Collection of Security Papers

ACM CCS 2020

Collection of Security Papers

All
IEEE S&P
IEEE S&P
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ACM CCS
ACM CCS
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
USENIX Sec
USENIX Sec
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
NDSS
NDSS
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ICSE
ICSE
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015-1
- 2015-2
ISSTA
ISSTA
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015

ACM CCS 2020

147 papers accepted.

Updated on 2023-09-08.

You can find the lastest information here.

Bypassing Tor Exit Blocking with Exit Bridge Onion Services.

CLAPS: Client-Location-Aware Path Selection in Tor.

Poking a Hole in the Wall: Efficient Censorship-Resistant Internet Communications by Parasitizing on WebRTC.

Censored Planet: An Internet-wide, Longitudinal Censorship Observatory.

Gotta Catch'Em All: Using Honeypots to Catch Adversarial Attacks on Neural Networks.

A Tale of Evil Twins: Adversarial Inputs versus Poisoned Models.

DeepDyve: Dynamic Verification for Deep Neural Networks.

Composite Backdoor Attack for Deep Neural Network by Mixing Existing Benign Features.

Devil is Virtual: Reversing Virtual Inheritance in C++ Binaries.

PatchScope: Memory Object Centric Patch Diffing.

FirmXRay: Detecting Bluetooth Link Layer Vulnerabilities From Bare-Metal Firmware.

Privaros: A Framework for Privacy-Compliant Delivery Drones.

A Performant, Misuse-Resistant API for Primality Testing.

ProMACs: Progressive and Resynchronizing MACs for Continuous Efficient Authentication of Message Streams.

LadderLeak: Breaking ECDSA with Less than One Bit of Nonce Leakage.

Security of Streaming Encryption in Google's Tink Library.

Cyber-Physical Inconsistency Vulnerability Identification for Safety Checks in Robotic Vehicles.

HoneyPLC: A Next-Generation Honeypot for Industrial Control Systems.

Phantom of the ADAS: Securing Advanced Driver-Assistance Systems from Split-Second Phantom Attacks.

T2Pair: Secure and Usable Pairing for Heterogeneous IoT Devices.

CrypTFlow2: Practical 2-Party Secure Inference.

GAN-Leaks: A Taxonomy of Membership Inference Attacks against Generative Models.

Analyzing Information Leakage of Updates to Natural Language Models.

Information Leakage in Embedding Models.

PPE Circuits: Formal Definition to Software Automation.

Threshold Password-Hardened Encryption Services.

Minimal Symmetric PAKE and 1-out-of-N OT from Programmable-Once Public Functions.

Full Database Reconstruction in Two Dimensions.

Slimium: Debloating the Chromium Browser with Feature Subsetting.

You've Changed: Detecting Malicious Browser Extensions through their Update Deltas.

PMForce: Systematically Analyzing postMessage Handlers at Scale.

Fill in the Blanks: Empirical Analysis of the Privacy Threats of Browser Form Autofill.

Lies in the Air: Characterizing Fake-base-station Spam Ecosystem in China.

VAHunt: Warding Off New Repackaged Android Malware in App-Virtualization's Clothing.

Deploying Android Security Updates: an Extensive Study Involving Manufacturers, Carriers, and End Users.

Demystifying Resource Management Risks in Emerging Mobile App-in-App Ecosystems.

ACE: Asynchronous and Concurrent Execution of Complex Smart Contracts.

BDoS: Blockchain Denial-of-Service.

eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts.

WI is Almost Enough: Contingent Payment All Over Again.

Private Summation in the Multi-Message Shuffle Model.

R2DP: A Universal and Automated Approach to Optimizing the Randomization Mechanisms of Differential Privacy for Utility Metrics with No Known Optimal Distributions.

Estimating g-Leakage via Machine Learning.

Implementing the Exponential Mechanism with Base-2 Differential Privacy.

Examining Mirai's Battle over the Internet of Things.

Enhancing State-of-the-art Classifiers with API Semantics to Detect Evolved Android Malware.

Towards Attribution in Mobile Markets: Identifying Developer Account Polymorphism.

Mnemosyne: An Effective and Efficient Postmortem Watering Hole Attack Investigation System.

Dumbo: Faster Asynchronous BFT Protocols.

Tight Consistency Bounds for Bitcoin.

On the Optimality of Optimistic Responsiveness.

Everything is a Race and Nakamoto Always Wins.

Security Analysis and Implementation of Relay-Resistant Contactless Payments.

HACLxN: Verified Generic SIMD Crypto (for all your favourite platforms).

CheckDP: An Automated and Integrated Approach for Proving Differential Privacy or Finding Precise Counterexamples.

Asynchronous Remote Key Generation: An Analysis of Yubico's Proposal for W3C WebAuthn.

SQUIRREL: Testing Database Management Systems with Language Validity and Coverage Feedback.

FREEDOM: Engineering a State-of-the-Art DOM Fuzzer.

BlackMirror: Preventing Wallhacks in 3D Online FPS Games.

Cache-in-the-Middle (CITM) Attacks: Manipulating Sensitive Data in Isolated Execution Environments.

Deterministic Wallets in a Quantum World.

SNI-in-the-head: Protecting MPC-in-the-head Protocols against Side-channel Analysis.

Practical Lattice-Based Zero-Knowledge Proofs for Integer Relations.

QuantumHammer: A Practical Hybrid Attack on the LUOV Signature Scheme.

TEMPEST Comeback: A Realistic Audio Eavesdropping Threat on Mixed-signal SoCs.

When the Differences in Frequency Domain are Compensated: Understanding and Defeating Modulated Replay Attacks on Automatic Speech Recognition.

AdvPulse: Universal, Synchronization-free, and Targeted Audio Adversarial Attacks via Subsecond Perturbations.

Harnessing the Ambient Radio Frequency Noise for Wearable Device Pairing.

PDiff: Semantic-based Patch Presence Testing for Downstream Kernels.

A Systematic Study of Elastic Objects in Kernel Exploitation.

iDEA: Static Analysis on the Security of Apple Kernel Drivers.

Exaggerated Error Handling Hurts! An In-Depth Study and Context-Aware Detection.

LEAF: A Faster Secure Search Algorithm via Localization, Extraction, and Reconstruction.

Blinder - Scalable, Robust Anonymous Committed Broadcast.

Secure Single-Server Aggregation with (Poly)Logarithmic Overhead.

Fast Database Joins and PSI for Secret Shared Data.

The Boon and Bane of Cross-Signing: Shedding Light on a Common Practice in Public Key Infrastructures.

Zombie Awakening: Stealthy Hijacking of Active Domains through DNS Hosting Referral.

Off-Path TCP Exploits of the Mixed IPID Assignment.

DNS Cache Poisoning Attack Reloaded: Revolutions with Side Channels.

Game-Set-MATCH: Using Mobile Devices for Seamless External-Facing Biometric Matching.

Usage Patterns of Privacy-Enhancing Technologies.

Text Captcha Is Dead? A Large Scale Deployment and Empirical Study.

Practical Recommendations for Stronger, More Usable Passwords Combining Minimum-strength, Minimum-length, and Blocklist Requirements.

Oracle Simulation: A Technique for Protocol Composition with Long Term Shared Secrets.

The Signal Private Group System and Anonymous Credentials Supporting Efficient Verifiable Encryption.

Post-Quantum TLS Without Handshake Signatures.

Clone Detection in Secure Messaging: Improving Post-Compromise Security in Practice.

A Forensically Sound Method of Identifying Downloaders and Uploaders in Freenet.

A Qualitative Study of Dependency Management and Its Security Implications.

Forensic Analysis in Access Control: Foundations and a Case-Study from Practice.

Logging to the Danger Zone: Race Condition Attacks and Defenses on System Audit Frameworks.

MP-SPDZ: A Versatile Framework for Multi-Party Computation.

Is the Classical GMW Paradigm Practical? The Case of Non-Interactive Actively Secure 2PC.

Ferret: Fast Extension for Correlated OT with Small Communication.

More Efficient MPC from Improved Triple Generation and Authenticated Garbling.

Mitigation of Attacks on Email End-to-End Encryption.

Impersonation-as-a-Service: Characterizing the Emerging Criminal Infrastructure for User Impersonation at Scale.

VisualPhishNet: Zero-Day Phishing Website Detection by Visual Similarity.

Dangerous Skills Got Certified: Measuring the Trustworthiness of Skill Certification in Voice Personal Assistant Platforms.

MuSig-DN: Schnorr Multi-Signatures with Verifiably Deterministic Nonces.

Verifiable Timed Signatures Made Practical.

Asynchronous Distributed Key Generation for Computationally-Secure Randomness, Consensus, and Threshold Signatures.

UC Non-Interactive, Proactive, Threshold ECDSA with Identifiable Aborts.

A Generic Technique for Automatically Finding Defense-Aware Code Reuse Attacks.

Methodologies for Quantifying (Re-)randomization Security and Timing under JIT-ROP.

Finding Cracks in Shields: On the Security of Control Flow Integrity Mechanisms.

RTFM! Automatic Assumption Discovery and Verification Derivation from Library Document for API Misuse Detection.

InSpectre: Breaking and Fixing Microarchitectural Vulnerabilities by Formal Analysis.

Déjà Vu: Side-Channel Analysis of Mozilla's NSS.

TRUSTORE: Side-Channel Resistant Storage for SGX using Intel Hybrid CPU-FPGA.

DECO: Liberating Web Data Using Decentralized Oracles for TLS.

Talking with Familiar Strangers: An Empirical Study on HTTPS Context Confusion Attacks.

TrafficSliver: Fighting Website Fingerprinting Attacks with Traffic Splitting.

Lift-and-Shift: Obtaining Simulation Extractable Subversion and Updatable SNARKs Generically.

Pointproofs: Aggregating Proofs for Multiple Vector Commitments.

Ligero++: A New Optimized Sublinear IOP.

Zero Knowledge Proofs for Decision Tree Predictions and Accuracy.

A 2.1 KHz Zero-Knowledge Processor with BubbleRAM.

Realistic Threats and Realistic Users: Lessons from the Election.

PhishBench 2.0: A Versatile and Extendable Benchmarking Framework for Phishing.

Benchmarking Label Dynamics of VirusTotal Engines.

VRLifeTime - An IDE Tool to Avoid Concurrency and Memory Bugs in Rust.

LPET - Mining MS-Windows Software Privilege Escalation Vulnerabilities by Monitoring Interactive Behavior.

Towards Using Source Code Repositories to Identify Software Supply Chain Attacks.

Cybersecurity Research and Training for Power Distribution Grids - A Blueprint.

Continuous and Multiregional Monitoring of Malicious Hosts.

Facilitating Protocol-independent Industrial Intrusion Detection Systems.

Bento: Bringing Network Function Virtualization to Tor.

RIPT - An Efficient Multi-Core Record-Replay System.

Impact of Energy Consumption Attacks on LoRaWAN-Enabled Devices in Industrial Context.

A Multi-phased Multi-faceted IoT Honeypot Ecosystem.

Voice-Indistinguishability - Protecting Voiceprint with Differential Privacy under an Untrusted Server.

rProfiler - Assessing Insider Influence on Enterprise Assets.

CCSW'20: 2020 Cloud Computing Security Workshop.

CPSIOTSEC'20: 2020 Joint Workshop on CPS&IoT Security and Privacy.

MTD'20: 7th ACM Workshop on Moving Target Defense.

PPMLP 2020: Workshop on Privacy-Preserving Machine Learning In Practice.

19th Workshop on Privacy in the Electronic Society (WPES 2020).

AISec'20: 13th Workshop on Artificial Intelligence and Security.

ASHES 2020: 4th Workshop on Attacks and Solutions in Hardware Security.

2nd Workshop on Cyber-Security Arms Race (CYSARM 2020).

FEAST'20: Fifth Workshop on Forming an Ecosystem Around Software Transformation.

PLAS'20: 15th Workshop on Programming Languages and Analysis for Security.

TPDP'20: 6th Workshop on Theory and Practice of Differential Privacy.