ACM Conference on Computer and Communications Security

CCS 2017 - Institutions

List of Accepted Papers · Authors

Insitutions affiliated with authors of papers accepted to the 24th ACM Conference on Computer and Communications Security

Aalto University
Jian Liu, Mika Juuti, Yao Lu, N. Asokan. Oblivious Neural Network Predictions via MiniONN transformations [Paper]
Aarhus University
Melissa Chase, David Derler, Steven Goldfeder, Claudio Orlandi, Sebastian Ramacher, Christian Rechberger, Daniel Slamanig, Greg Zaverucha. Post-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives
Nico Döttling, Satrajit Ghosh, Jesper Buus Nielsen, Tobias Nilges, Roberto Trifiletti. TinyOLE: Efficient Actively Secure Two-Party Computation from Oblivious Linear Function Evaluation
Vladimir Kolesnikov, Jesper Buus Nielsen, Mike Rosulek, Ni Trieu, Roberto Trifiletti. DUPLO: Unifying Cut-and-Choose for Garbled Circuits [Paper] [Artifact]
Academia Sinica
Ming-Hsien Tsai, Bow-Yaw Wang, Bo-Yin Yang. Certified Verification of Algebraic Properties on Low-Level Mathematical Constructs in Cryptographic Programs
ACM Member
Daiping Liu, Zhou Li, Kun Du, Haining Wang, Baojun Liu, Haixin Duan. Don’t Let One Rotten Apple Spoil the Whole Barrel: Towards Automated Detection of Shadowed Domains
AIT Austrian Institute of Technology
Melissa Chase, David Derler, Steven Goldfeder, Claudio Orlandi, Sebastian Ramacher, Christian Rechberger, Daniel Slamanig, Greg Zaverucha. Post-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives
Arizona State University
Jake Corina, Aravind Machiry, Christopher Salls, Yan Shoshitaishvili, Shuang Hao, Christopher Kruegel, Giovanni Vigna. DIFUZE:Interface Aware Fuzzing for Kernel Drivers [Artifact]
Yan Shoshitaishvili, Michael Weissbacher, Lukas Dresel, Christopher Salls, Ruoyu Wang, Christopher Kruegel, Giovanni Vigna. Rise of the HaCRS: Augmenting Autonomous Cyber Reasoning Systems with Human Assistance
AT&T Labs-Research
Xi He, Ashwin Machanavajjhala, Cheryl Flynn, Divesh Srivastava. Composing Differential Privacy and Secure Computation: A case study on scaling private record linkage [Paper]
AWS
Shay Gueron, Yehuda Lindell. Better Bounds for Block Cipher Modes of Operation via Nonce-Based Key Derivation [Paper]
Bar-Ilan University
Scott Ames, Carmit Hazay, Yuval Ishai, Muthuramakrishnan Venkitasubramaniam. Ligero: Lightweight Sublinear Arguments Without a Trusted Setup
Shay Gueron, Yehuda Lindell. Better Bounds for Block Cipher Modes of Operation via Nonce-Based Key Derivation [Paper]
Vladimir Kolesnikov, Naor Matania, Benny Pinkas, Mike Rosulek, Ni Trieu. Practical Multi-party Private Set Intersection from Symmetric-Key Techniques [Paper] [Artifact]
Yehuda Lindell, Ariel Nof. A Framework for Constructing Fast MPC over Arithmetic Circuits with Malicious Adversaries and an Honest-Majority
Beihang University
Zhangkai Zhang, Xuhua Ding, Gene Tsudik, Jinhua Cui, Zhoujun Li. Presence Attestation: The Missing Link In Dynamic Trust Bootstrapping
Bell Labs
Vladimir Kolesnikov, Jesper Buus Nielsen, Mike Rosulek, Ni Trieu, Roberto Trifiletti. DUPLO: Unifying Cut-and-Choose for Garbled Circuits [Paper] [Artifact]
Vladimir Kolesnikov, Naor Matania, Benny Pinkas, Mike Rosulek, Ni Trieu. Practical Multi-party Private Set Intersection from Symmetric-Key Techniques [Paper] [Artifact]
Ben Gurion University
Elette Boyle, Geoffroy Couteau, Niv Gilboa, Yuval Ishai, Michele Orru. Homomorphic Secret Sharing: Optimizations and Applications [Artifact]
Ca’ Foscari University of Venice
Matus Nemec, Marek Sys, Petr Svenda, Dusan Klinec, Vashek Matyas. The Return of Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli [Artifact]
California Institute of Technology
Mohammad A. Islam, Shaolei Ren, Adam Wierman. Exploiting a Thermal Side Channel for Power Attacks in Multi-Tenant Data Centers
Carnegie Mellon University
Anupam Datta, Matthew Fredrikson, Gihyuk Ko, Piotr Mardziel, Shayak Sen. Use Privacy in Data-Driven Systems: Theory and Experiments with Machine Learnt Programs [Paper] [Artifact]
Katherine Q. Ye, Matthew Green, Naphat Sanguansin, Lennart Beringer, Adam Petcher, Andrew W. Appel. Verified Correctness and Security of mbedTLS HMAC-DRBG [Paper] [Artifact]
Ruiyu Zhu, Yan Huang, Darion Cassel. Pool: Scalable On-Demand Secure Computation Service Against Malicious Adversaries
Sarah Pearman, Jeremy Thomas, Pardis Emami Naeini, Hana Habib, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Serge Egelman, Alain Forget. Let’s go in for a closer look: Observing passwords in their natural habitat
Chalmers University of Technology
Lucas Waye, Pablo Buiras, Owen Arden, Alejandro Russo, Stephen Chong. Cryptographically Secure Information Flow Control on Key-Value Stores [Paper]
Chinese Academy of Sciences
Tongxin Li, Xueqiang Wang, Mingming Zha, Kai Chen, XiaoFeng Wang, Luyi Xing, Xiaolong Bai, Nan Zhang, Xinhui Han. Unleashing the Walking Dead: Understanding Cross-App Remote Infections on Mobile WebViews
Chinese Academy of Sciences, Institute of Information Engineering
Lingguang Lei, Yi He, Kun Sun, Jiwu Jing, Yuewu Wang, Qi Li, Jian Weng. Vulnerable Implicit Service: A Revisit
Shijie Jia, Luning Xia, Bo Chen, Peng Liu. DEFTL: Implementing Plausibly Deniable Encryption in Flash Translation Layer
Wei You, Peiyuan Zong, Kai Chen, XiaoFeng Wang, Xiaojing Liao, Pan Bian, Bin Liang. SemFuzz: Semantics-based Automatic Generation of Proof-of-Concept Exploits
CISPA, Saarland University
Bernd Finkbeiner, Christian Müller, Helmut Seidl, Eugen Zalinescu. Verifying Security Policies in Multi-agent Workflows with Loops [Paper] [Artifact]
Duc Cuong Nguyen, Dominik Wermke, Yasemin Acar, Michael Backes, Charles Weir, Sascha Fahl. A Stitch in Time: Supporting Android Developers in Writing Secure Code
Erik Derr, Sven Bugiel, Sascha Fahl, Yasemin Acar, Michael Backes. Keep me Updated: An Empirical Study of Third-Party Library Updatability on Android [Paper] [Artifact]
Giancarlo Pellegrino, Martin Johns, Simon Koch, Michael Backes, Christian Rossow. Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs [Paper]
Jie Huang, Oliver Schranz, Sven Bugiel, Michael Backes. The ART of App Compartmentalization: Compiler-based Library Privilege Separation on Stock Android
Michael Backes, Mathias Humbert, Jun Pang, Yang Zhang. walk2friends: Inferring Social Links from Mobility Profiles [Paper] [Artifact]
City College of New York
Matteo Campanelli, Rosario Gennaro, Steven Goldfeder, Luca Nizzardo. Zero-Knowledge Contingent Payments Revisited: Attacks and Payments for Services [Paper] [Artifact]
Colgate University
Yan Chen, Ashwin Machanavajjhala, Michael Hay, Gerome Miklau. PeGaSus: Data-Adaptive Differentially Private Stream Processing
College of Science and Engineering, Hamad Bin Khalifa University
Zhan Qin, Yin Yang, Ting Yu, Xiaokui Xiao, Issa Khalil, Kui Ren. Generating Synthetic Decentralized Social Graphs with Local Differential Privacy
Columbia University
Alexander Russell, Qiang Tang, Moti Yung, Hong-Sheng Zhou. Generic Semantic Security against a Kleptographic Adversary
Theofilos Petsios, Jason Zhao, Angelos D. Keromytis, Suman Jana. SlowFuzz: Automated Domain-Independent Detection of Algorithmic Complexity Vulnerabilities [Paper]
Cornell Tech
Congzheng Song, Thomas Ristenpart, Vitaly Shmatikov. Machine Learning Models that Remember Too Much
Rahul Chatterjee, Joanne Woodage, Yuval Pnueli, Anusha Chowdhury, Thomas Ristenpart. The TypTop System: Personalized Typo-tolerant Password Checking [Paper] [Artifact]
Cornell Tech, Jacobs Institute
Ethan Cecchetti, Fan Zhang, Yan Ji, Ahmed Kosba, Ari Juels, Elaine Shi. Solidus: Confidential Distributed Ledger Transactions via PVORM [Paper]
Cornell University
Congzheng Song, Thomas Ristenpart, Vitaly Shmatikov. Machine Learning Models that Remember Too Much
Ethan Cecchetti, Andrew Myers, Owen Arden. Nonmalleable Information Flow Control
Ethan Cecchetti, Fan Zhang, Yan Ji, Ahmed Kosba, Ari Juels, Elaine Shi. Solidus: Confidential Distributed Ledger Transactions via PVORM [Paper]
Keith Bonawitz, Vladimir Ivanov, Ben Kreuter, Antonio Marcedone, H. Brendan McMahan, Sarvar Patel, Daniel Ramage, Aaron Segal, Karn Seth. Practical Secure Aggregation for Privacy-Preserving Machine Learning [Paper]
Rahul Chatterjee, Joanne Woodage, Yuval Pnueli, Anusha Chowdhury, Thomas Ristenpart. The TypTop System: Personalized Typo-tolerant Password Checking [Paper] [Artifact]
Data61
Daniel Genkin, Luke Valenta, Yuval Yarom. May the Fourth Be With You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve25519 [Paper]
Peter Pessl, Leon Groot Bruinderink, Yuval Yarom. To BLISS-B or not to be - Attacking strongSwan’s Implementation of Post-Quantum Signatures [Paper]
DCC FC Universidade do Porto
José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, Arthur Blot, Benjamin Grégoire, Vincent Laporte, Tiago Oliveira, Hugo Pacheco, Benedikt Schmidt, Pierre-Yves Strub. Jasmin: High-Assurance and High-Speed Cryptography [Artifact]
José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, François Dupressoir, Benjamin Grégoire, Vincent Laporte, Vitor Pereira. A Fast and Verified Software Stack for Secure Function Evaluation [Paper] [Artifact]
Delft University of Technology
Samaneh Tajalizadehkhoob, Tom van Goethem, Maciej Korczyński, Arman Noroozian, Rainer Böhme, Tyler Moore, Wouter Joosen, Michel van Eeten. Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting [Paper]
Denmark Technical University
Melissa Chase, David Derler, Steven Goldfeder, Claudio Orlandi, Sebastian Ramacher, Christian Rechberger, Daniel Slamanig, Greg Zaverucha. Post-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives
DGA.MI
Thomas Espitau, Pierre-Alain Fouque, Benoït Gérard, Mehdi Tibouchi. Side-Channel Attacks on BLISS Lattice-Based Signatures: Exploiting Branch Tracing Against strongSwan and Electromagnetic Emanations in Microcontrollers [Paper] [Artifact]
Direction Générale de l’Armement - Maitrise de l’Information
Raphael Bost, Brice Minaud, Olga Ohrimenko. Forward and Backward Private Searchable Encryption from Constrained Cryptographic Primitives [Paper] [Artifact]
Drexel University
Rebekah Overdorf, Marc Juarez, Gunes Acar, Rachel Greenstadt, Claudia Diaz. How Unique is Your .onion? An Analysis of the Fingerprintability of Tor Onion Services [Artifact]
Duke University
Xi He, Ashwin Machanavajjhala, Cheryl Flynn, Divesh Srivastava. Composing Differential Privacy and Secure Computation: A case study on scaling private record linkage [Paper]
Yan Chen, Ashwin Machanavajjhala, Michael Hay, Gerome Miklau. PeGaSus: Data-Adaptive Differentially Private Stream Processing
Ecole Polytechnique
José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, Arthur Blot, Benjamin Grégoire, Vincent Laporte, Tiago Oliveira, Hugo Pacheco, Benedikt Schmidt, Pierre-Yves Strub. Jasmin: High-Assurance and High-Speed Cryptography [Artifact]
École Polytechnique de Montréal
Shirin Nilizadeh, François Labrèche, Alireza Sadighian, Ali Zand, José Fernandez, Christopher Kruegel, Gianluca Stringhini, Giovanni Vigna. POISED: Spotting Twitter Spam Off the Beaten Paths
Eindhoven University of Technology
Luca Allodi. Economic Factors of Vulnerability Trade and Exploitation: Empirical evidence from a prominent Russian cybercrime market [Paper]
EnigmaBridge
Matus Nemec, Marek Sys, Petr Svenda, Dusan Klinec, Vashek Matyas. The Return of Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli [Artifact]
Vasilios Mavroudis, Andrea Cerulli, Petr Svenda, Dan Cvrcek, Dusan Klinec, George Danezis. A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components [Artifact]
ENS Lyon
Gottfried Herold, Max Hoffmann, Michael Klooß , Carla Ràfols, Andy Rupp. New Techniques for Structural Batch Verification in Bilinear Groups with Applications to Groth-Sahai Proofs [Paper]
José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, Arthur Blot, Benjamin Grégoire, Vincent Laporte, Tiago Oliveira, Hugo Pacheco, Benedikt Schmidt, Pierre-Yves Strub. Jasmin: High-Assurance and High-Speed Cryptography [Artifact]
ENS Lyon, Laboratoire LIP (U. Lyon, CNRS, ENSL, INRIA, UCBL)
Shweta Agrawal, Sanjay Bhattacherjee, Duong Hieu Phan, Damien Stehle, Shota Yamada. Efficient Public Trace-and-Revoke from Standard Assumptions [Paper]
ENS, Paris
Elette Boyle, Geoffroy Couteau, Niv Gilboa, Yuval Ishai, Michele Orru. Homomorphic Secret Sharing: Optimizations and Applications [Artifact]
Miguel Ambrona, Gilles Barthe, Romain Gay, Hoeteck Wee. Attribute-Based Encryption in the Generic Group Model: Automated Proofs and New Constructions
ETH Zürich
Jan Camenisch, Manu Drijvers, Maria Dubovitskaya. Practical UC-Secure Delegatable Credentials with Attributes and Their Application to Blockchain
Martin Kucera, Petar Tsankov, Timon Gehr, Marco Guarnieri, Martin Vechev. Synthesis of Probabilistic Privacy Enforcement [Artifact]
Rami Khalil, Arthur Gervais. Revive: Rebalancing Off-Blockchain Payment Networks [Artifact]
Florida State University
Linghan Zhang, Sheng Tan, Jie Yang. Hearing Your Voice Is Not Enough: An Articulatory Gesture Based Liveness Detection for Voice Authentication
Mihir Bellare, Viet Tung Hoang. Identity-Based Format-Preserving Encryption
Friedrich-Alexander University Erlangen Nuernberg
Giulio Malavolta, Pedro Moreno-Sanchez, Aniket Kate, Matteo Maffei, Srivatsan Ravi. Concurrency and Privacy with Payment-Channel Networks [Paper]
Galois, Inc.
Brent Carmer, Alex J. Malozemoff, Mariana Raykova. 5Gen-C: Multi-input Functional Encryption and Program Obfuscation for Arithmetic Circuits [Artifact]
George Mason University
Lingguang Lei, Yi He, Kun Sun, Jiwu Jing, Yuewu Wang, Qi Li, Jian Weng. Vulnerable Implicit Service: A Revisit
Xiao Wang, Samuel Ranellucci, Jonathan Katz. Global-Scale Secure Multiparty Computation [Paper] [Artifact]
Xiao Wang, Samuel Ranellucci, Jonathan Katz. Authenticated Garbling and Efficient Maliciously Secure Two-Party Computation [Paper] [Artifact]
Georgetown University
Ellis Fenske, Akshaya Mani, Aaron Johnson, Micah Sherr. Distributed Measurement with Private Set-Union Cardinality
Riad S. Wahby, Ye Ji, Andrew J. Blumberg, abhi shelat, Justin Thaler, Michael Walfish, Thomas Wies. Full accounting for verifiable outsourcing [Paper]
Georgia Institute of Technology
Huasong Shan, Qingyang Wang, Calton Pu. Tail Attacks on Web Applications
Jian Huang, Jun Xu, Xinyu Xing, Peng Liu, Moinuddin K. Qureshi. FlashGuard: Leveraging Intrinsic Flash Properties to Defend Against Encryption Ransomware
Panagiotis Kintis, Najmeh Miramirkhani, Charles Lever, Yizheng Chen, Rosa Romero-Gómez, Nikolaos Pitropakis, Nick Nikiforakis, Manos Antonakakis. Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse [Paper]
Ruian Duan, Ashish Bijlani, Meng Xu, Taesoo Kim, Wenke Lee. Checking Open-Source License Violation and 1-day Security Risk at Large Scale
Wen Xu, Sanidhya Kashyap, Changwoo Min, Taesoo Kim. Designing New Operating Primitives to Improve Fuzzing Performance
Xiaojun Xu, Chang Liu, Qian Feng, Heng Yin, Le Song, Dawn Song. Neural Network-based Graph Embedding for Cross-Platform Binary Code Similarity Detection [Paper]
Yang Ji, Sangho Lee, Evan Downing, Weiren Wang, Mattia Fazzini, Taesoo Kim, Alessandro Orso, Wenke Lee. RAIN: Refinable Attack Investigation with On-demand Inter-Process Information Flow Tracking
Yizheng Chen, Yacin Nadji, Athanasios Kountouras, Fabian Monrose, Roberto Perdisci, Manos Antonakakis, Nikolaos Vasiloglou. Practical Attacks Against Graph-based Clustering [Paper]
Google
Keith Bonawitz, Vladimir Ivanov, Ben Kreuter, Antonio Marcedone, H. Brendan McMahan, Sarvar Patel, Daniel Ramage, Aaron Segal, Karn Seth. Practical Secure Aggregation for Privacy-Preserving Machine Learning [Paper]
Kurt Thomas, Frank Li, Ali Zand, Jake Barrett, Juri Ranieri, Luca Invernizzi, Yarik Markov, Oxana Comanescu, Vijay Eranti, Angelika Moscicki, Dan Margolis, Vern Paxson, Elie Bursztein. Data breaches, phishing, or malware? Understanding the risks of stolen credentials
Mustafa Emre Acer, Emily Stark, Adrienne Porter Felt, Sascha Fahl, Radhika Bhargava, Bhanu Dev, Matt Braithwaite, Ryan Sleevi, Parisa Tabriz. Where the Wild Warnings Are: Root Causes of Chrome HTTPS Certificate Errors
Sarah Pearman, Jeremy Thomas, Pardis Emami Naeini, Hana Habib, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Serge Egelman, Alain Forget. Let’s go in for a closer look: Observing passwords in their natural habitat
Sebastian Lekies, Krzysztof Kotowicz, Samuel Groß , Eduardo Vela, Martin Johns. Code-reuse attacks for the Web: Breaking Cross-Site Scripting Mitigations via Script Gadgets
Graz University of Technology
Melissa Chase, David Derler, Steven Goldfeder, Claudio Orlandi, Sebastian Ramacher, Christian Rechberger, Daniel Slamanig, Greg Zaverucha. Post-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives
Peter Pessl, Leon Groot Bruinderink, Yuval Yarom. To BLISS-B or not to be - Attacking strongSwan’s Implementation of Post-Quantum Signatures [Paper]
Haifa University
Shay Gueron, Yehuda Lindell. Better Bounds for Block Cipher Modes of Operation via Nonce-Based Key Derivation [Paper]
Harvard University
Lucas Waye, Pablo Buiras, Owen Arden, Alejandro Russo, Stephen Chong. Cryptographically Secure Information Flow Control on Key-Value Stores [Paper]
HASLab – INESC TEC
José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, Arthur Blot, Benjamin Grégoire, Vincent Laporte, Tiago Oliveira, Hugo Pacheco, Benedikt Schmidt, Pierre-Yves Strub. Jasmin: High-Assurance and High-Speed Cryptography [Artifact]
José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, François Dupressoir, Benjamin Grégoire, Vincent Laporte, Vitor Pereira. A Fast and Verified Software Stack for Secure Function Evaluation [Paper] [Artifact]
Huawei Technologies Düsseldorf
Yong Li, Sven Schäge. No-Match Attacks and Robust Partnering Definitions – Defining Trivial Attacks for Security Protocols is Not Trivial [Paper]
IBM
Shai Halevi, Tzipora Halevi, Victor Shoup, Noah Stephens-Davidowitz. Implementing BP-Obfuscation Using Graph-Induced Encoding [Paper]
IBM and New York University
Shai Halevi, Tzipora Halevi, Victor Shoup, Noah Stephens-Davidowitz. Implementing BP-Obfuscation Using Graph-Induced Encoding [Paper]
IBM Research - Zürich
Jan Camenisch, Manu Drijvers, Maria Dubovitskaya. Practical UC-Secure Delegatable Credentials with Attributes and Their Application to Blockchain
Rafael del Pino, Vadim Lyubashevsky, Gregory Neven, Gregor Seiler. Practical Quantum-Safe Voting from Lattices
IDC Herzliya
Elette Boyle, Geoffroy Couteau, Niv Gilboa, Yuval Ishai, Michele Orru. Homomorphic Secret Sharing: Optimizations and Applications [Artifact]
IIT Madras
Shweta Agrawal, Sanjay Bhattacherjee, Duong Hieu Phan, Damien Stehle, Shota Yamada. Efficient Public Trace-and-Revoke from Standard Assumptions [Paper]
IMDEA Software Institute
José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, Arthur Blot, Benjamin Grégoire, Vincent Laporte, Tiago Oliveira, Hugo Pacheco, Benedikt Schmidt, Pierre-Yves Strub. Jasmin: High-Assurance and High-Speed Cryptography [Artifact]
José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, François Dupressoir, Benjamin Grégoire, Vincent Laporte, Vitor Pereira. A Fast and Verified Software Stack for Secure Function Evaluation [Paper] [Artifact]
Miguel Ambrona, Gilles Barthe, Romain Gay, Hoeteck Wee. Attribute-Based Encryption in the Generic Group Model: Automated Proofs and New Constructions
Simon Oya, Carmela Troncoso, Fernando Pérez-González. Back to the drawing board: Revisiting the design of optimal location privacy-preserving mechanisms [Paper]
IMDEA Software Institute and Universidad Politécnica de Madrid
Matteo Campanelli, Rosario Gennaro, Steven Goldfeder, Luca Nizzardo. Zero-Knowledge Contingent Payments Revisited: Attacks and Payments for Services [Paper] [Artifact]
Indiana University
Ruiyu Zhu, Yan Huang, Darion Cassel. Pool: Scalable On-Demand Secure Computation Service Against Malicious Adversaries
Syed Mahbub Hafiz, Ryan Henry. Querying for Queries: Indexes of Queries for Efficient and Expressive IT-PIR [Paper]
Tongxin Li, Xueqiang Wang, Mingming Zha, Kai Chen, XiaoFeng Wang, Luyi Xing, Xiaolong Bai, Nan Zhang, Xinhui Han. Unleashing the Walking Dead: Understanding Cross-App Remote Infections on Mobile WebViews
Wei You, Peiyuan Zong, Kai Chen, XiaoFeng Wang, Xiaojing Liao, Pan Bian, Bin Liang. SemFuzz: Semantics-based Automatic Generation of Proof-of-Concept Exploits
Wenhao Wang, Guoxing Chen, Xiaorui Pan, Yinqian Zhang, XiaoFeng Wang, Vincent Bindschaedler, Haixu Tang, Carl A. Gunter. Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX
Yi Chen, Wei You, Yeonjoon Lee, Kai Chen, XiaoFeng Wang, Wei Zou. Mass Discovery of Android Traffic Imprints through Instantiated Partial Execution
Innsbruck University
Samaneh Tajalizadehkhoob, Tom van Goethem, Maciej Korczyński, Arman Noroozian, Rainer Böhme, Tyler Moore, Wouter Joosen, Michel van Eeten. Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting [Paper]
Inria
José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, Arthur Blot, Benjamin Grégoire, Vincent Laporte, Tiago Oliveira, Hugo Pacheco, Benedikt Schmidt, Pierre-Yves Strub. Jasmin: High-Assurance and High-Speed Cryptography [Artifact]
Véronique Cortier, Niklas Grimm, Joseph Lallemand, Matteo Maffei. A Type System for Privacy Properties [Paper] [Artifact]
Inria Paris
Jean-Karim Zinzindohoué and Karthikeyan Bhargavan, Jonathan Protzenko, Benjamin Beurdouche. HACL: A Verified Modern Cryptographic Library [Paper] [Artifact]
INRIA Sophia-Antipolis
José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, François Dupressoir, Benjamin Grégoire, Vincent Laporte, Vitor Pereira. A Fast and Verified Software Stack for Secure Function Evaluation [Paper] [Artifact]
International Institute of Information Technology Hyderabad
Mustafa Emre Acer, Emily Stark, Adrienne Porter Felt, Sascha Fahl, Radhika Bhargava, Bhanu Dev, Matt Braithwaite, Ryan Sleevi, Parisa Tabriz. Where the Wild Warnings Are: Root Causes of Chrome HTTPS Certificate Errors
IST Austria
Joel Alwen, Jeremiah Blocki, Ben Harsha. Practical Graphs for Optimal Side-Channel Resistant Memory-Hard Functions [Paper] [Artifact]
Jinan University
Lingguang Lei, Yi He, Kun Sun, Jiwu Jing, Yuewu Wang, Qi Li, Jian Weng. Vulnerable Implicit Service: A Revisit
Johns Hopkins University
Arka Rai Choudhuri, Matthew Green, Abhishek Jain, Gabriel Kaptchuk, Ian Miers. Fairness in an Unfair World: Fair Multiparty Computation from Public Bulletin Boards
Katherine Q. Ye, Matthew Green, Naphat Sanguansin, Lennart Beringer, Adam Petcher, Andrew W. Appel. Verified Correctness and Security of mbedTLS HMAC-DRBG [Paper] [Artifact]
Matthew Green, Ian Miers. Bolt: Anonymous Payment Channels for Decentralized Currencies
KAIST
HyungSeok Han, Sang Kil Cha. IMF: Inferred Model-based Fuzzer [Artifact]
Yujin Kwon, Dohyun Kim, Yunmok Son, Eugene Vasserman, Yongdae Kim. Be Selfish and Avoid Dilemmas: Fork After Withholding (FAW) Attacks on Bitcoin [Paper]
Kansas State University
Yujin Kwon, Dohyun Kim, Yunmok Son, Eugene Vasserman, Yongdae Kim. Be Selfish and Avoid Dilemmas: Fork After Withholding (FAW) Attacks on Bitcoin [Paper]
Karlsruhe Institute of Technology
Gottfried Herold, Max Hoffmann, Michael Klooß , Carla Ràfols, Andy Rupp. New Techniques for Structural Batch Verification in Bilinear Groups with Applications to Groth-Sahai Proofs [Paper]
Gunnar Hartung, Max Hoffmann, Matthias Nagel, Andy Rupp. BBA+: Improving the Security and Applicability of Privacy-Preserving Point Collection
KU Leuven
Rebekah Overdorf, Marc Juarez, Gunes Acar, Rachel Greenstadt, Claudia Diaz. How Unique is Your .onion? An Analysis of the Fingerprintability of Tor Onion Services [Artifact]
KU Leuven, imec-DistriNet
Mathy Vanhoef, Frank Piessens. Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2
Samaneh Tajalizadehkhoob, Tom van Goethem, Maciej Korczyński, Arman Noroozian, Rainer Böhme, Tyler Moore, Wouter Joosen, Michel van Eeten. Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting [Paper]
Thomas Vissers, Timothy Barron, Tom Van Goethem, Wouter Joosen, Nick Nikiforakis. The Wolf of Name Street: Hijacking Domains Through Their Nameservers [Paper]
Lehigh University
Yinzhi Cao, Zhanhao Chen, Song Li, Shujiang Wu. Deterministic Browser [Paper] [Artifact]
Leibniz University Hannover
Duc Cuong Nguyen, Dominik Wermke, Yasemin Acar, Michael Backes, Charles Weir, Sascha Fahl. A Stitch in Time: Supporting Android Developers in Writing Secure Code
Erik Derr, Sven Bugiel, Sascha Fahl, Yasemin Acar, Michael Backes. Keep me Updated: An Empirical Study of Third-Party Library Updatability on Android [Paper] [Artifact]
Mustafa Emre Acer, Emily Stark, Adrienne Porter Felt, Sascha Fahl, Radhika Bhargava, Bhanu Dev, Matt Braithwaite, Ryan Sleevi, Parisa Tabriz. Where the Wild Warnings Are: Root Causes of Chrome HTTPS Certificate Errors
London South Bank University
Panagiotis Kintis, Najmeh Miramirkhani, Charles Lever, Yizheng Chen, Rosa Romero-Gómez, Nikolaos Pitropakis, Nick Nikiforakis, Manos Antonakakis. Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse [Paper]
Loria, CNRS
Véronique Cortier, Niklas Grimm, Joseph Lallemand, Matteo Maffei. A Type System for Privacy Properties [Paper] [Artifact]
Louisiana State University, Computer Science and Engineering Division
Huasong Shan, Qingyang Wang, Calton Pu. Tail Attacks on Web Applications
Masaryk University
Matus Nemec, Marek Sys, Petr Svenda, Dusan Klinec, Vashek Matyas. The Return of Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli [Artifact]
Vasilios Mavroudis, Andrea Cerulli, Petr Svenda, Dan Cvrcek, Dusan Klinec, George Danezis. A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components [Artifact]
Massachusetts Institute of Technology
Pramod Subramanyan, Rohit Sinha, Ilia Lebedev, Srinivas Devadas, Sanjit Seshia. A Formal Foundation for Secure Remote Execution of Enclaves [Paper] [Artifact]
The Max Planck Institute For Software Systems
Cas Cremers, Marko Horvat, Jonathan Hoyland, Sam Scott, Thyla van der Merwe. A Comprehensive Symbolic Analysis of TLS 1.3 [Paper] [Artifact]
Michigan Technological University
Shijie Jia, Luning Xia, Bo Chen, Peng Liu. DEFTL: Implementing Plausibly Deniable Encryption in Flash Translation Layer
Microsoft
Victor van der Veen, Dennis Andriesse, Manolis Stamatogiannakis, Xi Chen, Herbert Bos, Cristiano Giuffrida. The Dynamics of Innocent Flesh on the Bone: Code Reuse Ten Years Later [Paper] [Artifact]
Microsoft Research
Hao Chen, Kim Laine, Peter Rindal. Fast Private Set Intersection from Homomorphic Encryption [Paper]
Jean-Karim Zinzindohoué and Karthikeyan Bhargavan, Jonathan Protzenko, Benjamin Beurdouche. HACL: A Verified Modern Cryptographic Library [Paper] [Artifact]
Melissa Chase, David Derler, Steven Goldfeder, Claudio Orlandi, Sebastian Ramacher, Christian Rechberger, Daniel Slamanig, Greg Zaverucha. Post-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives
Shashank Agrawal, Melissa Chase. FAME: Fast Attribute-based Message Encryption [Paper] [Artifact]
Microsoft Research India
Nishanth Chandran, Juan Garay, Payman Mohassel, Satyanarayana Vusirikala. Efficient, Constant-Round and Actively Secure MPC: Beyond the Three-Party Case [Paper]
Microsoft Research, Cambridge
Raphael Bost, Brice Minaud, Olga Ohrimenko. Forward and Backward Private Searchable Encryption from Constrained Cryptographic Primitives [Paper] [Artifact]
Nanyang Technological University
Zhan Qin, Yin Yang, Ting Yu, Xiaokui Xiao, Issa Khalil, Kui Ren. Generating Synthetic Decentralized Social Graphs with Local Differential Privacy
National Institute of Advanced Industrial Science and Technology (AIST), Japan
Shweta Agrawal, Sanjay Bhattacherjee, Duong Hieu Phan, Damien Stehle, Shota Yamada. Efficient Public Trace-and-Revoke from Standard Assumptions [Paper]
National Security Research Institute
Kee Sung Kim, Minkyu Kim, Dongsoo Lee, Je Hong Park, Woo-Hwan Kim. Forward Secure Dynamic Searchable Symmetric Encryption with Efficient Updates
National University of Singapore
Hung Dang, Yue Huang, Ee-Chien Chang. Evading Classifiers by Morphing in the Dark
Marcel Böhme, Van-Thuan Pham, Manh-Dung Nguyen, Abhik Roychoudhury. Directed Greybox Fuzzing [Paper] [Artifact]
New Jersey Institute of Technology
Alexander Russell, Qiang Tang, Moti Yung, Hong-Sheng Zhou. Generic Semantic Security against a Kleptographic Adversary
New York University
Hossein Siadati, Nasir Memon. Detecting Structurally Anomalous Logins Within Enterprise Networks
Muhammad Yasin, Abhrajit Sengupta, Mohammed Thari Nabeel, Mohammed Ashraf, Jeyavijayan (JV) Rajendran, Ozgur Sinanoglu. Provably-Secure Logic Locking: From Theory To Practice
Riad S. Wahby, Ye Ji, Andrew J. Blumberg, abhi shelat, Justin Thaler, Michael Walfish, Thomas Wies. Full accounting for verifiable outsourcing [Paper]
Shai Halevi, Tzipora Halevi, Victor Shoup, Noah Stephens-Davidowitz. Implementing BP-Obfuscation Using Graph-Induced Encoding [Paper]
Newcastle University
Changyu Dong, Yilei Wang, Amjad Aldweesh, Patrick McCorry, Aad van Moorsel. Betrayal, Distrust, and Rationality: Smart Counter-Collusion Contracts for Verifiable Cloud Computing [Paper] [Artifact]
Northeastern University
Jack Doerner, abhi shelat. Scaling ORAM for Secure Computation [Paper] [Artifact]
Riad S. Wahby, Ye Ji, Andrew J. Blumberg, abhi shelat, Justin Thaler, Michael Walfish, Thomas Wies. Full accounting for verifiable outsourcing [Paper]
Yan Shoshitaishvili, Michael Weissbacher, Lukas Dresel, Christopher Salls, Ruoyu Wang, Christopher Kruegel, Giovanni Vigna. Rise of the HaCRS: Augmenting Autonomous Cyber Reasoning Systems with Human Assistance
NTT Secure Platform Laboratories
Thomas Espitau, Pierre-Alain Fouque, Benoït Gérard, Mehdi Tibouchi. Side-Channel Attacks on BLISS Lattice-Based Signatures: Exploiting Branch Tracing Against strongSwan and Electromagnetic Emanations in Microcontrollers [Paper] [Artifact]
The Ohio State University
Wenhao Wang, Guoxing Chen, Xiaorui Pan, Yinqian Zhang, XiaoFeng Wang, Vincent Bindschaedler, Haixu Tang, Carl A. Gunter. Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX
Yuan Xiao, Mengyuan Li, Sanchuan Chen, Yinqian Zhang. Stacco: Differentially Analyzing Side-Channel Traces for Detecting SSL/TLS Vulnerabilities in Secure Enclaves [Paper]
Oracle
Katherine Q. Ye, Matthew Green, Naphat Sanguansin, Lennart Beringer, Adam Petcher, Andrew W. Appel. Verified Correctness and Security of mbedTLS HMAC-DRBG [Paper] [Artifact]
Oregon State University
Brent Carmer, Alex J. Malozemoff, Mariana Raykova. 5Gen-C: Multi-input Functional Encryption and Program Obfuscation for Arithmetic Circuits [Artifact]
Hao Chen, Kim Laine, Peter Rindal. Fast Private Set Intersection from Homomorphic Encryption [Paper]
Peter Rindal, Mike Rosulek. Malicious-Secure Private Set Intersection via Dual Execution [Paper] [Artifact]
Thang Hoang, Ceyhun D. Ozkaptan, Attila A. Yavuz, Jorge Guajardo, Tam Nguyen. S3ORAM: A Computation-Efficient and Constant Client Bandwidth Blowup ORAM with Shamir Secret Sharing [Paper] [Artifact]
Vladimir Kolesnikov, Jesper Buus Nielsen, Mike Rosulek, Ni Trieu, Roberto Trifiletti. DUPLO: Unifying Cut-and-Choose for Garbled Circuits [Paper] [Artifact]
Vladimir Kolesnikov, Naor Matania, Benny Pinkas, Mike Rosulek, Ni Trieu. Practical Multi-party Private Set Intersection from Symmetric-Key Techniques [Paper] [Artifact]
Peking University
Tongxin Li, Xueqiang Wang, Mingming Zha, Kai Chen, XiaoFeng Wang, Luyi Xing, Xiaolong Bai, Nan Zhang, Xinhui Han. Unleashing the Walking Dead: Understanding Cross-App Remote Infections on Mobile WebViews
The Pennsylvania State University
Jian Huang, Jun Xu, Xinyu Xing, Peng Liu, Moinuddin K. Qureshi. FlashGuard: Leveraging Intrinsic Flash Properties to Defend Against Encryption Ransomware
Shen Liu, Gang Tan, Trent Jaeger. PtrSplit: Supporting general pointers in automatic program partitioning
The Pennsylvania State University, College of Information Sciences and Technology
Shijie Jia, Luning Xia, Bo Chen, Peng Liu. DEFTL: Implementing Plausibly Deniable Encryption in Flash Translation Layer
Princeton University
Katherine Q. Ye, Matthew Green, Naphat Sanguansin, Lennart Beringer, Adam Petcher, Andrew W. Appel. Verified Correctness and Security of mbedTLS HMAC-DRBG [Paper] [Artifact]
Matteo Campanelli, Rosario Gennaro, Steven Goldfeder, Luca Nizzardo. Zero-Knowledge Contingent Payments Revisited: Attacks and Payments for Services [Paper] [Artifact]
Melissa Chase, David Derler, Steven Goldfeder, Claudio Orlandi, Sebastian Ramacher, Christian Rechberger, Daniel Slamanig, Greg Zaverucha. Post-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives
Purdue University
Giulio Malavolta, Pedro Moreno-Sanchez, Aniket Kate, Matteo Maffei, Srivatsan Ravi. Concurrency and Privacy with Payment-Channel Networks [Paper]
Joel Alwen, Jeremiah Blocki, Ben Harsha. Practical Graphs for Optimal Side-Channel Resistant Memory-Hard Functions [Paper] [Artifact]
Mustafa Emre Acer, Emily Stark, Adrienne Porter Felt, Sascha Fahl, Radhika Bhargava, Bhanu Dev, Matt Braithwaite, Ryan Sleevi, Parisa Tabriz. Where the Wild Warnings Are: Root Causes of Chrome HTTPS Certificate Errors
Yuseok Jeon, Priyam Biswas, Scott Carr, Byoungyoung Lee, Mathias Payer. HexType: Efficient Detection of Type Confusion Errors for C++
Qatar Computing Research Institute, Hamad Bin Khalifa University
Zhan Qin, Yin Yang, Ting Yu, Xiaokui Xiao, Issa Khalil, Kui Ren. Generating Synthetic Decentralized Social Graphs with Local Differential Privacy
Renmin University of China
Wei You, Peiyuan Zong, Kai Chen, XiaoFeng Wang, Xiaojing Liao, Pan Bian, Bin Liang. SemFuzz: Semantics-based Automatic Generation of Proof-of-Concept Exploits
Robert Bosch Research and Technology Center
Thang Hoang, Ceyhun D. Ozkaptan, Attila A. Yavuz, Jorge Guajardo, Tam Nguyen. S3ORAM: A Computation-Efficient and Constant Client Bandwidth Blowup ORAM with Shamir Secret Sharing [Paper] [Artifact]
Royal Holloway, University of London
Cas Cremers, Marko Horvat, Jonathan Hoyland, Sam Scott, Thyla van der Merwe. A Comprehensive Symbolic Analysis of TLS 1.3 [Paper] [Artifact]
Rahul Chatterjee, Joanne Woodage, Yuval Pnueli, Anusha Chowdhury, Thomas Ristenpart. The TypTop System: Personalized Typo-tolerant Password Checking [Paper] [Artifact]
Raphael Bost, Brice Minaud, Olga Ohrimenko. Forward and Backward Private Searchable Encryption from Constrained Cryptographic Primitives [Paper] [Artifact]
Ruhr-Universität Bochum
Gottfried Herold, Max Hoffmann, Michael Klooß , Carla Ràfols, Andy Rupp. New Techniques for Structural Batch Verification in Bilinear Groups with Applications to Groth-Sahai Proofs [Paper]
Gunnar Hartung, Max Hoffmann, Matthias Nagel, Andy Rupp. BBA+: Improving the Security and Applicability of Privacy-Preserving Point Collection
Yong Li, Sven Schäge. No-Match Attacks and Robust Partnering Definitions – Defining Trivial Attacks for Security Protocols is Not Trivial [Paper]
Rutgers University
Jian Liu, Chen Wang, Yingying Chen, Nitesh Saxena. VibWrite: Towards Finger-input Authentication on Ubiquitous Surfaces via Physical Vibration
Yi Han, Sriharsha Etigowni, Hua Liu, Saman Zonouz, Athina Petropulu. Watch Me, but Don’t Touch Me! Contactless Control Flow Monitoring via Electromagnetic Emanations [Paper]
Samsung Research America
Xiaojun Xu, Chang Liu, Qian Feng, Heng Yin, Le Song, Dawn Song. Neural Network-based Graph Embedding for Cross-Platform Binary Code Similarity Detection [Paper]
SAP SE
Giancarlo Pellegrino, Martin Johns, Simon Koch, Michael Backes, Christian Rossow. Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs [Paper]
Sebastian Lekies, Krzysztof Kotowicz, Samuel Groß , Eduardo Vela, Martin Johns. Code-reuse attacks for the Web: Breaking Cross-Site Scripting Mitigations via Script Gadgets
Security Lancaster, Lancaster University
Duc Cuong Nguyen, Dominik Wermke, Yasemin Acar, Michael Backes, Charles Weir, Sascha Fahl. A Stitch in Time: Supporting Android Developers in Writing Secure Code
Shanghai Jiao Tong University
Xiaojun Xu, Chang Liu, Qian Feng, Heng Yin, Le Song, Dawn Song. Neural Network-based Graph Embedding for Cross-Platform Binary Code Similarity Detection [Paper]
ShanghaiTech University
Dongyu Meng, Hao Chen. MagNet: a Two-Pronged Defense against Adversarial Examples [Paper]
Singapore Management University
Zhangkai Zhang, Xuhua Ding, Gene Tsudik, Jinhua Cui, Zhoujun Li. Presence Attestation: The Missing Link In Dynamic Trust Bootstrapping
Snap, Inc.
Alexander Russell, Qiang Tang, Moti Yung, Hong-Sheng Zhou. Generic Semantic Security against a Kleptographic Adversary
Stanford University
Ben Fisch, Dhinakaran Vinayagamurthy, Dan Boneh, Sergey Gorbunov. Iron: Functional Encryption using Intel SGX [Paper]
Dmitry Kogan, Nathan Manohar, Dan Boneh. T/Key: Second-Factor Authentication From Secure Hash Chains [Paper]
Riad S. Wahby, Ye Ji, Andrew J. Blumberg, abhi shelat, Justin Thaler, Michael Walfish, Thomas Wies. Full accounting for verifiable outsourcing [Paper]
State University of New York at Buffalo
Zhan Qin, Yin Yang, Ting Yu, Xiaokui Xiao, Issa Khalil, Kui Ren. Generating Synthetic Decentralized Social Graphs with Local Differential Privacy
Stevens Institute of Technology
Briland Hitaj, Giuseppe Ateniese, Fernando Perez-Cruz. Deep Models Under the GAN: Information Leakage from Collaborative Deep Learning [Paper]
Stony Brook University
Meng Luo, Oleksii Starov, Nima Honarmand, Nick Nikiforakis. Hindsight: Understanding the Evolution of UI Vulnerabilities in Mobile Browsers
Panagiotis Kintis, Najmeh Miramirkhani, Charles Lever, Yizheng Chen, Rosa Romero-Gómez, Nikolaos Pitropakis, Nick Nikiforakis, Manos Antonakakis. Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse [Paper]
Thomas Vissers, Timothy Barron, Tom Van Goethem, Wouter Joosen, Nick Nikiforakis. The Wolf of Name Street: Hijacking Domains Through Their Nameservers [Paper]
Swiss Data Science Center, ETH/EPFL
Michael Backes, Mathias Humbert, Jun Pang, Yang Zhang. walk2friends: Inferring Social Links from Mobility Profiles [Paper] [Artifact]
Symantec
Yizheng Chen, Yacin Nadji, Athanasios Kountouras, Fabian Monrose, Roberto Perdisci, Manos Antonakakis, Nikolaos Vasiloglou. Practical Attacks Against Graph-based Clustering [Paper]
Symantec Research Labs
Leyla Bilge, Yufei Han, Matteo Dell’Amico. Predicting the Risk of Cyber Incidents
Technion
Elette Boyle, Geoffroy Couteau, Niv Gilboa, Yuval Ishai, Michele Orru. Homomorphic Secret Sharing: Optimizations and Applications [Artifact]
Scott Ames, Carmit Hazay, Yuval Ishai, Muthuramakrishnan Venkitasubramaniam. Ligero: Lightweight Sublinear Arguments Without a Trusted Setup
Technion - Israel Institute of Technology
Rahul Chatterjee, Joanne Woodage, Yuval Pnueli, Anusha Chowdhury, Thomas Ristenpart. The TypTop System: Personalized Typo-tolerant Password Checking [Paper] [Artifact]
Technische Universität Berlin
Shahin Tajik, Heiko Lohrke, Jean-Pierre Seifert, Christian Boit. On the Power of Optical Contactless Probing: Attacking Bitstream Encryption of FPGAs [Paper]
Technische Universität Darmstadt
Tommaso Frassetto, David Gens, Christopher Liebchen, Ahmad-Reza Sadeghi. JITGuard: Hardening Just-in-time Compilers with SGX [Paper]
Technische Universität München
Bernd Finkbeiner, Christian Müller, Helmut Seidl, Eugen Zalinescu. Verifying Security Policies in Multi-agent Workflows with Loops [Paper] [Artifact]
Technische Universiteit Eindhoven
Peter Pessl, Leon Groot Bruinderink, Yuval Yarom. To BLISS-B or not to be - Attacking strongSwan’s Implementation of Post-Quantum Signatures [Paper]
Texas A&M University
Nishanth Chandran, Juan Garay, Payman Mohassel, Satyanarayana Vusirikala. Efficient, Constant-Round and Actively Secure MPC: Beyond the Three-Party Case [Paper]
Zain Shamsi, Daren B.H. Cline, Dmitri Loguinov. Faulds: A Non-Parametric Iterative Classifier for Internet-Wide OS Fingerprinting [Paper]
Tsinghua University
Daiping Liu, Zhou Li, Kun Du, Haining Wang, Baojun Liu, Haixin Duan. Don’t Let One Rotten Apple Spoil the Whole Barrel: Towards Automated Detection of Shadowed Domains
Lingguang Lei, Yi He, Kun Sun, Jiwu Jing, Yuewu Wang, Qi Li, Jian Weng. Vulnerable Implicit Service: A Revisit
Tongxin Li, Xueqiang Wang, Mingming Zha, Kai Chen, XiaoFeng Wang, Luyi Xing, Xiaolong Bai, Nan Zhang, Xinhui Han. Unleashing the Walking Dead: Understanding Cross-App Remote Infections on Mobile WebViews
TU Wien
Giulio Malavolta, Pedro Moreno-Sanchez, Aniket Kate, Matteo Maffei, Srivatsan Ravi. Concurrency and Privacy with Payment-Channel Networks [Paper]
Véronique Cortier, Niklas Grimm, Joseph Lallemand, Matteo Maffei. A Type System for Privacy Properties [Paper] [Artifact]
Tulane University
Ellis Fenske, Akshaya Mani, Aaron Johnson, Micah Sherr. Distributed Measurement with Private Set-Union Cardinality
Turing Lab, ASU, ISI Kolkata
Shweta Agrawal, Sanjay Bhattacherjee, Duong Hieu Phan, Damien Stehle, Shota Yamada. Efficient Public Trace-and-Revoke from Standard Assumptions [Paper]
U.S. Naval Research Lab
Ellis Fenske, Akshaya Mani, Aaron Johnson, Micah Sherr. Distributed Measurement with Private Set-Union Cardinality
United States Naval Academy
Daniel S. Roche, Adam J. Aviv, Seung Geol Choi, Travis Mayberry. Deterministic, Stash-Free Write-Only ORAM [Paper] [Artifact]
Universidad Politécnica de Madrid
Miguel Ambrona, Gilles Barthe, Romain Gay, Hoeteck Wee. Attribute-Based Encryption in the Generic Group Model: Automated Proofs and New Constructions
Universidade do Minho
José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, Arthur Blot, Benjamin Grégoire, Vincent Laporte, Tiago Oliveira, Hugo Pacheco, Benedikt Schmidt, Pierre-Yves Strub. Jasmin: High-Assurance and High-Speed Cryptography [Artifact]
José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, François Dupressoir, Benjamin Grégoire, Vincent Laporte, Vitor Pereira. A Fast and Verified Software Stack for Secure Function Evaluation [Paper] [Artifact]
Université de Rennes 1
Raphael Bost, Brice Minaud, Olga Ohrimenko. Forward and Backward Private Searchable Encryption from Constrained Cryptographic Primitives [Paper] [Artifact]
Thomas Espitau, Pierre-Alain Fouque, Benoït Gérard, Mehdi Tibouchi. Side-Channel Attacks on BLISS Lattice-Based Signatures: Exploiting Branch Tracing Against strongSwan and Electromagnetic Emanations in Microcontrollers [Paper] [Artifact]
University College London
Shirin Nilizadeh, François Labrèche, Alireza Sadighian, Ali Zand, José Fernandez, Christopher Kruegel, Gianluca Stringhini, Giovanni Vigna. POISED: Spotting Twitter Spam Off the Beaten Paths
Vasilios Mavroudis, Andrea Cerulli, Petr Svenda, Dan Cvrcek, Dusan Klinec, George Danezis. A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components [Artifact]
University of Adelaide
Daniel Genkin, Luke Valenta, Yuval Yarom. May the Fourth Be With You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve25519 [Paper]
Peter Pessl, Leon Groot Bruinderink, Yuval Yarom. To BLISS-B or not to be - Attacking strongSwan’s Implementation of Post-Quantum Signatures [Paper]
University of Alabama at Birmingham
Jian Liu, Chen Wang, Yingying Chen, Nitesh Saxena. VibWrite: Towards Finger-input Authentication on Ubiquitous Surfaces via Physical Vibration
Maliheh Shirvanian, Nitesh Saxena. CCCP: Closed Caption Crypto Phones to Resist MITM Attacks, Human Errors and Click-Through
University of Bonn
Alena Naiakshina, Anastasia Danilova, Christian Tiefenau, Marco Herzog, Sergej Dechand, Matthew Smith. Why Do Developers Get Password Storage Wrong? A Qualitative Usability Study [Paper]
University of California, Berkeley
Frank Li, Vern Paxson. A Large-Scale Empirical Study of Security Patches
Kurt Thomas, Frank Li, Ali Zand, Jake Barrett, Juri Ranieri, Luca Invernizzi, Yarik Markov, Oxana Comanescu, Vijay Eranti, Angelika Moscicki, Dan Margolis, Vern Paxson, Elie Bursztein. Data breaches, phishing, or malware? Understanding the risks of stolen credentials
Nico Döttling, Satrajit Ghosh, Jesper Buus Nielsen, Tobias Nilges, Roberto Trifiletti. TinyOLE: Efficient Actively Secure Two-Party Computation from Oblivious Linear Function Evaluation
Pramod Subramanyan, Rohit Sinha, Ilia Lebedev, Srinivas Devadas, Sanjit Seshia. A Formal Foundation for Secure Remote Execution of Enclaves [Paper] [Artifact]
Sarah Pearman, Jeremy Thomas, Pardis Emami Naeini, Hana Habib, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Serge Egelman, Alain Forget. Let’s go in for a closer look: Observing passwords in their natural habitat
Xiaojun Xu, Chang Liu, Qian Feng, Heng Yin, Le Song, Dawn Song. Neural Network-based Graph Embedding for Cross-Platform Binary Code Similarity Detection [Paper]
University of California, Davis
Dongyu Meng, Hao Chen. MagNet: a Two-Pronged Defense against Adversarial Examples [Paper]
University of California, Irvine
Zhangkai Zhang, Xuhua Ding, Gene Tsudik, Jinhua Cui, Zhoujun Li. Presence Attestation: The Missing Link In Dynamic Trust Bootstrapping
University of California, Los Angeles
Elette Boyle, Geoffroy Couteau, Niv Gilboa, Yuval Ishai, Michele Orru. Homomorphic Secret Sharing: Optimizations and Applications [Artifact]
Scott Ames, Carmit Hazay, Yuval Ishai, Muthuramakrishnan Venkitasubramaniam. Ligero: Lightweight Sublinear Arguments Without a Trusted Setup
University of California, Riverside
David Korczynski, Heng Yin. Capturing Malware Propagations with Code Injections and Code-Reuse attacks
Mohammad A. Islam, Shaolei Ren, Adam Wierman. Exploiting a Thermal Side Channel for Power Attacks in Multi-Tenant Data Centers
Xiaojun Xu, Chang Liu, Qian Feng, Heng Yin, Le Song, Dawn Song. Neural Network-based Graph Embedding for Cross-Platform Binary Code Similarity Detection [Paper]
University of California, San Diego
Alexander Gamero-Garrido, Stefan Savage, Kirill Levchenko, Alex C. Snoeren. Quantifying the Pressure of Legal Risks on Third-party Vulnerability Research [Paper] [Artifact]
Mihir Bellare, Joseph Jaeger, Julia Len. Better Than Advertised: Improved Collision-Resistance Guarantees for MD-Based Hash Functions
Mihir Bellare, Viet Tung Hoang. Identity-Based Format-Preserving Encryption
Mihir Bellare, Wei Dai. Defending Against Key Exfiltration: Efficiency Improvements for Big-Key Cryptography via Large-Alphabet Subkey Prediction
University of California, Santa Barbara
Jake Corina, Aravind Machiry, Christopher Salls, Yan Shoshitaishvili, Shuang Hao, Christopher Kruegel, Giovanni Vigna. DIFUZE:Interface Aware Fuzzing for Kernel Drivers [Artifact]
Shirin Nilizadeh, François Labrèche, Alireza Sadighian, Ali Zand, José Fernandez, Christopher Kruegel, Gianluca Stringhini, Giovanni Vigna. POISED: Spotting Twitter Spam Off the Beaten Paths
Yan Shoshitaishvili, Michael Weissbacher, Lukas Dresel, Christopher Salls, Ruoyu Wang, Christopher Kruegel, Giovanni Vigna. Rise of the HaCRS: Augmenting Autonomous Cyber Reasoning Systems with Human Assistance
University of California, Santa Cruz
Ethan Cecchetti, Andrew Myers, Owen Arden. Nonmalleable Information Flow Control
Lucas Waye, Pablo Buiras, Owen Arden, Alejandro Russo, Stephen Chong. Cryptographically Secure Information Flow Control on Key-Value Stores [Paper]
University of Chicago
Yuanshun Yao, Bimal Viswanath, Jenna Cryan, Haitao Zheng, Ben Y. Zhao. Automated Crowdturfing Attacks and Defenses in Online Review Systems [Paper]
University of Chinese Academy of Sciences
Yi Chen, Wei You, Yeonjoon Lee, Kai Chen, XiaoFeng Wang, Wei Zou. Mass Discovery of Android Traffic Imprints through Instantiated Partial Execution
University of Connecticut
Alexander Russell, Qiang Tang, Moti Yung, Hong-Sheng Zhou. Generic Semantic Security against a Kleptographic Adversary
University of Delaware
Daiping Liu, Zhou Li, Kun Du, Haining Wang, Baojun Liu, Haixin Duan. Don’t Let One Rotten Apple Spoil the Whole Barrel: Towards Automated Detection of Shadowed Domains
University of Florida
Animesh Chhotaray, Adib Nahiyan, Thomas Shrimpton, Domenic J Forte, Mark Tehranipoor. Standardizing Bad Cryptographic Practice - A teardown of the IEEE standard for protecting electronic-design intellectual property
Grant Hernandez, Farhaan Fowze, Dave (Jing) Tian, Tuba Yavuz, Kevin Butler. FirmUSB: Vetting USB Device Firmware using Domain Informed Symbolic Execution [Paper]
University of Georgia
Yizheng Chen, Yacin Nadji, Athanasios Kountouras, Fabian Monrose, Roberto Perdisci, Manos Antonakakis, Nikolaos Vasiloglou. Practical Attacks Against Graph-based Clustering [Paper]
University of Illinois at Chicago
Peter Snyder, Cynthia Taylor, Chris Kanich. Most Websites Don’t Need to Vibrate: A Cost-Benefit Approach to Improving Browser Security [Paper]
University of Illinois at Urbana-Champaign
Wenhao Wang, Guoxing Chen, Xiaorui Pan, Yinqian Zhang, XiaoFeng Wang, Vincent Bindschaedler, Haixu Tang, Carl A. Gunter. Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX
University of Luebeck
Sebastian Berndt, Maciej Liskiewicz. Algorithm Substitution Attacks from a Steganographic Perspective [Paper]
University of Luxembourg
Michael Backes, Mathias Humbert, Jun Pang, Yang Zhang. walk2friends: Inferring Social Links from Mobility Profiles [Paper] [Artifact]
University of Maryland
Daniel Genkin, Luke Valenta, Yuval Yarom. May the Fourth Be With You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve25519 [Paper]
Doowon Kim, Bum Jun Kwon, Tudor Dumitraş . Certified Malware: Measuring Breaches of Trust in the Windows Code-Signing PKI
Ethan Cecchetti, Fan Zhang, Yan Ji, Ahmed Kosba, Ari Juels, Elaine Shi. Solidus: Confidential Distributed Ledger Transactions via PVORM [Paper]
Xiao Wang, Samuel Ranellucci, Jonathan Katz. Global-Scale Secure Multiparty Computation [Paper] [Artifact]
Xiao Wang, Samuel Ranellucci, Jonathan Katz. Authenticated Garbling and Efficient Maliciously Secure Two-Party Computation [Paper] [Artifact]
University of Massachusetts Amherst
Milad Nasr, Amir Houmansadr, Arya Mazumdar. Compressive Traffic Analysis: A New Paradigm for Scalable Traffic Analysis [Paper]
Milad Nasr, Hadi Zolfaghari, Amir Houmansadr. The Waterfall of Liberty: Decoy Routing Circumvention that Resists Routing Attacks
Yan Chen, Ashwin Machanavajjhala, Michael Hay, Gerome Miklau. PeGaSus: Data-Adaptive Differentially Private Stream Processing
University of Michigan
Kyong-Tak Cho, Kang G. Shin. Viden: Attacker Identification on In-Vehicle Networks [Paper]
Qi Alfred Chen, Matthew Thomas, Eric Osterweil, Yulong Cao, Jie You, Z. Morley Mao. Client-side Name Collision Vulnerability in the New gTLD Era: A Systematic Study
University of North Carolina at Chapel Hill
Yizheng Chen, Yacin Nadji, Athanasios Kountouras, Fabian Monrose, Roberto Perdisci, Manos Antonakakis, Nikolaos Vasiloglou. Practical Attacks Against Graph-based Clustering [Paper]
University of Oxford
Cas Cremers, Marko Horvat, Jonathan Hoyland, Sam Scott, Thyla van der Merwe. A Comprehensive Symbolic Analysis of TLS 1.3 [Paper] [Artifact]
David Korczynski, Heng Yin. Capturing Malware Propagations with Code Injections and Code-Reuse attacks
University of Pennsylvania
Daniel Genkin, Luke Valenta, Yuval Yarom. May the Fourth Be With You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve25519 [Paper]
University of Rochester
Scott Ames, Carmit Hazay, Yuval Ishai, Muthuramakrishnan Venkitasubramaniam. Ligero: Lightweight Sublinear Arguments Without a Trusted Setup
University of Southern California
Giulio Malavolta, Pedro Moreno-Sanchez, Aniket Kate, Matteo Maffei, Srivatsan Ravi. Concurrency and Privacy with Payment-Channel Networks [Paper]
University of Surrey
José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, François Dupressoir, Benjamin Grégoire, Vincent Laporte, Vitor Pereira. A Fast and Verified Software Stack for Secure Function Evaluation [Paper] [Artifact]
University of Texas at Austin
Jia Chen, Yu Feng, Isil Dillig. Precise Detection of Side-Channel Vulnerabilities using Quantitative Cartesian Hoare Logic
Riad S. Wahby, Ye Ji, Andrew J. Blumberg, abhi shelat, Justin Thaler, Michael Walfish, Thomas Wies. Full accounting for verifiable outsourcing [Paper]
University of Texas at Dallas
Chaoshun Zuo, Qingchuan Zhao, Zhiqiang Lin. AUTHSCOPE: Towards Automatic Discovery of Vulnerable Access Control in Online Services
Fahad Shaon, Murat Kantarcioglu, Zhiqiang Lin, Latifur Khan. A Practical Encrypted Data Analytic Framework With Trusted Processors
Jake Corina, Aravind Machiry, Christopher Salls, Yan Shoshitaishvili, Shuang Hao, Christopher Kruegel, Giovanni Vigna. DIFUZE:Interface Aware Fuzzing for Kernel Drivers [Artifact]
Muhammad Yasin, Abhrajit Sengupta, Mohammed Thari Nabeel, Mohammed Ashraf, Jeyavijayan (JV) Rajendran, Ozgur Sinanoglu. Provably-Secure Logic Locking: From Theory To Practice
Sam Silvestro, Hongyu Liu, Corey Crosser, Zhiqiang Lin, Tongping Liu. FreeGuard: A Faster Secure Heap Allocator [Artifact]
Wenhao Wang, Xiaoyang Xu, Kevin Hamlen. Object Flow Integrity
University of Texas at San Antonio
Sam Silvestro, Hongyu Liu, Corey Crosser, Zhiqiang Lin, Tongping Liu. FreeGuard: A Faster Secure Heap Allocator [Artifact]
The University of Tulsa
Samaneh Tajalizadehkhoob, Tom van Goethem, Maciej Korczyński, Arman Noroozian, Rainer Böhme, Tyler Moore, Wouter Joosen, Michel van Eeten. Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting [Paper]
University of Utah
Min Du, Feifei Li, Guineng Zheng, Vivek Srikumar. DeepLog: Anomaly Detection and Diagnosis from System Logs through Deep Learning
University of Vigo
Simon Oya, Carmela Troncoso, Fernando Pérez-González. Back to the drawing board: Revisiting the design of optimal location privacy-preserving mechanisms [Paper]
University of Washington
Ada Lerner, Tadayoshi Kohno, Franziska Roesner. Rewriting History: Changing the Archived Web from the Present [Artifact]
University of Waterloo
Ben Fisch, Dhinakaran Vinayagamurthy, Dan Boneh, Sergey Gorbunov. Iron: Functional Encryption using Intel SGX [Paper]
UPF Barcelona
Gottfried Herold, Max Hoffmann, Michael Klooß , Carla Ràfols, Andy Rupp. New Techniques for Structural Batch Verification in Bilinear Groups with Applications to Groth-Sahai Proofs [Paper]
UPMC
Thomas Espitau, Pierre-Alain Fouque, Benoït Gérard, Mehdi Tibouchi. Side-Channel Attacks on BLISS Lattice-Based Signatures: Exploiting Branch Tracing Against strongSwan and Electromagnetic Emanations in Microcontrollers [Paper] [Artifact]
Verisign Labs
Qi Alfred Chen, Matthew Thomas, Eric Osterweil, Yulong Cao, Jie You, Z. Morley Mao. Client-side Name Collision Vulnerability in the New gTLD Era: A Systematic Study
Virginia Commonwealth University
Alexander Russell, Qiang Tang, Moti Yung, Hong-Sheng Zhou. Generic Semantic Security against a Kleptographic Adversary
Visa Research
Nishanth Chandran, Juan Garay, Payman Mohassel, Satyanarayana Vusirikala. Efficient, Constant-Round and Actively Secure MPC: Beyond the Three-Party Case [Paper]
Shashank Agrawal, Melissa Chase. FAME: Fast Attribute-based Message Encryption [Paper] [Artifact]
Vrije Universiteit Amsterdam
Victor van der Veen, Dennis Andriesse, Manolis Stamatogiannakis, Xi Chen, Herbert Bos, Cristiano Giuffrida. The Dynamics of Innocent Flesh on the Bone: Code Reuse Ten Years Later [Paper] [Artifact]
Wellesley College
Ada Lerner, Tadayoshi Kohno, Franziska Roesner. Rewriting History: Changing the Archived Web from the Present [Artifact]
William and Mary
Wei You, Peiyuan Zong, Kai Chen, XiaoFeng Wang, Xiaojing Liao, Pan Bian, Bin Liang. SemFuzz: Semantics-based Automatic Generation of Proof-of-Concept Exploits
XLIM (U. Limoges, CNRS), France
Shweta Agrawal, Sanjay Bhattacherjee, Duong Hieu Phan, Damien Stehle, Shota Yamada. Efficient Public Trace-and-Revoke from Standard Assumptions [Paper]
Yale University
Brent Carmer, Alex J. Malozemoff, Mariana Raykova. 5Gen-C: Multi-input Functional Encryption and Program Obfuscation for Arithmetic Circuits [Artifact]
Zhejiang University
Guoming Zhang, Chen Yan, Xiaoyu Ji, Tianchen Zhang, Taimin Zhang, Wenyuan Xu. DolphinAttack: Inaudible Voice Commands [Paper]