| WOOT '16 | malWASH: Washing Malware to Evade Dynamic Analysis | Kyriakos K. Ispoglou, Mathias Payer |
| WOOT '16 | Non-Deterministic Timers for Hardware Trojan Activation (or How a Little Randomness Can Go the Wrong Way) | Frank Imeson, Saeed Nejati, Siddharth Garg, Mahesh Tripunitara |
| WOOT '16 | Fillory of PHY: Toward a Periodic Table of Signal Corruption Exploits and Polyglots in Digital Radio | Sergey Bratus, Travis Goodspeed, Ange Albertini, Debanjum S. Solanky |
| WOOT '16 | SoK: XML Parser Vulnerabilities | Christopher Späth, Christian Mainka, Vladislav Mladenov, Jörg Schwenk |
| WOOT '16 | Abusing Public Third-Party Services for EDoS Attacks | Huangxin Wang, Zhonghua Xi, Fei Li, Songqing Chen |
| WOOT '16 | DDoSCoin: Cryptocurrency with a Malicious Proof-of-Work | Eric Wustrow, Benjamin VanderSloot |
| WOOT '16 | A Rising Tide: Design Exploits in Industrial Control Systems | Alexander Bolshev, Jason Larsen, Marina Krotofil, Reid Wightman |
| WOOT '16 | This Ain't Your Dose: Sensor Spoofing Attack on Medical Infusion Pump | Youngseok Park, Yunmok Son, Hocheol Shin, Dohyun Kim, Yongdae Kim |
| WOOT '16 | Sampling Race: Bypassing Timing-Based Analog Active Sensor Spoofing Detection on Analog-Digital Systems | Hocheol Shin, Yunmok Son, Youngseok Park, Yujin Kwon, Yongdae Kim |
| WOOT '16 | Truck Hacking: An Experimental Analysis of the SAE J1939 Standard | Yelizaveta Burakova, Bill Hass, Leif Millar, André Weimerskirch |
| WOOT '16 | Controlling UAVs with Sensor Input Spoofing Attacks | Drew Davidson, Hao Wu, Rob Jellinek, Vikas Singh, Thomas Ristenpart |
| WOOT '16 | A Security Analysis of an In-Vehicle Infotainment and App Platform | Sahar Mazloom, Mohammad Rezaeirad, Aaron Hunter, Damon McCoy |
| WOOT '16 | How to Break Microsoft Rights Management Services | Martin Grothe, Christian Mainka, Paul Rösler, Jörg Schwenk |
| WOOT '15 | FLEXTLS: A Tool for Testing TLS Implementations | Benjamin Beurdouche, Antoine Delignat-Lavaud, Nadim Kobeissi, Alfredo Pironti, Karthikeyan Bhargavan |
| WOOT '15 | Prying Open Pandora's Box: KCI Attacks against TLS | Clemens Hlauschek, Markus Gruber, Florian Fankhauser, Christian Schanes |
| WOOT '15 | P2P File-Sharing in Hell: Exploiting BitTorrent Vulnerabilities to Launch Distributed Reflective DoS Attacks | Florian Adamsky, Syed Ali Khayam, Rudolf Jäger, Muttukrishnan Rajarajan |
| WOOT '15 | Cashing Out the Great Cannon? On Browser-Based DDoS Attacks and Economics | Giancarlo Pellegrino, Christian Rossow, Fabrice J. Ryba, Thomas C. Schmidt, Matthias Wählisch |
| WOOT '15 | Own Your Android! Yet Another Universal Root | Wen Xu, Yubin Fu |
| WOOT '15 | One Class to Rule Them All: 0-Day Deserialization Vulnerabilities in Android | Or Peles, Roee Hay |
| WOOT '15 | RouteDetector: Sensor-based Positioning System That Exploits Spatio-Temporal Regularity of Human Mobility | Takuya Watanabe, Mitsuaki Akiyama, Tatsuya Mori |
| WOOT '15 | SURROGATES: Enabling Near-Real-Time Dynamic Analyses of Embedded Systems | Karl Koscher, Tadayoshi Kohno, David Molnar |
| WOOT '15 | Symbolic Execution for BIOS Security | Oleksandr Bazhaniuk, John Loucaides, Lee Rosenbaum, Mark R. Tuttle, Vincent Zimmer |
| WOOT '15 | IoTPOT: Analysing the Rise of IoT Compromises | Yin Minn Pa Pa, Shogo Suzuki, Katsunari Yoshioka, Tsutomu Matsumoto, Takahiro Kasama, Christian Rossow |
| WOOT '15 | Scrutinizing WPA2 Password Generating Algorithms in Wireless Routers | Eduardo Novella Lorente, Carlo Meijer, Roel Verdult |
| WOOT '15 | How to Break XML Encryption – Automatically | Dennis Kupser, Christian Mainka, Jorg Schwenk, Juraj Somorovsky |
