Practical Smart Contracts on Bitcoin. Poulami Das, Lisa Eckey, Tommaso Frassetto, David Gens, Kristina Hostáková, Patrick Jauernig, Sebastian Faust, Ahmad-Reza Sadeghi |
| 2019 | From IP ID to Device ID and KASLR Bypass. Amit Klein, Benny Pinkas |
| 2019 | Fuzzification: Anti-Fuzzing Techniques. Jinho Jung, Hong Hu, David Solodukhin, Daniel Pagan, Kyu Hyung Lee, Taesoo Kim |
| 2019 | GRIMOIRE: Synthesizing Structure while Fuzzing. Tim Blazytko, Cornelius Aschermann, Moritz Schlögel, Ali Abbasi, Sergej Schumilo, Simon Wörner, Thorsten Holz |
| 2019 | HardFails: Insights into Software-Exploitable Hardware Bugs. Ghada Dessouky, David Gens, Patrick Haney, Garrett Persyn, Arun K. Kanuparthi, Hareesh Khattri, Jason M. Fung, Ahmad-Reza Sadeghi, Jeyavijayan Rajendran |
| 2019 | HideMyApp: Hiding the Presence of Sensitive Apps on Android. Anh Pham, Italo Dacosta, Eleonora Losiouk, John Stephan, Kévin Huguenin, Jean-Pierre Hubaux |
| 2019 | Hiding in Plain Signal: Physical Signal Overshadowing Attack on LTE. Hojoon Yang, Sangwook Bae, Mincheol Son, Hongil Kim, Song Min Kim, Yongdae Kim |
| 2019 | High Precision Detection of Business Email Compromise. Asaf Cidon, Lior Gavish, Itay Bleier, Nadia Korshun, Marco Schweighauser, Alexey Tsitkin |
| 2019 | IODINE: Verifying Constant-Time Execution of Hardware. Klaus von Gleissenthall, Rami Gökhan Kici, Deian Stefan, Ranjit Jhala |
| 2019 | Identifying Cache-Based Side Channels through Secret-Augmented Abstract Interpretation. Shuai Wang, Yuyan Bao, Xiao Liu, Pei Wang, Danfeng Zhang, Dinghao Wu |
| 2019 | Iframes/Popups Are Dangerous in Mobile WebView: Studying and Mitigating Differential Context Vulnerabilities. Guangliang Yang, Jeff Huang, Guofei Gu |
| 2019 | Improving Robustness of ML Classifiers against Realizable Evasion Attacks Using Conserved Features. Liang Tong, Bo Li, Chen Hajaj, Chaowei Xiao, Ning Zhang, Yevgeniy Vorobeychik |
| 2019 | Inadvertently Making Cyber Criminals Rich: A Comprehensive Study of Cryptojacking Campaigns at Internet Scale. Hugo L. J. Bijmans, Tim M. Booij, Christian Doerr |
| 2019 | JEDI: Many-to-Many End-to-End Encryption and Key Delegation for IoT. Sam Kumar, Yuncong Hu, Michael P. Andersen, Raluca Ada Popa, David E. Culler |
| 2019 | KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities. Wei Wu, Yueqi Chen, Xinyu Xing, Wei Zou |
| 2019 | Leaky Images: Targeted Privacy Attacks in the Web. Cristian-Alexandru Staicu, Michael Pradel |
| 2019 | Less is More: Quantifying the Security Benefits of Debloating Web Applications. Babak Amin Azad, Pierre Laperdrix, Nick Nikiforakis |
| 2019 | Looking from the Mirror: Evaluating IoT Device Security through Mobile Companion Apps. Xueqiang Wang, Yuqiong Sun, Susanta Nanda, Xiaofeng Wang |
| 2019 | Losing the Car Keys: Wireless PHY-Layer Insecurity in EV Charging. Richard Baker, Ivan Martinovic |
| 2019 | MOPT: Optimized Mutation Scheduling for Fuzzers. Chenyang Lyu, Shouling Ji, Chao Zhang, Yuwei Li, Wei-Han Lee, Yu Song, Raheem Beyah |
| 2019 | Misleading Authorship Attribution of Source Code using Adversarial Learning. Erwin Quiring, Alwin Maier, Konrad Rieck |
| 2019 | Mobile Private Contact Discovery at Scale. Daniel Kales, Christian Rechberger, Thomas Schneider, Matthias Senker, Christian Weinert |
| 2019 | No Right to Remain Silent: Isolating Malicious Mixes. Hemi Leibowitz, Ania M. Piotrowska, George Danezis, Amir Herzberg |
| 2019 | Not Everything is Dark and Gloomy: Power Grid Protections Against IoT Demand Attacks. Bing Huang, Alvaro A. Cárdenas, Ross Baldick |
| 2019 | On (The Lack Of) Location Privacy in Crowdsourcing Applications. Spyros Boukoros, Mathias Humbert, Stefan Katzenbeisser, Carmela Troncoso |
| 2019 | Origin-sensitive Control Flow Integrity. Mustakimur Khandaker, Wenqing Liu, Abu Naser, Zhi Wang, Jie Yang |
| 2019 | PAC it up: Towards Pointer Integrity using ARM Pointer Authentication. Hans Liljestrand, Thomas Nyman, Kui Wang, Carlos Chinea Perez, Jan-Erik Ekberg, N. Asokan |
| 2019 | PeX: A Permission Check Analysis Framework for Linux Kernel. Tong Zhang, Wenbo Shen, Dongyoon Lee, Changhee Jung, Ahmed M. Azab, Ruowen Wang |
| 2019 | Platforms in Everything: Analyzing Ground-Truth Data on the Anatomy and Economics of Bullet-Proof Hosting. Arman Noroozian, Jan Koenders, Eelco van Veldhuizen, Carlos Hernandez Gañán, Sumayah A. Alrwais, Damon McCoy, Michel van Eeten |
| 2019 | Please Pay Inside: Evaluating Bluetooth-based Detection of Gas Pump Skimmers. Nishant Bhaskar, Maxwell Bland, Kirill Levchenko, Aaron Schulman |
| 2019 | Point Break: A Study of Bandwidth Denial-of-Service Attacks against Tor. Rob Jansen, Tavish Vaidya, Micah Sherr |
| 2019 | PolicyLint: Investigating Internal Privacy Policy Contradictions on Google Play. Benjamin Andow, Samin Yaseer Mahmud, Wenyu Wang, Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, Tao Xie |
| 2019 | Probability Model Transforming Encoders Against Encoding Attacks. Haibo Cheng, Zhixiong Zheng, Wenting Li, Ping Wang, Chao-Hsien Chu |
| 2019 | Protecting Cloud Virtual Machines from Hypervisor and Host Operating System Exploits. Shih-Wei Li, John S. Koh, Jason Nieh |
| 2019 | Protecting accounts from credential stuffing with password breach alerting. Kurt Thomas, Jennifer Pullman, Kevin Yeo, Ananth Raghunathan, Patrick Gage Kelley, Luca Invernizzi, Borbala Benko, Tadek Pietraszek, Sarvar Patel, Dan Boneh, Elie Bursztein |
| 2019 | Pythia: Remote Oracles for the Masses. Shin-Yeh Tsai, Mathias Payer, Yiying Zhang |
| 2019 | RAZOR: A Framework for Post-deployment Software Debloating. Chenxiong Qian, Hong Hu, Mansour Alharthi, Simon Pak Ho Chung, Taesoo Kim, Wenke Lee |
| 2019 | RVFuzzer: Finding Input Validation Bugs in Robotic Vehicles through Control-Guided Testing. Taegyu Kim, Chung Hwan Kim, Junghwan Rhee, Fan Fei, Zhan Tu, Gregory Walkup, Xiangyu Zhang, Xinyan Deng, Dongyan Xu |
| 2019 | Reading the Tea leaves: A Comparative Analysis of Threat Intelligence. Vector Guo Li, Matthew Dunn, Paul Pearce, Damon McCoy, Geoffrey M. Voelker, Stefan Savage |
| 2019 | Rendered Private: Making GLSL Execution Uniform to Prevent WebGL-based Browser Fingerprinting. Shujiang Wu, Song Li, Yinzhi Cao, Ningfei Wang |
| 2019 | Robust Website Fingerprinting Through the Cache Occupancy Channel. Anatoly Shusterman, Lachlan Kang, Yarden Haskal, Yosef Meltser, Prateek Mittal, Yossi Oren, Yuval Yarom |
| 2019 | SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks. Saad Islam, Ahmad Moghimi, Ida Bruhns, Moritz Krebbel, Berk Gülmezoglu, Thomas Eisenbarth, Berk Sunar |
| 2019 | SafeHidden: An Efficient and Secure Information Hiding Technique Using Re-randomization. Zhe Wang, Chenggang Wu, Yinqian Zhang, Bowen Tang, Pen-Chung Yew, Mengyao Xie, Yuanming Lai, Yan Kang, Yueqiang Cheng, Zhiping Shi |
| 2019 | Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities. Robert Merget, Juraj Somorovsky, Nimrod Aviram, Craig Young, Janis Fliegenschmidt, Jörg Schwenk, Yuval Shavitt |
| 2019 | ScatterCache: Thwarting Cache Attacks via Cache Set Randomization. Mario Werner, Thomas Unterluggauer, Lukas Giner, Michael Schwarz, Daniel Gruss, Stefan Mangard |
| 2019 | Secure Multi-User Content Sharing for Augmented Reality Applications. Kimberly Ruth, Tadayoshi Kohno, Franziska Roesner |
| 2019 | Seeing is Not Believing: Camouflage Attacks on Image Scaling Algorithms. Qixue Xiao, Yufei Chen, Chao Shen, Yu Chen, Kang Li |
| 2019 | Site Isolation: Process Separation for Web Sites within the Browser. Charles Reis, Alexander Moshchuk, Nasko Oskov |
| 2019 | Small World with High Risks: A Study of Security Threats in the npm Ecosystem. Markus Zimmermann, Cristian-Alexandru Staicu, Cam Tenny, Michael Pradel |
| 2019 | Stack Overflow Considered Helpful! Deep Learning Security Nudges Towards Stronger Cryptography. Felix Fischer, Huang Xiao, Ching-yu Kao, Yannick Stachelscheid, Benjamin Johnson, Danial Razar, Paul Fawkesley, Nat Buckley, Konstantin Böttinger, Paul Muntean, Jens Grossklags |
| 2019 | StrongChain: Transparent and Collaborative Proof-of-Work Consensus. Pawel Szalachowski, Daniël Reijsbergen, Ivan Homoliak, Siwei Sun |
| 2019 | TESSERACT: Eliminating Experimental Bias in Malware Classification across Space and Time. Feargus Pendlebury, Fabio Pierazzi, Roberto Jordaney, Johannes Kinder, Lorenzo Cavallaro |
| 2019 | Terminal Brain Damage: Exposing the Graceless Degradation in Deep Neural Networks Under Hardware Fault Attacks. Sanghyun Hong, Pietro Frigo, Yigitcan Kaya, Cristiano Giuffrida, Tudor Dumitras |
| 2019 | The Anatomy of a Cryptocurrency Pump-and-Dump Scheme. Jiahua Xu, Benjamin Livshits |
| 2019 | The Art of The Scam: Demystifying Honeypots in Ethereum Smart Contracts. Christof Ferreira Torres, Mathis Steichen, Radu State |
| 2019 | The Betrayal At Cloud City: An Empirical Analysis Of Cloud-Based Mobile Backends. Omar Alrawi, Chaoshun Zuo, Ruian Duan, Ranjita Pai Kasturi, Zhiqiang Lin, Brendan Saltaformaggio |
| 2019 | The CrossPath Attack: Disrupting the SDN Control Channel via Shared Links. Jiahao Cao, Qi Li, Renjie Xie, Kun Sun, Guofei Gu, Mingwei Xu, Yuan Yang |
| 2019 | The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR/EDR. Daniele Antonioli, Nils Ole Tippenhauer, Kasper Bonne Rasmussen |
| 2019 | The Secret Sharer: Evaluating and Testing Unintended Memorization in Neural Networks. Nicholas Carlini, Chang Liu, Úlfar Erlingsson, Jernej Kos, Dawn Song |
| 2019 | The Web's Identity Crisis: Understanding the Effectiveness of Website Identity Indicators. Christopher Thompson, Martin Shelton, Emily Stark, Max Walker, Emily Schechter, Adrienne Porter Felt |
| 2019 | Towards the Detection of Inconsistencies in Public Security Vulnerability Reports. Ying Dong, Wenbo Guo, Yueqi Chen, Xinyu Xing, Yuqing Zhang, Gang Wang |
| 2019 | Tracing Transactions Across Cryptocurrency Ledgers. Haaroon Yousaf, George Kappos, Sarah Meiklejohn |
| 2019 | UWB-ED: Distance Enlargement Attack Detection in Ultra-Wideband. Mridula Singh, Patrick Leu, AbdelRahman Abdou, Srdjan Capkun |
| 2019 | Understanding and Improving Security and Privacy in Multi-User Smart Homes: A Design Exploration and In-Home User Study. Eric Zeng, Franziska Roesner |
| 2019 | Understanding and Securing Device Vulnerabilities through Automated Bug Report Analysis. Xuan Feng, Xiaojing Liao, Xiaofeng Wang, Haining Wang, Qiang Li, Kai Yang, Hongsong Zhu, Limin Sun |
| 2019 | Understanding iOS-based Crowdturfing Through Hidden UI Analysis. Yeonjoon Lee, Xueqiang Wang, Kwangwuk Lee, Xiaojing Liao, Xiaofeng Wang, Tongxin Li, Xianghang Mi |
| 2019 | Users Really Do Answer Telephone Scams. Huahong Tu, Adam Doupé, Ziming Zhao, Gail-Joon Ahn |
| 2019 | Utility-Optimized Local Differential Privacy Mechanisms for Distribution Estimation. Takao Murakami, Yusuke Kawamoto |
| 2019 | VRASED: A Verified Hardware/Software Co-Design for Remote Attestation. Ivan De Oliveira Nunes, Karim Eldefrawy, Norrathep Rattanavipanon, Michael Steiner, Gene Tsudik |
| 2019 | WAVE: A Decentralized Authorization Framework with Transitive Delegation. Michael P. Andersen, Sam Kumar, Moustafa AbdelBaky, Gabe Fierro, John Kolb, Hyung-Sin Kim, David E. Culler, Raluca Ada Popa |
| 2019 | What Are You Searching For? A Remote Keylogging Attack on Search Engine Autocomplete. John V. Monaco |
| 2019 | When the Signal is in the Noise: Exploiting Diffix's Sticky Noise. Andrea Gadotti, Florimond Houssiau, Luc Rocher, Benjamin Livshits, Yves-Alexandre de Montjoye |
| 2019 | Why Do Adversarial Attacks Transfer? Explaining Transferability of Evasion and Poisoning Attacks. Ambra Demontis, Marco Melis, Maura Pintor, Matthew Jagielski, Battista Biggio, Alina Oprea, Cristina Nita-Rotaru, Fabio Roli |
| 2019 | Wireless Attacks on Aircraft Instrument Landing Systems. Harshad Sathaye, Domien Schepers, Aanjhan Ranganathan, Guevara Noubir |
| 2019 | XONN: XNOR-based Oblivious Deep Neural Network Inference. M. Sadegh Riazi, Mohammad Samragh, Hao Chen, Kim Laine, Kristin E. Lauter, Farinaz Koushanfar |
| 2019 | in-toto: Providing farm-to-table guarantees for bits and bytes. Santiago Torres-Arias, Hammad Afzali, Trishank Karthik Kuppusamy, Reza Curtmola, Justin Cappos |
| 2019 | simTPM: User-centric TPM for Mobile Devices. Dhiman Chakraborty, Lucjan Hanzlik, Sven Bugiel |
| 2019 | uXOM: Efficient eXecute-Only Memory on ARM Cortex-M. Donghyun Kwon, Jangseop Shin, Giyeol Kim, Byoungyoung Lee, Yeongpil Cho, Yunheung Paek |