Search results

  1. Protecting accounts from credential stuffing with password breach alerting

    Google Distinguished Paper Award Winner Protecting accounts from credential stuffing attacks remains ... remediation. In this paper, we propose a privacy-preserving protocol whereby a client can query a centralized ...

    admin - November 30, 2021 - 9:57 pm

  2. The Web's Identity Crisis: Understanding the Effectiveness of Website Identity Indicators

    but users must understand and act on these indicators for them to be effective. In this paper, we ...

    admin - November 30, 2021 - 9:57 pm

  3. Improving Robustness of ML Classifiers against Realizable Evasion Attacks Using Conserved Features

    Liang Tong, Washington University in St. Louis; Bo Li, UIUC; Chen Hajaj, Ariel University; Chaowei Xiao, University of Michigan; Ning Zhang and Yevgeniy Vorobeychik, Washington University in St. Louis Machine learning (ML) techniques are increasingly comm ...

    admin - November 30, 2021 - 9:57 pm

  4. in-toto: Providing farm-to-table guarantees for bits and bytes

    Santiago Torres-Arias, New York University; Hammad Afzali, New Jersey Institute of Technology; Trishank Karthik Kuppusamy, Datadog; Reza Curtmola, New Jersey Institute of Technology; Justin Cappos, New York University The software development process is q ...

    admin - November 30, 2021 - 9:57 pm

  5. Everyone is Different: Client-side Diversification for Defending Against Extension Fingerprinting

    are fingerprintable and can be used to infer sensitive information about users. In this paper we ...

    admin - November 30, 2021 - 9:57 pm

  6. Pythia: Remote Oracles for the Masses

    Shin-Yeh Tsai, Purdue University; Mathias Payer, EPFL and (on leave from) Purdue; Yiying Zhang, Purdue University Remote Direct Memory Access (RDMA) is a technology that allows direct access from the network to a machine’s main memory without involving it ...

    admin - November 30, 2021 - 9:57 pm

  7. Users Really Do Answer Telephone Scams

    Institute of Technology; Gail-Joon Ahn, Arizona State University and Samsung Research Distinguished Paper ... developed to challenge the key foundations of successful telephone phishing attacks. In this paper, we ...

    admin - November 30, 2021 - 9:57 pm

  8. ERIM: Secure, Efficient In-process Isolation with Protection Keys (MPK)

    Deepak Garg, Max Planck Institute for Software Systems, Saarland Informatics Campus Distinguished Paper ... overhead of kernel- or hypervisor-mediated domain switching is prohibitive. In this paper, we present ERIM, ...

    admin - November 30, 2021 - 9:57 pm

  9. Cognitive Triaging of Phishing Attacks

    Amber van der Heijden and Luca Allodi, Eindhoven University of Technology In this paper we employ ...

    admin - November 30, 2021 - 9:57 pm

  10. IODINE: Verifying Constant-Time Execution of Hardware

    design is free of timing variability, i.e., executes in constant-time. In this paper, we present IODINE: ...

    admin - November 30, 2021 - 10:58 pm

  11. SafeHidden: An Efficient and Secure Information Hiding Technique Using Re-randomization

    various attacks. In this paper, we propose a new IH technique called SafeHidden. It continuously ...

    admin - November 30, 2021 - 10:58 pm

  12. Identifying Cache-Based Side Channels through Secret-Augmented Abstract Interpretation

    impeding their practical use in real-world scenarios. In this paper, we propose a novel static analysis ...

    admin - November 30, 2021 - 10:58 pm

  13. Birthday, Name and Bifacial-security: Understanding Passwords of Chinese Web Users

    have examined how non-English speaking users select passwords. In this paper, we perform an extensive, ...

    admin - November 30, 2021 - 10:58 pm

  14. Looking from the Mirror: Evaluating IoT Device Security through Mobile Companion Apps

    analysis. In this paper, we present a platform that accelerates vulnerable device discovery and analysis, ...

    admin - November 30, 2021 - 10:58 pm

  15. ScatterCache: Thwarting Cache Attacks via Cache Set Randomization

    problem is that caches are shared in a predictable way across security domains. In this paper, we ...

    admin - November 30, 2021 - 10:58 pm

  16. KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities

    Wei Wu, Institute of Information Engineering, Chinese Academy of Sciences; Pennsylvania State University; School of Cybersecurity, University of Chinese Academy of Sciences; Yueqi Chen and Xinyu Xing, Pennsylvania State University; Wei Zou, Institute of I ...

    admin - November 30, 2021 - 10:58 pm

  17. Seeing is Not Believing: Camouflage Attacks on Image Scaling Algorithms

    numerous visual and image processing applications. In this paper, we demonstrate an automated attack ... defend against such attacks, this paper suggests a few potential countermeasures from attack prevention ...

    admin - November 30, 2021 - 10:58 pm

  18. The Anatomy of a Cryptocurrency Pump-and-Dump Scheme

    regulators alike, this paper represents the first detailed empirical query of pump-and-dump activities in ...

    admin - November 30, 2021 - 10:58 pm

  19. CONFIRM: Evaluating Compatibility and Relevance of Control-flow Integrity Protections for Modern Software

    Xiaoyang Xu, Masoud Ghaffarinia, Wenhao Wang, and Kevin W. Hamlen, University of Texas at Dallas; Zhiqiang Lin, Ohio State University CONFIRM (CONtrol-Flow Integrity Relevance Metrics) is a new evaluation methodology and microbenchmarking suite for assess ...

    admin - November 30, 2021 - 10:58 pm

  20. Hiding in Plain Signal: Physical Signal Overshadowing Attack on LTE

    this paper, for the first time, we present a signal injection attack that exploits the fundamental ...

    admin - November 30, 2021 - 11:30 pm

  21. Iframes/Popups Are Dangerous in Mobile WebView: Studying and Mitigating Differential Context Vulnerabilities

    GuangLiang Yang, Jeff Huang, and Guofei Gu, Texas A&M University In this paper, we present ...

    admin - November 30, 2021 - 11:30 pm

  22. Tracing Transactions Across Cryptocurrency Ledgers

    cross-currency trades. In this paper, we use data scraped from ShapeShift over a thirteen-month period and the ...

    admin - November 30, 2021 - 11:30 pm

  23. Understanding and Improving Security and Privacy in Multi-User Smart Homes: A Design Exploration and In-Home User Study

    Eric Zeng and Franziska Roesner, University of Washington Smart homes face unique security, privacy, and usability challenges because they are multi-user, multi-device systems that affect the physical environment of all inhabitants of the home. Current sm ...

    admin - November 30, 2021 - 11:30 pm

  24. PeX: A Permission Check Analysis Framework for Linux Kernel

    checks, and even worse its complexity is fast-growing. This paper presents PeX, a static Permission check ...

    admin - November 30, 2021 - 11:30 pm

  25. FIRM-AFL: High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation

    Yaowen Zheng, Beijing Key Laboratory of IOT Information Security Technology, Institute of Information Engineering, CAS, China; School of Cyber Security, University of Chinese Academy of Sciences, China; Ali Davanian, Heng Yin, and Chengyu Song, University ...

    admin - November 30, 2021 - 11:30 pm

Pages