Search results

  1. SpecROP: Speculative Exploitation of ROP Chains

    Atri Bhattacharyya and Andrés Sánchez, EPFL; Esmaeil M. Koruyeh, Nael Abu-Ghazaleh, and Chengyu Song UC Riverside; Mathias Payer, EPFL Speculative execution attacks, such as Spectre, reuse code from the victim’s binary to access and leak secret informatio ...

    admin - November 27, 2021 - 8:30 am

  2. Mininode: Reducing the Attack Surface of Node.js Applications

    modules. In this paper, we present Mininode, a static analysis tool for Node.js applications that measures ...

    admin - November 27, 2021 - 8:30 am

  3. MEUZZ: Smart Seed Scheduling for Hybrid Fuzzing

    Yaohui Chen, Mansour Ahmadi, and Reza Mirzazade farkhani, Northeastern University; Boyu Wang, Stony Brook University; Long Lu, Northeastern University Seed scheduling highly impacts the yields of hybrid fuzzing. Existing hybrid fuzzers schedule seeds base ...

    admin - November 27, 2021 - 8:30 am

  4. Confine: Automated System Call Policy Generation for Container Attack Surface Reduction

    containers, in this paper we present a generic approach for the automated generation of restrictive system ...

    admin - November 27, 2021 - 8:30 am

  5. Evaluating Changes to Fake Account Verification Systems

    effective each iteration is at stopping fake accounts and letting real users through. This paper proposes ...

    admin - November 27, 2021 - 8:30 am

  6. Software-based Realtime Recovery from Sensor Attacks on Robotic Vehicles

    Hongjun Choi and Sayali Kate, Purdue University; Yousra Aafer, University of Waterloo; Xiangyu Zhang and Dongyan Xu, Purdue University We present a novel technique to recover robotic vehicles (RVs) from various sensor attacks with so-called software senso ...

    admin - November 27, 2021 - 9:30 am

  7. Never Trust Your Victim: Weaponizing Vulnerabilities in Security Scanners

    a remote location. In this paper we falsify this belief by showing that scanners are exposed to the same ...

    admin - November 27, 2021 - 9:30 am

  8. aBBRate: Automating BBR Attack Exploration Using a Model-Based Approach

    nor how effective they are in practice. In this paper we systematically analyze the vulnerability of ...

    admin - November 27, 2021 - 9:30 am

  9. GhostImage: Remote Perception Attacks against Camera-based Image Classification Systems

    Yanmao Man and Ming Li, University of Arizona; Ryan Gerdes, Virginia Tech In vision-based object classification systems imaging sensors perceive the environment and then objects are detected and classified for decision-making purposes; e.g., to maneuver a ...

    admin - November 27, 2021 - 9:30 am

  10. BlueShield: Detecting Spoofing Attacks in Bluetooth Low Energy Networks

    Jianliang Wu, Yuhong Nan, and Vireshwar Kumar, Purdue University; Mathias Payer, EPFL; Dongyan Xu, Purdue University Many IoT devices are equipped with Bluetooth Low Energy (BLE) to support communication in an energy-efficient manner. Unfortunately, BLE i ...

    admin - November 27, 2021 - 9:30 am

  11. SIEVE: Secure In-Vehicle Automatic Speech Recognition Systems

    commands from various sources in a noisy driving environment. In this paper, we develop a secure in-vehicle ...

    admin - November 27, 2021 - 9:30 am

  12. Camera Fingerprinting Authentication Revisited

    camera sensor fingerprints has been discussed, recently. This paper revisits the eligibility of this ...

    admin - November 27, 2021 - 9:30 am

  13. Detecting Lateral Movement in Enterprise Computer Networks with Unsupervised Graph AI

    Washington University In this paper we present a technique for detecting lateral movement of Advanced ...

    admin - November 27, 2021 - 9:30 am

  14. SourceFinder: Finding Malware Source-Code from Publicly Available Repositories in GitHub

    Md Omar Faruk Rokon, Risul Islam, Ahmad Darki, Evangelos E. Papalexakis, and Michalis Faloutsos, UC Riverside Where can we find malware source code? This question is motivated by a real need: there is a dearth of malware source code, which impedes various ...

    admin - November 27, 2021 - 9:30 am

  15. μSBS: Static Binary Sanitization of Bare-metal Embedded Devices for Fault Observability

    difficult. This paper tackles this problem by proposing $\mu$SBS, a novel approach that, by statically ...

    admin - November 27, 2021 - 9:30 am

  16. An Object Detection based Solver for Google’s Image reCAPTCHA v2

    challenges that can render the prior approaches ineffective to a great extent. In this paper, we investigate ...

    admin - November 27, 2021 - 10:30 am

  17. sysfilter: Automated System Call Filtering for Commodity Software

    Nicholas DeMarinis, Kent Williams-King, Di Jin, Rodrigo Fonseca, and Vasileios P. Kemerlis, Brown University Modern OSes provide a rich set of services to applications, primarily accessible via the system call API, to support the ever growing functionalit ...

    admin - November 27, 2021 - 10:30 am

  18. Robust P2P Primitives Using SGX Enclaves

    Yaoqi Jia, ACM Member; Shruti Tople, Microsoft Research; Tarik Moataz, Aroki Systems; Deli Gong, ACM Member; Prateek Saxena and Zhenkai Liang, National University of Singapore Peer-to-peer (P2P) systems such as BitTorrent and Bitcoin are susceptible to se ...

    admin - November 27, 2021 - 10:30 am

  19. Evasion Attacks against Banking Fraud Detection Systems

    applicable to the banking fraud context. In this paper, we study the application of AML techniques to the ...

    admin - November 27, 2021 - 10:30 am

  20. Tracing and Analyzing Web Access Paths Based on User-Side Data Collection: How Do Users Reach Malicious URLs?

    Takeshi Takahashi, National Institute of Information and Communications Technology; Christopher Kruegel and Giovanni Vigna, University of California, Santa Barbara; Katsunari Yoshioka, Yokohama National University; Daisuke Inoue, National Institute of Inf ...

    admin - November 27, 2021 - 10:30 am

  21. The Limitations of Federated Learning in Sybil Settings

    Clement Fung, Carnegie Mellon University; Chris J. M. Yoon and Ivan Beschastnikh, University of British Columbia Federated learning over distributed multi-party data is an emerging paradigm that iteratively aggregates updates from a group of devices to tr ...

    admin - November 27, 2021 - 10:30 am

  22. WearFlow: Expanding Information Flow Analysis To Companion Apps in Wear OS

    this paper, we present WearFlow, a framework that uses static analysis to detect sensitive data flows ...

    admin - November 27, 2021 - 10:30 am

  23. Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities

    Manh-Dung Nguyen and Sébastien Bardin, Univ. Paris-Saclay, CEA LIST, France; Richard Bonichon, Tweag I/O, France; Roland Groz, Univ. Grenoble Alpes, France; Matthieu Lemerre, Univ. Paris-Saclay, CEA LIST, France Directed fuzzing focuses on automatically t ...

    admin - November 27, 2021 - 10:30 am

  24. Service Configurator: A Pattern for Dynamic Configuration of Services

    Prashant Jain and Douglas C. Schmidt, Washington University This paper describes the Service ... https://www.usenix.org/legacy/publications/library/proceedings/coots97/full_papers/jain/jain.pdf https://www.usenix.org/legacy/publications/library/proceedings/coots97/full_papers/jain/jain.txt ...

    admin - January 6, 2022 - 6:30 am

  25. Using the Strategy Design Pattern to Compose Reliable Distributed Protocols

    because it allows the reuse of robust protocol implementations. In this paper, we describe how the ... ://www.usenix.org/legacy/publications/library/proceedings/coots97/full_papers/garbinato/garbinato.pdf https ... ://www.usenix.org/legacy/publications/library/proceedings/coots97/full_papers/garbinato/garbinato_html/coots97.html ...

    admin - January 6, 2022 - 6:30 am

Pages