Collection of Security Papers

NDSS 2019

Collection of Security Papers

All
IEEE S&P
IEEE S&P
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ACM CCS
ACM CCS
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
USENIX Sec
USENIX Sec
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
NDSS
NDSS
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ICSE
ICSE
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015-1
- 2015-2
ISSTA
ISSTA
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015

NDSS 2019

90 papers accepted.

Updated on 2023-09-08.

You can find the lastest information here.

Keynote: Modern Challenges for Cyber Defense.

SANCTUARY: ARMing TrustZone with User-space Enclaves.

Ginseng: Keeping Secrets in Registers When You Distrust the Operating System.

DroidCap: OS Support for Capability-based Permissions in Android.

Time Does Not Heal All Wounds: A Longitudinal Analysis of Security-Mechanism Support in Mobile Browsers.

Geo-locating Drivers: A Study of Sensitive Data Leakage in Ride-Hailing Services.

Please Forget Where I Was Last Summer: The Privacy Risks of Public Location (Meta)Data.

Don't Trust The Locals: Investigating the Prevalence of Persistent Client-Side Cross-Site Scripting in the Wild.

Master of Web Puppets: Abusing Web Browsers for Persistent and Stealthy Computation.

Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation.

JavaScript Template Attacks: Automatically Inferring Host Information for Targeted Exploits.

Latex Gloves: Protecting Browser Extensions from Probing and Revelation Attacks.

maTLS: How to Make TLS middlebox-aware?

SABRE: Protecting Bitcoin against Routing Attacks.

A Treasury System for Cryptocurrencies: Enabling Better Collaborative Intelligence.

Fine-Grained and Controlled Rewriting in Blockchains: Chameleon-Hashing Gone Attribute-Based.

YODA: Enabling computationally intensive contracts on blockchains with Byzantine and Selfish nodes.

Giving State to the Stateless: Augmenting Trustworthy Computation with Ledgers.

Cracking the Wall of Confinement: Understanding and Analyzing Malicious Domain Take-downs.

Cleaning Up the Internet of Evil Things: Real-World Evidence on ISP and Consumer Efforts to Remove Mirai.

Measurement and Analysis of Hajime, a Peer-to-peer IoT Botnet.

Countering Malicious Processes with Process-DNS Association.

ExSpectre: Hiding Malware in Speculative Execution.

ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models.

MBeacon: Privacy-Preserving Beacons for DNA Methylation Data.

Stealthy Adversarial Perturbations Against Real-Time Video Classification Systems.

NIC: Detecting Adversarial Samples with Neural Network Invariant Checking.

TextBugger: Generating Adversarial Text Against Real-world Applications.

Digital Healthcare-Associated Infection: A Case Study on the Security of a Major Multi-Campus Hospital System.

Mind Your Own Business: A Longitudinal Study of Threats and Vulnerabilities in Enterprises.

NoDoze: Combatting Threat Alert Fatigue with Automated Provenance Triage.

The use of TLS in Censorship Circumvention.

On the Challenges of Geographical Avoidance for Tor.

PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary.

REDQUEEN: Fuzzing with Input-to-State Correspondence.

NAUTILUS: Fishing for Deep Bugs with Grammars.

Analyzing Semantic Correctness with Symbolic Execution: A Case Study on PKCS#1 v1.5 Signature Verification.

Send Hardest Problems My Way: Probabilistic Path Prioritization for Hybrid Fuzzing.

Measuring the Facebook Advertising Ecosystem.

We Value Your Privacy ... Now Take Some Cookies: Measuring the GDPR's Impact on Web Privacy.

How Bad Can It Git? Characterizing Secret Leakage in Public GitHub Repositories.

DNS Cache-Based User Tracking.

Quantity vs. Quality: Evaluating User Interest Profiles Using Ad Preference Managers.

Thunderclap: Exploring Vulnerabilities in Operating System IOMMU Protection via DMA from Untrustworthy Peripherals.

One Engine To Serve 'em All: Inferring Taint Rules Without Architectural Semantics.

Automating Patching of Vulnerable Open-Source Software Versions in Application Binaries.

CRCount: Pointer Invalidation with Reference Counting to Mitigate Use-after-free in Legacy C/C++.

CodeAlchemist: Semantics-Aware Code Generation to Find Vulnerabilities in JavaScript Engines.

Oligo-Snoop: A Non-Invasive Side Channel Attack Against DNA Synthesis Machines.

Profit: Detecting and Quantifying Side Channels in Networked Applications.

Unveiling your keystrokes: A Cache-based Side-channel Attack on Graphics Libraries.

Data Oblivious ISA Extensions for Side Channel-Resistant and High Performance Computing.

Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side Channel Information.

Coconut: Threshold Issuance Selective Disclosure Credentials with Applications to Distributed Ledgers.

Distinguishing Attacks from Legitimate Authentication Traffic at Scale.

Robust Performance Metrics for Authentication Systems.

Total Recall: Persistence of Passwords in Android.

How to End Password Reuse on the Web.

Component-Based Formal Analysis of 5G-AKA: Channel Assumptions and Session Confusion.

UWB with Pulse Reordering: Securing Ranging against Relay and Physical-Layer Attacks.

Nearby Threats: Reversing, Analyzing, and Attacking Google's 'Nearby Connections' on Android.

BadBluetooth: Breaking Android Security Mechanisms via Malicious Bluetooth Peripherals.

Understanding Open Ports in Android Applications: Discovery, Diagnosis, and Security Assessment.

IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT.

RFDIDS: Radio Frequency-based Distributed Intrusion Detection System for the Power Grid.

A Systematic Framework to Generate Invariants for Anomaly Detection in Industrial Control Systems.

DIAT: Data Integrity Attestation for Resilient Collaboration of Autonomous Systems.

ICSREF: A Framework for Automated Reverse Engineering of Industrial Control Systems Binaries.

Balancing Image Privacy and Usability with Thumbnail-Preserving Encryption.

ConcurORAM: High-Throughput Stateless Parallel Multi-Client ORAM.

Statistical Privacy for Streaming Traffic.

rORAM: Efficient Range ORAM with O(log2 N) Locality.

Private Continual Release of Real-Valued Data Streams.

Practical Hidden Voice Attacks against Speech and Speaker Recognition Systems.

Adversarial Attacks Against Automatic Speech Recognition Systems via Psychoacoustic Hiding.

The Crux of Voice (In)Security: A Brain Study of Speaker Legitimacy Detection.

Life after Speech Recognition: Fuzzing Semantic Misinterpretation for Voice Assistant Applications.

Cybercriminal Minds: An investigative study of cryptocurrency abuses in the Dark Web.

Vault: Fast Bootstrapping for the Algorand Cryptocurrency.

Sereum: Protecting Existing Smart Contracts Against Re-Entrancy Attacks.

Anonymous Multi-Hop Locks for Blockchain Scalability and Interoperability.

Constructing an Adversary Solver for Equihash.

OBFUSCURO: A Commodity Obfuscation Engine on Intel SGX.

TEE-aided Write Protection Against Privileged Data Tampering.

TIMBER-V: Tag-Isolated Memory Bringing Fine-grained Enclaves to RISC-V.

Establishing Software Root of Trust Unconditionally.

Graph-based Security and Privacy Analytics via Collective Classification with Joint Weight Learning and Propagation.

Enemy At the Gateways: Censorship-Resilient Proxy Distribution Using Game Theory.

Neuro-Symbolic Execution: Augmenting Symbolic Execution with Neural Constraints.

Neural Machine Translation Inspired Binary Code Similarity Comparison beyond Function Pairs.