Search results

  1. End-Users Get Maneuvered: Empirical Analysis of Redirection Hijacking in Content Delivery Networks

    remaining undetectable by existing security practices. In this paper, we investigate the security ...

    admin - December 4, 2021 - 3:30 am

  2. Schrödinger’s RAT: Profiling the Stakeholders in the Remote Access Trojan Ecosystem

    Mohammad Rezaeirad, George Mason University; Brown Farinholt, University of California, San Diego; Hitesh Dharmdasani, Informant Networks; Paul Pearce, University of California, Berkeley; Kirill Levchenko, University of California, San Diego; Damon McCoy, ...

    admin - December 4, 2021 - 3:30 am

  3. Towards a Secure Zero-rating Framework with Three Parties

    are all vulnerable to such free-riding attacks. In this paper, we propose a secure, backward ...

    admin - December 4, 2021 - 3:30 am

  4. The aftermath of a crypto-ransomware attack at a large academic institution

    Leah Zhang-Kennedy, University of Waterloo, Stratford Campus; Hala Assal, Jessica Rocheleau, Reham Mohamed, Khadija Baig, and Sonia Chiasson, Carleton University In 2016, a large North American university was subject to a significant crypto-ransomware att ...

    admin - December 4, 2021 - 3:30 am

  5. QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing

    University; Taesoo Kim, Georgia Institute of Technology Distinguished Paper Award Winner! Recently, hybrid ...

    admin - December 4, 2021 - 4:30 am

  6. Injected and Delivered: Fabricating Implicit Control over Actuation Systems by Spoofing Inertial Sensors

    Yazhou Tu, University of Louisiana at Lafayette; Zhiqiang Lin, Ohio State University; Insup Lee, University of Pennsylvania; Xiali Hei, University of Louisiana at Lafayette Inertial sensors provide crucial feedback for control systems to determine motiona ...

    admin - December 4, 2021 - 4:30 am

  7. Understanding the Reproducibility of Crowd-reported Security Vulnerabilities

    crowd-reported vulnerabilities are. In this paper, we perform the first empirical analysis on a wide range of ...

    admin - December 4, 2021 - 4:30 am

  8. Fast and Service-preserving Recovery from Malware Infections Using CRIU

    Ashton Webster, Ryan Eckenrod, and James Purtilo, University of Maryland Once a computer system has been infected with malware, restoring it to an uninfected state often requires costly service-interrupting actions such as rolling back to a stable snapsho ...

    admin - December 4, 2021 - 4:30 am

  9. From Patching Delays to Infection Symptoms: Using Risk Profiles for an Early Discovery of Vulnerabilities Exploited in the Wild

    intrusion protection for those vulnerabilities. In this paper, we present a novel method based on the notion ...

    admin - December 4, 2021 - 4:30 am

  10. MoonShine: Optimizing OS Fuzzer Seed Selection with Trace Distillation

    paper, we develop MoonShine, a novel strategy for distilling seeds for OS fuzzers from system call traces ...

    admin - December 4, 2021 - 4:30 am

  11. Skill Squatting Attacks on Amazon Alexa

    Deepak Kumar, Riccardo Paccagnella, Paul Murley, Eric Hennenfent, Joshua Mason, Adam Bates, and Michael Bailey, University of Illinois, Urbana-Champaign The proliferation of the Internet of Things has increased reliance on voice-controlled devices to perf ...

    admin - December 4, 2021 - 4:30 am

  12. Charm: Facilitating Dynamic Analysis of Device Drivers of Mobile Systems

    on the analysis. In this paper, we present Charm, a system solution that facilitates dynamic analysis ...

    admin - December 4, 2021 - 4:30 am

  13. Dependence-Preserving Data Compaction for Scalable Forensic Analysis

    when they must sift through billions of records. In this paper, we first present two powerful event ...

    admin - December 4, 2021 - 4:30 am

  14. Precise and Accurate Patch Presence Test for Binaries

    Hang Zhang and Zhiyun Qian, University of California, Riverside Patching is the main resort to battle software vulnerabilities. It is critical to ensure that patches are propagated to all affected software timely, which, unfortunately, is often not the ca ...

    admin - December 4, 2021 - 4:30 am

  15. Erays: Reverse Engineering Ethereum's Opaque Smart Contracts

    Yi Zhou, Deepak Kumar, Surya Bakshi, Joshua Mason, Andrew Miller, and Michael Bailey, University of Illinois, Urbana-Champaign Interacting with Ethereum smart contracts can have potentially devastating financial consequences. In light of this, several reg ...

    admin - December 4, 2021 - 5:30 am

  16. The Dangers of Key Reuse: Practical Attacks on IPsec IKE

    authentication methods, and configuration options. In this paper, we show that reusing a key pair across ...

    admin - December 4, 2021 - 5:30 am

  17. Quack: Scalable Remote Measurement of Application-Layer Censorship

    Benjamin VanderSloot, Allison McDonald, Will Scott, J. Alex Halderman, and Roya Ensafi, University of Michigan Remote censorship measurement tools can now detect DNS- and IP-based blocking at global scale. However, a major unmonitored form of interference ...

    admin - December 4, 2021 - 5:30 am

  18. Malicious Management Unit: Why Stopping Cache Attacks in Software is Harder Than You Think

    a different security domain. In this paper, we present a new class of attacks (indirect cache attacks), which ...

    admin - December 4, 2021 - 5:30 am

  19. Turning Your Weakness Into a Strength: Watermarking Deep Neural Networks by Backdooring

    Yossi Adi and Carsten Baum, Bar Ilan University; Moustapha Cisse, Google Inc; Benny Pinkas and Joseph Keshet, Bar Ilan University Deep Neural Networks have recently gained lots of success after enabling several breakthroughs in notoriously challenging pro ...

    admin - December 4, 2021 - 5:30 am

  20. Better managed than memorized? Studying the Impact of Managers on Password Strength and Reuse

    Sanam Ghorbani Lyastani, CISPA, Saarland University; Michael Schilling, Saarland University; Sascha Fahl, Ruhr-University Bochum; Michael Backes and Sven Bugiel, CISPA Helmholtz Center i.G. Despite their well-known security problems, passwords are still t ...

    admin - December 4, 2021 - 5:30 am

  21. Formal Security Analysis of Neural Networks using Symbolic Intervals

    However, all of these approaches are limited by the high overhead caused by the solver. In this paper, we ...

    admin - December 4, 2021 - 5:30 am

  22. We Still Don’t Have Secure Cross-Domain Requests: an Empirical Study of CORS

    browsers to handle cross-origin network accesses. This paper presents our empirical study about the ...

    admin - December 4, 2021 - 5:30 am

  23. Fear the Reaper: Characterization and Fast Detection of Card Skimmers

    Nolen Scaife, Christian Peeters, and Patrick Traynor, University of Florida Distinguished Paper ... support such defenses. In this paper, we perform the first such study based on skimmers recovered by the ...

    admin - December 4, 2021 - 5:30 am

  24. Vetting Single Sign-On SDK Implementations via Symbolic Reasoning

    on the implementations of SSO SDKs, especially in the public domain. In this paper, we design and ...

    admin - December 4, 2021 - 5:30 am

  25. Off-Path TCP Exploit: How Wireless Routers Can Jeopardize Your Secrets

    Weiteng Chen and Zhiyun Qian, University of California, Riverside In this study, we discover a subtle yet serious timing side channel that exists in all generations of half-duplex IEEE 802.11 or Wi-Fi technology. Previous TCP injection attacks stem from s ...

    admin - December 4, 2021 - 6:30 am

Pages