2023

• Mathew Vermeer, Natalia Kadenko, Michel Van Eeten, Carlos Gañán, and Simon Parkin, Alert Alchemy: SOC Workflows and Decisions in the Management of NIDS Rules
  
  
• Borja Balle, James Bell, and Adria Gascon, Amplification by Shuffling without Shuffling
  
  
• Yibin Yang, David Heath, Carmit Hazay, Vladimir Kolesnikov, and Muthuramakrishnan Venkitasubramaniam, Batchman and Robin: Batched and Non-batched Branching for Interactive ZK
  
  
• Kha Dinh Duy, Kyuwon Cho, Taehyun Noh, and Hojoon Lee, Capacity: Cryptographically-Enforced In-process Capabilities for Modern ARM Architectures
  
  
• Jianjia Yu, Song Li, Junmin Zhu, and Yinzhi Cao, CoCo: Efficient Browser Extension Vulnerability Detection via Coverage-guided, Concurrent Abstract Interpretation
  
  
• Samuel Haney, Michael Shoemate, Grace Tian, Salil Vadhan, Andrew Vyrros, Vicki Xu, and Wanrong Zhang, Concurrent Composition for Interactive Differential Privacy with Adaptive Privacy-Loss Parameters
  
  
• Gilad Asharov, Ilan Komargodski, and Yehuda Michelson, FutORAMa: A Concretely Efficient Hierarchical Oblivious RAM
  
  
• Song Bian, Zhou Zhang, Haowen Pan, Ran Mao, Zian Zhao, Yier Jin, and Zhenyu Guan, HE3DB: An Efficient and Elastic Encrypted Database Via Arithmetic-And-Logic Fully Homomorphic Encryption
  
  
• Chao Li, Balaji Palanisamy, Runhua Xu, Li Duan, Jiqiang Liu, and Wei Wang, How Hard is Takeover in DPoS Blockchains? Understanding the Security of Coin-based Voting Governance
  
  
• Jingxuan He and Martin Vechev, Large Language Models for Code: Security Hardening and Adversarial Testing
  
  
• Jiali Xu, Mengyao Xie, Chenggang Wu, Yinqian Zhang, Qijing Li, Xuan Huang, Yuanming Lai, Yan Kang, Wei Wang, Qiang Wei, and Zhe Wang, PANIC: PAN-assisted Intra-process Memory Isolation on ARM
  
  
• Qinhan Tan, Yonathan Fisseha, Shibo Chen, Lauren Biernacki, Jean-Baptiste Jeannin, Sharad Malik, and Todd Austin, Security Verification of Low-Trust Architectures
  
  
• Fenglu Zhang, Baojun Liu, Eihal Alowaisheq, Jianjun Chen, Chaoyi Lu, Linjian Song, Yong Ma, Ying Liu, Haixin Duan, and Min Yang, Silence is not Golden: Disrupting the Load Balancing of Authoritative DNS Servers
  
  
• Zilong Wang, Gideon Mohr, Klaus Von Gleissenthall, Jan Reineke, and Marco Guarnieri, Specification and Verification of Side-channel Security for Open-source Processors via Leakage Contracts
  
  
• Drew Zagieboylo, Charles Sherk, Gookwon Edward Suh, and Andrew Myers, SpecVerilog: Adapting Information Flow Control for Secure Speculation
  
  
• Ali Naseh, Kalpesh Krishna, Mohit Iyyer, and Amir Houmansadr, Stealing the Decoding Algorithms of Language Models
  
  
• Aviv Yaish, Gilad Stern, and Aviv Zohar, Uncle Maker: (Time)Stamping Out The Competition in Ethereum
  
  

2022

• Kenny Paterson, Lara Bruseghini, Daniel Huigens, Victory by KO: Attacking OpenPGP Using Key Overwriting
  
  
• Ning Luo, Timos Antonopoulos, William Harris, Ruzica Piskac, Eran Tromer, Xiao Wang, Proving UNSAT in Zero Knowledge
  
  
• Xaver Fabian, Marco Patrignani, Marco Guarnieri, Automatic Detection of Speculative Execution Combinations
  
  
• Samuel Steffen, Benjamin Bichsel, Martin Vechev, Zapper: Smart Contracts with Data and Identity Privacy
  
  
• Alex Davidson, Peter Snyder, E. B. Quirk, Joseph Genereux, Hamed Haddadi, Benjamin Livshits, STAR: Secret Sharing for Private Threshold Aggregation Reporting
  
  

2021

• Lukas Knittel; Christian Mainka (Ruhr University Bochum); Marcus Niemietz (Niederrhein University of Applied Sciences); Dominik Trevor Noß Jörg Schwenk (Ruhr University Bochum) XSinator.com: From a Formal Model to the Automatic Evaluation of Cross-Site Leaks in Web Browsers
  
  
• Robert Buhren; Hans-Niklas Jacob; Thilo Krachenfels (Technische UniversitätBerlin - SECT); Jean-Pierre Seifert (Technische Universität Berlin - SECT & Fraunhofer SIT)
One Glitch to Rule Them All: Fault Injection Attacks Against AMD's Secure Encrypted Virtualization


• Antonious M. Girgis; Deepesh Data; Suhas Diggavi (University of California Los Angeles); Ananda Theertha Suresh; Peter Kairouz (Google Research)
On the Renyi Differential Privacy of the Shuffle Model


• Luca De Feo; Bertram Poettering; Alessandro Sorniotti (IBM Research Europe - Zurich)
On the (In)Security of ElGamal in OpenPGP


• Gaoning Pan (Zhejiang University & Ant Group); Xingwei Lin (Ant Group); Xuhong Zhang (Zhejiang University & Binjiang Institute of Zhejiang University); Yongkang Jia (Zhejiang University); Shouling Ji (Zhejiang University & Binjiang Institute of Zhejiang University); Chunming Wu (Zhejiang University); Xinlei Ying (Ant Group); Jiashui Wang (Ant Group); Yanjun Wu (Institute of Software, Chinese Academy of Sciences)
V-Shuttle: Scalable and Semantics-Aware Hypervisor Virtual Device Fuzzing

2020

• Keyu Man, Zhiyun Qian, Zhongjie Wang, Xiaofeng Zheng, Youjun Huang, Haixin Duan, DNS Cache Poisoning Attack Reloaded: Revolutions with Side Channels

2019

• Kangjie Lu and Hong Hu, Where Does It Go? Refining Indirect-Call Targets with Multi-layer Type Analysis

2018

• Wenbo Guo, Dongliang Mu, Jun Xu, Purui Su, Gang Wang, Xinyu Xing, LEMNA: Explaining Deep Learning based Security Applications
• Ding Ding, Yuxin Wang, Guanhong Wang, Danfeng Zhang, Daniel Kifer, Toward Detecting Violations of Differential Privacy

2017

• Jack Doerner, Abhi Shelat, Scaling ORAM for Secure Computation
• Shay Gueron, Yehuda Lindell, Better Bounds for Block Cipher Modes of Operation via Nonce-Based Key Derivation
• Guoming Zhang, Chen Yan, Xiaoyu Ji, Tianchen Zhang, Taimin Zhang, Wenyuan Xu DolphinAttack: Inaudible Voice Commands
• Xiao Wang, Samuel Ranellucci, Jonathan Katz, Authenticated Garbling and Efficient Maliciously Secure Two-Party Computation
• Pramod Subramanyan, Rohit Sinha, Ilia Lebedev, Srinivas Devadas, Sanjit Seshia, A Formal Foundation for Secure Remote Execution of Enclaves

2016

• Martin R. Albrecht, Jean Paul Degabriele, Torben Brandt Hansen and Kenneth G. Paterson, A Surfeit of SSH Cipher Suites
• Stephen Checkoway, Jacob Mankiewicz, Christina Garman, Joshua Fried, Shaanan Cohney, Matthew Green, Nadia Heninger, Ralf-Philipp Weinmann, Eric Rescorla, and Hovav Shacham , A Systematic Analysis of the Juniper Dual EC Incident
• Toshinori Araki, Jun Furukawa, Yehuda Lindell, Ariel Nof and Kazuma Ohara, High-Throughput Semi-Honest Secure Three-Party Computation with an Honest Majority

2015

• David Adrian, Karthikeyan Bhargavan, Zakir Durumeric, Pierrick Gaudry, Mathew Green, J. Alex Halderman, Nadia Heninger, Drew Springall, Emmanuel Thomé, Luke Valenta, Benjamin Vandersloot, Eric Wustrow, Santiago Zanella-Béquelin, and Paul Zimmerman, Imperfect Forward Secrecy: How Diffie-Hellman Fails In Practice
• Brendan Saltaformaggio, Rohit Bhatia, Zhongshu Gu, Xiangyu Zhang and Dongyan Xu, Guitar: Piecing Together Android App GUIs From Memory Images
• Viet Tung Hoang, Jonathan Katz and Alex J. Malozemoff, Automated Analysis And Synthesis Of Authenticated Encryption Schemes

2014

• Alexey Reznichenko and Paul Francis, Private-by-Design Advertising Meets the Real World Alexey Reznichenko and Paul Francis
• Johannes Dahse, Nikolai Krein and Thorsten Holz, Code Reuse Attacks in PHP: Automated POP Chain Generation
• Florian Bergsma, Benjamin Dowling, Florian Kohlar, Jörg Schwenk and Douglas Stebila, Multi-ciphersuite security of the Secure Shell (SSH) protocol
  
  

2013