Collection of Security Papers

USENIX Sec 2019

Collection of Security Papers

All
IEEE S&P
IEEE S&P
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ACM CCS
ACM CCS
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
USENIX Sec
USENIX Sec
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
NDSS
NDSS
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ICSE
ICSE
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015-1
- 2015-2
ISSTA
ISSTA
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015

USENIX Sec 2019

113 papers accepted.

Updated on 2023-09-08.

You can find the lastest information here.

A Study of the Feasibility of Co-located App Attacks against BLE and a Large-Scale Analysis of the Current Application-Layer Security Landscape.

The CrossPath Attack: Disrupting the SDN Control Channel via Shared Links.

A Billion Open Interfaces for Eve and Mallory: MitM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link.

Hiding in Plain Signal: Physical Signal Overshadowing Attack on LTE.

UWB-ED: Distance Enlargement Attack Detection in Ultra-Wideband.

Computer Security and Privacy in the Interactions Between Victim Service Providers and Human Trafficking Survivors.

Clinical Computer Security for Victims of Intimate Partner Violence.

Evaluating the Contextual Integrity of Privacy Regulation: Parents' IoT Toy Privacy Norms Versus COPPA.

Understanding and Improving Security and Privacy in Multi-User Smart Homes: A Design Exploration and In-Home User Study.

PAC it up: Towards Pointer Integrity using ARM Pointer Authentication.

Origin-sensitive Control Flow Integrity.

HardFails: Insights into Software-Exploitable Hardware Bugs.

uXOM: Efficient eXecute-Only Memory on ARM Cortex-M.

A Systematic Evaluation of Transient Execution Attacks and Defenses.

The Secret Sharer: Evaluating and Testing Unintended Memorization in Neural Networks.

Improving Robustness of ML Classifiers against Realizable Evasion Attacks Using Conserved Features.

ALOHA: Auxiliary Loss Optimization for Hypothesis Augmentation.

Why Do Adversarial Attacks Transfer? Explaining Transferability of Evasion and Poisoning Attacks.

Stack Overflow Considered Helpful! Deep Learning Security Nudges Towards Stronger Cryptography.

Wireless Attacks on Aircraft Instrument Landing Systems.

Please Pay Inside: Evaluating Bluetooth-based Detection of Gas Pump Skimmers.

CANvas: Fast and Inexpensive Automotive Network Mapping.

Losing the Car Keys: Wireless PHY-Layer Insecurity in EV Charging.

RVFuzzer: Finding Input Validation Bugs in Robotic Vehicles through Control-Guided Testing.

Seeing is Not Believing: Camouflage Attacks on Image Scaling Algorithms.

CT-GAN: Malicious Tampering of 3D Medical Imagery using Deep Learning.

Misleading Authorship Attribution of Source Code using Adversarial Learning.

Terminal Brain Damage: Exposing the Graceless Degradation in Deep Neural Networks Under Hardware Fault Attacks.

CSI NN: Reverse Engineering of Neural Network Architectures Through Electromagnetic Side Channel.

simTPM: User-centric TPM for Mobile Devices.

The Betrayal At Cloud City: An Empirical Analysis Of Cloud-Based Mobile Backends.

EnTrust: Regulating Sensor Access by Cooperating Programs via Delegation Graphs.

PolicyLint: Investigating Internal Privacy Policy Contradictions on Google Play.

50 Ways to Leak Your Data: An Exploration of Apps' Circumvention of the Android Permissions System.

SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks.

Robust Website Fingerprinting Through the Cache Occupancy Channel.

Identifying Cache-Based Side Channels through Secret-Augmented Abstract Interpretation.

ScatterCache: Thwarting Cache Attacks via Cache Set Randomization.

Pythia: Remote Oracles for the Masses.

HideMyApp: Hiding the Presence of Sensitive Apps on Android.

TESSERACT: Eliminating Experimental Bias in Malware Classification across Space and Time.

Devils in the Guidance: Predicting Logic Vulnerabilities in Payment Syndication Services through Automated Documentation Analysis.

Understanding iOS-based Crowdturfing Through Hidden UI Analysis.

BITE: Bitcoin Lightweight Client Privacy using Trusted Execution.

FastKitten: Practical Smart Contracts on Bitcoin.

StrongChain: Transparent and Collaborative Proof-of-Work Consensus.

Tracing Transactions Across Cryptocurrency Ledgers.

Reading the Tea leaves: A Comparative Analysis of Threat Intelligence.

Towards the Detection of Inconsistencies in Public Security Vulnerability Reports.

Understanding and Securing Device Vulnerabilities through Automated Bug Report Analysis.

ATTACK2VEC: Leveraging Temporal Word Embeddings to Understand the Evolution of Cyberattacks.

Leaky Images: Targeted Privacy Attacks in the Web.

All Your Clicks Belong to Me: Investigating Click Interception on the Web.

What Are You Searching For? A Remote Keylogging Attack on Search Engine Autocomplete.

Iframes/Popups Are Dangerous in Mobile WebView: Studying and Mitigating Differential Context Vulnerabilities.

Small World with High Risks: A Study of Security Threats in the npm Ecosystem.

"Johnny, you are fired!" - Spoofing OpenPGP and S/MIME Signatures in Emails.

Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities.

The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR/EDR.

From IP ID to Device ID and KASLR Bypass.

When the Signal is in the Noise: Exploiting Diffix's Sticky Noise.

FIRM-AFL: High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation.

Not Everything is Dark and Gloomy: Power Grid Protections Against IoT Demand Attacks.

Discovering and Understanding the Security Hazards in the Interactions between IoT Devices, Mobile Apps, and Clouds on Smart Home Platforms.

Looking from the Mirror: Evaluating IoT Device Security through Mobile Companion Apps.

All Things Considered: An Analysis of IoT Devices on Home Networks.

KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities.

PeX: A Permission Check Analysis Framework for Linux Kernel.

ERIM: Secure, Efficient In-process Isolation with Protection Keys (MPK).

SafeHidden: An Efficient and Secure Information Hiding Technique Using Re-randomization.

Exploiting Unprotected I/O Operations in AMD's Secure Encrypted Virtualization.

Detecting and Characterizing Lateral Phishing at Scale.

High Precision Detection of Business Email Compromise.

Cognitive Triaging of Phishing Attacks.

Users Really Do Answer Telephone Scams.

Platforms in Everything: Analyzing Ground-Truth Data on the Anatomy and Economics of Bullet-Proof Hosting.

Protecting Cloud Virtual Machines from Hypervisor and Host Operating System Exploits.

WAVE: A Decentralized Authorization Framework with Transitive Delegation.

in-toto: Providing farm-to-table guarantees for bits and bytes.

IODINE: Verifying Constant-Time Execution of Hardware.

VRASED: A Verified Hardware/Software Co-Design for Remote Attestation.

Mobile Private Contact Discovery at Scale.

EverParse: Verified Secure Zero-Copy Parsers for Authenticated Message Formats.

XONN: XNOR-based Oblivious Deep Neural Network Inference.

JEDI: Many-to-Many End-to-End Encryption and Key Delegation for IoT.

Birthday, Name and Bifacial-security: Understanding Passwords of Chinese Web Users.

Protecting accounts from credential stuffing with password breach alerting.

Probability Model Transforming Encoders Against Encoding Attacks.

The Art of The Scam: Demystifying Honeypots in Ethereum Smart Contracts.

The Anatomy of a Cryptocurrency Pump-and-Dump Scheme.

Inadvertently Making Cyber Criminals Rich: A Comprehensive Study of Cryptojacking Campaigns at Internet Scale.

Rendered Private: Making GLSL Execution Uniform to Prevent WebGL-based Browser Fingerprinting.

Site Isolation: Process Separation for Web Sites within the Browser.

Everyone is Different: Client-side Diversification for Defending Against Extension Fingerprinting.

Less is More: Quantifying the Security Benefits of Debloating Web Applications.

The Web's Identity Crisis: Understanding the Effectiveness of Website Identity Indicators.

RAZOR: A Framework for Post-deployment Software Debloating.

Back to the Whiteboard: a Principled Approach for the Assessment and Design of Memory Forensic Techniques.

Detecting Missing-Check Bugs via Semantic- and Context-Aware Criticalness and Constraints Inferences.

DEEPVSA: Facilitating Value-set Analysis with Deep Learning for Postmortem Program Analysis.

CONFIRM: Evaluating Compatibility and Relevance of Control-flow Integrity Protections for Modern Software.

Point Break: A Study of Bandwidth Denial-of-Service Attacks against Tor.

No Right to Remain Silent: Isolating Malicious Mixes.

On (The Lack Of) Location Privacy in Crowdsourcing Applications.

Utility-Optimized Local Differential Privacy Mechanisms for Distribution Estimation.

Evaluating Differentially Private Machine Learning in Practice.

Fuzzification: Anti-Fuzzing Techniques.

AntiFuzz: Impeding Fuzzing Audits of Binary Executables.

MOPT: Optimized Mutation Scheduling for Fuzzers.

EnFuzz: Ensemble Fuzzing with Seed Synchronization among Diverse Fuzzers.

GRIMOIRE: Synthesizing Structure while Fuzzing.