Collection of Security Papers

USENIX Sec 2016

Collection of Security Papers

All
IEEE S&P
IEEE S&P
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ACM CCS
ACM CCS
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
USENIX Sec
USENIX Sec
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
NDSS
NDSS
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ICSE
ICSE
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015-1
- 2015-2
ISSTA
ISSTA
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015

USENIX Sec 2016

72 papers accepted.

Updated on 2023-10-06.

You can find the lastest information here.

Lock It and Still Lose It - on the (In)Security of Automotive Remote Keyless Entry Systems.

Internet Jones and the Raiders of the Lost Trackers: An Archaeological Study of Web Tracking from 1996 to 2016.

Flip Feng Shui: Hammering a Needle in the Software Stack.

One Bit Flips, One Cloud Flops: Cross-VM Row Hammer Attacks and Privilege Escalation.

PIkit: A New Kernel-Independent Processor-Interconnect Rootkit.

Verifying Constant-Time Implementations.

Secure, Precise, and Fast Floating-Point Operations on x86 Processors.

überSpark: Enforcing Verifiable Object Abstractions for Automated Compositional Security Analysis of a Hypervisor.

Undermining Information Hiding (and What to Do about It).

Poking Holes in Information Hiding.

What Cannot Be Read, Cannot Be Leveraged? Revisiting Assumptions of JIT-ROP Defenses.

zxcvbn: Low-Budget Password Strength Estimation.

Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks.

An Empirical Study of Textual Key-Fingerprint Representations.

Off-Path TCP Exploits: Global Rate Limit Considered Dangerous.

Website-Targeted False Content Injection by Network Operators.

The Ever-Changing Labyrinth: A Large-Scale Analysis of Wildcard DNS Powered Blackhat SEO.

A Comprehensive Measurement Study of Domain Generating Malware.

Enhancing Bitcoin Security and Performance with Strong Consistency via Collective Signing.

Faster Malicious 2-Party Secure Computation with Online/Offline Dual Execution.

Egalitarian Computing.

Post-quantum Key Exchange - A New Hope.

Automatically Detecting Error Handling Bugs Using Error Specifications.

APISan: Sanitizing API Usages through Semantic Cross-Checking.

On Omitting Commits and Committing Omissions: Preventing Git Metadata Tampering That (Re)introduces Software Vulnerabilities.

Defending against Malicious Peripherals with Cinch.

Making USB Great Again with USBFILTER.

Micro-Virtualization Memory Tracing to Detect and Prevent Spraying Attacks.

Request and Conquer: Exposing Cross-Origin Resource Size.

Trusted Browsers for Uncertain Times.

Tracing Information Flows Between Ad Exchanges Using Retargeted Ads.

Virtual U: Defeating Face Liveness Detection by Building Virtual Models from Your Public Photos.

Hidden Voice Commands.

FlowFence: Practical Data Protection for Emerging IoT Application Frameworks.

ARMageddon: Cache Attacks on Mobile Devices.

DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks.

An In-Depth Analysis of Disassembly on Full-Scale x86/x64 Binaries.

Stealing Machine Learning Models via Prediction APIs.

Oblivious Multi-Party Machine Learning on Trusted Processors.

Thoth: Comprehensive Policy Compliance in Data Retrieval Systems.

Dancing on the Lip of the Volcano: Chosen Ciphertext Attacks on Apple iMessage.

Predicting, Decrypting, and Abusing WPA2/802.11 Group Keys.

DROWN: Breaking TLS Using SSLv2.

All Your Queries Are Belong to Us: The Power of File-Injection Attacks on Searchable Encryption.

Investigating Commercial Pay-Per-Install and the Distribution of Unwanted Software.

Measuring PUP Prevalence and PUP Distribution through Pay-Per-Install Services.

UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware.

Specification Mining for Intrusion Detection in Networked Control Systems.

Optimized Invariant Representation of Network Traffic for Detecting Unseen Malware Variants.

Authenticated Network Time Synchronization.

fTPM: A Software-Only Implementation of a TPM Chip.

Sanctum: Minimal Hardware Extensions for Strong Software Isolation.

Ariadne: A Minimal Approach to State Continuity.

The Million-Key Question - Investigating the Origins of RSA Public Keys.

Fingerprinting Electronic Control Units for Vehicle Intrusion Detection.

AuthLoop: End-to-End Cryptographic Authentication for Telephony over Voice Channels.

Hey, You Have a Problem: On the Feasibility of Large-Scale Web Vulnerability Notification.

You've Got Vulnerability: Exploring Effective Vulnerability Notifications.

Mirror: Enabling Proofs of Data Replication and Retrievability in the Cloud.

ZKBoo: Faster Zero-Knowledge for Boolean Circuits.

The Cut-and-Choose Game and Its Application to Cryptographic Protocols.

On Demystifying the Android Application Framework: Re-Visiting Android Permission Specification Analysis.

Practical DIFC Enforcement on Android.

Screen after Previous Screens: Spatial-Temporal Recreation of Android App Displays from Memory Images.

Harvesting Inconsistent Security Configurations in Custom Android ROMs via Differential Analysis.

Identifying and Characterizing Sybils in the Tor Network.

k-fingerprinting: A Robust Scalable Website Fingerprinting Technique.

Protecting Privacy of BLE Device Users.

Privacy in Epigenetics: Temporal Linkability of MicroRNA Expression Profiles.