NDSS 2016 61 papers accepted. Updated on 2023-10-06. You can find the lastest information here. Keynote: On Subverting Trust. Transcript Collision Attacks: Breaking Authentication in TLS, IKE and SSH. TLS in the Wild: An Internet-wide Analysis of TLS-based Protocols for Electronic Communication. Killed by Proxy: Analyzing Client-end TLS Interce. SIBRA: Scalable Internet Bandwidth Reservation Architecture. Don't Forget to Lock the Back Door! A Characterization of IPv6 Network Security Policy. Attacking the Network Time Protocol. SPIFFY: Inducing Cost-Detectability Tradeoffs for Persistent Link-Flooding Attacks. CrossFire: An Analysis of Firefox Extension-Reuse Vulnerabilities. It's Free for a Reason: Exploring the Ecosystem of Free Live Streaming Services. Attack Patterns for Black-Box Security Testing of Multi-Party Web Applications. Are these Ads Safe: Detecting Hidden Attacks through the Mobile App-Web Interfaces. Enabling Practical Software-defined Networking Security Applications with OFX. Forwarding-Loop Attacks in Content Delivery Networks. CDN-on-Demand: An affordable DDoS Defense via Untrusted Clouds. Towards SDN-Defined Programmable BYOD (Bring Your Own Device) Security. Centrally Banked Cryptocurrencies. Equihash: Asymmetric Proof-of-Work Based on the Generalized Birthday Problem. A Simple Generic Attack on Text Captchas. You are a Game Bot!: Uncovering Game Bots in MMORPGs via Self-similarity in the Wild. Tracking Mobile Web Users Through Motion Sensors: Attacks and Defenses. The Price of Free: Privacy Leakage in Personalized Mobile In-Apps Ads. What Mobile Ads Know About Mobile Users. Free for All! Assessing User Data Exposure to Advertising Libraries on Android. Practical Attacks Against Privacy and Availability in 4G/LTE Mobile Communication Systems. Towards Automated Dynamic Analysis for Linux-based Embedded Firmware. discovRE: Efficient Cross-Architecture Identification of Bugs in Binary Code. Driller: Augmenting Fuzzing Through Selective Symbolic Execution. VTrust: Regaining Trust on Virtual Calls. Protecting C++ Dynamic Dispatch Through VTable Interleaving. ProTracer: Towards Practical Provenance Tracing by Alternating Between Logging and Tainting. Who's in Control of Your Control System? Device Fingerprinting for Cyber-Physical Systems. SKEE: A lightweight Secure Kernel-level Execution Environment for ARM. OpenSGX: An Open Platform for SGX Research. Efficient Private Statistics with Succinct Sketches. Dependence Makes You Vulnberable: Differential Privacy Under Dependent Tuples. Privacy-Preserving Shortest Path Computation. LinkMirage: Enabling Privacy-preserving Analytics on Social Relationships. Do You See What I See? Differential Treatment of Anonymous Users. Measuring and Mitigating AS-level Adversaries Against Tor. Website Fingerprinting at Internet Scale. Extract Me If You Can: Abusing PDF Parsers in Malware Detectors. Automatically Evading Classifiers: A Case Study on PDF Malware Classifiers. Cache, Trigger, Impersonate: Enabling Context-Sensitive Honeyclient Analysis On-the-Wire. LO-PHI: Low-Observable Physical Host Instrumentation for Malware Analysis. When a Tree Falls: Using Diversity in Ensemble Classifiers to Identify Evasion in Malware Detectors. Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework. How to Make ASLR Win the Clone Wars: Runtime Re-Randomization. Leakage-Resilient Layout Randomization for Mobile Devices. Enabling Client-Side Crash-Resistance to Overcome Diversification and Information Hiding. Enforcing Kernel Security Invariants with Data Flow Integrity. Going Native: Using a Large-Scale Analysis of Android Apps to Create a Practical Native-Code Sandboxing Policy. Life after App Uninstallation: Are the Data Still Alive? Data Residue Attacks on Android. FLEXDROID: Enforcing In-App Privilege Separation in Android. IntelliDroid: A Targeted Input Generator for the Dynamic Analysis of Android Malware. Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques. Automatic Forgery of Cryptographically Consistent Messages to Identify Security Vulnerabilities in Mobile Services. Differentially Private Password Frequency Lists. Who Are You? A Statistical Approach to Measuring User Authenticity. Pitfalls in Designing Zero-Effort Deauthentication: Opportunistic Human Observation Attacks. VISIBLE: Video-Assisted Keystroke Inference from Tablet Backside Motion.