Search results

  1. One&Done: A Single-Decryption EM-Based Attack on OpenSSL’s Constant-Time Blinded RSA

    Prvulovic, Georgia Tech This paper presents the first side channel attack approach that, without relying on ... merged into its master source code branch prior to the publication of this paper. Monjur Alam, Georgia ...

    admin - December 4, 2021 - 6:30 am

  2. CommanderSong: A Systematic Approach for Practical Adversarial Voice Recognition

    this paper, we demonstrate that not only are more practical and surreptitious attacks feasible but they ...

    admin - December 4, 2021 - 6:30 am

  3. Simple Password-Hardened Encryption Services

    Russell W. F. Lai and Christoph Egger, Friedrich-Alexander University Erlangen-Nuremberg; Manuel Reinert, Saarland University; Sherman S. M. Chow, Chinese University of Hong Kong; Matteo Maffei, Vienna University of Technology; Dominique Schröder, Friedri ...

    admin - December 4, 2021 - 6:30 am

  4. Towards Predicting Efficient and Anonymous Tor Circuits

    Armon Barton, Mohsen Imani, and Jiang Ming, University of Texas at Arlington; Matthew Wright, Rochester Institute of Technology The Tor anonymity system provides online privacy for millions of users, but it is slower than typical web browsing. To improve ...

    admin - December 4, 2021 - 6:30 am

  5. Security Namespace: Making Linux Security Frameworks Available to Containers

    or other containers. In this paper, we propose security namespaces, a kernel abstraction that enables ...

    admin - December 4, 2021 - 6:30 am

  6. WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring

    Stefano Calzavara and Riccardo Focardi, Università Ca' Foscari Venezia; Matteo Maffei and Clara Schneidewind, TU Wien; Marco Squarcina and Mauro Tempesta, Università Ca' Foscari Venezia We present WPSE, a browser-side security monitor for web pr ...

    admin - December 4, 2021 - 6:30 am

  7. Analysis of Privacy Protections in Fitness Tracking Social Networks-or- You can run, but can you hide?

    Wajih Ul Hassan, Saad Hussain, and Adam Bates, University Of Illinois Urbana-Champaign Mobile fitness tracking apps allow users to track their workouts and share them with friends through online social networks. Although the sharing of personal data is an ...

    admin - December 4, 2021 - 6:30 am

  8. Inception: System-Wide Security Testing of Real-World Embedded Systems Software

    directly handled by current source-based tools. In this paper we introduce Inception, a framework to ...

    admin - December 4, 2021 - 6:30 am

  9. Man-in-the-Machine: Exploiting Ill-Secured Communication Inside the Computer

    back-end components, which run in different processes on the same computer. This paper studies the security ...

    admin - December 4, 2021 - 6:30 am

  10. ATtention Spanned: Comprehensive Vulnerability Analysis of AT Commands Within the Android Ecosystem

    their functionality is unclear and poorly documented. In this paper, we systematically retrieve ...

    admin - December 4, 2021 - 7:30 am

  11. FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities

    complexity of UAF exploitation as well as the scalability of an OS kernel. In this paper, we therefore ...

    admin - December 4, 2021 - 7:30 am

  12. The Rewards and Costs of Stronger Passwords in a University: Linking Password Lifetime to Strength

    Ingolf Becker, Simon Parkin, and M. Angela Sasse, University College London We present an opportunistic study of the impact of a new password policy in a university with 100,000 staff and students. The goal of the IT staff who conceived the policy was to ...

    admin - December 4, 2021 - 7:30 am

  13. Practical Accountability of Secret Processes

    metadata about each case on a paper cover sheet as a way to balance the competing goals of (1) secrecy, so ...

    admin - December 4, 2021 - 7:30 am

  14. Sensitive Information Tracking in Commodity IoT

    present. In this paper, we present SainT, a static taint analysis tool for IoT applications. SainT operates ...

    admin - December 4, 2021 - 7:30 am

  15. Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels

    Damian Poddebniak and Christian Dresen, Münster University of Applied Sciences; Jens Müller, Ruhr University Bochum; Fabian Ising and Sebastian Schinzel, Münster University of Applied Sciences; Simon Friedberger, NXP Semiconductors, Belgium; Juraj Somorov ...

    admin - December 4, 2021 - 7:30 am

  16. The Guard's Dilemma: Efficient Code-Reuse Attacks Against Intel SGX

    a constant, not randomized memory layout. In this paper, we present novel exploitation techniques against SGX ...

    admin - December 4, 2021 - 7:30 am

  17. Enabling Refinable Cross-Host Attack Investigation with Efficient Data Flow Tagging and Tracking

    maintain and synchronize the data flow tags globally across multiple hosts. In this paper, we propose RTAG, ...

    admin - December 4, 2021 - 7:30 am

  18. Forgetting of Passwords: Ecological Theory and Data

    no principled account exists for explaining when a password will be forgotten. This paper contributes ...

    admin - December 4, 2021 - 7:30 am

  19. Debloating Software through Piece-Wise Compilation and Loading

    envi- ronment (2016 programs); the heaviest user, vlc media player, only needed 18%. In this paper: (1) ...

    admin - December 4, 2021 - 7:30 am

  20. IMIX: In-Process Memory Isolation EXtension

    adversaries able to perform arbitrary read-write accesses. In this paper we propose IMIX, a lightweight, ...

    admin - December 4, 2021 - 8:30 am

  21. BurnBox: Self-Revocable Encryption in a World Of Compelled Access

    Nirvan Tyagi, Cornell University; Muhammad Haris Mughees, UIUC; Thomas Ristenpart and Ian Miers, Cornell Tech Dissidents, journalists, and others require technical means to protect their privacy in the face of compelled access to their digital devices (sm ...

    admin - December 4, 2021 - 8:30 am

  22. Who Left Open the Cookie Jar? A Comprehensive Evaluation of Third-Party Cookie Policies

    Gertjan Franken, Tom Van Goethem, and Wouter Joosen, imec-DistriNet, KU Leuven Distinguished Paper ... mechanisms that are built directly into the browser. In this paper, we evaluate the effectiveness of these ...

    admin - December 4, 2021 - 8:30 am

  23. NAVEX: Precise and Scalable Exploit Generation for Dynamic Web Applications

    Abeer Alhuzali, Rigel Gjomemo, Birhanu Eshete, and V.N. Venkatakrishnan, UIC Distinguished Paper ...

    admin - December 4, 2021 - 8:30 am

  24. A Bad Dream: Subverting Trusted Platform Module While You Are Sleeping

    This paper reports two sorts of Trusted Platform Module (TPM) attacks regarding power management. The ...

    admin - December 4, 2021 - 8:30 am

  25. Ethics Emerging: the Story of Privacy and Security Perceptions in Virtual Reality

    developers are considering and addressing those risks. In this paper, we present the first work on VR ...

    admin - December 4, 2021 - 4:30 pm

Pages