Paper list

• 1277 An Extensive Formal Security Analysis of the OpenID Financial-grade API
• 1278 Asm2Vec: Boosting Static Representation Robustness for Binary Clone Search against Code Obfuscation and Compiler Optimization
• 1279 Attack Directories, Not Caches: Side Channel Attacks in a Non-Inclusive World
• 1280 Beyond Credential Stuffing: Password Similarity Models using Neural Networks
• 1281 Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash?
• 1282 Blind Certificate Authorities
• 1283 Breaking LTE on Layer Two
• 1284 CaSym: Cache Aware Symbolic Execution for Side Channel Detection and Mitigation
• 1285 Certified Robustness to Adversarial Examples with Differential Privacy
• 1286 Characterizing Pixel Tracking through the Lens of Disposable Email Services
• 1287 Comprehensive Privacy Analysis of Deep Learning
• 1288 Dangerous Skills: Understanding and Mitigating Security Risks of Voice-Controlled Third-Party Functions on Virtual Personal Assistant Systems
• 1289 Data Recovery on Encrypted Databases With k-Nearest Neighbor Query Leakage
• 1290 DeepSec: A Uniform Platform for Security Analysis of Deep Learning Models
• 1291 Demystifying Hidden Privacy Settings in Mobile Apps
• 1292 Differentially Private Model Publishing For Deep Learning
• 1293 Does Certificate Transparency Break the Web? Measuring Adoption and Error Rate
• 1294 Dominance as a New Trusted Computing Primitive for the Internet of Things
• 1295 Drones' Cryptanalysis - Smashing Cryptography with a Flicker
• 1296 EmPoWeb: Empowering Web Applications with Browser Extensions
• 1297 Exploiting Correcting Codes: On the Effectiveness of ECC Memory Against Rowhammer Attacks
• 1298 Exploiting Unintended Feature Leakage in Collaborative Learning
• 1299 F-BLEAU: Fast Black-box Leakage Estimation
• 1300 Fidelius: Protecting User Secrets from Compromised Browsers
• 1301 Formally Verified Cryptographic Web Applications in WebAssembly
• 1302 Full-speed Fuzzing: Reducing Fuzzing Overhead through Coverage-guided Tracing
• 1303 Fuzzing File Systems via Two-Dimensional Input Space Exploration
• 1304 HOLMES: Real-time APT Detection through Correlation of Suspicious Information Flows
• 1305 Hard Drive of Hearing: Disks that Eavesdrop with a Synthesized Microphone
• 1306 Helen: Maliciously Secure Coopetitive Learning for Linear Models
• 1307 How Well Do My Results Generalize? Comparing Security and Privacy Survey Results from MTurk, Web, and Telephone Samples
• 1308 "If HTTPS Were Secure, I Wouldn't Need 2FA" - End User and Administrator Mental Models of HTTPS
• 1309 Iodine: Fast Dynamic Taint Tracking Using Rollback-free Optimistic Hybrid Analysis
• 1310 KHyperLogLog: Estimating Reidentifiability and Joinability of Large Data at Scale
• 1311 Kiss from a Rogue: Evaluating Detectability of Pay-at-the-Pump Card Skimmers
• 1312 LBM: A Security Framework for Peripherals within the Linux Kernel
• 1313 Lay Down the Common Metrics: Evaluating Proof-of-Work Consensus Protocols' Security
• 1314 Learning to Reconstruct: Statistical Learning Theory and Encrypted Database Attacks
• 1315 Measuring and Analyzing Search Engine Poisoning of Linguistic Collisions
• 1316 NEUZZ: Efficient Fuzzing with Neural Program Smoothing
• 1317 Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks
• 1318 New Primitives for Actively-Secure MPC mod $2^k$ with Applications to Private Machine Learning
• 1319 On the Feasibility of Rerouting-Based DDoS Defenses
• 1320 On the Security of Two-Round Multi-Signatures
• 1321 Ouroboros Crypsinous: Privacy-Preserving Proof-of-Stake
• 1322 Perun: Virtual Payment Hubs over Cryptocurrencies
• 1323 PhishFarm: A Scalable Framework for Measuring the Effectiveness of Evasion Techniques Against Browser Phishing Blacklists
• 1324 Port Contention for Fun and Profit
• 1325 Postcards from the Post-HTTP World: Amplification of HTTPS Vulnerabilities in the Web Ecosystem
• 1326 PrivKV: Key-Value Data Collection with Local Differential Privacy
• 1327 ProFuzzer: On-the-fly Input Type Probing for Better Zero-day Vulnerability Discovery
• 1328 Proof-of-Stake Sidechains
• 1329 RIDL: Rogue In-Flight Data Load
• 1330 Razzer: Finding Kernel Race Bugs through Fuzzing
• 1331 Reasoning Analytically About Password-Cracking Software
• 1332 Redactable Blockchain in the Permissionless Setting
• 1333 Resident Evil: Understanding Residential IP Proxy as a Dark Service
• 1334 Security of GPS/INS based On-road Location Tracking Systems
• 1335 Self-Encrypting Deception: Weaknesses in the Encryption of Solid State Drives
• 1336 SensorID: Sensor Calibration Fingerprinting for Smartphones
• 1337 Short Text, Large Effect: Measuring the Impact of User Reviews on Android App Security & Privacy
• 1338 "Should I Worry?" A Cross-Cultural Examination of Account Security Incident Response
• 1339 Simple High-Level Code For Cryptographic Arithmetic -- With Proofs, Without Compromises
• 1340 SoK: General Purpose Compilers for Secure Multi-Party Computation
• 1341 SoK: Sanitizing for Security
• 1342 SoK: Security Evaluation of Home-Based IoT Deployment
• 1343 SoK: Shining Light on Shadow Stacks
• 1344 SoK: The Challenges, Pitfalls, and Perils of Using Hardware Performance Counters for Security
• 1345 Spectre Attacks: Exploiting Speculative Execution
• 1346 Stealthy Porn: Understanding Real-World Adversarial Images for Illicit Online Promotion
• 1347 Synesthesia: Detecting Screen Content via Remote Acoustic Side Channels
• 1348 Tap 'n Ghost: A Compilation of Novel Attack Techniques against Smartphone Touchscreens
• 1349 The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations
• 1350 The Code That Never Ran: Modeling Attacks on Speculative Evaluation
• 1351 Theory and Practice of Finding Eviction Sets
• 1352 Threshold ECDSA from ECDSA Assumptions: The Multiparty Case
• 1353 Touching the Untouchables: Dynamic Security Analysis of the LTE Control Plane
• 1354 Towards Automated Safety Vetting of PLC Code in Real-World Plants
• 1355 Towards Practical Differentially Private Convex Optimization
• 1356 True2F: Backdoor-Resistant Authentication Tokens
• 1357 Understanding the Security of ARM Debugging Features
• 1358 Using Safety Properties to Generate Vulnerability Patches
• 1359 Why Does Your Data Leak? Uncovering the Data Leakage in Cloud from Mobile Apps