Search results

  1. Privee: An Architecture for Automatically Analyzing Web Privacy Policies

    Tuesday, July 29, 2014- 3:30pm Sebastian Zimmeck and Steven M. Bellovin,  Columbia University Privacy policies on websites are based on the notice-and-choice principle. They notify Web users of their privacy choices. However, many users do not read privac ...

    arnold - January 6, 2022 - 12:52 pm

  2. FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack

    multi-tenanted systems. In this paper we demonstrate that, due to a weakness in the Intel X86 processors, page ...

    arnold - January 7, 2022 - 11:02 am

  3. Understanding the Dark Side of Domain Parking

    illicit online activities even though the roles they play there have never been clarified. In this paper ...

    arnold - December 22, 2021 - 3:10 pm

  4. Static Detection of Second-Order Vulnerabilities in Web Applications

    on used in a security-critical operation. In this paper, we introduce the first automated static code ...

    arnold - December 13, 2021 - 4:13 am

  5. iSeeYou: Disabling the MacBook Webcam Indicator LED

    Friday, August 1, 2014- 10:00am Matthew Brocker and Stephen Checkoway,  Johns Hopkins University The ubiquitous webcam indicator LED is an important privacy feature which provides a visual cue that the camera is turned on. We describe how to disable the L ...

    arnold - December 22, 2021 - 3:40 pm

  6. Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks

    a manner indistinguishable from correctly formatted RSA blocks”. In this paper we show that this objective ...

    arnold - January 10, 2022 - 1:57 pm

  7. Succinct Non-Interactive Zero Knowledge for a von Neumann Architecture

    Friday, August 1, 2014- 10:30am Eli Ben-Sasson,  Technion—Israel Institute of Technology;  Alessandro Chiesa,  Massachusetts Institute of Technology;  Eran Tromer,  Tel Aviv University;  Madars Virza,  Massachusetts Institute of Technology We build a syst ...

    arnold - December 22, 2021 - 3:33 pm

  8. A Bayesian Approach to Privacy Enforcement in Smartphones

    This paper addresses the problem of privacy enforcement in mobile systems, which we formulate as ...

    arnold - December 13, 2021 - 7:18 am

  9. A Large-Scale Empirical Analysis of Chinese Web Passwords

    regional differences of passwords on a large scale, especially on Chinese passwords. In this paper, we ...

    arnold - December 13, 2021 - 5:15 am

  10. Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport

    understanding of where congestion occurs in Tor. In this paper, we first study congestion in Tor at individual ...

    arnold - December 22, 2021 - 4:32 pm

  11. DSCRETE: Automatic Rendering of Forensic Information from Memory Images via Application Logic Reuse

    Xu,  Purdue University Awarded Best Student Paper! State-of-the-art memory forensics involves ... data structure content reverse engineering challenge. In this paper, we present DSCRETE, a system that ...

    arnold - December 13, 2021 - 6:16 am

  12. SSOScan: Automated Testing of Web Applications for Single Sign-On Vulnerabilities

    behaviors of the system. This paper describes the design and implementation of SSOScan, an automatic ...

    arnold - January 6, 2022 - 1:20 pm

  13. ZØ: An Optimizing Distributing Zero-Knowledge Compiler

    demonstrated to scale as required by most realistic applications. This paper presents ZØ (pronounced ...

    arnold - December 22, 2021 - 4:17 pm

  14. Targeted Threat Index: Characterizing and Quantifying Politically-Motivated Targeted Malware

    these attacks. In this paper, we shed light on targeted malware attacks faced by these organizations by ...

    arnold - December 22, 2021 - 4:25 pm

  15. Mimesis Aegis: A Mimicry Privacy Shield–A System’s Approach to Data Privacy on Public Cloud

    user data stored in the cloud, in this paper we propose a privacy-preserving system called Mimesis ...

    arnold - January 10, 2022 - 2:19 pm

  16. Ad-Hoc Secure Two-Party Computation on Mobile Devices using Hardware Tokens

    Friday, August 1, 2014- 10:45am Daniel Demmler, Thomas Schneider, and Michael Zohner, Technische Universität Darmstadt Secure two-party computation allows two mutually distrusting parties to jointly compute an arbitrary function on their private inputs wi ...

    arnold - December 22, 2021 - 4:05 pm

  17. Faster Private Set Intersection Based on OT Extension

    Friday, August 1, 2014- 10:30am Benny Pinkas,  Bar-Ilan University;  Thomas Schneider and Michael Zohner,  Technische Universität Darmstadt Private set intersection (PSI) allows two parties to compute the intersection of their sets without revealing any i ...

    arnold - January 10, 2022 - 1:11 pm

  18. LibFTE: A Toolkit for Constructing Practical, Format-Abiding Encryption Schemes

    Friday, July 25, 2014- 5:15pm Daniel Luchaup, University of Wisconsin—Madison; Kevin P. Dyer, Portland State University; Somesh Jha and Thomas Ristenpart, University of Wisconsin—Madison; Thomas Shrimpton, Portland State University Encryption schemes wher ...

    arnold - January 10, 2022 - 2:00 pm

  19. A Large-Scale Analysis of the Security of Embedded Firmwares

    support such general claims. In this paper we present the first public, large-scale analysis of firmware ...

    arnold - December 22, 2021 - 3:57 pm

  20. ASM: A Programmable Interface for Extending Android Security

    seen over a dozen research proposals for security enhancements. This paper seeks to promote OS security ...

    arnold - December 22, 2021 - 4:26 pm

  21. Brahmastra: Driving Apps to Test the Security of Third-Party Components

    Friday, August 1, 2014- 10:45am Ravi Bhoraskar, Microsoft Research and  University of Washington; Seungyeop Han, University of Washington; Jinseong Jeon, University of Maryland, College Park; Tanzirul Azim, University of California, Riverside; Shuo Chen, ...

    arnold - December 22, 2021 - 3:35 pm

  22. From the Aether to the Ethernet—Attacking the Internet using Broadcast Digital Television

    attackers. In this paper, we present the attack methodology and a number of follow-on exploitation techniques ...

    arnold - January 10, 2022 - 1:24 pm

  23. Towards Reliable Storage of 56-bit Secrets in Human Memory

    Friday, August 1, 2014- 10:15am Joseph Bonneau, Princeton University; Stuart Schechter, Microsoft Research Challenging the conventional wisdom that users cannot remember cryptographically-strong secrets, we test the hypothesis that users can learn randoml ...

    arnold - December 22, 2021 - 3:37 pm

  24. Enforcing Forward-Edge Control-Flow Integrity in GCC & LLVM

    libraries. This paper presents implementations of fine-grained, forward-edge CFI enforcement and analysis for ...

    arnold - January 7, 2022 - 11:56 am

  25. Cardinal Pill Testing of System Virtual Machines

    differences use randomized testing, or malware analysis, and cannot guarantee completeness. In this paper we ...

    arnold - January 7, 2022 - 1:11 pm

Pages