Search results

  1. See No Evil, Hear No Evil, Feel No Evil, Print No Evil? Malicious Fill Patterns Detection in Additive Manufacturing

    additive manufacturing methods with no standard means of verification. In this paper, we develop a scheme ...

    admin - December 6, 2021 - 7:36 pm

  2. Venerable Variadic Vulnerabilities Vanquished

    Priyam Biswas, Purdue University; Alessandro Di Federico, Politecnico di Milano; Scott A. Carr, Purdue University; Prabhu Rajasekaran, Stijn Volckaert, Yeoul Na, and Michael Franz, University of California, Irvine; Mathias Payer, Purdue University Program ...

    admin - December 6, 2021 - 8:06 pm

  3. Syntia: Synthesizing the Semantics of Obfuscated Code

    Tim Blazytko, Moritz Contag, Cornelius Aschermann, and Thorsten Holz, Ruhr-Universität Bochum Current state-of-the-art deobfuscation approaches operate on instruction traces and use a mixed approach of symbolic execution and taint analysis; two techniques ...

    admin - December 6, 2021 - 8:06 pm

  4. Vale: Verifying High-Performance Cryptographic Assembly Code

    University Distinguished Paper Award Winner! High-performance cryptographic code often relies on complex ...

    admin - December 6, 2021 - 8:06 pm

  5. Game of Registrars: An Empirical Analysis of Post-Expiration Domain Name Takeovers

    practices are not without controversy, and can have serious security consequences. In this paper, we present ...

    admin - December 6, 2021 - 8:06 pm

  6. CCSP: Controlled Relaxation of Content Security Policies by Runtime Policy Composition

    white-lists to define legitimate content inclusions. In this paper we present Compositional CSP (CCSP), an ...

    admin - December 6, 2021 - 8:06 pm

  7. Adaptive Android Kernel Live Patching

    Yue Chen, Florida State University; Yulong Zhang, Baidu X-Lab; Zhi Wang, Florida State University; Liangzhao Xia, Chenfu Bao, and Tao Wei, Baidu X-Lab Android kernel vulnerabilities pose a serious threat to user security and privacy. They allow attackers ...

    admin - December 6, 2021 - 8:06 pm

  8. Neural Nets Can Learn Function Type Signatures From Binaries

    this paper, we present a new system called E KLAVYA which trains a recurrent neural network to recover ...

    admin - December 6, 2021 - 8:06 pm

  9. A Longitudinal, End-to-End View of the DNSSEC Ecosystem

    Wilson, Northeastern University Distinguished Paper Award Winner! The Domain Name System’s Security ... parent’s keys, and resolvers must actually validate the chain of signatures. This paper performs the first ...

    admin - December 6, 2021 - 8:06 pm

  10. Oscar: A Practical Page-Permissions-Based Scheme for Thwarting Dangling Pointers

    Thurston H.Y. Dang, University of California, Berkeley; Petros Maniatis, Google Brain; David Wagner, University of California, Berkeley Using memory after it has been freed opens programs up to both data and control-flow exploits. Recent work on temporal ...

    admin - December 6, 2021 - 8:06 pm

  11. Efficient Protection of Path-Sensitive Control Security

    Ren Ding and Chenxiong Qian, Georgia Tech; Chengyu Song, UC Riverside; Bill Harris, Taesoo Kim, and Wenke Lee, Georgia Tech Control-Flow Integrity (CFI), as a means to prevent control-flow hijacking attacks, enforces that each instruction transfers contro ...

    admin - December 6, 2021 - 8:06 pm

  12. Prime+Abort: A Timer-Free High-Precision L3 Cache Attack using Intel TSX

    on this reliance. This paper presents P RIME +A BORT, a new cache attack which bypasses these ...

    admin - December 6, 2021 - 8:37 pm

  13. Ensuring Authorized Updates in Multi-user Database-Backed Applications

    queries for these applications, due to a well-known view update problem. In this paper, we propose phantom ...

    admin - December 6, 2021 - 8:37 pm

  14. Measuring HTTPS Adoption on the Web

    Adrienne Porter Felt, Google; Richard Barnes, Cisco; April King, Mozilla; Chris Palmer, Chris Bentzel, and Parisa Tabriz, Google HTTPS ensures that the Web has a base level of privacy and integrity. Security engineers, researchers, and browser vendors hav ...

    admin - December 6, 2021 - 8:37 pm

  15. Constant-Time Callees with Variable-Time Callers

    Cesar Pereida García and Billy Bob Brumley, Tampere University of Technology Side-channel attacks are a serious threat to security-critical software. To mitigate remote timing and cache-timing attacks, many ubiquitous cryptography software libraries featu ...

    admin - December 6, 2021 - 8:37 pm

  16. Detecting Android Root Exploits by Learning from Root Providers

    exploits. In this paper, we build a system RootExplorer, to tackle this problem. The key observation that ...

    admin - December 6, 2021 - 8:37 pm

  17. HELP: Helper-Enabled In-Band Device Pairing Resistant Against Signal Cancellation

    mechanism. In this paper, we propose HELP, a helper-assisted message integrity verification primitive that ...

    admin - December 6, 2021 - 8:37 pm

  18. AutoLock: Why Cache Attacks on ARM Are Harder Than You Think

    Marc Green, Worcester Polytechnic Institute; Leandro Rodrigues-Lima and Andreas Zankl, Fraunhofer AISEC; Gorka Irazoqui, Worcester Polytechnic Institute; Johann Heyszl, Fraunhofer AISEC; Thomas Eisenbarth, Worcester Polytechnic Institute Attacks on the mi ...

    admin - December 6, 2021 - 8:37 pm

  19. Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory

    Daniel Gruss, Graz University of Technology, Graz, Austria; Julian Lettner, University of California, Irvine, USA; Felix Schuster, Olya Ohrimenko, Istvan Haller, and Manuel Costa, Microsoft Research, Cambridge, UK Cache-based side-channel attacks are a se ...

    admin - December 6, 2021 - 8:37 pm

  20. Detecting Credential Spearphishing in Enterprise Settings

    Berkeley; Vern Paxson, UC Berkeley and ICSI; David Wagner, UC Berkeley Distinguished Paper Award Winner and ...

    admin - December 6, 2021 - 8:37 pm

  21. SLEUTH: Real-time Attack Scenario Reconstruction from COTS Audit Data

    Md Nahid Hossain, Stony Brook University; Sadegh M. Milajerdi, University of Illinois at Chicago; Junao Wang, Stony Brook University; Birhanu Eshete and Rigel Gjomemo, University of Illinois at Chicago; R. Sekar and Scott Stoller, Stony Brook University; ...

    admin - December 6, 2021 - 8:37 pm

  22. vTZ: Virtualizing ARM TrustZone

    virtual machines (VMs). This paper conducts a study on variable approaches to virtualizing TrustZone in ...

    admin - December 6, 2021 - 9:08 pm

  23. Identifier Binding Attacks and Defenses in Software-Defined Networks

    Samuel Jero, Purdue University; William Koch, Boston University; Richard Skowyra and Hamed Okhravi, MIT Lincoln Laboratory; Cristina Nita-Rotaru, Northeastern University; David Bigelow, MIT Lincoln Laboratory In this work, we demonstrate a novel attack in ...

    admin - December 6, 2021 - 9:08 pm

  24. Towards Efficient Heap Overflow Discovery

    heap vulnerabilities due to incomplete vulnerability models. In this paper, we propose a new solution ...

    admin - December 6, 2021 - 9:08 pm

  25. Transcend: Detecting Concept Drift in Malware Classification Models

    Roberto Jordaney, Royal Holloway, University of London; Kumar Sharad, NEC Laboratories Europe; Santanu K. Dash, University College London; Zhi Wang, Nankai University; Davide Papini, Elettronica S.p.A.; Ilia Nouretdinov, and Lorenzo Cavallaro, Royal Hollo ...

    admin - December 6, 2021 - 9:08 pm

Pages