Search results

  1. Lock It and Still Lose It —on the (In)Security of Automotive Remote Keyless Entry Systems

    unlock a car) based on rolling codes has received less attention. In this paper, we close this gap and ...

    admin - December 9, 2021 - 5:09 pm

  2. Sanctum: Minimal Hardware Extensions for Strong Software Isolation

    Victor Costan, Ilia Lebedev, and Srinivas Devadas, MIT CSAIL Sanctum offers the same promise as Intel’s Software Guard Extensions (SGX), namely strong provable isolation of software modules running concurrently and sharing resources, but protects against ...

    admin - December 9, 2021 - 5:09 pm

  3. Undermining Information Hiding (and What to Do about It)

    location in a very large address space. This paper argues that information hiding is a weak isolation model ...

    admin - December 9, 2021 - 5:09 pm

  4. Website-Targeted False Content Injection by Network Operators

    Gabi Nakibly, Rafael—Advanced Defense Systems and Technion—Israel Institute of Technology; Jaime Schcolnik, Interdisciplinary Center Herzliya; Yossi Rubin, Rafael—Advanced Defense Systems It is known that some network operators inject false content into u ...

    admin - December 9, 2021 - 5:09 pm

  5. Investigating Commercial Pay-Per-Install and the Distribution of Unwanted Software

    Kurt Thomas, Juan A. Elices Crespo, Ryan Rasti, Jean-Michel Picod, Cait Phillips, Marc-André Decoste, Chris Sharp, Fabio Tirelo, Ali Tofigh, Marc-Antoine Courteau, Lucas Ballard, Robert Shield, Nav Jagpal, Moheeb Abu Rajab, Panayiotis Mavrommatis, Niels P ...

    admin - December 9, 2021 - 5:09 pm

  6. Fingerprinting Electronic Control Units for Vehicle Intrusion Detection

    Kyong-Tak Cho and Kang G. Shin, University of Michigan As more software modules and external interfaces are getting added on vehicles, new attacks and vulnerabilities are emerging. Researchers have demonstrated how to compromise in-vehicle Electronic Cont ...

    admin - December 9, 2021 - 5:09 pm

  7. überSpark: Enforcing Verifiable Object Abstractions for Automated Compositional Security Analysis of a Hypervisor

    Amit Vasudevan and Sagar Chaki, Carnegie Mellon University; Petros Maniatis, Google Inc.; Limin Jia and Anupam Datta, Carnegie Mellon University We present überSpark (üSpark), an innovative architecture for compositional verification of security propert ...

    admin - December 9, 2021 - 5:09 pm

  8. Defending against Malicious Peripherals with Cinch

    Sebastian Angel, The University of Texas at Austin and New York University; Riad S. Wahby, Stanford University; Max Howald, The Cooper Union and New York University; Joshua B. Leners, Two Sigma; Michael Spilo and Zhen Sun, New York University; Andrew J. B ...

    admin - December 9, 2021 - 6:09 pm

  9. zxcvbn: Low-Budget Password Strength Estimation

    Daniel Lowe Wheeler, Dropbox Inc. For over 30 years, password requirements and feedback have largely remained a product of LUDS: counts of lower- and uppercase letters, digits and symbols. LUDS remains ubiquitous despite being a conclusively burdensome an ...

    admin - December 9, 2021 - 6:09 pm

  10. Optimized Invariant Representation of Network Traffic for Detecting Unseen Malware Variants

    and labels in the training and testing data sets. This paper proposes a classification system designed ...

    admin - December 9, 2021 - 6:09 pm

  11. Mirror: Enabling Proofs of Data Replication and Retrievability in the Cloud

    abused by users who upload different files—while claiming that they are replicas. In this paper, we ...

    admin - December 9, 2021 - 6:09 pm

  12. Thoth: Comprehensive Policy Compliance in Data Retrieval Systems

    Eslam Elnikety, Aastha Mehta, Anjo Vahldiek-Oberwagner, Deepak Garg, and Peter Druschel, Max Planck Institute for Software Systems (MPI-SWS) Data retrieval systems process data from many sources, each subject to its own data use policy. Ensuring complianc ...

    admin - December 9, 2021 - 6:09 pm

  13. k-fingerprinting: A Robust Scalable Website Fingerprinting Technique

    Jamie Hayes and George Danezis, University College London Website fingerprinting enables an attacker to infer which web page a client is browsing through encrypted or anonymized network connections. We present a new website fingerprinting technique based ...

    admin - December 9, 2021 - 6:09 pm

  14. A Comprehensive Measurement Study of Domain Generating Malware

    detail. In this paper, we perform a comprehensive measurement study of the DGA landscape by analyzing 43 ...

    admin - December 9, 2021 - 6:09 pm

  15. An Empirical Study of Textual Key-Fingerprint Representations

    Sergej Dechand, University of Bonn; Dominik Schürmann, Technische Universität Braunschweig; Karoline Busse, University of Bonn; Yasemin Acar and Sascha Fahl, Saarland University; Matthew Smith, University of Bonn Many security protocols still rely on manu ...

    admin - December 9, 2021 - 6:09 pm

  16. Ariadne: A Minimal Approach to State Continuity

    Raoul Strackx and Frank Piessens, Katholieke Universiteit Leuven Protected-module architectures such as Intel SGX provide strong isolation guarantees to sensitive parts of applications while the system is up and running. Unfortunately systems in practice ...

    admin - December 9, 2021 - 6:09 pm

  17. On Demystifying the Android Application Framework: Re-Visiting Android Permission Specification Analysis

    us. In this paper, we establish a static runtime model of the application framework in order to study ...

    admin - December 9, 2021 - 6:09 pm

  18. Privacy in Epigenetics: Temporal Linkability of MicroRNA Expression Profiles

    linked over time. In this paper, we show that, contrary to this belief, miRNA expression profiles can be ...

    admin - December 9, 2021 - 7:09 pm

  19. The Million-Key Question—Investigating the Origins of RSA Public Keys

    Vashek Matyáš, Masaryk University Awarded Best Paper Can bits of an RSA public key leak information about ...

    admin - December 9, 2021 - 7:09 pm

  20. Practical DIFC Enforcement on Android

    secrecy guarantees into the OS. In this paper, we describe the challenges for decentralized information ...

    admin - December 9, 2021 - 7:09 pm

  21. Enhancing Bitcoin Security and Performance with Strong Consistency via Collective Signing

    probabilistic guarantees. This paper introduces ByzCoin, a novel Byzantine consensus protocol that leverages ...

    admin - December 9, 2021 - 7:09 pm

  22. ZKBoo: Faster Zero-Knowledge for Boolean Circuits

    Irene Giacomelli, Jesper Madsen, and Claudio Orlandi, Aarhus University Awarded Best Student Paper ... In this paper we describe ZKBoo, a proposal for practically efficient zero-knowledge arguments ...

    admin - December 9, 2021 - 7:09 pm

  23. Automatically Detecting Error Handling Bugs Using Error Specifications

    erroneous behaviors (e.g., crash and assertion failure) but cause subtle inaccuracies. In this paper, we ...

    admin - December 9, 2021 - 7:09 pm

  24. Verifying Constant-Time Implementations

    José Bacelar Almeida, HASLab/INESC TEC and University of Minho; Manuel Barbosa, HASLab/INESC TEC and DCC FCUP; Gilles Barthe and François Dupressoir, IMDEA Software Institute; Michael Emmi, Bell Labs and Nokia The constant-time programming discipline is a ...

    admin - December 9, 2021 - 7:09 pm

  25. ARMageddon: Cache Attacks on Mobile Devices

    Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Clémentine Maurice, and Stefan Mangard, Graz University of Technology In the last 10 years, cache attacks on Intel x86 CPUs have gained increasing attention among the scientific community and powerful techniqu ...

    admin - December 9, 2021 - 7:09 pm

Pages