Fides: Selectively Hardening Software Application Components against Kernel-level or Process-level Malware
Raoul Strackx (KU Leuven), Frank Piessens (KU Leuven)

A Software-Hardware Architecture for Self-Protecting Data
Yu-Yuan Chen (Princeton University), Pramod A. Jamkhedkar (Princeton University), Ruby B. Lee (Princeton University)

Vigilare: Toward Snoop-based Kernel Integrity Monitor
Hyungon Moon (Seoul National University), Hojoon Lee (Korea Advanced Institute of Science and Technology), Jihoon Lee (Seoul National University), Kihwan Kim (Korea Advanced Institute of Science and Technology), Yunheung Paek (Seoul National University), Brent Byunghoon Kang (George Mason University)

The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software
Martin Georgiev (The University of Texas at Austin), Subodh Iyengar (Stanford University), Suman Jana (The University of Texas at Austin), Rishita Anubhai (Stanford University), Dan Boneh (Stanford University), Vitaly Shmatikov (The University of Texas at Austin)

Why Eve and Mallory Love Android: An Analysis of Android SSL (In)Security
Sascha Fahl (Distributed Computing & Security Group, Leibniz University Hannover), Marian Harbach (Distributed Computing & Security Group, Leibniz University Hannover), Thomas Muders (Distributed Computing & Security Group, Leibniz University Hannover), Matthew Smith (Distributed Computing & Security Group, Leibniz University Hannover), Lars Baumgärtner (Department of Math. & Computer Science, Philipps University Marburg), Bernd Freisleben (Department of Math. & Computer Science, Philipps University Marburg)

A Cross-Protocol Attack on the TLS Protocol
Nikos Mavrogiannopoulos (KU Leuven - IBBT), Frederik Vercauteren (KU Leuven - IBBT), Vesselin Velichkov (University of Luxembourg), Bart Preneel (KU Leuven - IBBT)

Enhancing Tor's Performance using Real-time Traffic Classification
Mashael AlSabah (University of Waterloo), Kevin Bauer (University of Waterloo), Ian Goldberg (University of Waterloo)

Routing Around Decoys
Max Schuchard (University of Minnesota), John Geddes (University of Minnesota), Christopher Thompson (University of California), Nicholas Hopper (University of Minnesota)

SkypeMorph: Protocol Obfuscation for Tor Bridges
Hooman Mohajeri Moghaddam (University of Waterloo), Baiyu Li (University of Waterloo), Mohammad Derakhshani (University of Waterloo), Ian Goldberg (University of Waterloo)

StegoTorus: A Camouflage Proxy for the Tor Anonymity System
Zachary Weinberg (Carnegie Mellon University), Jeffrey Wang (Stanford University), Vinod Yegneswaran (SRI International), Linda Briesemeister (SRI International), Steven Cheung (SRI International), Frank Wang (Stanford University), Dan Boneh (Stanford University)

CensorSpoofer: Asymmetric Communication using IP Spoofing for Censorship-Resistant Web Browsing
Qiyan Wang (University of Illinois at Urbana-Champaign), Xun Gong (University of Illinois at Urbana-Champaign), Giang T. K. Nguyen (University of Illinois at Urbana-Champaign), Amir Houmansadr (University of Illinois at Urbana-Champaign), Nikita Borisov (University of Illinois at Urbana-Champaign)

Adaptive Defenses for Commodity Software through Virtual Application Partitioning
Dimitris Geneiatakis (Columbia University), Georgios Portokalidis (Columbia University), Vasileios P. Kemerlis (Columbia University), Angelos D. Keromytis (Columbia University)

Leveraging Choice to Automate Authorization Hook Placement
Divya Muthukumaran (The Pennsylvania State University), Trent Jaeger (The Pennsylvania State University), Vinod Ganapathy (Rutgers University)

Binary Stirring: Self-randomizing Instruction Addresses of Legacy x86 Binary Code
Richard Wartell (The University of Texas at Dallas), Vishwath Mohan (The University of Texas at Dallas), Kevin W. Hamlen (The University of Texas at Dallas), Zhiqiang Lin (The University of Texas at Dallas)

Aligot: Cryptographic Function Identification in Obfuscated Binary Programs
Joan Calvet (Universite de Lorraine, LORIA), Jose M Fernandez (Ecole Polytechnique de Montreal), Jean-Yves Marion (Universite de Lorraine, LORIA)

An Historical Examination of Open Source Releases and Their Vulnerabilities
Nigel Edwards (Hewlett-Packard Laboratories), Liqun Chen (Hewlett-Packard Laboratories)

Mobile Data Charging: New Attacks and Countermeasures
Chunyi Peng (University of California, Los Angeles), Chi-yu Li (University of California, Los Angeles), Guan-Hua Tu (University of California, Los Angeles), Songwu Lu (University of California, Los Angeles), Lixia Zhang (University of California, Los Angeles)

New Privacy Issues in Mobile Telephony: Fix and Verification
Myrto Arapinis (University of Birmingham), Loretta Mancini (University of Birmingham), Eike Ritter (University of Birmingham), Mark Ryan (University of Birmingham), Nico Golde (Technische Universität Berlin), Kevin Redon (Technische Universität Berlin), Ravishankar Borgaonkar (Technische Universität Berlin

PScout: Analyzing the Android Permission Specification
Kathy Wain Yee Au (University of Toronto), Yi Fan Zhou (University of Toronto), Zhen Huang (University of Toronto), David Lie (University of Toronto)

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities
Long Lu (Georgia Institute of Technology), Zhichun Li (NEC Labs America, Inc.), Zhenyu Wu (NEC Labs America, Inc.), Wenke Lee (Georgia Institute of Technology), Guofei Jiang (NEC Labs America, Inc.)

Using Probabilistic Generative Models for Ranking Risks of Android Apps
Hao Peng (Purdue University), Chris Gates (Purdue University), Bhaskar Sarma (Purdue University), Ninghui Li (Purdue University), Yuan Qi (Purdue University), Rahul Potharaju (Purdue University), Cristina Nita-Rotaru (Purdue University), Ian Molloy (IBM Research)

Self-service Cloud Computing
Shakeel Butt (Rutgers University), H. Andres Lagar-Cavilla (GridCentric Inc.), Abhinav Srivastava (AT&T Labs-Research), Vinod Ganapathy (Rutgers University)

Hourglass Schemes: How to Prove that Cloud Files Are Encrypted
Marten van Dijk (RSA Laboratories), Ari Juels (RSA Laboratories), Alina Oprea (RSA Laboratories), Ronald L Rivest (MIT), Emil Stefanov (University of California Berkeley), Nikos Triandopoulos (RSA Laboratories)

Resource-Freeing Attacks: Improve Your Cloud Performance (at Your Neighbor's Expense)
Venkatanathan Varadarajan (University of Wisconsin-Madison), Thawan Kooburat (University of Wisconsin-Madison), Benjamin Farley (University of Wisconsin-Madison), Thomas Ristenpart (University of Wisconsin-Madison), Michael M Swift (University of Wisconsin-Madison)

Single Round Access Privacy on Outsourced Storage
Peter Williams (Stony Brook Network Security and Applied Cryptography Lab), Radu Sion (Stony Brook Network Security and Applied Cryptography Lab).

Cross-VM Side Channels and Their Use to Extract Private Keys
Yinqian Zhang (University of North Carolina), Ari Juels (RSA Laboratories), Michael K. Reiter (University of North Carolina), Thomas Ristenpart (University of Wisconsin)

Kargus: a Highly-scalable Software-based Intrusion Detection System
Muhammad Asim Jamshed (KAIST), Jihyung Lee (KAIST), Sangwoo Moon (KAIST), Insu Yun (KAIST), Deokjin Kim (NSRI), Sungryoul Lee (NSRI), Yung Yi (KAIST), KyoungSoo Park (KAIST)

Populated IP Addresses -- Classification and Applications
Chi-Yao Hong (UIUC), Fang Yu (MSR Silicon Valley), Yinglian Xie (MSR Silicon Valley)

Blacksheep: Detecting Compromised Hosts in Homogeneous Crowds
Antonio Bianchi (UC Santa Barbara), Yan Shoshitaishvili (UC Santa Barbara), Christopher Kruegel (UC Santa Barbara), Giovanni Vigna (UC Santa Barbara)

Innocent by Association: Early Recognition of Legitimate Users
Yinglian Xie (Microsoft Research Silicon Valley), Fang Yu (Microsoft Research Silicon Valley), Qifa Ke (Microsoft Research Silicon Valley), Martin Abadi (Microsoft Research Silicon Valley), Eliot Gillum (Microsoft Corporation), Krish Vitaldevaria (Microsoft Corporation), Jason Walter (Microsoft Corporation), Junxian Huang (University of Michigan), Zhuoqing Morley Mao (University of Michigan).

Operating System Framed in Case of Mistaken Identity
Cristian Bravo-Lillo (Carnegie Mellon University), Lorrie Cranor (Carnegie Mellon University), Julie Downs (Carnegie Mellon University), Saranga Komanduri (Carnegie Mellon University), Stuart Schechter (Microsoft Research), Manya Sleeper (Carnegie Mellon University)

The Devil is in the (Implementation) Details: An Empirical Analysis of OAuth SSO Systems
San-Tsai Sun (University of British Columbia), Konstantin Beznosov (University of British Columbia).

OTO: Online Trust Oracle for User-Centric Trust Establishment
Tiffany Hyun-Jin Kim (Carnegie Mellon University), Payas Gupta (Singapore Management University), Jun Han (Carnegie Mellon University), Emmanuel Owusu (Carnegie Mellon University), Jason Hong (Carnegie Mellon University), Adrian Perrig (Carnegie Mellon University), Debin Gao (Singapore Management University)

Strengthening User Authentication through Opportunistic Cryptographic Identity Assertions
Alexei Czeskis (University of Washington), Michael Dietz (Rice University), Tadayoshi Kohno (University of Washington), Dan Wallach (Rice University), Dirk Balfanz (Google)

Minimizing Private Data Disclosures in the Smart Grid
Weining Yang (Purdue University), Ninghui Li (Purdue University), Yuan Qi (Purdue University), Wahbeh Qardaji (Purdue University), Stephen McLaughlin (Penn State University), Patrick McDaniel (Penn State University)

How Secure are Power Network Signature Based Time Stamps?
Wei-Hong Chuang (University of Maryland), Ravi Garg (University of Maryland), Min Wu (University of Maryland)

SABOT: Specification-based Payload Generation for Programmable Logic Controllers
Stephen McLaughlin (The Pennsylvania State University), Patrick McDaniel (The Pennsylvania State University)

GPS Software Attacks
Tyler Nighswander (Carnegie Mellon University), Brent Ledvina (Coherent Navigation), Jonathan Diamond (Coherent Navigation), Robert Brumley (Coherent Navigation), David Brumley (Carnegie Mellon University)

Neighborhood Watch: Security and Privacy Analysis of Automatic Meter Reading Systems
Ishtiaq Rouf (University of South Carolina), Hossen Mustafa (University of South Carolina), Miao Xu (University of South Carolina), Wenyuan Xu (University of South Carolina), Rob Miller (Applied Communication Sciences), Marco Gruteser (Rugers University)

Machine-Generated Algorithms, Proofs and Software for the Batch Verification of Digital Signature Schemes
Joseph A. Akinyele (Johns Hopkins University), Matthew Green (Johns Hopkins University), Susan Hohenberger (Johns Hopkins University), Matthew W. Pagano (Johns Hopkins University)

Full Proof Cryptography: Verifiable Compilation of Efficient Zero-Knowledge Protocols
José Bacelar Almeida (Universidade do Minho), Manuel Barbosa (Universidade do Minho), Endre Bangerter (Bern University of Applied Sciences), Gilles Barthe (IMDEA Software Institute), Stephan Krenn (IST Austria), Santiago Zanella Béguelin (Microsoft Research)

Publicly Verifiable Delegation of Large Polynomials and Matrix Computations, with Applications
Dario Fiore (New York University), Rosario Gennaro (City College of New York)

Secure Two-Party Computation in Sublinear (Amortized) Time
S. Dov Gordon (Applied Communication Sciences), Jonathan Katz (University of Maryland), Vladimir Kolesnikov (Bell Labs), Fernando Krell (Columbia University), Tal Malkin (Columbia University), Mariana Raykova (Columbia University), Yevgeniy Vahlis (AT&T)

Practical Yet Universally Composable Two-Server Password-Authenticated Secret Sharing
Jan Camenisch (IBM Research), Anna Lysyanskaya (Brown University), Gregory Neven (IBM Research)

Provable Security of S-BGP and other Path Vector Protocols: Model, Analysis and Extensions
Alexandra Boldyreva (Georgia Institute of Technology), Robert Lychev (Georgia Institute of Technology)

Towards a Bayesian Network Game Framework for Evaluating DDoS Attacks and Defense
Guanhua Yan (Los Alamos National Laboratory), Ritchie Lee (Carnegie Mellon University Silicon Valley), Alex Kent (Los Alamos National Laboratory), David Wolpert (Los Alamos National Laboratory)

DCast: Sustaining Collaboration in Overlay Multicast despite Rational Collusion
Haifeng Yu (National University of Singapore), Phillip B. Gibbons (Intel Labs), Chenwei Shi (Mozat Pte Ltd)

PeerPress: Utilizing Enemies' P2P Strength against Them
Zhaoyan Xu (Texas A&M University), Lingfeng Chen (Texas A&M University), Guofei Gu (Texas A&M University), Christopher Kruegel (University of California)

Collaborative TCP Sequence Number Inference Attack
Zhiyun Qian (University of Michigan), Z. Morley Mao (University of Michigan), Yinglian Xie (Microsoft Research Silicon Valley)

Touching from a Distance: Website Fingerprinting Attacks and Defenses
Xiang Cai (Stony Brook University), Xin Cheng Zhang (Stony Brook University), Brijesh Joshi (Stony Brook University), Rob Johnson (Stony Brook University)

Protecting Location Privacy: Optimal Strategy against Localization Attacks
Reza Shokri (EPFL), George Theodorakopoulos (Cardiff University), Carmela Troncoso (K.U.Leuven), Jean-Pierre Hubaux (EPFL), Jean-Yves Le Boudec (EPFL)

Deanonymizing Mobility Traces: Using Social Network as a Side-Channel
Mudhakar Srivatsa (IBM T. J. Watson Research Center), Mike Hicks (University of Maryland)

Differentially Private Sequential Data Publication via Variable-Length N-Grams
Rui Chen (Concordia University), Gergely Acs (INRIA), Claude Castelluccia (INRIA)

On Significance of the Least Significant Bits For Differential Privacy
Ilya Mironov (Microsoft Research Silicon Valley)

POSTER: Towards Measuring Warning Readability.
Marian Harbach, Sascha Fahl, Thomas Muders and Matthew Smith.

POSTER: Context-Aware Web Security Threat Prevention.
Lung-Hao Lee, Yen-Cheng Juan, Kuei-Ching Lee, Wei-Lin Tseng, Hsin-Hsi Chen and Yuen-Hsien Tseng.

POSTER: Understanding New Anonymity Networks From a User’s Perspective.
Erik Archambault and Craig Shue.

DEMO: Demonstrating the Effectiveness of MOSESdroid for Separation of Execution Modes.
Giovanni Russello, Mauro Conti, Bruno Crispo, Earlence Fernandes and Yury Zhauniarovich.

POSTER: Protecting Access Privacy of Cached Contents in Information Centric Networks.
Abedelaziz Mohaisen, Xinwen Zhang, Guoqiang Wang and Yongdae Kim.

POSTER: Network-Based Intrusion Detection Systems Go Active!
Eitan Menahem, Gabi Nakibly and Yuval Elovici.

POSTER: Real-time continuous iris recognition for authentication using an eye tracker.
Kenrick Mock and Bogdan Hoanca.

DEMO: ReasONets: A Fuzzy-based approach for Reasoning on Network Incidents.
Giuseppe Petracca, Anna Squicciarini, William Horne and Marco Casassa Mont.

DEMO: How Privacy Leaks from Bluetooth Mouse.
Xian Pan, Zhen Ling, Aniket Pingley, Wei Yu, Nan Zhang and Xinwen Fu.

POSTER: Marlin - Making it harder to fish for gadgets.
Aditi Gupta, Sam Kerr, Michael Kirkpatrick and Elisa Bertino.

POSTER: Advanced Triple-Channel Botnets: Model and Implementation.
Cui Xiang, Fang Binxing, Liao Peng and Liu Chaoge.

DEMO: Demonstrating a Lightweight Data Provenance for Sensor Networks.
Bilal Shebaro, Salmin Sultana, Shakthidhar Reddy Gopavaram and Elisa Bertino.

POSTER: Location Privacy Leaking from Spectrum Utilization Information in Database-driven Cognitive Radio Network.
Zhaoyu Gao, Haojin Zhu, Yao Liu, Muyuan Li and Zhenfu Cao.

POSTER: Authenticated Secret Key Extraction using Channel Characteristics for Body Area Networks.
Jiawei Yuan, Lu Shi, Shucheng Yu and Ming Li.

POSTER: Privacy Preserving Boosting in the Cloud with Secure Half-Space Queries.
Shumin Guo and Keke Chen.

POSTER: Detecting Money-Stealing Apps in Alternative Android Markets.
Chao Yang, Vinod Yegneswaran, Phil Porras and Guofei Gu.

POSTER: Automatic Generation of Vaccines for Malware Immunization.
Zhaoyan Xu, Jialong Zhang, Guofei Gu and Zhiqiang Lin.

POSTER: A Covert Channel Construction in a Virtualized Environment.
Jidong Xiao, Zhang Xu, Hai Huang and Haining Wang.

POSTER: Robust Dynamic Remote Data Checking for Public Clouds.
Bo Chen and Reza Curtmola.

POSTER: Model-based Context Privacy For Personal Data Streams.
Supriyo Chakraborty, Kasturi Rangan Raghavan, Mani Srivastava and Harris Teague.

DEMO: Direct Queries over Encrypted Databases Practically.
Dongxi Liu and Shenlu Wang.

Privacy-Aware Personalization for Mobile Advertising
Michaela Hardt (Twitter), Suman Nath (Microsoft Research)

Knowing Your Enemy: Understanding and Detecting Malicious Web Advertising
Zhou Li (Indiana University Bloomington), Kehuan Zhang (Indiana University Bloomington), Yinglian Xie (MSR Silicon Valley), Fang Yu (MSR Silicon Valley), XiaoFeng Wang (Indiana University Bloomington)

Non-tracking Web Analytics
Istemi Ekin Akkus (Max Planck Institute for Software Systems (MPI-SWS)), Ruichuan Chen (Max Planck Institute for Software Systems (MPI-SWS)), Michaela Hardt (Twitter Inc.), Paul Francis (Max Planck Institute for Software Systems (MPI-SWS)), Johannes Gehrke (Cornell University)

Computational Soundness Without Protocol Restrictions
Michael Backes (Saarland University and MPI-SWS), Ankit Malik (IIT Delhi), Dominique Unruh (Tartu University)

Computational Verification of C Protocol Implementations by Symbolic Execution
Mihhail Aizatulin (Open University), Andrew D. Gordon (Microsoft Research Cambridge), Jan Jürjens (TU Dortmund & Fraunhofer ISST)

Verified Security of Redundancy-Free Encryption from Rabin and RSA
Gilles Barthe (IMDEA Software Institute), David Pointcheval (École Normale Supérieure), Santiago Zanella Béguelin (Microsoft Research)

You Are What You Include: Large-scale Evaluation of Remote JavaScript Inclusions
Nick Nikiforakis (KU Leuven), Luca Invernizzi (University of California, Santa Barbara), Alexandros Kapravelos (University of California, Santa Barbara), Steven Van Acker (KU Leuven), Wouter Joosen (KU Leuven), Christopher Kruegel (University of California, Santa Barbara), Frank Piessens (KU Leuven), Giovanni Vigna (University of California, Santa Barbara)

FlowFox: a Web Browser with Flexible and Precise Information Flow Control
Willem De Groef (KU Leuven), Dominique Devriese (KU Leuven), Nick Nikiforakis (KU Leuven), Frank Piessens (KU Leuven)

Scriptless Attacks
Mario Heiderich (Ruhr-University Bochum), Marcus Niemietz (Ruhr-University Bochum), Felix Schuster (Ruhr-University Bochum), Thorsten Holz (Ruhr-University Bochum), Jörg Schwenk (Ruhr-University Bochum)

Secure Two-Party Computations in ANSI C
Andreas Holzer (TU Wien), Martin Franz (CrypTool Project), Stefan Katzenbeisser (TU Darmstadt), Helmut Veith (TU Wien)

Foundations of Garbled Circuits
Mihir Bellare (University of California, San Diego), Viet Tung Hoang (University of California), Phillip Rogaway (University of California, Davis)

Salus: A System for Server-Aided Secure Function Evaluation
Seny Kamara (Microsoft Research), Payman Mohassel (University of Calgary), Ben Riva (Tel Aviv University)

Vanity, Cracks and Malware
Markus Kammerstetter (Vienna University of Technology), Christian Platzer (Vienna University of Technology), Gilbert Wondracek (Vienna University of Technology)

Manufacturing Compromise: The Emergence of Exploit-as-a-Service
Chris Grier (UC Berkeley), Lucas Ballard (Google, Inc.), Juan Caballero (IMDEA Software Institute), Neha Chachra (UC San Diego), Christian J. Dietrich (University of Applied Sciences Gelsenkirchen), Kirill Levchenko (UC San Diego), Panayiotis Mavrommatis (Google, Inc.), Damon McCoy (George Mason University), Antonio Nappa (IMDEA Software Institute), Andreas Pitsillidis (UC San Diego), Niels Provos (Google, Inc.), M. Zubair Rafique (IMDEA Software Institute), Moheeb Abu Rajab (Google, Inc.), Christian Rossow (University of Applied Sciences Gelsenkirchen), Kurt Thomas (UC Berkeley), Vern Paxson (UC Berkeley), Stefan Savage (UC San Diego), Geoffrey M. Voelker (UC San Diego)

Before We Knew It: An Empirical Study of Zero-Day Attacks In The Real World
Leyla Bilge (Symantec Corporation), Tudor Dumitras (Symantec Corporation)

Priceless: The Role of Payments in Abuse-advertised Goods
Damon McCoy (George Mason University), Hitesh Dharmdasani (George Mason university), Christian Kreibich (International Computer Science Institute), Geoffrey M Voelker (University of California, San Diego), Stefan Savage (University of California, San Diego)

On the Parameterized Complexity of the Workflow Satisfiability Problem
Jason Crampton (Royal Holloway, University of London), Gregory Gutin (Royal Holloway, University of London), Anders Yeo (University of Johannesburg)

Intransitive Noninterference in Nondeterministic Systems
Kai Engelhardt (The University of New South Wales), Ron van der Meyden (The University of New South Wales), Chenyi Zhang (The University of Queensland)

Precise Enforcement of Progress-Sensitive Security
Scott Moore (Harvard University), Aslan Askarov (Harvard University), Stephen Chong (Harvard University)

TreeDroid: A Tree Automaton Based Approach to Enforcing Data Processing Policies
Mads Dam (KTH Royal Institute of Technology), Gurvan Le Guernic (KTH Royal Institute of Technology), Andreas Lundblad (KTH Royal Institute of Technology)

Double-Spending Fast Payments in Bitcoin
Ghassan O. Karame (NEC Laboratories Europe), Elli Androulaki (ETH Zurich), Srdjan Capkun (ETH Zurich)

Revoke and Let Live: A Secure Key Revocation API for Cryptographic Devices
Véronique Cortier (CNRS, Loria, UMR 7503), Graham Steel (INRIA), Cyrille Wiedling (CNRS, Loria, UMR 7503)

PERM: Practical Reputation-Based Blacklisting without TTPs
Man Ho Au (University of Wollongong), Apu Kapadia (Indiana University)

Measuring Vote Privacy, Revisited
David Bernhard (University of Bristol), Véronique Cortier (CNRS Loria), Olivier Pereira (Université Catholique de Louvain), Bogdan Warinschi (University of Bristol)

Verifiable Data Streaming
Dominique Schroeder (University of Maryland), Heike Schroeder (CASED)

Dynamic Searchable Symmetric Encryption
Seny Kamara (Microsoft Research), Charalampos Papamanthou (UC Berkeley), Tom Roeder (Microsoft Research)

PrivateFS: A Parallel Oblivious File System
Peter Williams (Stony Brook University), Radu Sion (Stony Brook University)