| USENIX Security '14 | A Large-Scale Empirical Analysis of Chinese Web Passwords | Zhigong Li, Weili Han, Wenyuan Xu |
| USENIX Security '14 | Telepathwords: Preventing Weak Passwords by Reading Users’ Minds | Saranga Komanduri, Richard Shay, Lorrie Faith Cranor, Cormac Herley, Stuart Schechter |
| USENIX Security '14 | Precise Client-side Protection against DOM-based Cross-Site Scripting | Ben Stock, Sebastian Lekies, Tobias Mueller, Patrick Spiegel, Martin Johns |
| USENIX Security '14 | Automatically Detecting Vulnerable Websites Before They Turn Malicious | Kyle Soska, Nicolas Christin |
| USENIX Security '14 | Towards Reliable Storage of 56-bit Secrets in Human Memory | Joseph Bonneau, Stuart Schechter |
| USENIX Security '14 | Password Portfolios and the Finite-Effort User: Sustainably Managing Large Numbers of Accounts | Dinei Florêncio, Cormac Herley, Paul C. van Oorschot |
| USENIX Security '14 | Scheduler-based Defenses against Cross-VM Side-channels | Venkatanathan Varadarajan, Thomas Ristenpart, Michael Swift |
| USENIX Security '14 | A Look at Targeted Attacks Through the Lense of an NGO | Stevens Le Blond, Adina Uritesc, Cédric Gilbert, Zheng Leong Chua, Prateek Saxena, Engin Kirda |
| USENIX Security '14 | On the Effective Prevention of TLS Man-in-the-Middle Attacks in Web Applications | Nikolaos Karapanos, Srdjan Capkun |
| USENIX Security '14 | The Emperor’s New Password Manager: Security Analysis of Web-based Password Managers | Zhiwei Li, Warren He, Devdatta Akhawe, Dawn Song |
| USENIX Security '14 | Oxymoron: Making Fine-Grained Memory Randomization Practical by Allowing Code Sharing | Michael Backes, Stefan Nürnberger |
| USENIX Security '14 | iSeeYou: Disabling the MacBook Webcam Indicator LED | Matthew Brocker, Stephen Checkoway |
| USENIX Security '14 | ROP is Still Dangerous: Breaking Modern Defenses | Nicholas Carlini, David Wagner |
| USENIX Security '14 | On the Practical Exploitability of Dual EC in TLS Implementations | Stephen Checkoway, Ruben Niederhagen, Adam Everspaugh, Matthew Green, Tanja Lange, Thomas Ristenpart, Daniel J. Bernstein, Jake Maskiewicz, Hovav Shacham, Matthew Fredrikson |
| USENIX Security '14 | SpanDex: Secure Password Tracking for Android | Landon P. Cox, Peter Gilbert, Geoffrey Lawler, Valentin Pistol, Ali Razeen, Bi Wu, Sai Cheemalapati |
| USENIX Security '14 | Stitching the Gadgets: On the Ineffectiveness of Coarse-Grained Control-Flow Integrity Protection | Lucas Davi, Ahmad-Reza Sadeghi, Daniel Lehmann, Fabian Monrose |
| USENIX Security '14 | Blanket Execution: Dynamic Similarity Testing for Program Binaries and Components | Manuel Egele, Maverick Woo, Peter Chapman, David Brumley |
| USENIX Security '14 | Size Does Matter: Why Using Gadget-Chain Length to Prevent Code-Reuse Attacks is Hard | Enes Göktaş, Elias Athanasopoulos, Michalis Polychronakis, Herbert Bos, Georgios Portokalidis |
| USENIX Security '14 | SSOScan: Automated Testing of Web Applications for Single Sign-On Vulnerabilities | Yuchen Zhou, David Evans |
| USENIX Security '14 | Password Managers: Attacks and Defenses | David Silver, Suman Jana, Dan Boneh, Eric Chen, Collin Jackson |
| USENIX Security '14 | From the Aether to the Ethernet—Attacking the Internet using Broadcast Digital Television | Yossef Oren, Angelos D. Keromytis |
| USENIX Security '14 | When Governments Hack Opponents: A Look at Actors and Technology | William R. Marczak, John Scott-Railton, Morgan Marquis-Boire, Vern Paxson |
| USENIX Security '14 | DSCRETE: Automatic Rendering of Forensic Information from Memory Images via Application Logic Reuse | Brendan Saltaformaggio, Zhongshu Gu, Xiangyu Zhang, Dongyan Xu |
| USENIX Security '14 | Man vs. Machine: Practical Adversarial Detection of Malicious Crowdsourcing Workers | Gang Wang, Tianyi Wang, Haitao Zheng, Ben Y. Zhao |
| USENIX Security '14 | Cardinal Pill Testing of System Virtual Machines | Hao Shi, Abdulla Alwabel, Jelena Mirkovic |
