CCS 2017 - Available Papers
The following 24th ACM Conference on Computer and Communications Security papers are now available.
All Papers · List By Authors · Institutions
(Ordered by Conference Session)
| DUPLO: Unifying Cut-and-Choose for Garbled Circuits [PDF] [Paper] [Artifact] (A1) | Vladimir Kolesnikov, Jesper Buus Nielsen, Mike Rosulek, Ni Trieu, Roberto Trifiletti |
| Authenticated Garbling and Efficient Maliciously Secure Two-Party Computation [PDF] [Paper] [Artifact] (A1) ★ | Xiao Wang, Samuel Ranellucci, Jonathan Katz |
| Global-Scale Secure Multiparty Computation [PDF] [Paper] [Artifact] (A1) | Xiao Wang, Samuel Ranellucci, Jonathan Katz |
| DolphinAttack: Inaudible Voice Commands [PDF] [Paper] (A3) ★ | Guoming Zhang, Chen Yan, Xiaoyu Ji, Tianchen Zhang, Taimin Zhang, Wenyuan Xu |
| MagNet: a Two-Pronged Defense against Adversarial Examples [PDF] [Paper] (A3) | Dongyu Meng, Hao Chen |
| Deterministic Browser [PDF] [Paper] [Artifact] (A4) | Yinzhi Cao, Zhanhao Chen, Song Li, Shujiang Wu |
| Most Websites Don't Need to Vibrate: A Cost-Benefit Approach to Improving Browser Security [PDF] [Paper] (A4) | Peter Snyder, Cynthia Taylor, Chris Kanich |
| Be Selfish and Avoid Dilemmas: Fork After Withholding (FAW) Attacks on Bitcoin [PDF] [Paper] (A5) | Yujin Kwon, Dohyun Kim, Yunmok Son, Eugene Vasserman, Yongdae Kim |
| Betrayal, Distrust, and Rationality: Smart Counter-Collusion Contracts for Verifiable Cloud Computing [PDF] [Paper] [Artifact] (A5) | Changyu Dong, Yilei Wang, Amjad Aldweesh, Patrick McCorry, Aad van Moorsel |
| Zero-Knowledge Contingent Payments Revisited: Attacks and Payments for Services [PDF] [Paper] [Artifact] (A5) | Matteo Campanelli, Rosario Gennaro, Steven Goldfeder, Luca Nizzardo |
| Pool: Scalable On-Demand Secure Computation Service Against Malicious Adversaries [PDF] [Paper] [Artifact] (B1) | Ruiyu Zhu, Yan Huang, Darion Cassel |
| A Framework for Constructing Fast MPC over Arithmetic Circuits with Malicious Adversaries and an Honest-Majority [PDF] [Paper] (B1) | Yehuda Lindell, Ariel Nof |
| Efficient, Constant-Round and Actively Secure MPC: Beyond the Three-Party Case [PDF] [Paper] (B1) | Nishanth Chandran, Juan Garay, Payman Mohassel, Satyanarayana Vusirikala |
| Why Do Developers Get Password Storage Wrong? A Qualitative Usability Study [PDF] [Paper] (B2) | Alena Naiakshina, Anastasia Danilova, Christian Tiefenau, Marco Herzog, Sergej Dechand, Matthew Smith |
| The TypTop System: Personalized Typo-tolerant Password Checking [PDF] [Paper] [Artifact] (B2) | Rahul Chatterjee, Joanne Woodage, Yuval Pnueli, Anusha Chowdhury, Thomas Ristenpart |
| Neural Network-based Graph Embedding for Cross-Platform Binary Code Similarity Detection [PDF] [Paper] (B3) | Xiaojun Xu, Chang Liu, Qian Feng, Heng Yin, Le Song, Dawn Song |
| A Type System for Privacy Properties [PDF] [Paper] [Artifact] (B4) | Véronique Cortier, Niklas Grimm, Joseph Lallemand, Matteo Maffei |
| Concurrency and Privacy with Payment-Channel Networks [PDF] [Paper] (B5) | Giulio Malavolta, Pedro Moreno-Sanchez, Aniket Kate, Matteo Maffei, Srivatsan Ravi |
| S3ORAM: A Computation-Efficient and Constant Client Bandwidth Blowup ORAM with Shamir Secret Sharing [PDF] [Paper] [Artifact] (C1) | Thang Hoang, Ceyhun D. Ozkaptan, Attila A. Yavuz, Jorge Guajardo, Tam Nguyen |
| Deterministic, Stash-Free Write-Only ORAM [PDF] [Paper] [Artifact] (C1) | Daniel S. Roche, Adam J. Aviv, Seung Geol Choi, Travis Mayberry |
| Scaling ORAM for Secure Computation [PDF] [Paper] [Artifact] (C1) ★ | Jack Doerner, abhi shelat |
| Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting [PDF] [Paper] (C2) | Samaneh Tajalizadehkhoob, Tom van Goethem, Maciej Korczyński, Arman Noroozian, Rainer Böhme, Tyler Moore, Wouter Joosen, Michel van Eeten |
| Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse [PDF] [Paper] (C2) | Panagiotis Kintis, Najmeh Miramirkhani, Charles Lever, Yizheng Chen, Rosa Romero-Gómez, Nikolaos Pitropakis, Nick Nikiforakis, Manos Antonakakis |
| Deep Models Under the GAN: Information Leakage from Collaborative Deep Learning [PDF] [Paper] (C3) | Briland Hitaj, Giuseppe Ateniese, Fernando Perez-Cruz |
| Oblivious Neural Network Predictions via MiniONN transformations [PDF] [Paper] (C3) | Jian Liu, Mika Juuti, Yao Lu, N. Asokan |
| Verifying Security Policies in Multi-agent Workflows with Loops [PDF] [Paper] [Artifact] (C4) | Bernd Finkbeiner, Christian Müller, Helmut Seidl, Eugen Zalinescu |
| FAME: Fast Attribute-based Message Encryption [PDF] [Paper] [Artifact] (C4) | Shashank Agrawal, Melissa Chase |
| Solidus: Confidential Distributed Ledger Transactions via PVORM [PDF] [Paper] (C5) | Ethan Cecchetti, Fan Zhang, Yan Ji, Ahmed Kosba, Ari Juels, Elaine Shi |
| Iron: Functional Encryption using Intel SGX [PDF] [Paper] (D1) ★ | Ben Fisch, Dhinakaran Vinayagamurthy, Dan Boneh, Sergey Gorbunov |
| Implementing BP-Obfuscation Using Graph-Induced Encoding [PDF] [Paper] (D1) | Shai Halevi, Tzipora Halevi, Victor Shoup, Noah Stephens-Davidowitz |
| May the Fourth Be With You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve25519 [PDF] [Paper] (D3) | Daniel Genkin, Luke Valenta, Yuval Yarom |
| Stacco: Differentially Analyzing Side-Channel Traces for Detecting SSL/TLS Vulnerabilities in Secure Enclaves [PDF] [Paper] (D3) | Yuan Xiao, Mengyuan Li, Sanchuan Chen, Yinqian Zhang |
| Client-side Name Collision Vulnerability in the New gTLD Era: A Systematic Study [PDF] [Paper] (D5) | Qi Alfred Chen, Matthew Thomas, Eric Osterweil, Yulong Cao, Jie You, Z. Morley Mao |
| The Wolf of Name Street: Hijacking Domains Through Their Nameservers [PDF] [Paper] (D5) | Thomas Vissers, Timothy Barron, Tom Van Goethem, Wouter Joosen, Nick Nikiforakis |
| Faulds: A Non-Parametric Iterative Classifier for Internet-Wide OS Fingerprinting [PDF] [Paper] (D5) | Zain Shamsi, Daren B.H. Cline, Dmitri Loguinov |
| T/Key: Second-Factor Authentication From Secure Hash Chains [PDF] [Paper] (E1) | Dmitry Kogan, Nathan Manohar, Dan Boneh |
| Practical Graphs for Optimal Side-Channel Resistant Memory-Hard Functions [PDF] [Paper] [Artifact] (E1) | Joel Alwen, Jeremiah Blocki, Ben Harsha |
| Better Bounds for Block Cipher Modes of Operation via Nonce-Based Key Derivation [PDF] [Paper] (E1) ★ | Shay Gueron, Yehuda Lindell |
| Watch Me, but Don't Touch Me! Contactless Control Flow Monitoring via Electromagnetic Emanations [PDF] [Paper] (E3) | Yi Han, Sriharsha Etigowni, Hua Liu, Saman Zonouz, Athina Petropulu |
| Viden: Attacker Identification on In-Vehicle Networks [PDF] [Paper] (E3) | Kyong-Tak Cho, Kang G. Shin |
| Practical Attacks Against Graph-based Clustering [PDF] [Paper] (E4) | Yizheng Chen, Yacin Nadji, Athanasios Kountouras, Fabian Monrose, Roberto Perdisci, Manos Antonakakis, Nikolaos Vasiloglou |
| Automated Crowdturfing Attacks and Defenses in Online Review Systems [PDF] [Paper] (E4) | Yuanshun Yao, Bimal Viswanath, Jenna Cryan, Haitao Zheng, Ben Y. Zhao |
| POISED: Spotting Twitter Spam Off the Beaten Paths [PDF] [Paper] (E4) | Shirin Nilizadeh, François Labrèche, Alireza Sadighian, Ali Zand, José Fernandez, Christopher Kruegel, Gianluca Stringhini, Giovanni Vigna |
| Practical Secure Aggregation for Privacy-Preserving Machine Learning [PDF] [Paper] (E5) | Keith Bonawitz, Vladimir Ivanov, Ben Kreuter, Antonio Marcedone, H. Brendan McMahan, Sarvar Patel, Daniel Ramage, Aaron Segal, Karn Seth |
| Use Privacy in Data-Driven Systems: Theory and Experiments with Machine Learnt Programs [PDF] [Paper] [Artifact] (E5) | Anupam Datta, Matthew Fredrikson, Gihyuk Ko, Piotr Mardziel, Shayak Sen |
| Malicious-Secure Private Set Intersection via Dual Execution [PDF] [Paper] [Artifact] (F1) | Peter Rindal, Mike Rosulek |
| Fast Private Set Intersection from Homomorphic Encryption [PDF] [Paper] (F1) | Hao Chen, Kim Laine, Peter Rindal |
| Practical Multi-party Private Set Intersection from Symmetric-Key Techniques [PDF] [Paper] [Artifact] (F1) | Vladimir Kolesnikov, Naor Matania, Benny Pinkas, Mike Rosulek, Ni Trieu |
| Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 [PDF] [Paper] (F3) ★ | Mathy Vanhoef, Frank Piessens |
| No-Match Attacks and Robust Partnering Definitions — Defining Trivial Attacks for Security Protocols is Not Trivial [PDF] [Paper] (F3) | Yong Li, Sven Schäge |
| Querying for Queries: Indexes of Queries for Efficient and Expressive IT-PIR [PDF] [Paper] (F4) | Syed Mahbub Hafiz, Ryan Henry |
| Composing Differential Privacy and Secure Computation: A case study on scaling private record linkage [PDF] [Paper] (F4) | Xi He, Ashwin Machanavajjhala, Cheryl Flynn, Divesh Srivastava |
| Forward and Backward Private Searchable Encryption from Constrained Cryptographic Primitives [PDF] [Paper] [Artifact] (G1) | Raphael Bost, Brice Minaud, Olga Ohrimenko |
| Economic Factors of Vulnerability Trade and Exploitation: Empirical evidence from a prominent Russian cybercrime market [PDF] [Paper] (G2) | Luca Allodi |
| Quantifying the Pressure of Legal Risks on Third-party Vulnerability Research [PDF] [Paper] [Artifact] (G2) | Alexander Gamero-Garrido, Stefan Savage, Kirill Levchenko, Alex C. Snoeren |
| New Techniques for Structural Batch Verification in Bilinear Groups with Applications to Groth-Sahai Proofs [PDF] [Paper] (G4) | Gottfried Herold, Max Hoffmann, Michael Klooß , Carla Ràfols, Andy Rupp |
| A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components [PDF] [Paper] [Artifact] (G5) | Vasilios Mavroudis, Andrea Cerulli, Petr Svenda, Dan Cvrcek, Dusan Klinec, George Danezis |
| Algorithm Substitution Attacks from a Steganographic Perspective [PDF] [Paper] (H1) | Sebastian Berndt, Maciej Liskiewicz |
| On the Power of Optical Contactless Probing: Attacking Bitstream Encryption of FPGAs [PDF] [Paper] (H1) ★ | Shahin Tajik, Heiko Lohrke, Jean-Pierre Seifert, Christian Boit |
| The Dynamics of Innocent Flesh on the Bone: Code Reuse Ten Years Later [PDF] [Paper] [Artifact] (H2) | Victor van der Veen, Dennis Andriesse, Manolis Stamatogiannakis, Xi Chen, Herbert Bos, Cristiano Giuffrida |
| Rewriting History: Changing the Archived Web from the Present [PDF] [Paper] [Artifact] (H3) | Ada Lerner, Tadayoshi Kohno, Franziska Roesner |
| Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs [PDF] [Paper] (H3) | Giancarlo Pellegrino, Martin Johns, Simon Koch, Michael Backes, Christian Rossow |
| A Comprehensive Symbolic Analysis of TLS 1.3 [PDF] [Paper] [Artifact] (H4) | Cas Cremers, Marko Horvat, Jonathan Hoyland, Sam Scott, Thyla van der Merwe |
| HACL*: A Verified Modern Cryptographic Library [PDF] [Paper] [Artifact] (H4) | Jean-Karim Zinzindohoué, Karthikeyan Bhargavan, Jonathan Protzenko, Benjamin Beurdouche |
| To BLISS-B or not to be - Attacking strongSwan's Implementation of Post-Quantum Signatures [PDF] [Paper] (I1) | Peter Pessl, Leon Groot Bruinderink, Yuval Yarom |
| Side-Channel Attacks on BLISS Lattice-Based Signatures: Exploiting Branch Tracing Against strongSwan and Electromagnetic Emanations in Microcontrollers [PDF] [Paper] [Artifact] (I1) | Thomas Espitau, Pierre-Alain Fouque, Benoït Gérard, Mehdi Tibouchi |
| Nonmalleable Information Flow Control [PDF] [Paper] (I2) ★ | Ethan Cecchetti, Andrew Myers, Owen Arden |
| Cryptographically Secure Information Flow Control on Key-Value Stores [PDF] [Paper] (I2) | Lucas Waye, Pablo Buiras, Owen Arden, Alejandro Russo, Stephen Chong |
| walk2friends: Inferring Social Links from Mobility Profiles [PDF] [Paper] [Artifact] (I3) | Michael Backes, Mathias Humbert, Jun Pang, Yang Zhang |
| Back to the drawing board: Revisiting the design of optimal location privacy-preserving mechanisms [PDF] [Paper] (I3) | Simon Oya, Carmela Troncoso, Fernando Pérez-González |
| A Fast and Verified Software Stack for Secure Function Evaluation [PDF] [Paper] [Artifact] (I4) | José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, François Dupressoir, Benjamin Grégoire, Vincent Laporte, Vitor Pereira |
| Verified Correctness and Security of mbedTLS HMAC-DRBG [PDF] [Paper] [Artifact] (I4) | Katherine Q. Ye, Matthew Green, Naphat Sanguansin, Lennart Beringer, Adam Petcher, Andrew W. Appel |
| How Unique is Your .onion? An Analysis of the Fingerprintability of Tor Onion Services [PDF] [Paper] [Artifact] (I5) ★ | Rebekah Overdorf, Marc Juarez, Gunes Acar, Rachel Greenstadt, Claudia Diaz |
| Compressive Traffic Analysis: A New Paradigm for Scalable Traffic Analysis [PDF] [Paper] (I5) | Milad Nasr, Amir Houmansadr, Arya Mazumdar |
| Full accounting for verifiable outsourcing [PDF] [Paper] (J1) | Riad S. Wahby, Ye Ji, Andrew J. Blumberg, abhi shelat, Justin Thaler, Michael Walfish, Thomas Wies |
| SlowFuzz: Automated Domain-Independent Detection of Algorithmic Complexity Vulnerabilities [PDF] [Paper] (J2) | Theofilos Petsios, Jason Zhao, Angelos D. Keromytis, Suman Jana |
| Keep me Updated: An Empirical Study of Third-Party Library Updatability on Android [PDF] [Paper] [Artifact] (J3) | Erik Derr, Sven Bugiel, Sascha Fahl, Yasemin Acar, Michael Backes |
| FirmUSB: Vetting USB Device Firmware using Domain Informed Symbolic Execution [PDF] [Paper] (J4) | Grant Hernandez, Farhaan Fowze, Dave (Jing) Tian, Tuba Yavuz, Kevin Butler |
| Efficient Public Trace-and-Revoke from Standard Assumptions [PDF] [Paper] (K1) | Shweta Agrawal, Sanjay Bhattacherjee, Duong Hieu Phan, Damien Stehle, Shota Yamada |
| Directed Greybox Fuzzing [PDF] [Paper] [Artifact] (K2) | Marcel Böhme, Van-Thuan Pham, Manh-Dung Nguyen, Abhik Roychoudhury |
| JITGuard: Hardening Just-in-time Compilers with SGX [PDF] [Paper] (K4) | Tommaso Frassetto, David Gens, Christopher Liebchen, Ahmad-Reza Sadeghi |
| A Formal Foundation for Secure Remote Execution of Enclaves [PDF] [Paper] [Artifact] (K4) ★ | Pramod Subramanyan, Rohit Sinha, Ilia Lebedev, Srinivas Devadas, Sanjit Seshia |