Search results

  1. The Secret Sharer: Evaluating and Testing Unintended Memorization in Neural Networks

    This paper describes a testing methodology for quantitatively assessing the risk that rare or unique ...

    admin - November 30, 2021 - 4:48 pm

  2. simTPM: User-centric TPM for Mobile Devices

    Environments. In this paper, we present simTPM, an alternative implementation of a mobile TPM based on the SIM ...

    admin - November 30, 2021 - 4:48 pm

  3. EnFuzz: Ensemble Fuzzing with Seed Synchronization among Diverse Fuzzers

    this paper, we systematically study an ensemble fuzzing approach. First, we define the diversity of ...

    admin - November 30, 2021 - 4:48 pm

  4. Devils in the Guidance: Predicting Logic Vulnerabilities in Payment Syndication Services through Automated Documentation Analysis

    Yi Chen, Institute of Information Engineering, CAS; Luyi Xing, Yue Qin, Xiaojing Liao, and XiaoFeng Wang, Indiana University Bloomington; Kai Chen and Wei Zou, Institute of Information Engineering, CAS Finding logic flaws today relies on the program analy ...

    admin - November 30, 2021 - 4:48 pm

  5. Probability Model Transforming Encoders Against Encoding Attacks

    Haibo Cheng, Zhixiong Zheng, Wenting Li, and Ping Wang, Peking University; Chao-Hsien Chu, Pennsylvania State University Honey encryption (HE) is a novel encryption scheme for resisting brute-force attacks even using low-entropy keys (e.g., passwords). HE ...

    admin - November 30, 2021 - 4:48 pm

  6. High Precision Detection of Business Email Compromise

    Asaf Cidon, Barracuda Networks and Columbia University; Lior Gavish, Itay Bleier, Nadia Korshun, Marco Schweighauser, and Alexey Tsitkin, Barracuda Networks Business email compromise (BEC) and employee impersonation have become one of the most costly cybe ...

    admin - November 30, 2021 - 4:48 pm

  7. Blind Bernoulli Trials: A Noninteractive Protocol For Hidden-Weight Coin Flips

    Emma Connor and Max Schuchard, University of Tennessee We introduce the concept of a "Blind Bernoulli Trial," a noninteractive protocol that allows a set of remote, disconnected users to individually compute one random bit each with probability ...

    admin - September 30, 2024 - 12:35 pm

  8. VRASED: A Verified Hardware/Software Co-Design for Remote Attestation

    Ivan De Oliveira Nunes, University of California, Irvine; Karim Eldefrawy, SRI International; Norrathep Rattanavipanon, University of California, Irvine; Michael Steiner, Intel; Gene Tsudik, University of California, Irvine Remote Attestation (RA) is a di ...

    admin - November 30, 2021 - 4:48 pm

  9. EverParse: Verified Secure Zero-Copy Parsers for Authenticated Message Formats

    Tahina Ramananandro, Antoine Delignat-Lavaud, Cédric Fournet, and Nikhil Swamy, Microsoft Research; Tej Chajed, MIT; Nadim Kobeissi, Inria Paris; Jonathan Protzenko, Microsoft Research We present EverParse, a framework for generating parsers and serialize ...

    admin - November 30, 2021 - 4:48 pm

  10. Why Do Adversarial Attacks Transfer? Explaining Transferability of Evasion and Poisoning Attacks

    paper, we present a comprehensive analysis aimed to investigate the transferability of both test-time ...

    admin - November 30, 2021 - 5:50 pm

  11. HardFails: Insights into Software-Exploitable Hardware Bugs

    affected all major hardware vendors. In this paper, we take a deep dive into microarchitectural security ...

    admin - November 30, 2021 - 5:50 pm

  12. Understanding and Securing Device Vulnerabilities through Automated Bug Report Analysis

    Xuan Feng, Beijing Key Laboratory of IOT Information Security Technology, Institute of Information Engineering, CAS, China; School of Cyber Security, University of Chinese Academy of Sciences, China; Xiaojing Liao and XiaoFeng Wang, Department of Computer ...

    admin - November 30, 2021 - 5:50 pm

  13. The Art of The Scam: Demystifying Honeypots in Ethereum Smart Contracts

    type of contracts is commonly referred to as honeypots. In this paper, we present the first systematic ...

    admin - November 30, 2021 - 5:50 pm

  14. DEEPVSA: Facilitating Value-set Analysis with Deep Learning for Postmortem Program Analysis

    Wenbo Guo, Dongliang Mu, and Xinyu Xing, The Pennsylvania State University; Min Du and Dawn Song, University of California, Berkeley Value set analysis (VSA) is one of the most powerful binary analysis tools, which has been broadly adopted in many use cas ...

    admin - November 30, 2021 - 5:50 pm

  15. Clinical Computer Security for Victims of Intimate Partner Violence

    Sam Havron, Diana Freed, and Rahul Chatterjee, Cornell Tech; Damon McCoy, New York University; Nicola Dell and Thomas Ristenpart, Cornell Tech Digital insecurity in the face of targeted, persistent attacks increasingly leaves victims in debilitating or ev ...

    admin - November 30, 2021 - 5:50 pm

  16. Detecting and Characterizing Lateral Phishing at Scale

    Savage and Geoffrey M. Voelker, UC San Diego; David Wagner, UC Berkeley Distinguished Paper Award Winner ...

    admin - November 30, 2021 - 5:50 pm

  17. Terminal Brain Damage: Exposing the Graceless Degradation in Deep Neural Networks Under Hardware Fault Attacks

    Sanghyun Hong, University of Maryland College Park; Pietro Frigo, Vrije Universiteit Amsterdam; Yiğitcan Kaya, University of Maryland College Park; Cristiano Giuffrida, Vrije Universiteit Amsterdam; Tudor Dumitraș, University of Maryland College Park Deep ...

    admin - November 30, 2021 - 5:50 pm

  18. Not Everything is Dark and Gloomy: Power Grid Protections Against IoT Demand Attacks

    Cruz; Ross Baldick, The University of Texas at Austin This paper discusses and characterizes the impacts ... potential manipulation by attackers. In this paper we investigate the impacts of this potential IoT demand ... this paper, we apply our tool to a large North American regional transmission interconnection system ...

    admin - November 30, 2021 - 5:50 pm

  19. SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks

    Saad Islam and Ahmad Moghimi, Worcester Polytechnic Institute; Ida Bruhns and Moritz Krebbel, University of Luebeck; Berk Gulmezoglu, Worcester Polytechnic Institute; Thomas Eisenbarth, Worcester Polytechnic Institute and University of Luebeck; Berk Sunar ...

    admin - November 30, 2021 - 5:50 pm

  20. Evaluating Differentially Private Machine Learning in Practice

    utility. In this paper, we quantify the impact of these choices on privacy in experiments with logistic ...

    admin - November 30, 2021 - 6:52 pm

  21. Mobile Private Contact Discovery at Scale

    Daniel Kales and Christian Rechberger, Graz University of Technology; Thomas Schneider, Matthias Senker, and Christian Weinert, TU Darmstadt Mobile messengers like WhatsApp perform contact discovery by uploading the user's entire address book to the ...

    admin - November 30, 2021 - 6:52 pm

  22. Origin-sensitive Control Flow Integrity

    number of incoming execution paths to an indirect control transfer instruction (ICT). In this paper, we ...

    admin - November 30, 2021 - 6:52 pm

  23. RVFuzzer: Finding Input Validation Bugs in Robotic Vehicles through Control-Guided Testing

    many security issues with RVs have emerged, limiting their wider deployment. In this paper, we address ...

    admin - November 30, 2021 - 6:52 pm

  24. From IP ID to Device ID and KASLR Bypass

    Amit Klein and Benny Pinkas, Bar Ilan University IP headers include a 16-bit ID field. Our work examines the generation of this field in Windows (versions 8 and higher), Linux and Android, and shows that the IP ID field enables remote servers to assign a ...

    admin - November 30, 2021 - 6:52 pm

  25. CANvas: Fast and Inexpensive Automotive Network Mapping

    Sekar Kulandaivel, Tushar Goyal, Arnav Kumar Agrawal, and Vyas Sekar, Carnegie Mellon University Modern vehicles contain tens of Electronic Control Units (ECUs), several of which communicate over the Controller Area Network (CAN) protocol. As such, in-veh ...

    admin - November 30, 2021 - 6:52 pm

Pages