Collection of Security Papers

NDSS 2018

Collection of Security Papers

All
IEEE S&P
IEEE S&P
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ACM CCS
ACM CCS
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
USENIX Sec
USENIX Sec
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
NDSS
NDSS
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ICSE
ICSE
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015-1
- 2015-2
ISSTA
ISSTA
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015

NDSS 2018

71 papers accepted.

Updated on 2023-09-08.

You can find the lastest information here.

IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing.

Fear and Logging in the Internet of Things.

Decentralized Action Integrity for Trigger-Action IoT Platforms.

What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices.

Didn't You Hear Me? - Towards More Successful Web Vulnerability Notifications.

Exposing Congestion Attack on Emerging Connected Vehicle based Traffic Signal Control.

Removing Secrets from Android's TLS.

rtCaptcha: A Real-Time CAPTCHA Based Liveness Detection System.

Automated Attack Discovery in TCP Congestion Control Using a Model-guided Approach.

Preventing (Network) Time Travel with Chronos.

LTEInspector: A Systematic Approach for Adversarial Testing of 4G LTE.

GUTI Reallocation Demystified: Cellular Location Tracking with Changing Temporary Identifier.

Mind Your Keys? A Security Evaluation of Java Keystores.

A Security Analysis of Honeywords.

Revisiting Private Stream Aggregation: Lattice-Based PSA.

ZeroTrace : Oblivious Memory Primitives from Intel SGX.

Automated Website Fingerprinting through Deep Learning.

VulDeePecker: A Deep Learning-Based System for Vulnerability Detection.

Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection.

Feature Squeezing: Detecting Adversarial Examples in Deep Neural Networks.

Trojaning Attack on Neural Networks.

Broken Fingers: On the Usage of the Fingerprint API in Android.

K-means++ vs. Behavioral Biometrics: One Loop to Rule Them All.

ABC: Enabling Smartphone Authentication with Built-in Camera.

Device Pairing at the Touch of an Electrode.

Face Flashing: a Secure Liveness Detection Protocol based on Light Reflections.

A Large-scale Analysis of Content Modification by Open HTTP Proxies.

Measuring and Disrupting Anti-Adblockers Using Differential Execution Analysis.

Towards Measuring the Effectiveness of Telephony Blacklists.

Things You May Not Know About Android (Un)Packers: A Systematic Study based on Whole-System Emulation.

KeyDrown: Eliminating Software-Based Keystroke Timing Side-Channel Attacks.

Securing Real-Time Microcontroller Systems through Customized Memory View Switching.

Automated Generation of Event-Oriented Exploits in Android Hybrid Apps.

Tipped Off by Your Memory Allocator: Device-Wide User Activity Sequencing from Android Memory Images.

K-Miner: Uncovering Memory Corruption in Linux.

CFIXX: Object Type Integrity for C++.

Back To The Epilogue: Evading Control Flow Guard via Unaligned Targets.

Superset Disassembly: Statically Rewriting x86 Binaries Without Heuristics.

Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing.

Finding Clues for Your Secrets: Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps.

Bug Fixes, Improvements, ... and Privacy Leaks - A Longitudinal Study of PII Leaks Across Android App Versions.

Apps, Trackers, Privacy, and Regulators: A Global Study of the Mobile Tracking Ecosystem.

OS-level Side Channels without Procfs: Exploring Cross-App Information Leakage on iOS.

Knock Knock, Who's There? Membership Inference on Aggregate Location Data.

Reduced Cooling Redundancy: A New Security Vulnerability in a Hot Data Center.

OBLIVIATE: A Data Oblivious Filesystem for Intel SGX.

Microarchitectural Minefields: 4K-Aliasing Covert Channel and Multi-Tenant Detection in Iaas Clouds.

Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates.

When Coding Style Survives Compilation: De-anonymizing Programmers from Executable Binaries.

De-anonymization of Mobility Trajectories: Dissecting the Gaps between Theory and Practice.

Veil: Private Browsing Semantics Without Browser-side Assistance.

Game of Missuggestions: Semantic Analysis of Search-Autocomplete Manipulations.

SYNODE: Understanding and Automatically Preventing Injection Attacks on NODE.JS.

JavaScript Zero: Real JavaScript and Zero Side-Channel Attacks.

Riding out DOMsday: Towards Detecting and Preventing DOM Cross-Site Scripting.

Towards Scalable Cluster Auditing through Grammatical Inference over Provenance Graphs.

MCI : Modeling-based Causality Inference in Audit Logging for Attack Investigation.

Towards a Timely Causality Analysis for Enterprise Security.

JSgraph: Enabling Reconstruction of Web Attacks via Efficient Tracking of Live In-Browser JavaScript Executions.

AceDroid: Normalizing Diverse Android Access Control Checks for Inconsistency Detection.

InstaGuard: Instantly Deployable Hot-patches for Vulnerable System Programs on Android.

BreakApp: Automated, Flexible Application Compartmentalization.

Resolving the Predicament of Android Custom Permissions.

ZEUS: Analyzing Safety of Smart Contracts.

Chainspace: A Sharded Smart Contracts Platform.

Settling Payments Fast and Private: Efficient Decentralized Routing for Path-Based Transactions.

TLS-N: Non-repudiation over TLS Enablign Ubiquitous Content Signing.

Inside Job: Applying Traffic Analysis to Measure Tor from Within.