default search action
Google
Google Scholar
Semantic Scholar
Internet Archive Scholar
CiteSeerX
ORCID24th CCS 2017: Dallas, TX, USA
- Bhavani Thuraisingham, David Evans, Tal Malkin, Dongyan Xu:
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, October 30 - November 03, 2017. ACM 2017, ISBN 978-1-4503-4946-8
Keynote Talk
- David A. Wagner:
Security and Machine Learning. 1
Session A1: Multi-Party Computation 1
- Vladimir Kolesnikov, Jesper Buus Nielsen, Mike Rosulek, Ni Trieu, Roberto Trifiletti:
DUPLO: Unifying Cut-and-Choose for Garbled Circuits. 3-20 - Xiao Wang
, Samuel Ranellucci, Jonathan Katz:
Authenticated Garbling and Efficient Maliciously Secure Two-Party Computation. 21-37 - Xiao Wang, Samuel Ranellucci, Jonathan Katz:
Global-Scale Secure Multiparty Computation. 39-56
Session A2: Human Authentication
- Linghan Zhang, Sheng Tan, Jie Yang:
Hearing Your Voice is Not Enough: An Articulatory Gesture Based Liveness Detection for Voice Authentication. 57-71 - Jian Liu, Chen Wang, Yingying Chen, Nitesh Saxena:
VibWrite: Towards Finger-input Authentication on Ubiquitous Surfaces via Physical Vibration. 73-87 - Zhangkai Zhang, Xuhua Ding, Gene Tsudik, Jinhua Cui, Zhoujun Li:
Presence Attestation: The Missing Link in Dynamic Trust Bootstrapping. 89-102
Session A3: Adversarial Machine Learning
- Guoming Zhang, Chen Yan, Xiaoyu Ji, Tianchen Zhang, Taimin Zhang, Wenyuan Xu:
DolphinAttack: Inaudible Voice Commands. 103-117 - Hung Dang, Yue Huang, Ee-Chien Chang:
Evading Classifiers by Morphing in the Dark. 119-133 - Dongyu Meng, Hao Chen:
MagNet: A Two-Pronged Defense against Adversarial Examples. 135-147
Session A4: Browsers
- Meng Luo, Oleksii Starov, Nima Honarmand, Nick Nikiforakis:
Hindsight: Understanding the Evolution of UI Vulnerabilities in Mobile Browsers. 149-162 - Yinzhi Cao, Zhanhao Chen, Song Li, Shujiang Wu:
Deterministic Browser. 163-178 - Peter Snyder, Cynthia Bagier Taylor, Chris Kanich:
Most Websites Don't Need to Vibrate: A Cost-Benefit Approach to Improving Browser Security. 179-194
Session A5: Cryptocurrency
- Yujin Kwon, Dohyun Kim, Yunmok Son, Eugene Y. Vasserman, Yongdae Kim:
Be Selfish and Avoid Dilemmas: Fork After Withholding (FAW) Attacks on Bitcoin. 195-209 - Changyu Dong, Yilei Wang, Amjad Aldweesh, Patrick McCorry, Aad van Moorsel:
Betrayal, Distrust, and Rationality: Smart Counter-Collusion Contracts for Verifiable Cloud Computing. 211-227 - Matteo Campanelli, Rosario Gennaro, Steven Goldfeder, Luca Nizzardo:
Zero-Knowledge Contingent Payments Revisited: Attacks and Payments for Services. 229-243
Session B1: Multi-Party Computation 2
- Ruiyu Zhu, Yan Huang, Darion Cassel:
Pool: Scalable On-Demand Secure Computation Service Against Malicious Adversaries. 245-257 - Yehuda Lindell, Ariel Nof:
A Framework for Constructing Fast MPC over Arithmetic Circuits with Malicious Adversaries and an Honest-Majority. 259-276 - Nishanth Chandran, Juan A. Garay, Payman Mohassel, Satyanarayana Vusirikala:
Efficient, Constant-Round and Actively Secure MPC: Beyond the Three-Party Case. 277-294
Session B2: Passwords
- Sarah Pearman, Jeremy Thomas, Pardis Emami Naeini, Hana Habib, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Serge Egelman, Alain Forget:
Let's Go in for a Closer Look: Observing Passwords in Their Natural Habitat. 295-310 - Alena Naiakshina, Anastasia Danilova, Christian Tiefenau, Marco Herzog, Sergej Dechand, Matthew Smith:
Why Do Developers Get Password Storage Wrong?: A Qualitative Usability Study. 311-328 - Rahul Chatterjee, Joanne Woodage, Yuval Pnueli, Anusha Chowdhury, Thomas Ristenpart:
The TypTop System: Personalized Typo-Tolerant Password Checking. 329-346
Session B3: Investigating Attacks
- Yan Shoshitaishvili, Michael Weissbacher, Lukas Dresel, Christopher Salls, Ruoyu Wang, Christopher Kruegel, Giovanni Vigna:
Rise of the HaCRS: Augmenting Autonomous Cyber Reasoning Systems with Human Assistance. 347-362 - Xiaojun Xu, Chang Liu, Qian Feng, Heng Yin, Le Song, Dawn Song:
Neural Network-based Graph Embedding for Cross-Platform Binary Code Similarity Detection. 363-376 - Yang Ji, Sangho Lee, Evan Downing, Weiren Wang, Mattia Fazzini, Taesoo Kim, Alessandro Orso, Wenke Lee:
RAIN: Refinable Attack Investigation with On-demand Inter-Process Information Flow Tracking. 377-390
Session B4: Privacy Policies
- Martin Kucera, Petar Tsankov, Timon Gehr, Marco Guarnieri, Martin T. Vechev:
Synthesis of Probabilistic Privacy Enforcement. 391-408 - Véronique Cortier, Niklas Grimm, Joseph Lallemand, Matteo Maffei:
A Type System for Privacy Properties. 409-423 - Zhan Qin, Ting Yu, Yin Yang, Issa Khalil, Xiaokui Xiao, Kui Ren:
Generating Synthetic Decentralized Social Graphs with Local Differential Privacy. 425-438
Session B5: Blockchains
- Rami Khalil, Arthur Gervais:
Revive: Rebalancing Off-Blockchain Payment Networks. 439-453 - Giulio Malavolta, Pedro Moreno-Sanchez, Aniket Kate, Matteo Maffei, Srivatsan Ravi:
Concurrency and Privacy with Payment-Channel Networks. 455-471 - Matthew Green, Ian Miers:
Bolt: Anonymous Payment Channels for Decentralized Currencies. 473-489
Session C1: Oblivious RAM
- Thang Hoang, Ceyhun D. Ozkaptan, Attila A. Yavuz, Jorge Guajardo, Tam Nguyen:
S3ORAM: A Computation-Efficient and Constant Client Bandwidth Blowup ORAM with Shamir Secret Sharing. 491-505 - Daniel S. Roche, Adam J. Aviv, Seung Geol Choi, Travis Mayberry:
Deterministic, Stash-Free Write-Only ORAM. 507-521 - Jack Doerner, Abhi Shelat:
Scaling ORAM for Secure Computation. 523-535
Session C2: World Wide Web of Wickedness
- Daiping Liu, Zhou Li, Kun Du, Haining Wang, Baojun Liu, Hai-Xin Duan:
Don't Let One Rotten Apple Spoil the Whole Barrel: Towards Automated Detection of Shadowed Domains. 537-552 - Samaneh Tajalizadehkhoob, Tom van Goethem, Maciej Korczynski, Arman Noroozian, Rainer Böhme, Tyler Moore, Wouter Joosen, Michel van Eeten:
Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting. 553-567 - Panagiotis Kintis, Najmeh Miramirkhani, Charles Lever, Yizheng Chen, Rosa Romero Gómez, Nikolaos Pitropakis, Nick Nikiforakis, Manos Antonakakis:
Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse. 569-586
Session C3: Machine Learning Privacy
- Congzheng Song, Thomas Ristenpart, Vitaly Shmatikov:
Machine Learning Models that Remember Too Much. 587-601 - Briland Hitaj, Giuseppe Ateniese, Fernando Pérez-Cruz:
Deep Models Under the GAN: Information Leakage from Collaborative Deep Learning. 603-618 - Jian Liu, Mika Juuti, Yao Lu, N. Asokan:
Oblivious Neural Network Predictions via MiniONN Transformations. 619-631
Session C4: From Verification to ABE
- Bernd Finkbeiner, Christian Müller, Helmut Seidl, Eugen Zalinescu:
Verifying Security Policies in Multi-agent Workflows with Loops. 633-645 - Miguel Ambrona, Gilles Barthe, Romain Gay, Hoeteck Wee:
Attribute-Based Encryption in the Generic Group Model: Automated Proofs and New Constructions. 647-664 - Shashank Agrawal, Melissa Chase:
FAME: Fast Attribute-based Message Encryption. 665-682
Session C5: Using Blockchains
- Jan Camenisch, Manu Drijvers, Maria Dubovitskaya:
Practical UC-Secure Delegatable Credentials with Attributes and Their Application to Blockchain. 683-699 - Ethan Cecchetti, Fan Zhang, Yan Ji, Ahmed E. Kosba, Ari Juels, Elaine Shi:
Solidus: Confidential Distributed Ledger Transactions via PVORM. 701-717 - Arka Rai Choudhuri, Matthew Green, Abhishek Jain, Gabriel Kaptchuk, Ian Miers:
Fairness in an Unfair World: Fair Multiparty Computation from Public Bulletin Boards. 719-728
Session D1: Functional Encryption and Obfuscation
- Brent Carmer, Alex J. Malozemoff, Mariana Raykova:
5Gen-C: Multi-input Functional Encryption and Program Obfuscation for Arithmetic Circuits. 747-764 - Ben Fisch, Dhinakaran Vinayagamurthy, Dan Boneh, Sergey Gorbunov:
IRON: Functional Encryption using Intel SGX. 765-782 - Shai Halevi, Tzipora Halevi, Victor Shoup, Noah Stephens-Davidowitz:
Implementing BP-Obfuscation Using Graph-Induced Encoding. 783-798
Session D2: Vulnerable Mobile Apps
- Chaoshun Zuo, Qingchuan Zhao, Zhiqiang Lin:
AUTHSCOPE: Towards Automatic Discovery of Vulnerable Authorizations in Online Services. 799-813 - Yi Chen, Wei You, Yeonjoon Lee, Kai Chen, XiaoFeng Wang, Wei Zou:
Mass Discovery of Android Traffic Imprints through Instantiated Partial Execution. 815-828 - Tongxin Li, Xueqiang Wang, Mingming Zha, Kai Chen, XiaoFeng Wang, Luyi Xing, Xiaolong Bai, Nan Zhang, Xinhui Han:
Unleashing the Walking Dead: Understanding Cross-App Remote Infections on Mobile WebViews. 829-844
Session D3: Logical Side Channels
- Daniel Genkin, Luke Valenta, Yuval Yarom:
May the Fourth Be With You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve25519. 845-858 - Yuan Xiao, Mengyuan Li, Sanchuan Chen, Yinqian Zhang:
STACCO: Differentially Analyzing Side-Channel Traces for Detecting SSL/TLS Vulnerabilities in Secure Enclaves. 859-874 - Jia Chen, Yu Feng, Isil Dillig:
Precise Detection of Side-Channel Vulnerabilities using Quantitative Cartesian Hoare Logic. 875-890
Session D4: Crypto Primitives
- Mihir Bellare, Joseph Jaeger, Julia Len:
Better Than Advertised: Improved Collision-Resistance Guarantees for MD-Based Hash Functions. 891-906 - Alexander Russell, Qiang Tang, Moti Yung, Hong-Sheng Zhou:
Generic Semantic Security against a Kleptographic Adversary. 907-922 - Mihir Bellare, Wei Dai:
Defending Against Key Exfiltration: Efficiency Improvements for Big-Key Cryptography via Large-Alphabet Subkey Prediction. 923-940
Session D5: Network Security
- Qi Alfred Chen, Matthew Thomas, Eric Osterweil, Yulong Cao, Jie You, Zhuoqing Morley Mao:
Client-side Name Collision Vulnerability in the New gTLD Era: A Systematic Study. 941-956 - Thomas Vissers, Timothy Barron, Tom van Goethem, Wouter Joosen, Nick Nikiforakis:
The Wolf of Name Street: Hijacking Domains Through Their Nameservers. 957-970 - Zain Shamsi, Daren B. H. Cline, Dmitri Loguinov:
Faulds: A Non-Parametric Iterative Classifier for Internet-Wide OS Fingerprinting. 971-982
Session E1: Hardening Crypto
- Dmitry Kogan, Nathan Manohar, Dan Boneh:
T/Key: Second-Factor Authentication From Secure Hash Chains. 983-999 - Joël Alwen, Jeremiah Blocki, Benjamin Harsha:
Practical Graphs for Optimal Side-Channel Resistant Memory-Hard Functions. 1001-1017 - Shay Gueron, Yehuda Lindell:
Better Bounds for Block Cipher Modes of Operation via Nonce-Based Key Derivation. 1019-1036
Session E2: Securing Mobile Apps
- Jie Huang, Oliver Schranz, Sven Bugiel, Michael Backes:
The ART of App Compartmentalization: Compiler-based Library Privilege Separation on Stock Android. 1037-1049 - Lingguang Lei, Yi He, Kun Sun, Jiwu Jing, Yuewu Wang, Qi Li, Jian Weng:
Vulnerable Implicit Service: A Revisit. 1051-1063 - Duc Cuong Nguyen, Dominik Wermke, Yasemin Acar, Michael Backes, Charles Weir, Sascha Fahl:
A Stitch in Time: Supporting Android Developers in WritingSecure Code. 1065-1077
Session E3: Physical Side Channels
- Mohammad A. Islam, Shaolei Ren, Adam Wierman:
Exploiting a Thermal Side Channel for Power Attacks in Multi-Tenant Data Centers. 1079-1094 - Yi Han, Sriharsha Etigowni, Hua Liu, Saman A. Zonouz, Athina P. Petropulu:
Watch Me, but Don't Touch Me! Contactless Control Flow Monitoring via Electromagnetic Emanations. 1095-1108 - Kyong-Tak Cho, Kang G. Shin:
Viden: Attacker Identification on In-Vehicle Networks. 1109-1123
Session E4: Adversarial Social Networking
- Yizheng Chen, Yacin Nadji, Athanasios Kountouras, Fabian Monrose, Roberto Perdisci, Manos Antonakakis, Nikolaos Vasiloglou:
Practical Attacks Against Graph-based Clustering. 1125-1142 - Yuanshun Yao, Bimal Viswanath, Jenna Cryan, Haitao Zheng, Ben Y. Zhao:
Automated Crowdturfing Attacks and Defenses in Online Review Systems. 1143-1158 - Shirin Nilizadeh, Francois Labreche, Alireza Sedighian, Ali Zand, José M. Fernandez, Christopher Kruegel, Gianluca Stringhini, Giovanni Vigna:
POISED: Spotting Twitter Spam Off the Beaten Paths. 1159-1174
Session E5: Privacy-Preserving Analytics
- Kallista A. Bonawitz, Vladimir Ivanov, Ben Kreuter, Antonio Marcedone, H. Brendan McMahan, Sarvar Patel, Daniel Ramage, Aaron Segal, Karn Seth:
Practical Secure Aggregation for Privacy-Preserving Machine Learning. 1175-1191 - Anupam Datta, Matthew Fredrikson, Gihyuk Ko, Piotr Mardziel, Shayak Sen:
Use Privacy in Data-Driven Systems: Theory and Experiments with Machine Learnt Programs. 1193-1210 - Fahad Shaon, Murat Kantarcioglu, Zhiqiang Lin, Latifur Khan:
SGX-BigMatrix: A Practical Encrypted Data Analytic Framework With Trusted Processors. 1211-1228
Session F1: Private Set Intersection
- Peter Rindal, Mike Rosulek:
Malicious-Secure Private Set Intersection via Dual Execution. 1229-1242 - Hao Chen, Kim Laine, Peter Rindal:
Fast Private Set Intersection from Homomorphic Encryption. 1243-1255 - Vladimir Kolesnikov, Naor Matania, Benny Pinkas, Mike Rosulek, Ni Trieu:
Practical Multi-party Private Set Intersection from Symmetric-Key Techniques. 1257-1272
Session F2: Insights from Log(in)s
- Hossein Siadati, Nasir D. Memon:
Detecting Structurally Anomalous Logins Within Enterprise Networks. 1273-1284 - Min Du, Feifei Li, Guineng Zheng, Vivek Srikumar:
DeepLog: Anomaly Detection and Diagnosis from System Logs through Deep Learning. 1285-1298 - Leyla Bilge, Yufei Han, Matteo Dell'Amico:
RiskTeller: Predicting the Risk of Cyber Incidents. 1299-1311
Session F3: Crypto Pitfalls
- Mathy Vanhoef, Frank Piessens:
Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2. 1313-1328 - Maliheh Shirvanian, Nitesh Saxena:
CCCP: Closed Caption Crypto Phones to Resist MITM Attacks, Human Errors and Click-Through. 1329-1342 - Yong Li, Sven Schäge:
No-Match Attacks and Robust Partnering Definitions: Defining Trivial Attacks for Security Protocols is Not Trivial. 1343-1360
Session F4: Private Queries
- Syed Mahbub Hafiz, Ryan Henry:
Querying for Queries: Indexes of Queries for Efficient and Expressive IT-PIR. 1361-1373 - Yan Chen, Ashwin Machanavajjhala, Michael Hay, Gerome Miklau:
PeGaSus: Data-Adaptive Differentially Private Stream Processing. 1375-1388 - Xi He, Ashwin Machanavajjhala, Cheryl J. Flynn, Divesh Srivastava:
Composing Differential Privacy and Secure Computation: A Case Study on Scaling Private Record Linkage. 1389-1406
Session F5: Understanding Security Fails
- Mustafa Emre Acer, Emily Stark, Adrienne Porter Felt, Sascha Fahl, Radhika Bhargava, Bhanu Dev, Matt Braithwaite, Ryan Sleevi, Parisa Tabriz:
Where the Wild Warnings Are: Root Causes of Chrome HTTPS Certificate Errors. 1407-1420 - Kurt Thomas, Frank Li, Ali Zand, Jacob Barrett, Juri Ranieri, Luca Invernizzi, Yarik Markov, Oxana Comanescu, Vijay Eranti, Angelika Moscicki, Daniel Margolis, Vern Paxson, Elie Bursztein:
Data Breaches, Phishing, or Malware?: Understanding the Risks of Stolen Credentials. 1421-1434 - Doowon Kim, Bum Jun Kwon, Tudor Dumitras:
Certified Malware: Measuring Breaches of Trust in the Windows Code-Signing PKI. 1435-1448
Session G1: Searchable Encryption
- Kee Sung Kim, Minkyu Kim, Dongsoo Lee, Je Hong Park, Woo-Hwan Kim:
Forward Secure Dynamic Searchable Symmetric Encryption with Efficient Updates. 1449-1463 - Raphaël Bost, Brice Minaud, Olga Ohrimenko:
Forward and Backward Private Searchable Encryption from Constrained Cryptographic Primitives. 1465-1482
Session G2: Bug-Hunting Risks and Rewards
- Luca Allodi:
Economic Factors of Vulnerability Trade and Exploitation. 1483-1499 - Alexander Gamero-Garrido, Stefan Savage, Kirill Levchenko, Alex C. Snoeren:
Quantifying the Pressure of Legal Risks on Third-party Vulnerability Research. 1501-1513
Session G3: Crypto Standards
- Mihir Bellare, Viet Tung Hoang:
Identity-Based Format-Preserving Encryption. 1515-1532 - Animesh Chhotaray, Adib Nahiyan, Thomas Shrimpton, Domenic Forte, Mark Tehranipoor:
Standardizing Bad Cryptographic Practice: A Teardown of the IEEE Standard for Protecting Electronic-design Intellectual Property. 1533-1546
Session G4: Voting
- Gottfried Herold, Max Hoffmann, Michael Klooß, Carla Ràfols, Andy Rupp:
New Techniques for Structural Batch Verification in Bilinear Groups with Applications to Groth-Sahai Proofs. 1547-1564 - Rafaël del Pino, Vadim Lyubashevsky, Gregory Neven, Gregor Seiler:
Practical Quantum-Safe Voting from Lattices. 1565-1581
Session G5: Hardening Hardware
- Vasilios Mavroudis, Andrea Cerulli, Petr Svenda, Dan Cvrcek, Dusan Klinec, George Danezis:
A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components. 1583-1600 - Muhammad Yasin, Abhrajit Sengupta, Mohammed Thari Nabeel, Mohammed Ashraf, Jeyavijayan Rajendran, Ozgur Sinanoglu:
Provably-Secure Logic Locking: From Theory To Practice. 1601-1618
Session H1: Crypto Attacks
- Matús Nemec, Marek Sýs, Petr Svenda, Dusan Klinec, Vashek Matyas:
The Return of Coppersmith's Attack: Practical Factorization of Widely Used RSA Moduli. 1631-1648 - Sebastian Berndt, Maciej Liskiewicz:
Algorithm Substitution Attacks from a Steganographic Perspective. 1649-1660 - Shahin Tajik, Heiko Lohrke, Jean-Pierre Seifert, Christian Boit:
On the Power of Optical Contactless Probing: Attacking Bitstream Encryption of FPGAs. 1661-1674
Session H2: Code Reuse Attacks
- Victor van der Veen, Dennis Andriesse, Manolis Stamatogiannakis, Xi Chen, Herbert Bos, Cristiano Giuffrida:
The Dynamics of Innocent Flesh on the Bone: Code Reuse Ten Years Later. 1675-1689 - David Korczynski, Heng Yin:
Capturing Malware Propagations with Code Injections and Code-Reuse Attacks. 1691-1708 - Sebastian Lekies, Krzysztof Kotowicz, Samuel Groß, Eduardo A. Vela Nava, Martin Johns:
Code-Reuse Attacks for the Web: Breaking Cross-Site Scripting Mitigations via Script Gadgets. 1709-1723
Session H3: Web Security
- Huasong Shan, Qingyang Wang, Calton Pu:
Tail Attacks on Web Applications. 1725-1739 - Ada Lerner, Tadayoshi Kohno, Franziska Roesner:
Rewriting History: Changing the Archived Web from the Present. 1741-1755 - Giancarlo Pellegrino, Martin Johns, Simon Koch, Michael Backes, Christian Rossow:
Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs. 1757-1771
Session H4: Formal Verification
- Cas Cremers, Marko Horvat, Jonathan Hoyland, Sam Scott, Thyla van der Merwe:
A Comprehensive Symbolic Analysis of TLS 1.3. 1773-1788 - Jean Karim Zinzindohoué, Karthikeyan Bhargavan, Jonathan Protzenko, Benjamin Beurdouche:
HACL*: A Verified Modern Cryptographic Library. 1789-1806 - José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, Arthur Blot, Benjamin Grégoire, Vincent Laporte, Tiago Oliveira, Hugo Pacheco, Benedikt Schmidt, Pierre-Yves Strub:
Jasmin: High-Assurance and High-Speed Cryptography. 1807-1823
Session I1: Post-Quantum
- Melissa Chase, David Derler, Steven Goldfeder, Claudio Orlandi, Sebastian Ramacher, Christian Rechberger, Daniel Slamanig, Greg Zaverucha:
Post-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives. 1825-1842 - Peter Pessl, Leon Groot Bruinderink, Yuval Yarom:
To BLISS-B or not to be: Attacking strongSwan's Implementation of Post-Quantum Signatures. 1843-1855 - Thomas Espitau, Pierre-Alain Fouque, Benoît Gérard, Mehdi Tibouchi:
Side-Channel Attacks on BLISS Lattice-Based Signatures: Exploiting Branch Tracing against strongSwan and Electromagnetic Emanations in Microcontrollers. 1857-1874
Session I2: Information Flow
- Ethan Cecchetti, Andrew C. Myers, Owen Arden:
Nonmalleable Information Flow Control. 1875-1891 - Lucas Waye, Pablo Buiras, Owen Arden, Alejandro Russo, Stephen Chong:
Cryptographically Secure Information Flow Control on Key-Value Stores. 1893-1907 - Wenhao Wang, Xiaoyang Xu, Kevin W. Hamlen:
Object Flow Integrity. 1909-1924
Session I3: Personal Privacy
- Gunnar Hartung, Max Hoffmann, Matthias Nagel, Andy Rupp:
BBA+: Improving the Security and Applicability of Privacy-Preserving Point Collection. 1925-1942 - Michael Backes, Mathias Humbert, Jun Pang, Yang Zhang:
walk2friends: Inferring Social Links from Mobility Profiles. 1943-1957 - Simon Oya, Carmela Troncoso, Fernando Pérez-González:
Back to the Drawing Board: Revisiting the Design of Optimal Location Privacy-preserving Mechanisms. 1959-1972
Session I4: Verifying Crypto
- Ming-Hsien Tsai, Bow-Yaw Wang, Bo-Yin Yang:
Certified Verification of Algebraic Properties on Low-Level Mathematical Constructs in Cryptographic Programs. 1973-1987 - José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, François Dupressoir, Benjamin Grégoire, Vincent Laporte, Vitor Pereira:
A Fast and Verified Software Stack for Secure Function Evaluation. 1989-2006 - Katherine Q. Ye, Matthew Green, Naphat Sanguansin, Lennart Beringer, Adam Petcher, Andrew W. Appel:
Verified Correctness and Security of mbedTLS HMAC-DRBG. 2007-2020
Session I5: Communication Privacy
- Rebekah Overdorf, Marc Juárez, Gunes Acar, Rachel Greenstadt, Claudia Díaz:
How Unique is Your .onion?: An Analysis of the Fingerprintability of Tor Onion Services. 2021-2036 - Milad Nasr, Hadi Zolfaghari, Amir Houmansadr:
The Waterfall of Liberty: Decoy Routing Circumvention that Resists Routing Attacks. 2037-2052 - Milad Nasr, Amir Houmansadr, Arya Mazumdar:
Compressive Traffic Analysis: A New Paradigm for Scalable Traffic Analysis. 2053-2069
Session J1: Outsourcing
- Riad S. Wahby, Ye Ji, Andrew J. Blumberg, Abhi Shelat, Justin Thaler, Michael Walfish, Thomas Wies:
Full Accounting for Verifiable Outsourcing. 2071-2086 - Scott Ames, Carmit Hazay, Yuval Ishai, Muthuramakrishnan Venkitasubramaniam:
Ligero: Lightweight Sublinear Arguments Without a Trusted Setup. 2087-2104 - Elette Boyle, Geoffroy Couteau, Niv Gilboa, Yuval Ishai, Michele Orrù:
Homomorphic Secret Sharing: Optimizations and Applications. 2105-2122
Session J2: Fun with Fuzzing
- Jake Corina, Aravind Machiry, Christopher Salls, Yan Shoshitaishvili, Shuang Hao, Christopher Kruegel, Giovanni Vigna:
DIFUZE: Interface Aware Fuzzing for Kernel Drivers. 2123-2138 - Wei You, Peiyuan Zong, Kai Chen, XiaoFeng Wang, Xiaojing Liao, Pan Bian, Bin Liang:
SemFuzz: Semantics-based Automatic Generation of Proof-of-Concept Exploits. 2139-2154 - Theofilos Petsios, Jason Zhao, Angelos D. Keromytis, Suman Jana:
SlowFuzz: Automated Domain-Independent Detection of Algorithmic Complexity Vulnerabilities. 2155-2168
Session J3: Problematic Patches
- Ruian Duan, Ashish Bijlani, Meng Xu, Taesoo Kim, Wenke Lee:
Identifying Open-Source License Violation and 1-day Security Risk at Large Scale. 2169-2185 - Erik Derr, Sven Bugiel, Sascha Fahl, Yasemin Acar, Michael Backes:
Keep me Updated: An Empirical Study of Third-Party Library Updatability on Android. 2187-2200 - Frank Li, Vern Paxson:
A Large-Scale Empirical Study of Security Patches. 2201-2215
Session J4: Flash Security
- Shijie Jia, Luning Xia, Bo Chen, Peng Liu:
DEFTL: Implementing Plausibly Deniable Encryption in Flash Translation Layer. 2217-2229 - Jian Huang, Jun Xu, Xinyu Xing, Peng Liu, Moinuddin K. Qureshi:
FlashGuard: Leveraging Intrinsic Flash Properties to Defend Against Encryption Ransomware. 2231-2244 - Grant Hernandez, Farhaan Fowze, Dave (Jing) Tian, Tuba Yavuz, Kevin R. B. Butler:
FirmUSB: Vetting USB Device Firmware using Domain Informed Symbolic Execution. 2245-2262
Session K1: Secure Computation
- Nico Döttling, Satrajit Ghosh, Jesper Buus Nielsen, Tobias Nilges, Roberto Trifiletti:
TinyOLE: Efficient Actively Secure Two-Party Computation from Oblivious Linear Function Evaluation. 2263-2276 - Shweta Agrawal, Sanjay Bhattacherjee, Duong Hieu Phan, Damien Stehlé, Shota Yamada:
Efficient Public Trace and Revoke from Standard Assumptions: Extended Abstract. 2277-2293 - Ellis Fenske, Akshaya Mani, Aaron Johnson, Micah Sherr:
Distributed Measurement with Private Set-Union Cardinality. 2295-2312
Session K2: Fuzzing Finer and Faster
- Wen Xu, Sanidhya Kashyap, Changwoo Min, Taesoo Kim:
Designing New Operating Primitives to Improve Fuzzing Performance. 2313-2328 - Marcel Böhme, Van-Thuan Pham, Manh-Dung Nguyen, Abhik Roychoudhury:
Directed Greybox Fuzzing. 2329-2344 - HyungSeok Han, Sang Kil Cha:
IMF: Inferred Model-based Fuzzer. 2345-2358
Session K3: Program Analysis
- Shen Liu, Gang Tan, Trent Jaeger:
PtrSplit: Supporting General Pointers in Automatic Program Partitioning. 2359-2371 - Yuseok Jeon, Priyam Biswas, Scott A. Carr, Byoungyoung Lee, Mathias Payer:
HexType: Efficient Detection of Type Confusion Errors for C++. 2373-2387 - Sam Silvestro, Hongyu Liu, Corey Crosser, Zhiqiang Lin, Tongping Liu:
FreeGuard: A Faster Secure Heap Allocator. 2389-2403
Session K4: Secure Enclaves
- Tommaso Frassetto, David Gens, Christopher Liebchen, Ahmad-Reza Sadeghi:
JITGuard: Hardening Just-in-time Compilers with SGX. 2405-2419 - Wenhao Wang, Guoxing Chen, Xiaorui Pan, Yinqian Zhang, XiaoFeng Wang, Vincent Bindschaedler, Haixu Tang, Carl A. Gunter:
Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX. 2421-2434 - Pramod Subramanyan, Rohit Sinha, Ilia A. Lebedev, Srinivas Devadas, Sanjit A. Seshia:
A Formal Foundation for Secure Remote Execution of Enclaves. 2435-2450
Demonstration
- Jared M. Smith, Elliot Greenlee, Aaron E. Ferber:
DEMO: Akatosh: Automated Cyber Incident Verification and Impact Analysis. 2463-2465
Posters
- Muhammad Ejaz Ahmed, Hyoungshick Kim:
Poster: Adversarial Examples for Classifiers in High-Dimensional Network Data. 2467-2469 - Zixi Cai, Zigang Cao, Gang Xiong, Zhen Li, Wei Xia:
POSTER: An Empirical Measurement Study on Multi-tenant Deployment Issues of CDNs. 2471-2473 - Shaosheng Cao, Xinxing Yang, Jun Zhou, Xiaolong Li, Yuan (Alan) Qi, Kai Xiao:
POSTER: Actively Detecting Implicit Fraudulent Transactions. 2475-2477 - Li Chen, Mingwei Zhang, Chih-Yuan Yang, Ravi Sahita:
POSTER: Semi-supervised Classification for Dynamic Android Malware Detection. 2479-2481 - Long Cheng, Ke Tian, Danfeng (Daphne) Yao:
POSTER: Detection of CPS Program Anomalies by Enforcing Cyber-Physical Execution Semantics. 2483-2485 - Mingxin Cui, Zigang Cao, Gang Xiong, Junzheng Shi:
POSTER: A Comprehensive Study of Forged Certificates in the Wild. 2487-2489 - Yu Ding, Ran Duan, Long Li, Yueqiang Cheng, Yulong Zhang, Tanghui Chen, Tao Wei, Huibo Wang:
POSTER: Rust SGX SDK: Towards Memory Safety in Intel SGX Enclave. 2491-2493 - Lucas Freire, Miguel C. Neves, Alberto E. Schaeffer Filho, Marinho P. Barcellos:
POSTER: Finding Vulnerabilities in P4 Programs with Assertion-based Verification. 2495-2497 - Jun-Won Ho, KyungRok Won, Jee Sun Kim:
POSTER: Covert Channel Based on the Sequential Analysis in Android Systems. 2499-2501 - Jordan Holland, Max Schuchard:
POSTER: Why Are You Going That Way? Measuring Unnecessary Exposure of Network Traffic to Nation States. 2503-2505 - Diptendu Mohan Kar, Ibrahim Lazrig, Indrajit Ray, Indrakshi Ray:
POSTER: PriReMat: A Distributed Tool for Privacy Preserving Record Linking in Healthcare. 2507-2509 - Rody Kersten, Kasper Søe Luckow, Corina S. Pasareanu:
POSTER: AFL-based Fuzzing for Java with Kelinci. 2511-2513 - Seungyeon Kim, Hoyeon Lee, Taekyoung Kwon:
POSTER: Rethinking Fingerprint Identification on Smartphones. 2515-2517 - Amit Klein, Vladimir Kravtsov, Alon Perlmuter, Haya Schulmann, Michael Waidner:
POSTER: X-Ray Your DNS. 2519-2521 - Anne Kohlbrenner, Frederico Araujo, Teryl Taylor, Marc Ph. Stoecklin:
POSTER: Hidden in Plain Sight: A Filesystem for Data Integrity and Confidentiality. 2523-2525 - Youngjoo Lee, WonSeok Yang, Taekyoung Kwon:
POSTER: Watch Out Your Smart Watch When Paired. 2527-2529 - Huaxin Li, Li Zhao, Marcio Juliato, Shabbir Ahmed, Manoj R. Sastry, Lily L. Yang:
POSTER: Intrusion Detection System for In-vehicle Networks using Sensor Correlation and Integration. 2531-2533 - Longfei Li, Jun Zhou, Xiaolong Li, Tao Chen:
POSTER: Practical Fraud Transaction Prediction. 2535-2537 - Guanjun Lin, Jun Zhang, Wei Luo, Lei Pan, Yang Xiang:
POSTER: Vulnerability Discovery with Function Representation Learning from Unlabeled Projects. 2539-2541 - Ziqi Liu, Chaochao Chen, Jun Zhou, Xiaolong Li, Feng Xu, Tao Chen, Le Song:
POSTER: Neural Network-based Graph Embedding for Malicious Accounts Detection. 2543-2545 - Pei-Hsuan Lu, Chia-Mu Yu:
POSTER: A Unified Framework of Differentially Private Synthetic Data Release with Generative Adversarial Network. 2547-2549 - Seita Maruyama, Satohiro Wakabayashi, Tatsuya Mori:
POSTER: TOUCHFLOOD: A Novel Class of Attacks against Capacitive Touchscreens. 2551-2553 - Rahat Masood, Benjamin Zi Hao Zhao, Hassan Jameel Asghar, Mohamed Ali Kâafar:
POSTER: TouchTrack: How Unique are your Touch Gestures? 2555-2557 - Subhojeet Mukherjee, Noah Cain, Jacob Walker, David White, Indrajit Ray, Indrakshi Ray:
POSTER: PenJ1939: An Interactive Framework for Design and Dissemination of Exploits for Commercial Vehicles. 2559-2561 - Ahmet Okutan, Gordon Werner, Katie McConky, Shanchieh Jay Yang:
POSTER: Cyber Attack Prediction of Threats from Unconventional Resources (CAPTURE). 2563-2565 - Hernan M. Palombo, Hao Zheng, Jay Ligatti:
POSTER: Towards Precise and Automated Verification of Security Protocols in Coq. 2567-2569 - Jonghyeon Park, Youngseok Lee:
POSTER: Probing Tor Hidden Service with Dockers. 2571-2573 - Thomas Shaw, James Arrowood, Michael Kvasnicka, Shay Taylor, Kyle Cook, John Hale:
POSTER: Evaluating Reflective Deception as a Malware Mitigation Strategy. 2575-2577 - Abhishek Singh:
POSTER: Improving Anonymity of Services Deployed Over Tor by Changing Guard Selection. 2579-2581 - Liwei Song, Prateek Mittal:
POSTER: Inaudible Voice Commands. 2583-2585 - Satohiro Wakabayashi, Seita Maruyama, Tatsuya Mori, Shigeki Goto, Masahiro Kinugawa, Yu-ichi Hayashi:
POSTER: Is Active Electromagnetic Side-channel Attack Practical? 2587-2589 - Qianqian Xing, Baosheng Wang, Xiaofeng Wang:
POSTER: BGPCoin: A Trustworthy Blockchain-based Resource Management Solution for BGP Security. 2591-2593 - Jeff Yan, Aurélien Bourquard:
POSTER: Who was Behind the Camera? - Towards Some New Forensics. 2595-2597 - Ya-Lin Zhang, Longfei Li, Jun Zhou, Xiaolong Li, Yujiang Liu, Yuanchao Zhang, Zhi-Hua Zhou:
POSTER: A PU Learning based System for Potential Malicious URL Detection. 2599-2601
Tutorials
- Leila Bahri:
Identity Related Threats, Vulnerabilities and Risk Mitigation in Online Social Networks: A Tutorial. 2603-2605 - Nataliia Bielova:
Web Tracking Technologies and Protection Mechanisms. 2607-2609 - Ryan Henry:
Tutorial: Private Information Retrieval. 2611-2612 - Taesoo Kim, Zhiqiang Lin, Chia-Che Tsai:
CCS'17 Tutorial Abstract / SGX Security and Privacy. 2613-2614 - Qiang Tang, Moti Yung:
Cliptography: Post-Snowden Cryptography. 2615-2616 - Yinqian Zhang:
Cache Side Channels: State of the Art and Research Opportunities. 2617-2619
Workshop Summaries
- Battista Biggio, David Freeman, Brad Miller, Arunesh Sinha:
10th International Workshop on Artificial Intelligence and Security (AISec 2017). 2621-2622 - Chip-Hong Chang, Marten van Dijk, Farinaz Koushanfar, Ulrich Rührmair, Mark Tehranipoor:
ASHES 2017: Workshop on Attacks and Solutions in Hardware Security. 2623-2625 - Ghassan O. Karame, Angelos Stavrou:
CCSW'17: 2017 ACM Cloud Computing Security. 2627-2628 - Rakesh B. Bobba, Awais Rashid:
CPS-SPC 2017: Third Workshop on Cyber-Physical Systems Security and PrivaCy. 2629-2630 - Danfeng (Daphne) Yao, Elisa Bertino:
CCS 2017: Women in Cyber Security (CyberW) Workshop. 2631-2632 - Taesoo Kim, Dinghao Wu:
FEAST 2017: The Second Workshop on Forming an Ecosystem Around Software Transformation. 2633-2634 - Ilsun You, Elisa Bertino:
MIST 2017: 9th International Workshop on Managing Insider Security Threats. 2635-2636 - Hamed Okhravi, Xinming Ou:
MTD 2017: Fourth ACM Workshop on Moving Target Defense (MTD). 2637-2638 - Nataliia Bielova, Marco Gaboardi:
PLAS 2017: ACM SIGSAC Workshop on Programming Languages and Analysis for Security. 2639-2640 - Nicholas J. Multari, Anoop Singhal, Erin Miller:
SafeConfig'17: Applying the Scientific Method to Active Cyber Defense Research. 2641-2642 - Adam J. Lee:
16th Workshop on Privacy in the Electronic Society (WPES 2017). 2643-2644 - Roger Hallman, Kurt Rohloff, Victor Chang:
Workshop on Multimedia Privacy and Security. 2645-2646 - Theophilus Benson, Peng Liu, Srikanth Sundaresan, Yuqing Zhang:
IoT S&P 2017: First Workshop on Internet of Things Security and Privacy. 2647-2648
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
last updated on 2025-10-31 00:52 CET by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint
dblp was originally created in 1993 at:
since 2018, dblp has been operated and maintained by:
the dblp computer science bibliography is funded and supported by:
