| USENIX Security '20 | Symbolic execution with SymCC: Don't interpret, compile! | Sebastian Poeplau, Aurélien Francillon |
| USENIX Security '20 | Who's Calling? Characterizing Robocalls through Audio and Metadata Analysis | Sathvik Prasad, Elijah Bouma-Sims, Athishay Kiran Mylappan, Bradley Reaves |
| USENIX Security '20 | Composition Kills: A Case Study of Email Sender Authentication | Jianjun Chen, Vern Paxson, Jian Jiang |
| USENIX Security '20 | Datalog Disassembly | Antonio Flores-Montoya, Eric Schulte |
| SOUPS 2020 | Blind and Human: Exploring More Usable Audio CAPTCHA Designs | Valerie Fanelle, Sepideh Karimi, Aditi Shah, Bharath Subramanian, Sauvik Das |
| USENIX Security '20 | A Comprehensive Quality Evaluation of Security and Privacy Advice on the Web | Elissa M. Redmiles, Noel Warford, Amritha Jayanti, Aravind Koneru, Sean Kross, Miraida Morales, Rock Stevens, Michelle L. Mazurek |
| USENIX Security '20 | The Tools and Tactics Used in Intimate Partner Surveillance: An Analysis of Online Infidelity Forums | Emily Tseng, Rosanna Bellini, Nora McDonald, Matan Danos, Rachel Greenstadt, Damon McCoy, Nicola Dell, Thomas Ristenpart |
| USENIX Security '20 | Sunrise to Sunset: Analyzing the End-to-end Life Cycle and Effectiveness of Phishing Attacks at Scale | Adam Oest, Penghui Zhang, Brad Wardman, Eric Nunes, Jakub Burgis, Ali Zand, Kurt Thomas, Adam Doupé, Gail-Joon Ahn |
| USENIX Security '20 | The Unpatchable Silicon: A Full Break of the Bitstream Encryption of Xilinx 7-Series FPGAs | Maik Ender, Amir Moradi, Christof Paar |
| USENIX Security '20 | Retrofitting Fine Grain Isolation in the Firefox Renderer | Shravan Narayan, Craig Disselkoen, Tal Garfinkel, Nathan Froyd, Eric Rahm, Sorin Lerner, Hovav Shacham, Deian Stefan |
| USENIX Security '20 | Understanding security mistakes developers make: Qualitative analysis from Build It, Break It, Fix It | Daniel Votipka, Kelsey R. Fulton, James Parker, Matthew Hou, Michelle L. Mazurek, Michael Hicks |
| USENIX ATC '20 | Serverless in the Wild: Characterizing and Optimizing the Serverless Workload at a Large Cloud Provider | Mohammad Shahrad, Rodrigo Fonseca, Íñigo Goiri, Gohar Chaudhry, Paul Batum, Jason Cooke, Eduardo Laureano, Colby Tresness, Mark Russinovich, Ricardo Bianchini |
| NSDI '20 | Learning in situ: a randomized experiment in video streaming | Francis Y. Yan, Hudson Ayers, Chenzhi Zhu, Sadjad Fouladi, James Hong, Keyi Zhang, Philip Levis, Keith Winstein |
| USENIX Security '19 | Users Really Do Answer Telephone Scams | Huahong Tu, Adam Doupé, Ziming Zhao, Gail-Joon Ahn |
| USENIX Security '19 | Computer Security and Privacy in the Interactions Between Victim Service Providers and Human Trafficking Survivors | Christine Chen, Nicola Dell, Franziska Roesner |
| USENIX Security '19 | Protecting accounts from credential stuffing with password breach alerting | Kurt Thomas, Jennifer Pullman, Kevin Yeo, Ananth Raghunathan, Patrick Gage Kelley, Luca Invernizzi, Borbala Benko, Tadek Pietraszek, Sarvar Patel, Dan Boneh, Elie Bursztein |
| USENIX Security '19 | Detecting and Characterizing Lateral Phishing at Scale | Grant Ho, Asaf Cidon, Lior Gavish, Marco Schweighauser, Vern Paxson, Stefan Savage, Geoffrey M. Voelker, David Wagner |
| SOUPS 2019 | Keepers of the Machines: Examining How System Administrators Manage Software Updates For Multiple Machines | Frank Li, Lisa Rogers, Arunesh Mathur, Nathan Malkin, Marshini Chetty |
| USENIX Security '19 | 50 Ways to Leak Your Data: An Exploration of Apps' Circumvention of the Android Permissions System | Joel Reardon, Álvaro Feal, Primal Wijesekera, Amit Elazari Bar On, Narseo Vallina-Rodriguez, Serge Egelman |
| USENIX Security '19 | ERIM: Secure, Efficient In-process Isolation with Protection Keys (MPK) | Anjo Vahldiek-Oberwagner, Eslam Elnikety, Nuno O. Duarte, Michael Sammler, Peter Druschel, Deepak Garg |
| NSDI '19 | Scaling Community Cellular Networks with CommunityCellularManager | Shaddi Hasan, Mary Claire Barela, Matthew Johnson, Eric Brewer, Kurtis Heimerl |
| USENIX Security '18 | NAVEX: Precise and Scalable Exploit Generation for Dynamic Web Applications | Abeer Alhuzali, Rigel Gjomemo, Birhanu Eshete, V.N. Venkatakrishnan |
| USENIX Security '18 | The Battle for New York: A Case Study of Applied Digital Threat Modeling at the Enterprise Level | Rock Stevens, Daniel Votipka, Elissa M. Redmiles, Colin Ahern, Patrick Sweeney, Michelle L. Mazurek |
| USENIX Security '18 | Fear the Reaper: Characterization and Fast Detection of Card Skimmers | Nolen Scaife, Christian Peeters, Patrick Traynor |
| USENIX Security '18 | Who Left Open the Cookie Jar? A Comprehensive Evaluation of Third-Party Cookie Policies | Gertjan Franken, Tom Van Goethem, Wouter Joosen |
