NDSS Symposium 2017 Accepted Papers - NDSS Symposium (original) (raw)

Indiscreet Logs: Diffie-Hellman Backdoors in TLS

Kristen Dorey, Nicholas Chang-Fong and Aleksander Essex

Read More

On the Safety and Efficiency of Virtual Firewall Elasticity Control

Juan Deng, Hongda Li, Hongxin Hu, Kuang-Ching Wang, Gail-Joon Ahn, Siming Zhao and Wonkyu Han

Read More

Fake Co-visitation Injection Attacks to Recommender Systems

Guolei Yang, Neil Zhenqiang Gong and Ying Cai

Read More

KEH-Gait: Towards a Mobile Healthcare User Authentication System by Kinetic Energy Harvesting

Weitao Xu, Guohao Lan, Qi Lin, Sara Khalifa, Neil Bergmann, Mahbub Hassan and Wen Hu

Read More

Dynamic Virtual Address Range Adjustment for Intra-Level Privilege Separation on ARM

Yeongpil Cho, Donghyun Kwon, Hayoon Yi and Yunheung Paek

Read More

Automated Analysis of Privacy Requirements for Mobile Apps

Sebastian Zimmeck, Ziqi Wang, Lieyong Zou, Roger Iyengar, Bin Liu, Florian Schaub, Shomir Wilson, Norman Sadeh, Steven M. Bellovin and Joel Reidenberg

Read More

SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs

Jaebaek Seo, Byoungyoung Lee, Seongmin Kim, Ming-Wei Shih, Insik Shin, Dongsu Han and Taesoo Kim

Read More

ContexIoT: Towards Providing Contextual Integrity to Appified IoT Platforms

Yunhan Jack Jia, Qi Alfred Chen, Shiqi Wang, Amir Rahmati, Earlence Fernandes, Z. Morley Mao and Atul Prakash

Read More

Constant Round Maliciously Secure 2PC with Function-independent Preprocessing using LEGO

Jesper Buus Nielsen, Thomas Schneider and Roberto Trifiletti

Read More

A Large-scale Analysis of the Mnemonic Password Advice

Johannes Kiesel, Benno Stein and Stefan Lucks

Read More

TumbleBit: An Untrusted Bitcoin-Compatible Anonymous Payment Hub

Ethan Heilman, Leen Alshenibr, Foteini Baldimtsi, Alessandra Scafuro and Sharon Goldberg

Read More

Fast Actively Secure OT Extension for Short Secrets

Arpita Patra, Pratik Sarkar and Ajith Suresh

Read More

Show Me the Money! Finding Flawed Implementations of Third-party In-app Payment in Android Apps

Wenbo Yang, Juanru Li, Hui Liu, Qing Wang, Yueheng Zhang, Yuanyuan Zhang and Dawu Gu

Read More

MARX: Uncovering Class Hierarchies in C++ Programs

Andre Pawlowski, Moritz Contag, Victor van der Veen, Chris Ouwehand, Thorsten Holz, Herbert Bos, Elias Athanasopoulos and Cristiano Giuffrida

Read More

Pushing the Communication Barrier in Secure Computation using Lookup Tables

Ghada Dessouky, Farinaz Koushanfar, Ahmad-Reza Sadeghi, Thomas Schneider, Shaza Zeitouni and Michael Zohner

Read More

FBS-Radar: Uncovering Fake Base Stations at Scale in the Wild

Zhenhua Li, Weiwei Wang, Christo Wilson, Jian Chen, Chen Qian, Taeho Jung, Lan Zhang, Kebin Liu, Xiangyang Li and Yunhao Liu

Read More

Enabling Reconstruction of Attacks on Users via Efficient Browsing Snapshots

Phani Vadrevu, Jienan Liu, Bo Li, Babak Rahbarinia, Kyu Hyung Lee and Roberto Perdisci

Read More

A Call to ARMs: Understanding the Costs and Benefits of JIT Spraying Mitigations

Wilson Lian, Hovav Shacham and Stefan Savage

Read More

Using Fully Homomorphic Encryption for Statistical Analysis of Categorical, Ordinal and Numerical Data

Wen-jie Lu, Shohei Kawasaki and Jun Sakuma

Read More

Are We There Yet? On RPKI’s Deployment and Security

Yossi Gilad, Avichai Cohen, Amir Herzberg, Michael Schapira and Haya Shulman

Read More

Cracking Android Pattern Lock in Five Attempts

Guixin Ye, Zhanyong Tang, Dingyi Fang, Xiaojiang Chen, Kwang In Kim, Ben Taylor and Zheng Wang

Read More

Internet-scale Probing of CPS: Inference, Characterization and Orchestration Analysis

Claude Fachkha, Elias Bou-Harb, Anastasis Keliris, Nasir Memon and Mustaque Ahamad

Read More

(Cross-)Browser Fingerprinting via OS and Hardware Level Features

Yinzhi Cao, Song Li and Erik Wijmans

Read More

WireGuard: Next Generation Kernel Network Tunnel

Jason A. Donenfeld

Read More

Dial One for Scam: A Large-Scale Analysis of Technical Support Scams

Najmeh Miramirkhani, Oleksii Starov and Nick Nikiforakis

Read More

Measuring small subgroup attacks against Diffie-Hellman

Luke Valenta, David Adrian, Antonio Sanso, Shaanan Cohney, Joshua Fried, Marcella Hastings, J. Alex Halderman and Nadia Heninger

Read More

SafeInit: Comprehensive and Practical Mitigation of Uninitialized Read Vulnerabilities

Alyssa Milburn, Herbert Bos and Cristiano Giuffrida

Read More

ObliviSync: Practical Oblivious File Backup and Synchronization

Adam J. Aviv, Seung Geol Choi, Travis Mayberry and Daniel S. Roche

Read More

T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs

Ming-Wei Shih, Sangho Lee, Taesoo Kim and Marcus Peinado

Read More

An Evil Copy: How the Loader Betrays You

Xinyang Ge, Mathias Payer and Trent Jaeger

Read More

PSI: Precise Security Instrumentation for Enterprise Networks

Tianlong Yu, Seyed K. Fayaz, Michael Collins, Vyas Sekar and Srinivasan Seshan

Read More

Catching Worms, Trojan Horses and PUPs: Unsupervised Detection of Silent Delivery Campaigns

Bum Jun Kwon, Virinchi Srinivas, Amol Deshpande and Tudor Dumitras

Read More

Dachshund: Digging for and Securing (Non-)Blinded Constants in JIT Code

Giorgi Maisuradze, Michael Backes and Christian Rossow

Read More

Ramblr: Making Reassembly Great Again

Ruoyu Wang, Yan Shoshitaishvili, Antonio Bianchi, Aravind Machiry, John Grosen, Paul Grosen, Christopher Kruegel and Giovanni Vigna

Read More

BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments

Aravind Machiry, Eric Gustafson, Chad Spensky, Christopher Salls, Nick Stephens, Ruoyu Wang, Antonio Bianchi, Yung Ryn Choe, Christopher Kruegel and Giovanni Vigna

Read More

Dynamic Differential Location Privacy with Personalized Error Bounds

Lei Yu, Ling Liu and Calton Pu

Read More

A Broad View of the Ecosystem of Socially Engineered Exploit Documents

Stevens Le Blond, Cedric Gilbert, Utkarsh Upadhyay, Manuel Gomez Rodriguez and David Choffnes

Read More

Dark Hazard: Learning-based, Large-Scale Discovery of Hidden Sensitive Operations in Android Apps

Xiaorui Pan, Xueqiang Wang, Yue Duan, XiaoFeng Wang and Heng Yin

Read More

ASLR on the Line: Practical Cache Attacks on the MMU

Ben Gras, Kaveh Razavi, Erik Bosman, Herbert Bos and Cristiano Giuffrida

Read More

Stack Bounds Protection with Low Fat Pointers

Gregory J. Duck, Roland H.C. Yap and Lorenzo Cavallaro

Read More

Towards Implicit Visual Memory-Based Authentication

Claude Castelluccia, Markus Duermuth, Maximilian Golla and Fatma Imamoglu

Read More

Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud

Clementine Maurice, Manuel Weber, Michael Schwarz, Lukas Giner, Daniel Gruss, Carlo Alberto Boano, Stefan Mangard and Kay Rœmer

Read More

Avoiding The Man on the Wire: Improving Tor’s Security with Trust-Aware Path Selection

Aaron Johnson, Rob Jansen, Aaron D. Jaggard, Joan Feigenbaum and Paul Syverson

Read More

The Effect of DNS on Tor’s Anonymity

Benjamin Greschbach, Tobias Pulls, Laura M. Roberts, Philipp Winter and Nick Feamster

Read More

Hey, My Malware Knows Physics! Attacking PLCs with Physical Model Aware Rootkit

Luis Garcia, Ferdinand Brasser, Mehmet H. Cintuglu, Ahmad-Reza Sadeghi, Osama Mohammed and Saman A. Zonouz

Read More

Wi-Fly?: Detecting Privacy Invasion Attacks by Consumer Drones

Simon Birnbach, Richard Baker and Ivan Martinovic

Read More

Dissecting Tor Bridges: a Security Evaluation of their Private and Public Infrastructures

Srdjan Matic, Carmela Troncoso and Juan Caballero

Read More

HOP: Hardware makes Obfuscation Practical

Kartik Nayak, Christopher Fletcher, Ling Ren, Nishanth Chandran, Satya Lokam, Elaine Shi and Vipul Goyal

Read More

MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models

Enrico Mariconti, Lucky Onwuzurike, Panagiotis Andriotis, Emiliano De Cristofaro, Gordon Ross and Gianluca Stringhini

Read More

TenantGuard: Scalable Runtime Verification of Cloud-Wide VM-Level Network Isolation

Yushun Wang, Taous Madi, Suryadipta Majumdar, Yosr Jarraya, Amir Alimohammadifar, Makan Pourzandi, Lingyu Wang and Mourad Debbabi

Read More

Automated Synthesis of Semantic Malware Signatures using Maximum Satisfiability

Yu Feng, Osbert Bastani, Ruben Martins, Isil Dillig and Saswat Anand

Read More

Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying

Kangjie Lu, Marie-Therese Walter, David Pfaff, Stefan Nuernberger, Wenke Lee and Michael Backes

Read More

IO-DSSE: Scaling Dynamic Searchable Encryption to Millions of Indexes By Improving Locality

Ian Miers and Payman Mohassel

Read More

VUzzer: Application-aware Evolutionary Fuzzing

Sanjay Rawat, Vivek Jain, Ashish Kumar, Lucian Cojocar, Cristiano Giuffrida and Herbert Bos

Read More

Broken Hearted: How To Attack ECG Biometrics

Simon Eberz, Nicola Paoletti, Marc Roeschlin, Andrea Patane, Marta Kwiatkowska and Ivan Martinovic

Read More

HisTorε: Differentially Private and Robust Statistics Collection for Tor

Akshaya Mani and Micah Sherr

Read More

Thou Shalt Not Depend on Me: Analysing the Use of Outdated JavaScript Libraries on the Web

Tobias Lauinger, Abdelberi Chaabane, Sajjad Arshad, William Robertson, Christo Wilson and Engin Kirda

Read More

P2P Mixing and Unlinkable Bitcoin Transactions

Tim Ruffing, Pedro Moreno-Sanchez and Aniket Kate

Read More

PT-Rand: Practical Mitigation of Data-only Attacks against Page Tables

Lucas Davi, David Gens, Christopher Liebchen and Ahmad-Reza Sadeghi

Read More

SilentWhispers: Enforcing Security and Privacy in Decentralized Credit Networks

Giulio Malavolta, Pedro Moreno-Sanchez, Aniket Kate and Matteo Maffei

Read More

Deconstructing Xen

Lei Shi, Yuming Wu, Yubin Xia, Nathan Dautenhahn, Haibo Chen, Binyu Zang, Haibing Guan and Jinming Li

Read More

The Security Impact of HTTPS Interception

Zakir Durumeric, Zane Ma, Drew Springall, Richard Barnes, Nick Sullivan, Elie Bursztein, Michael Bailey, J. Alex Halderman and Vern Paxson

Read More

DELTA: A Security Assessment Framework for Software-Defined Networks

Seungsoo Lee, Changhoon Yoon, Chanhee Lee, Seungwon Shin, Vinod Yegneswaran and Phillip Porras

Read More

Obfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential Analysis

Andrea Continella, Yanick Fratantonio, Martina Lindorfer, Alessandro Puccetti, Ali Zand, Christopher Kruegel and Giovanni Vigna

Read More

A2C: Self Destructing Exploit Executions via Input Perturbation

Yonghwi Kwon, Brendan Saltaformaggio, I Luk Kim, Kyu Hyung Lee, Xiangyu Zhang and Dongyan Xu

Read More

Address Oblivious Code Reuse: On the Effectiveness of Leakage Resilient Diversity

Robert Rudd, Richard Skowyra, David Bigelow, Veer Dedhia, Thomas Hobson, Stephen Crane, Christopher Liebchen, Per Larsen, Lucas Davi, Michael Franz, Ahmad-Reza Sadeghi and Hamed Okhravi

Read More

Panoply: Low-TCB Linux Applications With SGX Enclaves

Shweta Shinde, Dat Le Tien, Shruti Tople and Prateek Saxena

Read More

WindowGuard: Systematic Protection of GUI Security in Android

Chuangang Ren, Peng Liu and Sencun Zhu

Read More