PrinTracker: Fingerprinting 3D Printers using Commodity Scanners |
Zhengxiong Li (SUNY University at Buffalo), Aditya Singh Rathore (SUNY University at Buffalo), Chen Song (SUNY University at Buffalo), Wenyao Xu (SUNY University at Buffalo), Sheng Wei (Rutgers University), Yanzhi Wang (Northeastern University) |
Unveiling Hardware-based Data Prefetcher, a Hidden Source of Information Leakage |
Youngjoo Shin (Kwangwoon University), Hyung Chan Kim (The Affiliated Institute of ETRI), Dokeun Kwon (The Affiliated Institute of ETRI), Ji Hoon Jeong (The Affiliated Institute of ETRI), Junbeom Hur (Korea University) |
The Gap Game |
Itay Tsabary (Technion), Ittay Eyal (Technion) |
Large-Scale and Language-Oblivious Code Authorship Identification |
Mohammed Abuhmed (Inha University), Tamer Abuhmed (Inha University), Aziz Mohaisen (University of Central Florida), DaeHun Nyang (Inha University) |
Block Oriented Programming: Automating Data-Only Attacks |
Kyriakos Ispoglou (Purdue University, West Lafayette), Bader AlBassam (Purdue University, West Lafayette), Trent Jaeger (Pennsylvania State University), Mathias Payer (EPFL and Purdue University) |
Asking for a Friend: Evaluating Response Biases in Security User Studies |
Elissa M. Redmiles (University of Maryland), Ziyun Zhu (University of Maryland), Sean Kross (University of California San Diego), Dhruv Kuchhal (Maharaja Agrasen Institute of Technology), Tudor Dumitras (University of Maryland), Michelle L. Mazurek (University of Maryland) |
Utility-aware synthesis of differentially private and attack-resilient location traces |
Mehmet Emre Gursoy (Georgia Institute of Technology), Ling Liu (Georgia Institute of Technology), Stacey Truex (Georgia Institute of Technology), Lei Yu (Georgia Institute of Technology), Wenqi Wei (Georgia Institute of Technology) |
CALM: Consistent Adaptive Local Marginal for Marginal Release under Local Differential Privacy |
Zhikun Zhang (Zhejiang University), Tianhao Wang (Purdue University), Ninghui Li (Purdue University), Shibo He (Zhejiang University), Jiming Chen (Zhejiang University) |
HyperFlow: A High-Assurance Processor Architecture for Practical Timing-Safe Information Flow Security |
Andrew Ferraiuolo (Cornell University), Yuqi Zhao (Cornell University), Andrew C. Myers (Cornell University), G. Edward Suh (Cornell University) |
Ohm’, s Law in Data Centers: A Voltage Side Channel for Timing Power Attacks |
Mohammad A. Islam (UC Riverside), Shaolei Ren (UC Riverside) |
When Good Components Go Bad: Formally Secure Compilation Despite Dynamic Compromise |
Carmine Abate (Inria Paris and University of Trento), Arthur Azevedo de Amorim (Carnegie Mellon University), Roberto Blanco (Inria Paris), Ana Nora Evans (Inria Paris and University of Virginia), Guglielmo Fachini (Inria Paris), Catalin Hritcu (Inria Paris), Théo Laurent (Inria Paris and ENS Paris), Benjamin C. Pierce (University of Pennsylvania), Marco Stronati (Inria Paris), Andrew Tolmach (Portland State University) |
Towards Usable Checksums: Automating the Integrity Verification of Web Downloads for the Masses |
Mauro Cherubini (UNIL – HEC Lausanne), Alexandre Meylan (UNIL – HEC Lausanne), Bertil Chapuis (UNIL – HEC Lausanne), Mathias Humbert (Swiss Data Science Center, ETH Zurich and EPFL), Igor Bilogrevic (Google Inc.), Kévin Huguenin (UNIL – HEC Lausanne) |
On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees |
Katriel Cohn-Gordon (University of Oxford), Cas Cremers (CISPA Helmholtz Center (i.G.)), Luke Garratt (University of Oxford), Jon Millican (Facebook), Kevin Milner (University of Oxford) |
Lord of the x86 Rings: A Portable User Mode Privilege Separation Architecture on x86 |
Hojoon Lee (CISPA Helmholtz Center i.G.), Chihyun Song (KAIST), Brent Byunghoon Kang (KAIST) |
Towards Fine-grained Network Security Forensics and Diagnosis in the SDN Era |
Haopei Wang (TAMU), Guangliang Yang (TAMU), Phakpoom Chinprutthiwong (TAMU), Lei Xu (TAMU), Yangyong Zhang (TAMU), Guofei Gu (TAMU) |
MVG Mechanism: Differential Privacy under Matrix-Valued Query |
Thee Chanyaswad (Princeton University), Alex Dytso (Princeton University), H. Vincent Poor (Princeton University), Prateek Mittal (Princeton University) |
Scission: Signal Characteristic-Based Sender Identification and Intrusion Detection in Automotive Networks |
Marcel Kneib (Bosch Engineering GmbH), Christopher Huth (Robert Bosch GmbH) |
Detecting Attacks Against Robotic Vehicles: A Control Invariant Approach |
Hongjun Choi (Purdue University), Wen-Chuan Lee (Purdue University), Yousra Aafer (Purdue University), Fan Fei (Purdue University), Zhan Tu (Purdue University), Xiangyu Zhang (Purdue University), Dongyan Xu (Purdue University), Xinyan Deng (Purdue University) |
Result Pattern Hiding Searchable Encryption for Conjunctive Queries |
Shangqi Lai (Monash University/Data 61, CSIRO), Sikhar Patranabis (Indian Institute of Technology Kharagpur), Amin Sakzad (Monash University), Joseph Liu (Monash University), Debdeep Mukhopadhyay (Indian Institute of Technology Kharagpur), Ron Steinfeld (Monash University), Shifeng Sun (Monash University/Data 61, CSIRO), Dongxi Liu (Data 61, CSIRO), Cong Zuo (Monash University/Data 61, CSIRO) |
Yet Another Text Captcha Solver: A Generative Adversarial Network Based Approach |
Guixin Ye (Northwest University), Zhanyong Tang (Northwest University), Dingyi Fang (Northwest University), Zhanxing Zhu (Peking University), Yansong Feng (Peking University), Pengfei Xu (Northwest University), Xiaojiang Chen (Northwest University), Zheng Wang (Lancaster University) |
No Training Hurdles: Fast Training-Agnostic Attacks to Infer Your Typing |
Song Fang (University of South Florida), Ian Markwood (University of South Florida), Yao Liu (University of South Florida), Shangqing Zhao (University of South Florida), Zhuo Lu (University of South Florida), Haojin Zhu (Shanghai Jiao Tong University) |
Practical state recovery attacks against legacy RNG implementations |
Shaanan Cohney (University of Pennsylvania), Matthew D. Green (Johns Hopkins University), Nadia Heninger (University of Pennsylvania) |
Model-Reuse Attacks on Learning Systems |
Yujie Ji (Lehigh University), Xinyang Zhang (Lehigh University), Shouling Ji (Zhejiang University), Xiapu Luo (The Hong Kong Polytechnic University), Ting Wang (Lehigh University) |
Lawful Device Access without Mass Surveillance Risk: A Technical Design Discussion |
Stefan Savage (UC San Diego) |
Cross-App Poisoning in Software-Defined Networking |
Benjamin E. Ujcich (University of Illinois at Urbana-Champaign), Samuel Jero (MIT Lincoln Laboratory), Anne Edmundson (Princeton University), Qi Wang (University of Illinois at Urbana-Champaign), Richard Skowyra (MIT Lincoln Laboratory), James Landry (MIT Lincoln Laboratory), Adam Bates (University of Illinois at Urbana-Champaign), William H. Sanders (University of Illinois at Urbana-Champaign), Cristina Nita-Rotaru (Northeastern University), Hamed Okhravi (MIT Lincoln Laboratory) |
ABY3: A Mixed Protocol Framework for Machine Learning |
Payman Mohassel (Visa), Peter Rindal (Oregon State University) |
ret2spec: Speculative Execution Using Return Stack Buffers |
Giorgi Maisuradze (CISPA, Saarland University, Saarland Informatics Campus), Christian Rossow (CISPA, Saarland University, Saarland Informatics Campus) |
Voting: you can’, t have privacy without verifiability |
Véronique Cortier (CNRS, Inria, Loria, Université de Lorraine, France), Joseph Lallemand (CNRS, Inria, Loria, Université de Lorraine, France) |
NodeMerge: Template Based Efficient Data Reduction For Big-Data Causality Analysis |
Yutao Tang (College of William and Mary), Ding Li (NEC Laboratories America Inc), Zhichun Li (NEC Laboratories America Inc), Mu Zhang (Cornell University), Kangkook Jee (NEC Laboratories America Inc), Xusheng Xiao (Case Western Reserve University), Zhenyu Wu (NEC Laboratories America Inc), Junghwan Rhee (NEC Laboratories America Inc), Fengyuan Xu (Nanjing University), Qun Li (College of William and Mary) |
Reinforcing System-Assigned Passphrases Through Implicit Learning |
Zeinab Joudaki (University of Ontario Institute of Technology), Julie Thorpe (University of Ontario Institute of Technology), Miguel Vargas Martin (University of Ontario Institute of Technology) |
Tight on Budget? Tight Bounds for r-Fold Approximate Differential Privacy |
Sebastian Meiser (University College London), Esfandiar Mohammadi (ETH Zurich, Switzerland) |
Towards Verified, Constant-time Floating Point Operations |
Marc Andrysco (University of California, San Diego), Andres Noetzli (Stanford), Fraser Brown (Stanford), Ranjit Jhala (University of California, San Diego), Deian Stefan (University of California, San Diego) |
“, What was that site doing with my Facebook password?”, Designing Password-Reuse Notifications |
Maximilian Golla (Ruhr-University Bochum), Miranda Wei (University of Chicago), Juliette Hainline (University of Chicago), Lydia Filipe (University of Chicago), Markus Dürmuth (Ruhr-University Bochum), Elissa M. Redmiles (University of Maryland), Blase Ur (University of Chicago) |
Deep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning |
Payap Sirinam (Rochester Institute of Technology), Mohsen Imani (University of Texas at Arlington), Marc Juarez (imec-COSIC KU Leuven, Belgium), Matthew Wright (Rochester Institute of Technology) |
On the Accuracy of Password Strength Meters |
Maximilian Golla (Ruhr-University Bochum), Markus Dürmuth (Ruhr-University Bochum) |
Fraud De-Anonymization For Fun and Profit |
Nestor Hernandez (Florida International University), Mizanur Rahman (Florida International University), Ruben Recabarren (Florida International University), Bogdan Carbunar (Florida International University) |
Towards Paving the Way for Large-Scale Windows Malware Analysis: Generic Binary Unpacking with Orders-of-Magnitude Performance Boost |
Binlin Cheng (Wuhan University &, Hubei Normal University), Jiang Ming (University of Texas at Arlington), Jianming Fu (Wuhan University), Guojun Peng (Wuhan University), Ting Chen (University of Electronic Science and Technology of China), Xiaosong Zhang (University of Electronic Science and Technology of China), Jean-Yves Marion (LORIA) |
Milkomeda: Safeguarding the Mobile GPU Interface Using WebGL’s Security Checks |
Zhihao Yao (UC Irvine), Saeed Mirzamohammadi (UC Irvine), Ardalan Amiri Sani (UC Irvine), Mathias Payer (EPFL and Purdue University) |
Bandwidth-Hard Functions: Reductions and Lower Bounds |
Jeremiah Blocki (Purdue), Ling Ren (MIT), Samson Zhou (Purdue) |
DISE: DIstributed Symmetric-key Encryption |
Shashank Agrawal (Visa Research), Payman Mohassel (Visa Research), Pratyay Mukherjee (Visa Research), Peter Rindal (Oregon State University) |
Pseudo Constant Time Implementations of TLS Are Only Pseudo Secure |
Eyal Ronen (Weizmann Institute of Science), Kenny Paterson (Royal Holloway, University of London), Adi Shamir (Weizmann Institute of Science) |
Runtime Analysis of Whole-System Provenance |
Thomas Pasquier (University of Cambridge), Xueyuan Han (Harvard University), Thomas Moyer (UNC Charlotte), Adam Bates (University of Illinois at Urbana-Champaign), Olivier Hermant (MINES ParisTech, PSL Research University), David Eyers (University of Otago), Jean Bacon (University of Cambridge), Margo Seltzer (Harvard University) |
PatternListener: Cracking Android Pattern Lock Using Acoustic Signals |
Man Zhou (Wuhan University), Qian Wang (Wuhan University), Jingxiao Yang (Wuhan University), Qi Li (Tsinghua University), Feng Xiao (Wuhan University), Zhibo Wang (Wuhan University), Xiaofeng Chen (Xidian University) |
Phishing Attacks on Modern Android |
Alessio Merlo (University of Genoa), Simone Aonzo (University of Genoa), Giulio Tavella (University of Genoa), Yanick Fratantonio (EURECOM) |
Predicting Impending Exposure to Malicious Content from User Behavior |
Mahmood Sharif (Carnegie Mellon University), Jumpei Urakawa (KDDI Research), Nicolas Christin (Carnegie Mellon University), Ayumu Kubota (KDDI Research), Akira Yamada (KDDI Research) |
SECURIFY: Practical Security Analysis of Smart Contracts |
Petar Tsankov (ETH Zurich), Andrei Marian Dan (ETH Zurich), Dana Drachsler Cohen (ETH Zurich), Arthur Gervais (Imperial College London), Florian Buenzli (ETH Zurich), Martin Vechev (ETH Zurich) |
Truth Will Out: Departure-Based Process-Level Detection of Stealthy Attacks on Control Systems |
Wissam Aoudi (Chalmers University of Technology), Mikel Iturbe (Mondragon University), Magnus Almgren (Chalmers University of Technology) |
Practical Backward-Secure Searchable Encryption from Symmetric Puncturable Encryption |
Shi-Feng Sun (Monash University/Data 61, CSIRO), Xingliang Yuan (Monash University), Joseph Liu (Monash University), Ron Steinfeld (Monash University), Amin Sakzad (Monash University), Viet Vo (Monash University/Data 61, CSIRO), Surya Nepal (Data 61, CSIRO) |
Pinpointing Insecure Cryptographic Keys from Execution Traces |
Juanru Li (Shanghai Jiao Tong University), Zhiqiang Lin (Ohio State University), Juan Caballero (IMDEA Software Institute), Yuanyuan Zhang (Shanghai Jiao Tong University), Dawu Gu (Shanghai Jiao Tong University) |
Fast Secure Computation for Small Population over the Internet |
Megha Byali (Indian institute of Science, India), Arun Joseph (Indian institute of Science, India), Arpita Patra (Indian institute of Science, India), Divya Ravi (Indian institute of Science, India) |
ClickShield: Are You Hiding Something? Towards Eradicating Clickjacking on Android |
Andrea Possemato (EURECOM), Andrea Lanzi (Universita’, degli Studi di Milano), Simon Pak Ho Chung (Georgia Institute of Technology), Wenke Lee (Georgia Institute of Technology), Yanick Fratantonio (EURECOM) |
HyCC: Compilation of Hybrid Protocols for Practical Secure Computation |
Niklas Büscher (TU Darmstadt), Daniel Demmler (TU Darmstadt), Stefan Katzenbeisser (TU Darmstadt), David Kretzmer (TU Darmstadt), Thomas Schneider (TU Darmstadt) |
Prime and Prejudice: Primality Testing Under Adversarial Conditions |
Martin R. Albrecht (Royal Holloway, University of London), Jake Massimo (Royal Holloway, University of London), Kenneth G. Paterson (Royal Holloway, University of London), Juraj Somorovsky (Ruhr-Universität Bochum) |
Fast Secure Multiparty ECDSA with Practical Distributed Key Generation and Applications to Cryptocurrency Custody |
Yehuda Lindell (Bar-Ilan University), Ariel Nof (Bar-Ilan University) |
Partially specified channels: The TLS 1.3 record layer without elision |
Christopher Patton (University of Florida), Thomas Shrimpton (University of Florida) |
Domain Validation ++ for MitM-Resilient PKI |
Markus Brandt (Fraunhofer Institute for Secure Information Technology SIT), Tianxiang Dai (Fraunhofer Institute for Secure Information Technology SIT), Amit Klein (Fraunhofer Institute for Secure Information Technology SIT), Haya Shulman (Fraunhofer Institute for Secure Information Technology SIT), Michael Waidner (Fraunhofer Institute for Secure Information Technology SIT) |
Secure Opportunistic Multipath Key Exchange |
Sergiu Costea (ETH Zürich), Marios O. Choudary (University Politehnica of Bucharest), Doru Gucea (University Politehnica of Bucharest), Björn Tackmann (IBM Research – Zurich), Costin Raiciu (University Politehnica of Bucharest) |
LEMNA: Explaining Deep Learning based Security Applications |
Wenbo Guo (The Pennsylvania State University), Dongliang Mu (The Pennsylvania State University), Jun Xu (The Pennsylvania State University), Purui Su (Chinese Academy of Sciences), Gang Wang (Virginia Tech), Xinyu Xing (The Pennsylvania State University) |
Using Logic Programming to Recover C++ Classes and Methods from Compiled Executables |
Edward J. Schwartz (Carnegie Mellon University), Cory Cohen (Carnegie Mellon University), Jeff Havrilla (Carnegie Mellon University), Jeff Gennari (Carnegie Mellon University), Charles Hines (Carnegie Mellon University), Michael Duggan (Carnegie Mellon University) |
Investigating System Operators’ Perspective on Security Misconfigurations |
Constanze Dietrich (Berliner Hochschule für Technik), Katharina Krombholz (CISPA Helmholtz Center (i.G.)), Kevin Borgolte (Princeton University), Tobias Fiebig (TU Delft) |
BitML: a calculus for Bitcoin smart contracts |
Massimo Bartoletti (University of Cagliari), Roberto Zunino (University of Trento) |
Clock Around the Clock: Time-Based Device Fingerprinting |
Iskander Sanchez-Rola (Deustotech, University of Deusto), Igor Santos (Deustotech, University of Deusto), Davide Balzarotti (Eurecom) |
Enforcing Unique Code Target Property for Control-Flow Integrity |
Hong Hu (Georgia Institute of Technology), Chenxiong Qian (Georgia Institute of Technology), Carter Yagemann (Georgia Institute of Technology), Simon Pak Ho Chung (Georgia Institute of Technology), Bill Harris (Georgia Institute of Technology), Taesoo Kim (Georgia Institute of Technology), Wenke Lee (Georgia Institute of Technology) |
On the Security of the PKCS#1 v1.5 Signature Scheme |
Tibor Jager (Paderborn University), Saqib A. Kakvi (Paderborn University), Alexander May (Ruhr-University Bochum) |
AIM-SDN: Attacking Information Mismanagement in SDN-datastores |
Vaibhav Hemant Dixit (Arizona State University), Adam Doupé (Arizona State University), Yan Shoshitaishvili (Arizona State University), Ziming Zhao (Arizona State University), Gail-Joon Ahn (Arizona State University & Samsung Research) |
Mitigating Risk while Complying with Data Retention Laws |
Luis Vargas (University of Florida), Gyan Hazarika (University of Florida), Rachel Culpepper (University of Richmond), Kevin Butler (University of Florida), Thomas Shrimpton (University of Florida), Doug Szajda (University of Richmond), Patrick Traynor (University of Florida) |
An End-to-End System for Large Scale P2P MPC-as-a-Service and Low-Bandwidth MPC for Weak Participants |
Assi Barak (Bar-Ilan University), Martin Hirt (ETH Zurich), Lior Koskas (Bar-Ilan University), Yehuda Lindell (Bar-Ilan University) |
Screaming Channels: When Electromagnetic Side Channels Meet Radio Transceivers |
Giovanni Camurati (EURECOM, France), Sebastian Poeplau (EURECOM, France), Marius Muench (EURECOM, France), Tom Hayes (EURECOM, France), Aurélien Francillon (EURECOM, France) |
Detecting User Experience Issues of the Tor Browser In The Wild |
Kevin Gallagher (New York University), Sameer Patil (Indiana University Bloomington), Brendan Dolan-Gavitt (New York University), Damon McCoy (New York University), Nasir Memon (New York University) |
Evaluating Fuzz Testing |
George Klees (University of Maryland), Andrew Ruef (University of Maryland), Benji Cooper (University of Maryland), Shiyi Wei (University of Texas at Dallas), Michael Hicks (University of Maryland) |
Improved Non-Interactive Zero Knowledge with Applications to Post-Quantum Signatures |
Jonathan Katz (University of Maryland), Vladimir Kolesnikov (Georgia Tech), Xiao Wang (University of Maryland) |
Faceted Secure Multi Execution |
Thomas Schmitz (University of California, Santa Cruz), Maximilian Algehed (Chalmers University of Technology), Cormac Flanagan (University of California, Santa Cruz), Alejandro Russo (Chalmers University of Technology) |
Release the Kraken: New KRACKs in the 802.11 Standard |
Mathy Vanhoef (imec-DistriNet, KU Leuven), Frank Piessens (imec-DistriNet, KU Leuven) |
EviHunter: Identifying Digital Evidence in the Permanent Storage of Android Devices via Static Analysis |
Chris Chao-Chun Cheng (Iowa State University), Chen Shi (Iowa State University), Neil Zhenqiang Gong (Iowa State University), Yong Guan (Iowa State University) |
Preserving Both Privacy and Utility in Network Trace Anonymization |
Meisam Mohammady (Concordia institute for information systems engineering), Lingyu Wang (Concordia institute for information systems engineering), Yuan Hong (Illinois Institute of Technology), Habib Louafi (Ericsson Research Security), Makan Pourzandi (Ericsson Research Security), Mourad Debbabi (Concordia institute for information systems engineering) |
Secure Search via Sketching for Homomorphic Encryption |
Adi Akavia (The Academic College of Tel Aviv Jaffa), Dan Feldman (The University of Haifa), Hayim Shaul (The University of Haifa and MIT) |
Tiresias: Predicting Security Events Through Deep Learning |
Yun Shen (Symantec), Enrico Mariconti (University College London), Pierre-Antoine Vervier (Symantec), Gianluca Stringhini (University College London) |
BEAT: Asynchronous BFT Made Practical |
Sisi Duan (University of Maryland, Baltimore County), Michael K. Reiter (University of North Carolina at Chapel Hill), Haibin Zhang (University of Maryland, Baltimore County) |
DeepMem: Learning Graph Neural Network Models for Fast and Robust Memory Forensic Analysis |
Wei Song (UC Riverside), Heng Yin (UC Riverside), Chang Liu (UC Berkeley), Dawn Song (UC Berkeley) |
A better method to analyze blockchain consistency |
Lucianna Kiffer (Northeastern University), Abhi Shelat (Northeastern University), Rajmohan Rajaraman (Northeastern University) |
Privacy-preserving Dynamic Learning of Tor Network Traffic |
Rob Jansen (U.S. Naval Research Laboratory), Matthew Traudt (U.S. Naval Research Laboratory), Nicholas Hopper (University of Minnesota) |
The Multi-user Security of GCM, Revisited: Tight Bounds for Nonce Randomization |
Viet Tung Hoang (Florida State University), Stefano Tessaro (University of California Santa Barbara), Aishwarya Thiruvengadam (University of California Santa Barbara) |
Situational Access Control in the Internet of Things |
Roei Schuster (Cornell Tech, Tel Aviv University), Vitaly Shmatikov (Cornell Tech), Eran Tromer (Columbia University, Tel Aviv University) |
Toward Detecting Violations of Differential Privacy |
Ding Ding (Pennsylvania State Univerisity), Yuxin Wang (Pennsylvania State Univerisity), Guanhong Wang (Pennsylvania State Univerisity), Danfeng Zhang (Pennsylvania State Univerisity), Daniel Kifer (Pennsylvania State Univerisity) |
TACHYON: Fast Signatures from Compact Knapsack |
Rouzbeh Behnia (Oregon State University), Muslum Ozgur Ozmen (Oregon State University), Attila A. Yavuz (Oregon State University), Mike Rosulek (Oregon State University) |
HoMonit: Monitoring Smart Home Apps from Encrypted Traffic |
Wei Zhang (Shanghai Jiao Tong University), Yan Meng (Shanghai Jiao Tong University), Yugeng Liu (Shanghai Jiao Tong University), Xiaokuan Zhang (The Ohio State University), Yinqian Zhang (The Ohio State University), Haojin Zhu (Shanghai Jiao Tong University) |
Private Stateful Information Retrieval |
Sarvar Patel (Google), Giuseppe Persiano (Google and University of Salerno), Kevin Yeo (Google) |
Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary CPU Interrupt Logic |
Jo Van Bulck (imec-DistriNet KU Leuven), Frank Piessens (imec-DistriNet KU Leuven), Raoul Strackx (imec-DistriNet KU Leuven) |
Mystique: Uncovering Information Leakage from Browser Extensions |
Quan Chen (North Carolina State University), Alexandros Kapravelos (North Carolina State University) |
DeepCorr: Strong Flow Correlation Attacks on Tor Using Deep Learning |
Milad Nasr (University of Massachusetts Amherst), Alireza Bahramali (University of Massachusetts Amherst), Amir Houmansadr (University of Massachusetts Amherst) |
Symbolic Proofs for Lattice-Based Cryptography |
Gilles Barthe (IMDEA Software Institute), Xiong Fan (Cornell University), Joshua Gancher (Cornell University), Benjamin Grégoire (INRIA), Charlie Jacomme (LSV &, CNRS &, ENS Paris-Saclay &, Inria &, Université Paris-Saclay), Elaine Shi (Cornell University) |
A Robust and Efficient Defense against Use-after-Free Exploits via Concurrent Pointer Sweeping |
Daiping Liu (University of Delaware), Mingwei Zhang (Intel Labs), Haining Wang (University of Delaware) |
VMHunt: A Verifiable Approach to Partial-Virtualized Binary Code Simplification |
Dongpeng Xu (The Pennsylvania State University), Jiang Ming (University of Texas at Arlington), Yu Fu (The Pennsylvania State University), Dinghao Wu (The Pennsylvania State University) |
ALCHEMY: A Language and Compiler for Homomorphic Encryption Made easY |
Eric Crockett (Amazon), Chris Peikert (University of Michigan), Chad Sharp (University of Michigan) |
Threat Intelligence Computing |
Xiaokui Shu (IBM Research), Frederico Araujo (IBM Research), Douglas Schales (IBM Research), Marc Stoecklin (IBM Research), Jiyong Jang (IBM Research), Heqing Huang (IBM Research), Josyula Rao (IBM Research) |
Pinto: Enabling Video Privacy for Commodity IoT Cameras |
Hyunwoo Yu (Hanyang University), Jaemin Lim (Hanyang University), Kiyeon Kim (Hanyang University), Suk-Bok Lee (Hanyang University) |
Rendered Insecure: GPU side channel attacks are practical |
Hoda Naghibijouybari (University of California, Riverside), Ajaya Neupane (University of California, Riverside), Zhiyun Qian (University of California, Riverside), Nael Abu-Ghazaleh (University of California, Riverside) |
Measuring Information Leakage in Website Fingerprinting Attacks and Defenses |
Shuai Li (University of Minnesota), Huajun Guo (University of Minnesota), Nicholas Hopper (University of Minnesota) |
New Constructions for Forward and Backward Private Symmetric Searchable Encryption |
Javad Ghareh Chamani (Hong Kong University of Science and Technology &, Sharif University of Technology), Dimitrios Papadopoulos (Hong Kong University of Science and Technology), Charalampos Papamanthou (University of Maryland), Rasool Jalili (Sharif Univesity of Technology) |
Property Inference Attacks on Deep Neural Networks using Permutation Invariant Representations |
Karan Ganju (University of Illinois at Urbana-Champaign), Qi Wang (University of Illinois at Urbana-Champaign), Wei Yang (University of Illinois at Urbana-Champaign), Carl Gunter (University of Illinois at Urbana-Champaign), Nikita Borisov (University of Illinois at Urbana-Champaign) |
JN-SAF: Precise and Efficient NDK/JNI-aware Inter-language Static Analysis Framework for Security Vetting of Android Applications with Native Code |
Fengguo Wei (University of South Florida), Xingwei Lin (University of Electronic Science and Technology of China), Xinming Ou (University of South Florida), Ting Chen (University of Electronic Science and Technology of China), Xiaosong Zhang (University of Electronic Science and Technology of China) |
Labeled PSI from Fully Homomorphic Encryption with Malicious Security |
Hao Chen (Microsoft Research), Zhicong Huang (EPFL), Kim Laine (Microsoft Research), Peter Rindal (Oregon State University) |
Secure Outsourced Matrix Computation and Application to Neural Networks |
Xiaoqian Jiang (University of Texas, Health Science Center), Miran Kim (University of Texas, Health Science Center), Kristin Lauter (Microsoft Research), Yongsoo Song (University of California, San Diego) |
Effective Program Debloating via Reinforcement Learning |
Kihong Heo (University of Pennsylvania), Woosuk Lee (University of Pennsylvania, Hanyang University), Pardis Pashakhanloo (University of Pennsylvania), Mayur Naik (University of Pennsylvania) |
PASTA: PASsword-based Threshold Authentication |
Shashank Agrawal (Visa Research), Peihan Miao (University of California at Berkeley), Payman Mohassel (Visa Research), Pratyay Mukherjee (Visa Research) |
How You Get Bullets in Your Back: A Systematical Study about Cryptojacking in Real-world |
Geng Hong (Fudan University), Zhemin Yang (Fudan University), Sen Yang (Fudan University), Lei Zhang (Fudan University), Yuhong Nan (Fudan University), Zhibo Zhang (Fudan University), Min Yang (Fudan University), Yuan Zhang (Fudan University), Zhiyun Qian (UC Riverside), Haixin Duan (Tsinghua University) |
If This Then What? Controlling Flows in IoT Apps |
Iulia Bastys (Chalmers University of Technology), Musard Balliu (KTH Royal Institute of Technology), Andrei Sabelfeld (Chalmers University of Technology) |
Precise Android API Protection Mapping Derivation and Reasoning |
Yousra Aafer (Purdue University), Guanhong Tao (Purdue University), Jianjun Huang (Renmin University of China), Xiangyu Zhang (Purdue University), Ninghui Li (Purdue University) |
Invetter: Locating Insecure Input Validations in Android Services |
Lei Zhang (Fudan University), Zhemin Yang (Fudan University), Yuyu He (Fudan University), Zhenyu Zhang (Fudan University), Zhiyun Qian (University of Califormia Riverside), Geng Hong (Fudan University), Yuan Zhang (Fudan University), Min Yang (Fudan University) |
Check it Again: Detecting Lacking-Recheck Bugs in OS Kernels |
Wenwen Wang (University of Minnesota, Twin Cities), Kangjie Lu (University of Minnesota, Twin Cities), Pen-Chung Yew (University of Minnesota, Twin Cities) |
Lattice-Based zk-SNARKs from Square Span Programs |
Michele Orru (ENS, Inria), Michele Minelli (ENS, Inria), Rosario Gennaro (City College of New York), Anca Nitulescu (ENS, Inria) |
Formal Analysis of 5G Authentication |
David Basin (ETH Zurich), Jannik Dreier (Universite de Lorraine, CNRS, Inria, LORIA), Lucca Hirschi (ETH Zurich), Sasa Radomirovic (University of Dundee), Ralf Sasse (ETH Zurich), Vincent Stettler (ETH Zurich) |
Revery: from Proof-of-Concept to Exploitable (One Step towards Automatic Exploit Generation) |
Yan Wang (Institute of Information Engineering, Chinese Academy of Sciences), Chao Zhang (Institute for Network Sciences and Cyberspace, Tsinghua University), Xiaobo Xiang (Institute of Information Engineering, Chinese Academy of Sciences), Zixuan Zhao (Institute of Information Engineering, Chinese Academy of Sciences), Bingchang Liu (Institute of Information Engineering, Chinese Academy of Sciences), Wenjie Li (Institute of Information Engineering, Chinese Academy of Sciences), Xiaorui Gong (Institute of Information Engineering, Chinese Academy of Sciences), Kaixiang Chen (Institute for Network Sciences and Cyberspace, Tsinghua University), Wei Zou (Institute of Information Engineering, Chinese Academy of Sciences) |
Ouroboros Genesis: Composable Proof-of-Stake Blockchains with Dynamic Availability |
Christian Badertscher (ETH Zurich), Peter Gazi (IOHK), Aggelos Kiayias (University of Edinburgh and IOHK), Alexander Russell (University of Connecticut), Vassilis Zikas (University of Edinburgh and IOHK) |
Hawkeye: Towards a Desired Directed Grey-box Fuzzer |
Hongxu Chen (Nanyang Technological University), Yinxing Xue (University of Science and Technology of China), Yuekang Li (Nanyang Technological University), Bihuan Chen (Fudan University), Xiaofei Xie (Nanyang Technological University), Xiuheng Wu (Nanyang Technological University), Yang Liu (Nanyang Technological University) |
nanoPI: Extreme-Scale Actively-Secure Multi-Party Computation |
Ruiyu Zhu (Indiana University), Darion Cassel (Carnegie Mellon University), Amr Sabry (Indiana University), Yan Huang (Indiana University) |
Secure Computation with Differentially Private Access Patterns |
Sahar Mazloom (George Mason University), S. Dov Gordon (George Mason University) |
Lattice-Based Group Signatures and Zero-Knowledge Proofs of Automorphism Stability |
Rafael del Pino (ENS and IBM Research – Zurich), Vadim Lyubashevsky (IBM Research – Zurich), Gregor Seiler (ETH and IBM Research – Zurich) |
RapidChain: Fast Blockchain Consensus via Full Sharding |
Mahdi Zamani (Visa Research), Mahnush Movahedi (Dfinity), Mariana Raykova (Yale University) |
Generalizing the SPDZ Compiler For Other Protocols |
Toshinori Araki (NEC), Assi Barak (Bar-Ilan University), Jun Furukawa (NEC Israel Research Center), Marcel Keller (Data61), Yehuda Lindell (Bar-Ilan University), Kazuma Ohara (NEC), Hikaru Tsuchida (NEC) |
Machine Learning with Membership Privacy using Adversarial Regularization |
Milad Nasr (UMass), Reza Shokri (NUS), Amir Houmansadr (UMass) |
General State Channel Networks |
Stefan Dziembowski (University of Warsaw), Sebastian Faust (TU Darmstadt), Kristina Hostáková (TU Darmstadt) |
FairSwap: How to fairly exchange digital goods |
Stefan Dziembowski (University of Warsaw), Lisa Eckey (TU Darmstadt), Sebastian Faust (TU Darmstadt) |
MineSweeper: An In-depth Look into Drive-by Cryptocurrency Mining and Its Defense |
Radhesh Krishnan Konoth (Vrije Universiteit Amsterdam), Emanuele Vineti (Vrije Universiteit Amsterdam), Veelasha Moonsamy (Utrecht University), Martina Lindorfer (TU Wien), Christopher Kruegel (UC Santa Barbara), Herbert Bos (Vrije Universiteit Amsterdam), Giovanni Vigna (UC Santa Barbara) |
Fast Multiparty Threshold ECDSA with Fast Trustless Setup |
Rosario Gennaro (City College of New York), Steven Goldfeder (Princeton University) |
Web’, s Sixth Sense: A Study of Scripts Accessing Smartphone Sensors |
Anupam Das (Carnegie Mellon University), Gunes Acar (Princeton University), Nikita Borisov (University of Illinois at Urbana-Champaign), Amogh Pradeep (Northeastern University) |
An Exploratory Analysis of Microcode as a Building Block for System Defenses |
Benjamin Kollenda (Ruhr-Universität Bochum), Philipp Koppe (Ruhr-Universität Bochum), Marc Fyrbiak (Ruhr-Universität Bochum), Christian Kison (Ruhr-Universität Bochum), Christof Paar (Ruhr-Universität Bochum), Thorsten Holz (Ruhr-Universität Bochum) |
vNIDS: Towards Elastic Security with Safe and Efficient Virtualization of Network Intrusion Detection Systems |
Hongda Li (Clemson University), Hongxin Hu (Clemson University), Guofei Gu (Texas A&, M University), Gail-Joon Ahn (Arizona State University & Samsung Research), Fuqiang Zhang (Clemson University) |
DP-Finder: Finding Differential Privacy Violations by Sampling and Optimization |
Benjamin Bichsel (ETH Zürich), Timon Gehr (ETH Zürich), Dana Drachsler Cohen (ETH Zürich), Petar Tsankov (ETH Zürich), Martin Vechev (ETH Zürich) |
Pump up the Volume: Practical Database Reconstruction from Volume Leakage on Range Queries |
Paul Grubbs (Cornell Tech, RHUL), Marie-Sarah Lacharité (RHUL), Brice Minaud (RHUL), Kenneth G. Paterson (RHUL) |
On the Safety of IoT Device Physical Interaction Control |
Wenbo Ding (Clemson University), Hongxin Hu (Clemson University) |
Debin: Predicting Debug Information in Stripped Binaries |
Jingxuan He (ETH Zurich), Pesho Ivanov (ETH Zurich), Petar Tsankov (ETH Zurich), Veselin Raychev (ETH Zurich), Martin Vechev (ETH Zurich) |
Pride and Prejudice in Progressive Web Apps: Abusing Native App-like Features in Web Applications |
Jiyeon Lee (KAIST), Hayeon Kim (KAIST), Junghwan Park (KAIST), Insik Shin (KAIST), Sooel Son (KAIST) |
Compressing Vector OLE |
Elette Boyle (IDC, Israel), Geoffroy Couteau (KIT, Germany), Niv Gilboa (Ben Gurion University, Israel), Yuval Ishai (Technion, Israel) |