Paper list

• 90 A Practical Approach for Taking Down Avalanche Botnets Under Real-World Constraints
• 91 A View from the Cockpit: Exploring Pilot Reactions to Attacks on Avionic Systems
• 92 ABSynthe: Automatic Blackbox Side-channel Synthesis on Commodity Microarchitectures
• 93 Adversarial Classification Under Differential Privacy
• 94 Are You Going to Answer That? Measuring User Responses to Anti-Robocall Application Indicators
• 95 Automated Cross-Platform Reverse Engineering of CAN Bus Commands From Mobile Apps
• 96 Automated Discovery of Cross-Plane Event-Based Vulnerabilities in Software-Defined Networking
• 97 BLAG: Improving the Accuracy of Blacklists
• 98 BLAZE: Blazing Fast Privacy-Preserving Machine Learning
• 99 Bobtail: Improved Blockchain Security with Low-Variance Mining
• 100 Broken Metre: Attacking Resource Metering in EVM
• 101 Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting
• 102 CDN Judo: Breaking the CDN DoS Protection with Itself
• 103 CloudLeak: Large-Scale Deep Learning Models Stealing Through Adversarial Examples
• 104 Complex Security Policy? A Longitudinal Analysis of Deployed Content Security Policies
• 105 Compliance Cautions: Investigating Security Issues Associated with U.S. Digital-Security Standards
• 106 ConTExT: A Generic Approach for Mitigating Spectre
• 107 Cross-Origin State Inference (COSI) Attacks: Leaking Web Site States through XS-Leaks
• 108 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution
• 109 Data-Driven Debugging for Functional Side Channels
• 110 Decentralized Control: A Case Study of Russia
• 111 Deceptive Previews: A Study of the Link Preview Trustworthiness in Social Platforms
• 112 DeepBinDiff: Learning Program-Wide Code Representations for Binary Diffing
• 113 DefRec: Establishing Physical Function Virtualization to Disrupt Reconnaissance of Power Grids’ Cyber-Physical Infrastructures
• 114 DESENSITIZATION: Privacy-Aware and Attack-Preserving Crash Report
• 115 Designing a Better Browser for Tor with BLAST
• 116 Detecting Probe-resistant Proxies
• 117 DISCO: Sidestepping RPKI’s Deployment Barriers
• 118 Dynamic Searchable Encryption with Small Client Storage
• 119 EASI: Edge-Based Sender Identification on Resource-Constrained Platforms for Automotive Networks
• 120 Encrypted DNS –> Privacy? A Traffic Analysis Perspective
• 121 Et Tu Alexa? When Commodity WiFi Devices Turn into Adversarial Motion Sensors
• 122 Finding Safety in Numbers with Secure Allegation Escrows
• 123 FlowPrint: Semi-Supervised Mobile-App Fingerprinting on Encrypted Network Traffic
• 124 FUSE: Finding File Upload Bugs via Penetration Testing
• 125 Genotype Extraction and False Relative Attacks: Security Risks to Third-Party Genetic Genealogy Services Beyond Identity Inference
• 126 Heterogeneous Private Information Retrieval
• 127 HFL: Hybrid Fuzzing on the Linux Kernel
• 128 Hold the Door! Fingerprinting Your Car Key to Prevent Keyless Entry Car Theft Car
• 129 HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing
• 130 HYPER-CUBE: High-Dimensional Hypervisor Fuzzing
• 131 IMP4GT: IMPersonation Attacks in 4G NeTworks
• 132 Into the Deep Web: Understanding E-commerce Fraud from Autonomous Chat with Cybercriminals
• 133 Learning-based Practical Smartphone Eavesdropping with Built-in Accelerometer
• 134 Let’s Revoke: Scalable Global Certificate Revocation
• 135 Locally Differentially Private Frequency Estimation with Consistency
• 136 MACAO: A Maliciously-Secure and Client-Efficient Active ORAM Framework
• 137 MassBrowser: Unblocking the Censored Web for the Masses, by the Masses
• 138 Measuring the Deployment of Network Censorship Filters at Global Scale
• 139 Melting Pot of Origins: Compromising the Intermediary Web Services that Rehost Websites
• 140 Metal: A Metadata-Hiding File-Sharing System
• 141 Metamorph: Injecting Inaudible Commands into Over-the-air Voice Controlled Systems
• 142 Mind the Portability: A Warriors Guide through Realistic Profiled Side-channel Analysis
• 143 NoJITsu: Locking Down JavaScript Engines
• 144 Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization
• 145 OcuLock: Exploring Human Visual System for Authentication in Virtual Reality Head-mounted Display
• 146 OmegaLog: High-Fidelity Attack Investigation via Transparent Multi-layer Log Analysis
• 147 On the Resilience of Biometric Authentication Systems against Random Inputs
• 148 On Using Application-Layer Middlebox Protocols for Peeking Behind NAT Gateways
• 149 Packet-Level Signatures for Smart Home Devices
• 150 PhantomCache: Obfuscating Cache Conflicts with Localized Randomization
• 151 Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches
• 152 Post-Quantum Authentication in TLS 1.3: A Performance Study
• 153 Practical Traffic Analysis Attacks on Secure Messaging Applications
• 154 Precisely Characterizing Security Impact in a Flood of Patches via Symbolic Rule Comparison
• 155 Prevalence and Impact of Low-Entropy Packing Schemes in the Malware Ecosystem
• 156 Proof of Storage-Time: Efficiently Checking Continuous Data Availability
• 157 ProtectIOn: Root-of-Trust for IO in Compromised Platforms
• 158 Revisiting Leakage Abuse Attacks
• 159 Secure Sublinear Time Differentially Private Median Computation
• 160 Snappy: Fast On-chain Payments with Practical Collaterals
• 161 SODA: A Generic Online Detection Framework for Smart Contracts
• 162 SPEECHMINER: A Framework for Investigating and Measuring Speculative Execution Vulnerabilities
• 163 Strong Authentication without Temper-Resistant Hardware and Application to Federated Identities
• 164 SurfingAttack: Interactive Hidden Attack on Voice Assistants Using Ultrasonic Guided Waves
• 165 SVLAN: Secure & Scalable Network Virtualization
• 166 SymTCP: Eluding Stateful Deep Packet Inspection with Automated Discrepancy Discovery
• 167 The Attack of the Clones Against Proof-of-Authority
• 168 TKPERM: Cross-platform Permission Knowledge Transfer to Detect Overprivileged Third-party Applications
• 169 Towards Plausible Graph Anonymization
• 170 Trident: Efficient 4PC Framework for Privacy Preserving Machine Learning
• 171 UISCOPE: Accurate, Instrumentation-free, and Visible Attack Investigation for GUI Applications
• 172 Unicorn: Runtime Provenance-Based Detector for Advanced Persistent Threats
• 173 uRAI: Securing Embedded Systems with Return Address Integrity
• 174 When Malware is Packin’ Heat; Limits of Machine Learning Classifiers Based on Static Analysis Features
• 175 When Match Fields Do Not Need to Match: Buffered Packets Hijacking in SDN
• 176 Withdrawing the BGP Re-Routing Curtain: Understanding the Security Impact of BGP Poisoning through Real-World Measurements
• 177 You Are What You Do: Hunting Stealthy Malware via Data Provenance Analysis