IEEE S&P 2017 60 papers accepted. Updated on 2023-10-06. You can find the lastest information here. Membership Inference Attacks Against Machine Learning Models. SecureML: A System for Scalable Privacy-Preserving Machine Learning. Towards Evaluating the Robustness of Neural Networks. Is Interaction Necessary for Distributed Private Learning? Pyramid: Enhancing Selectivity in Big Data Protection with Count Featurization. SoK: Science, Security and the Elusive Goal of Security as a Scientific Pursuit. Stack Overflow Considered Harmful? The Impact of Copy&Paste on Android Application Security. Obstacles to the Adoption of Secure Communication Tools. Comparing the Usability of Cryptographic APIs. SoK: Cryptographically Protected Database Search. IoT Goes Nuclear: Creating a ZigBee Chain Reaction. SoK: Exploiting Network Printers. How They Did It: An Analysis of Emission Defeat Devices in Modern Automobiles. The Password Reset MitM Attack. An Experimental Security Analysis of an Industrial Robot Controller. Protecting Bare-Metal Embedded Systems with Privilege Overlays. NORAX: Enabling Execute-Only Memory for COTS Binaries on AArch64. Securing Augmented Reality Output. SysPal: System-Guided Pattern Locks for Android. Multi-touch Authentication Using Hand Geometry and Behavioral Information. Hijacking Bitcoin: Routing Attacks on Cryptocurrencies. Catena: Efficient Non-equivocation via Bitcoin. IKP: Turning a PKI Around with Decentralized Automated Incentives. Augur: Internet-Wide Detection of Connectivity Disruptions. Scalable Bias-Resistant Distributed Randomness. Implementing and Proving the TLS 1.3 Record Layer. Verified Models and Reference Implementations for the TLS 1.3 Standard Candidate. SymCerts: Practical Symbolic Execution for Exposing Noncompliance in X.509 Certificate Validation Implementations. HVLearn: Automated Black-Box Analysis of Hostname Verification in SSL/TLS Implementations. CRLite: A Scalable System for Pushing All TLS Revocations to All Browsers. Finding and Preventing Bugs in JavaScript Bindings. Skyfire: Data-Driven Seed Generation for Fuzzing. VUDDY: A Scalable Approach for Vulnerable Code Clone Discovery. NEZHA: Efficient Domain-Independent Differential Testing. Backward-Bounded DSE: Targeting Infeasibility Questions on Obfuscated Codes. Leakage-Abuse Attacks against Order-Revealing Encryption. Side-Channel Attacks on Shared Search Indexes. From Trash to Treasure: Timing-Sensitive Garbage Collection. Verifying and Synthesizing Constant-Resource Implementations with Types. CoSMeDis: A Distributed Social Media Platform with Formally Verified Confidentiality Guarantees. How to Learn Klingon without a Dictionary: Detection and Measurement of Black Keywords Used by the Underground Economy. To Catch a Ratter: Monitoring the Behavior of Amateur DarkComet RAT Operators in the Wild. A Lustrum of Malware Network Communication: Evolution and Insights. Under the Shadow of Sunshine: Understanding and Detecting Bulletproof Hosting on Legitimate Service Provider Networks. Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits. Optimized Honest-Majority MPC for Malicious Adversaries - Breaking the 1 Billion-Gate Per Second Barrier. vSQL: Verifying Arbitrary SQL Queries over Dynamic Outsourced Databases. A Framework for Universally Composable Diffie-Hellman Key Exchange. One TPM to Bind Them All: Fixing TPM 2.0 for Provably Secure Anonymous Attestation. Cryptographic Function Detection in Obfuscated Binaries via Bit-Precise Symbolic Loop Mapping. XHOUND: Quantifying the Fingerprintability of Browser Extensions. Identifying Personal DNA Methylation Profiles by Genotype Inference. Counter-RAPTOR: Safeguarding Tor Against Active Routing Attacks. Machine-Checked Proofs of Privacy for Electronic Voting Protocols. Spotless Sandboxes: Evading Malware Analysis Systems Using Wear-and-Tear Artifacts. Hardening Java's Access Control by Abolishing Implicit Privilege Elevation. Cloak and Dagger: From Two Permissions to Complete Control of the UI Feedback Loop. SmarPer: Context-Aware and Automatic Runtime-Permissions for Mobile Devices. The Feasibility of Dynamically Granted Permissions: Aligning Mobile Privacy with User Preferences. IVD: Automatic Learning and Enforcement of Authorization Rules in Online Social Networks.