IEEE S&P 2016 55 papers accepted. Updated on 2023-10-06. You can find the lastest information here. HDFI: Hardware-Assisted Data-Flow Isolation. A2: Analog Malicious Hardware. Cache Storage Channels: Alias-Driven Attacks and Verified Countermeasures. Shreds: Fine-Grained Execution Units with Private Memory. CaSE: Cache-Assisted Secure Execution on ARM Processors. Back in Black: Towards Formal, Black Box Analysis of Sanitizers and Filters. LAVA: Large-Scale Automated Vulnerability Addition. Prepose: Privacy, Security, and Reliability for Gesture-Based Programming. SOK: (State of) The Art of War: Offensive Techniques in Binary Analysis. Helping Johnny to Analyze Malware: A Usability-Optimized Decompiler and Malware Analysis User Study. A Practical Oblivious Map Data Structure with Secure Deletion and History Independence. TaoStore: Overcoming Asynchronicity in Oblivious Data Storage. Revisiting Square-Root ORAM: Efficient Random Access in Multi-party Computation. Cinderella: Turning Shabby X.509 Certificates into Elegant Anonymous Credentials with the Magic of Verifiable Computation. PhotoProof: Cryptographic Image Authentication for Any Set of Permissible Transformations. I Think They're Trying to Tell Me Something: Advice Sources and Selection for Digital Security. You Get Where You're Looking for: The Impact of Information Sources on Code Security. Users Really Do Plug in USB Drives They Find. SoK: Everyone Hates Robocalls: A Survey of Techniques Against Telephone Spam. Sending Out an SMS: Characterizing the Security of the SMS Ecosystem with Public Gateways. Following Devil's Footprints: Cross-Platform Analysis of Potentially Harmful Libraries on Android and iOS. TriggerScope: Towards Detecting Logic Bombs in Android Applications. Inferring User Routes and Locations Using Zero-Permission Mobile Sensors. No Pardon for the Interruption: New Inference Attacks on Android Through Interrupt Timing Analysis. SoK: Lessons Learned from Android Security Research for Appified Software Platforms. Key Confirmation in Key Exchange: A Formal Treatment and Implications for TLS 1.3. Automated Analysis and Verification of TLS 1.3: 0-RTT, Resumption and Delayed Authentication. Multiple Handshakes Security of TLS 1.3 Candidates. Downgrade Resilience in Key-Exchange Protocols. Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning. Synthesizing Plausible Privacy-Preserving Location Traces. A Method for Verifying Privacy-Type Properties: The Unbounded Case. Distillation as a Defense to Adversarial Perturbations Against Deep Neural Networks. Algorithmic Transparency via Quantitative Input Influence: Theory and Experiments with Learning Systems. Talos: Neutralizing Vulnerabilities with Security Workarounds for Rapid Response. Security Analysis of Emerging Smart Home Applications. Staying Secure and Unprepared: Understanding and Mitigating the Security Risks of Apple ZeroConf. MitM Attack by Name Collision: Cause Analysis and Vulnerability Assessment in the New gTLD Era. Domain-Z: 28 Registrations Later Measuring the Exploitation of Residual Trust in Domains. Seeking Nonsense, Looking for Trouble: Efficient Promotional-Infection Detection through Semantic Inconsistency Search. The Cracked Cookie Jar: HTTP Cookie Hijacking and the Exposure of Private Information. Cloak of Visibility: Detecting When Machines Browse a Different Web. Verifiable ASICs. SoK: Verifiability Notions for E-Voting Protocols. pASSWORD tYPOS and How to Correct Them Securely. On the Practicality of Cryptographically Enforcing Dynamic Access Control Policies in the Cloud. Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts. High-Speed Inter-Domain Fault Localization. Beauty and the Beast: Diverting Modern Web Browsers to Build Unique Browser Fingerprints. Verena: End-to-End Integrity Protection for Web Applications. SoK: Towards Grounding Censorship Circumvention in Empiricism. A Tough Call: Mitigating Advanced Code-Reuse Attacks at the Binary Level. Return to the Zombie Gadgets: Undermining Destructive Code Reads via Code Inference Attacks. Data-Oriented Programming: On the Expressiveness of Non-control Data Attacks. Dedup Est Machina: Memory Deduplication as an Advanced Exploitation Vector.