| USENIX Security '20 | Understanding security mistakes developers make: Qualitative analysis from Build It, Break It, Fix It | Daniel Votipka, Kelsey R. Fulton, James Parker, Matthew Hou, Michelle L. Mazurek, Michael Hicks |
| USENIX Security '20 | The Impact of Ad-Blockers on Product Search and Purchase Behavior: A Lab Experiment | Alisa Frik, Amelia Haviland, Alessandro Acquisti |
| USENIX Security '20 | Call Me Maybe: Eavesdropping Encrypted LTE Calls With ReVoLTE | David Rupprecht, Katharina Kohls, Thorsten Holz, Christina Pöpper |
| USENIX Security '20 | You Are What You Broadcast: Identification of Mobile and IoT Devices from (Public) WiFi | Lingjing Yu, Bo Luo, Jun Ma, Zhaoyu Zhou, Qingyun Liu |
| USENIX Security '20 | Empirical Measurement of Systemic 2FA Usability | Joshua Reynolds, Nikita Samarin, Joseph Barnes, Taylor Judd, Joshua Mason, Michael Bailey, Serge Egelman |
| USENIX Security '20 | What Twitter Knows: Characterizing Ad Targeting Practices, User Perceptions, and Ad Explanations Through Users' Own Twitter Data | Miranda Wei, Madison Stamos, Sophie Veys, Nathan Reitinger, Justin Goodman, Margot Herman, Dorota Filipczuk, Ben Weinshel, Michelle L. Mazurek, Blase Ur |
| USENIX Security '20 | Sys: A Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code | Fraser Brown, Deian Stefan, Dawson Engler |
| USENIX Security '20 | Breaking Secure Pairing of Bluetooth Low Energy Using Downgrade Attacks | Yue Zhang, Jian Weng, Rajib Dey, Yier Jin, Zhiqiang Lin, Xinwen Fu |
| USENIX Security '20 | Interpretable Deep Learning under Fire | Xinyang Zhang, Ningfei Wang, Hua Shen, Shouling Ji, Xiapu Luo, Ting Wang |
| USENIX Security '20 | P2IM: Scalable and Hardware-independent Firmware Testing via Automatic Peripheral Interface Modeling | Bo Feng, Alejandro Mera, Long Lu |
| USENIX Security '20 | Actions Speak Louder than Words: Entity-Sensitive Privacy Policy and Data Flow Analysis with PoliCheck | Benjamin Andow, Samin Yaseer Mahmud, Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, Serge Egelman |
| USENIX Security '20 | Exploring Connections Between Active Learning and Model Extraction | Varun Chandrasekaran, Kamalika Chaudhuri, Irene Giacomelli, Somesh Jha, Songbai Yan |
| USENIX Security '20 | KOOBE: Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities | Weiteng Chen, Xiaochen Zou, Guoren Li, Zhiyun Qian |
| USENIX Security '20 | BScout: Direct Whole Patch Presence Test for Java Executables | Jiarun Dai, Yuan Zhang, Zheyue Jiang, Yingtian Zhou, Junyan Chen, Xinyu Xing, Xiaohan Zhang, Xin Tan, Min Yang, Zhemin Yang |
| USENIX Security '20 | Local Model Poisoning Attacks to Byzantine-Robust Federated Learning | Minghong Fang, Xiaoyu Cao, Jinyuan Jia, Neil Gong |
| USENIX Security '20 | PCKV: Locally Differentially Private Correlated Key-Value Data Collection with Optimized Utility | Xiaolan Gu, Ming Li, Yueqiang Cheng, Li Xiong, Yang Cao |
| USENIX Security '20 | Data Recovery from “Scrubbed” NAND Flash Storage: Need for Analog Sanitization | Md Mehedi Hasan, Biswajit Ray |
| USENIX Security '20 | Security Analysis of Unified Payments Interface and Payment Apps in India | Renuka Kumar, Sreesh Kishore, Hao Lu, Atul Prakash |
| USENIX Security '20 | Stealthy Tracking of Autonomous Vehicles with Cache Side Channels | Mulong Luo, Andrew C. Myers, G. Edward Suh |
| USENIX Security '20 | (Mostly) Exitless VM Protection from Untrusted Hypervisor through Disaggregated Nested Virtualization | Zeyu Mi, Dingji Li, Haibo Chen, Binyu Zang, Haibing Guan |
| USENIX Security '20 | SAVIOR: Securing Autonomous Vehicles with Robust Physical Invariants | Raul Quinonez, Jairo Giraldo, Luis Salazar, Erick Bauman, Alvaro Cardenas, Zhiqiang Lin |
| USENIX Security '20 | Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning | Ahmed Salem, Apratim Bhattacharya, Michael Backes, Mario Fritz, Yang Zhang |
| USENIX Security '20 | Plug-N-Pwned: Comprehensive Vulnerability Analysis of OBD-II Dongles as A New Over-the-Air Attack Surface in Automotive IoT | Haohuang Wen, Qi Alfred Chen, Zhiqiang Lin |
| USENIX Security '20 | MVP: Detecting Vulnerabilities using Patch-Enhanced Vulnerability Signatures | Yang Xiao, Bihuan Chen, Chendong Yu, Zhengzi Xu, Zimu Yuan, Feng Li, Binghong Liu, Yang Liu, Wei Huo, Wei Zou, Wenchang Shi |
| USENIX Security '20 | Cardpliance: PCI DSS Compliance of Android Applications | Samin Yaseer Mahmud, Akhil Acharya, Benjamin Andow, William Enck, Bradley Reaves |
