Collection of Security Papers

IEEE S&P 2020

Collection of Security Papers

All
IEEE S&P
IEEE S&P
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ACM CCS
ACM CCS
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
USENIX Sec
USENIX Sec
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
NDSS
NDSS
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ICSE
ICSE
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015-1
- 2015-2
ISSTA
ISSTA
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015

IEEE S&P 2020

104 papers accepted.

Updated on 2023-09-08.

You can find the lastest information here.

Spectector: Principled Detection of Speculative Information Flows.

: Practical Cache Attacks from the Network.

SpecCFI: Mitigating Spectre Attacks using CFI Informed Speculation.

LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection.

HydRand: Efficient Continuous Distributed Randomness.

OHIE: Blockchain Scaling Made Simple.

Sync HotStuff: Simple and Practical Synchronous State Machine Replication.

Replicated state machines without replicated execution.

ICLab: A Global, Longitudinal Internet Censorship Measurement Platform.

High Precision Open-World Website Fingerprinting.

Breaking and (Partially) Fixing Provably Secure Onion Routing.

Are anonymity-seekers just like everybody else? An analysis of contributions to Wikipedia from Tor.

Detection of Electromagnetic Interference Attacks on Sensor Systems.

WaveSpy: Remote and Through-wall Screen Attack via mmWave Sensing.

SoK: A Minimalist Approach to Formalizing Analog Sensor Security.

Gesture Authentication for Smartphones: Evaluation of Gesture Password Selection Policies.

Is FIDO2 the Kingslayer of User Authentication? A Comparative Usability Study of FIDO2 Passwordless Authentication.

This PIN Can Be Easily Guessed: Analyzing the Security of Smartphone Unlock PINs.

The Value of Collaboration in Convex Machine Learning with Differential Privacy.

Automatically Detecting Bystanders in Photos to Reduce Privacy Risks.

CrypTFlow: Secure TensorFlow Inference.

SoK: Differential Privacy as a Causal Property.

Private resource allocators and their applications.

A Programming Framework for Differential Privacy with Accuracy Concentration Bounds.

Security Update Labels: Establishing Economic Incentives for Security Patching of IoT Consumer Products.

Ask the Experts: What Should Be on an IoT Privacy and Security Label?

Burglars' IoT Paradise: Understanding and Mitigating Security Risks of General Messaging Protocols on IoT Clouds.

Towards a Natural Perspective of Smart Homes for Practical Security and Safety Analyses.

Message Time of Arrival Codes: A Fundamental Primitive for Secure Distance Measurement.

Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd.

Even Black Cats Cannot Stay Hidden in the Dark: Full-band De-anonymization of Bluetooth Classic Devices.

BIAS: Bluetooth Impersonation AttackS.

xMP: Selective Memory Protection for Kernel and User Space.

MarkUs: Drop-in use-after-free prevention for low-level languages.

SEIMI: Efficient and Secure SMAP-Enabled Intra-process Memory Isolation.

Cornucopia: Temporal Safety for CHERI Heaps.

The Many Kinds of Creepware Used for Interpersonal Attacks.

How not to prove your election outcome.

A Security Analysis of the Facebook Ad Library.

Can Voters Detect Malicious Manipulation of Ballot Marking Devices?

RAMBleed: Reading Bits in Memory Without Accessing Them.

Are We Susceptible to Rowhammer? An End-to-End Methodology for Cloud Providers.

Leveraging EM Side-Channel Information to Detect Rowhammer Attacks.

TRRespass: Exploiting the Many Sides of Target Row Refresh.

AdGraph: A Graph-Based Approach to Ad and Tracker Blocking.

Browsing Unicity: On the Limits of Anonymizing Web Tracking Data.

Meddling Middlemen: Empirical Analysis of the Risks of Data-Saving Mobile Browsers.

Efficient and Secure Multiparty Computation from Fixed-Key Block Ciphers.

Path Oblivious Heap: Optimal and Practical Oblivious Priority Queue.

Transparent Polynomial Delegation and Its Applications to Zero Knowledge Proof.

Towards Scalable Threshold Cryptosystems.

A Stealthier Partitioning Attack against Bitcoin Peer-to-Peer Network.

Flash Boys 2.0: Frontrunning in Decentralized Exchanges, Miner Extractable Value, and Consensus Instability.

FlyClient: Super-Light Clients for Cryptocurrencies.

ZEXE: Enabling Decentralized Private Computation.

The Last Mile: High-Assurance and High-Speed Cryptographic Implementations.

EverCrypt: A Fast, Verified, Cross-Platform Cryptographic Provider.

Rigorous engineering for hardware security: Formal modelling and proof in the CHERI design and implementation process.

Binsec/Rel: Efficient Relational Symbolic Execution for Constant-Time at Binary-Level.

An Analysis of Pre-installed Android Software.

Kobold: Evaluating Decentralized Access Control for Remote NSXPC Methods on iOS.

TextExerciser: Feedback-driven Text Input Exercising for Android Applications.

Ex-vivo dynamic analysis framework for Android device drivers.

Automatic Uncovering of Hidden Behaviors From Input Validation in Mobile Apps.

PMP: Cost-effective Forced Execution with Probabilistic Memory Pre-planning.

Combating Dependence Explosion in Forensic Analysis Using Alternative Tag Propagation Semantics.

TARDIS: Rolling Back The Clock On CMS-Targeting Cyber Attacks.

Tactical Provenance Analysis for Endpoint Detection and Response Systems.

Throwing Darts in the Dark? Detecting Bots with Limited Data using Neural Data Augmentation.

JIT Leaks: Inducing Timing Side Channels through Just-In-Time Compilation.

The State of the Uniform: Attacks on Encrypted Databases Beyond the Uniform Query Distribution.

Pseudorandom Black Swans: Cache Attacks on CTR_DRBG.

Flaw Label: Exploiting IPv6 Flow Label.

HopSkipJumpAttack: A Query-Efficient Decision-Based Attack.

Humpty Dumpty: Controlling Word Meanings via Corpus Poisoning.

Privacy Risks of General-Purpose Language Models.

Intriguing Properties of Adversarial ML Attacks in the Problem Space.

SoK: Cyber Insurance - Technical Challenges and a System Security Roadmap.

A Tale of Sea and Sky On the Security of Maritime VSAT Communications.

I Know Where You Parked Last Summer : Automated Reverse Engineering and Privacy Analysis of Modern Cars.

SoK: Understanding the Prevailing Security Vulnerabilities in TrustZone-assisted TEE Systems.

OAT: Attesting Operation Integrity of Embedded Devices.

Enabling Rack-scale Confidential Computing using Heterogeneous Trusted Execution Environment.

Plundervolt: Software-based Fault Injection Attacks against Intel SGX.

SEVurity: No Security Without Integrity : Breaking Integrity-Free Memory Encryption with Minimal Assumptions.

RetroWrite: Statically Instrumenting COTS Binaries for Fuzzing and Sanitization.

Unexpected Data Dependency Creation and Chaining: A New Attack to SDN.

Neutaint: Efficient Dynamic Taint Analysis with Neural Networks.

Karonte: Detecting Insecure Multi-binary Interactions in Embedded Firmware.

SAVIOR: Towards Bug-Driven Hybrid Testing.

Ijon: Exploring Deep State Spaces via Fuzzing.

Pangolin: Incremental Hybrid Fuzzing with Polyhedral Path Abstraction.

Fuzzing JavaScript Engines with Aspect-preserving Mutation.

Krace: Data Race Fuzzing for Kernel File Systems.

VerX: Safety Verification of Smart Contracts.

VERISMART: A Highly Precise Safety Verifier for Ethereum Smart Contracts.

Semantic Understanding of Smart Contracts: Executable Operational Semantics of Solidity.

Transys: Leveraging Common Security Properties Across Hardware Designs.

C3APSULe: Cross-FPGA Covert-Channel Attacks through Power Supply Unit Leakage.

ICAS: an Extensible Framework for Estimating the Susceptibility of IC Layouts to Additive Trojans.