Collection of Security Papers

IEEE S&P 2021

Collection of Security Papers

All
IEEE S&P
IEEE S&P
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ACM CCS
ACM CCS
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
USENIX Sec
USENIX Sec
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
NDSS
NDSS
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ICSE
ICSE
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015-1
- 2015-2
ISSTA
ISSTA
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015

IEEE S&P 2021

114 papers accepted.

Updated on 2023-09-08.

You can find the lastest information here.

Using Selective Memoization to Defeat Regular Expression Denial of Service (ReDoS).

Co-Inflow: Coarse-grained Information Flow Control for Java-like Languages.

When Function Signature Recovery Meets Compiler Optimization.

How Did That Get In My Phone? Unwanted App Distribution on Android Devices.

Android Custom Permissions Demystified: From Privilege Escalation to Design Shortcomings.

Trust, But Verify: A Longitudinal Analysis Of Android OEM Compliance and Customization.

Detecting AI Trojans Using Meta Neural Analysis.

Adversarial Watermarking Transformer: Towards Tracing Text Provenance with Data Hiding.

Machine Unlearning.

Poltergeist: Acoustic Adversarial Machine Learning against Cameras and Computer Vision.

Invisible for both Camera and LiDAR: Security of Multi-Sensor Fusion based Perception in Autonomous Driving Under Physical-World Attacks.

CANNON: Reliable and Stealthy Remote Shutdown Attacks via Unaltered Automotive Microcontrollers.

SoK: Quantifying Cyber Risk.

Self-Supervised Euphemism Detection and Identification for Content Moderation.

SoK: Hate, Harassment, and the Changing Landscape of Online Abuse.

Keep the Dirt: Tainted TreeKEM, Adaptively and Actively Secure Continuous Group Key Agreement.

Merkle2: A Low-Latency Transparency Log System.

Post-quantum WireGuard.

Invisible Probe: Timing Attacks with PCIe Congestion Side-channel.

CacheOut: Leaking Data on Intel CPUs via Cache Evictions.

PLATYPUS: Software-based Power Side-Channel Attacks on x86.

Defensive Technology Use by Political Activists During the Sudanese Revolution.

DP-Sniper: Black-Box Discovery of Differential Privacy Violations using Classifiers.

Is Private Learning Possible with Instance Encoding?

High-Frequency Trading on Decentralized On-Chain Exchanges.

Ebb-and-Flow Protocols: A Resolution of the Availability-Finality Dilemma.

Red Belly: A Secure, Fair and Scalable Open Blockchain.

Diane: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices.

Data Privacy in Trigger-Action Systems.

Which Privacy and Security Attributes Most Impact Consumers' Risk Perception and Willingness to Purchase IoT Devices?

An Interactive Prover for Protocol Verification in the Computational Model.

SmartPulse: Automated Checking of Temporal Properties in Smart Contracts.

An I/O Separation Model for Formal Verification of Kernel Implementations.

Diogenes: Lightweight Scalable RSA Modulus Generation with a Dishonest Majority.

Refresh When You Wake Up: Proactive Threshold Wallets with Offline Devices.

Compact Certificates of Collective Knowledge.

One Engine to Fuzz 'em All: Generic Language Processor Testing with Semantic Validation.

StochFuzz: Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting.

NtFuzz: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis.

Who is Real Bob? Adversarial Attacks on Speaker Recognition Systems.

Hear "No Evil", See "Kenansville"*: Efficient and Transferable Black-Box Attacks on Speech Recognition and Voice Identification Systems.

SoK: The Faults in our ASRs: An Overview of Attacks against Automatic Speech Recognition and Speaker Identification Systems.

Cross-Domain Access Control Encryption: Arbitrary-policy, Constant-size, Efficient.

Lightweight Techniques for Private Heavy Hitters.

SoK: Computer-Aided Cryptography.

ConDySTA: Context-Aware Dynamic Supplement to Static Taint Analysis.

OSPREY: Recovery of Variable and Data Structure via Probabilistic Analysis for Stripped Binary.

SoK: All You Ever Wanted to Know About x86/x64 Binary Disassembly But Were Afraid to Ask.

Learning Differentially Private Mechanisms.

Adversary Instantiation: Lower Bounds for Differentially Private Machine Learning.

Manipulation Attacks in Local Differential Privacy.

Bitcoin-Compatible Virtual Channels.

On the Just-In-Time Discovery of Profit-Generating Transactions in DeFi Protocols.

Lockable Signatures for Blockchains: Scriptless Scripts for All Signatures.

Randomized Last-Level Caches Are Still Vulnerable to Cache Side-Channel Attacks! But We Can Fix It.

Bomberman: Defining and Defeating Hardware Ticking Timebombs at Design-time.

Systematic Analysis of Randomization-based Protected Cache Architectures.

SiRnn: A Math Library for Secure RNN Inference.

CryptGPU: Fast Privacy-Preserving Machine Learning on the GPU.

Proof-of-Learning: Definitions and Practice.

PEGASUS: Bridging Polynomial and Non-polynomial Evaluations in Homomorphic Encryption.

Wolverine: Fast, Scalable, and Communication-Efficient Zero-Knowledge Proofs for Boolean and Arithmetic Circuits.

SoK: Fully Homomorphic Encryption Compilers.

CrawlPhish: Large-scale Analysis of Client-side Cloaking Techniques in Phishing.

Black Widow: Blackbox Data-driven Web Scanning.

Fingerprinting the Fingerprinters: Learning to Detect Browser Fingerprinting Behaviors.

A Security Model and Fully Verified Implementation for the IETF QUIC Record Layer.

Cross Layer Attacks and How to Use Them (for DNS Cache Poisoning, Device Tracking and More).

Bookworm Game: Automatic Discovery of LTE Vulnerabilities Through Documentation Analysis.

SGUARD: Towards Fixing Vulnerable Smart Contracts Automatically.

MAD-HTLC: Because HTLC is Crazy-Cheap to Attack.

Compositional Security for Reentrant Applications.

HackEd: A Pedagogical Analysis of Online Vulnerability Discovery Exercises.

DifuzzRTL: Differential Fuzz Testing to Find CPU Bugs.

When LoRa Meets EMR: Electromagnetic Covert Channels Can Be Super Resilient.

Linking Bluetooth LE & Classic and Implications for Privacy-Preserving Bluetooth-Based Protocols.

Method Confusion Attack on Bluetooth Pairing.

CanDID: Can-Do Decentralized Identity with Legacy Compatibility, Sybil-Resistance, and Accountability.

They Would do Better if They Worked Together: The Case of Interaction Problems Between Password Managers and Websites.

Improving Password Guessing via Representation Learning.

ARBITRAR: User-Guided API Misuse Detection.

Compositional Non-Interference for Fine-Grained Concurrent Programs.

SoK: Security and Privacy in the Age of Commercial Drones.

A First Look at Zoombombing.

Revealer: Detecting and Exploiting Regular Expression Denial-of-Service Vulnerabilities.

Breaking the Specification: PDF Certification.

Response-Hiding Encrypted Ranges: Revisiting Security via Parametrized Leakage-Abuse Attacks.

A Decentralized and Encrypted National Gun Registry.

Zero Knowledge for Everything and Everyone: Fast ZK Processor with Cached ORAM for ANSI C Programs.

Survivalism: Systematic Analysis of Windows Malware Living-Off-The-Land.

Runtime Recovery of Web Applications under Zero-Day ReDoS Attacks.

Good Bot, Bad Bot: Characterizing Automated Browsing Activity.

Trouble Over-The-Air: An Analysis of FOTA Apps in the Android Ecosystem.

Doing good by fighting fraud: Ethical anti-fraud systems for mobile payments.

Happer: Unpacking Android Apps via a Hardware-Assisted Approach.

The Provable Security of Ed25519: Theory and Practice.

Epochal Signatures for Deniable Group Chats.

BUFFing signature schemes beyond unforgeability and the case of post-quantum signatures.

Reading Between the Lines: An Extensive Evaluation of the Security and Privacy Implications of EPUB Reading Systems.

Did you mix me? Formally Verifying Verifiable Mix Nets in Electronic Voting.

The EMV Standard: Break, Fix, Verify.

A Secure and Formally Verified Linux KVM Hypervisor.

Many-out-of-Many Proofs and Applications to Anonymous Zether.

On the Anonymity Guarantees of Anonymous Proof-of-Stake Protocols.

A2L: Anonymous Atomic Locks for Scalability in Payment Channel Hubs.

CrossTalk: Speculative Data Leaks Across Cores Are Real.

Hardware-Software Contracts for Secure Speculation.

High-Assurance Cryptography in the Spectre Era.

A Novel Dynamic Analysis Infrastructure to Instrument Untrusted Execution Flow Across User-Kernel Spaces.

DynPTA: Combining Static and Dynamic Analysis for Practical Selective Data Protection.

DICE: Automatic Emulation of DMA Input Channels for Dynamic Firmware Analysis.

Real-World Snapshots vs. Theory: Questioning the t-Probing Security Model.

CRYLOGGER: Detecting Crypto Misuses Dynamically.