Collection of Security Papers

NDSS 2020

Collection of Security Papers

All
IEEE S&P
IEEE S&P
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ACM CCS
ACM CCS
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
USENIX Sec
USENIX Sec
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
NDSS
NDSS
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ICSE
ICSE
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015-1
- 2015-2
ISSTA
ISSTA
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015

NDSS 2020

89 papers accepted.

Updated on 2023-09-08.

You can find the lastest information here.

Overcoming the "Evil Twins" Attack: Lessons Learned from the Industrial Battlefield.

FUSE: Finding File Upload Bugs via Penetration Testing.

Melting Pot of Origins: Compromising the Intermediary Web Services that Rehost Websites.

Cross-Origin State Inference (COSI) Attacks: Leaking Web Site States through XS-Leaks.

Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting.

HYPER-CUBE: High-Dimensional Hypervisor Fuzzing.

HFL: Hybrid Fuzzing on the Linux Kernel.

HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing.

Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization.

Detecting Probe-resistant Proxies.

Decentralized Control: A Case Study of Russia.

Measuring the Deployment of Network Censorship Filters at Global Scale.

SymTCP: Eluding Stateful Deep Packet Inspection with Automated Discrepancy Discovery.

MassBrowser: Unblocking the Censored Web for the Masses, by the Masses.

Et Tu Alexa? When Commodity WiFi Devices Turn into Adversarial Motion Sensors.

Metamorph: Injecting Inaudible Commands into Over-the-air Voice Controlled Systems.

SurfingAttack: Interactive Hidden Attack on Voice Assistants Using Ultrasonic Guided Waves.

Packet-Level Signatures for Smart Home Devices.

Learning-based Practical Smartphone Eavesdropping with Built-in Accelerometer.

Automated Cross-Platform Reverse Engineering of CAN Bus Commands From Mobile Apps.

Are You Going to Answer That? Measuring User Responses to Anti-Robocall Application Indicators.

TKPERM: Cross-platform Permission Knowledge Transfer to Detect Overprivileged Third-party Applications.

FlowPrint: Semi-Supervised Mobile-App Fingerprinting on Encrypted Network Traffic.

Bobtail: Improved Blockchain Security with Low-Variance Mining.

Snappy: Fast On-chain Payments with Practical Collaterals.

The Attack of the Clones Against Proof-of-Authority.

Broken Metre: Attacking Resource Metering in EVM.

Finding Safety in Numbers with Secure Allegation Escrows.

When Match Fields Do Not Need to Match: Buffered Packets Hijacking in SDN.

Automated Discovery of Cross-Plane Event-Based Vulnerabilities in Software-Defined Networking.

SVLAN: Secure & Scalable Network Virtualization.

µRAI: Securing Embedded Systems with Return Address Integrity.

NoJITsu: Locking Down JavaScript Engines.

SODA: A Generic Online Detection Framework for Smart Contracts.

A Practical Approach for Taking Down Avalanche Botnets Under Real-World Constraints.

Designing a Better Browser for Tor with BLAST.

Encrypted DNS -> Privacy? A Traffic Analysis Perspective.

On Using Application-Layer Middlebox Protocols for Peeking Behind NAT Gateways.

ABSynthe: Automatic Blackbox Side-channel Synthesis on Commodity Microarchitectures.

PhantomCache: Obfuscating Cache Conflicts with Localized Randomization.

Data-Driven Debugging for Functional Side Channels.

Mind the Portability: A Warriors Guide through Realistic Profiled Side-channel Analysis.

Hold the Door! Fingerprinting Your Car Key to Prevent Keyless Entry Car Theft.

Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches.

EASI: Edge-Based Sender Identification on Resource-Constrained Platforms for Automotive Networks.

BLAG: Improving the Accuracy of Blacklists.

DefRec: Establishing Physical Function Virtualization to Disrupt Reconnaissance of Power Grids' Cyber-Physical Infrastructures.

Revisiting Leakage Abuse Attacks.

MACAO: A Maliciously-Secure and Client-Efficient Active ORAM Framework.

Heterogeneous Private Information Retrieval.

Dynamic Searchable Encryption with Small Client Storage.

Withdrawing the BGP Re-Routing Curtain: Understanding the Security Impact of BGP Poisoning through Real-World Measurements.

IMP4GT: IMPersonation Attacks in 4G NeTworks.

Practical Traffic Analysis Attacks on Secure Messaging Applications.

CDN Judo: Breaking the CDN DoS Protection with Itself.

DeepBinDiff: Learning Program-Wide Code Representations for Binary Diffing.

Precisely Characterizing Security Impact in a Flood of Patches via Symbolic Rule Comparison.

Unicorn: Runtime Provenance-Based Detector for Advanced Persistent Threats.

Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution.

You Are What You Do: Hunting Stealthy Malware via Data Provenance Analysis.

OmegaLog: High-Fidelity Attack Investigation via Transparent Multi-layer Log Analysis.

Trident: Efficient 4PC Framework for Privacy Preserving Machine Learning.

Secure Sublinear Time Differentially Private Median Computation.

CloudLeak: Large-Scale Deep Learning Models Stealing Through Adversarial Examples.

BLAZE: Blazing Fast Privacy-Preserving Machine Learning.

Prevalence and Impact of Low-Entropy Packing Schemes in the Malware Ecosystem.

When Malware is Packin' Heat; Limits of Machine Learning Classifiers Based on Static Analysis Features.

UIScope: Accurate, Instrumentation-free, and Visible Attack Investigation for GUI Applications.

OcuLock: Exploring Human Visual System for Authentication in Virtual Reality Head-mounted Display.

On the Resilience of Biometric Authentication Systems against Random Inputs.

Strong Authentication without Temper-Resistant Hardware and Application to Federated Identities.

A View from the Cockpit: Exploring Pilot Reactions to Attacks on Avionic Systems.

Genotype Extraction and False Relative Attacks: Security Risks to Third-Party Genetic Genealogy Services Beyond Identity Inference.

Complex Security Policy? A Longitudinal Analysis of Deployed Content Security Policies.

Into the Deep Web: Understanding E-commerce Fraud from Autonomous Chat with Cybercriminals.

Compliance Cautions: Investigating Security Issues Associated with U.S. Digital-Security Standards.

Let's Revoke: Scalable Global Certificate Revocation.

Post-Quantum Authentication in TLS 1.3: A Performance Study.

DISCO: Sidestepping RPKI's Deployment Barriers.

Proof of Storage-Time: Efficiently Checking Continuous Data Availability.

SPEECHMINER: A Framework for Investigating and Measuring Speculative Execution Vulnerabilities.

ProtectIOn: Root-of-Trust for IO in Compromised Platforms.

ConTExT: A Generic Approach for Mitigating Spectre.

Towards Plausible Graph Anonymization.

Adversarial Classification Under Differential Privacy.

Locally Differentially Private Frequency Estimation with Consistency.

DESENSITIZATION: Privacy-Aware and Attack-Preserving Crash Report.