ACM 计算机与通信安全会议(CCS, ACM Conference on Computer and Communications Security)属于CCF A类会议,行业四大会议之一,行业认可非常高。CCS 2019年共收到?(2018:809)篇论文,录取149(2018:134)篇论文,录用率为?%(2018:16.6%)。国内录用论文的第一作者单位集中在清华大学、浙江大学,南京大学,香港城市大学、中国科学院信息工程研究所等高校,详细列表如下。
•“I don’t see why I would ever want to use it”: Analyzing the Usability of Popular Smartphone Password Managers
Sunyoung Seiler-Hwang (University of Mannheim); Patricia Arias-Cabarcos (University of Mannheim); Andrés Marín (University Carlos III of Madrid); Florina Almenares (University Carlos III of Madrid); Daniel Díaz-Sánchez (University Carlos III of Madrid); Christian Becker (University of Mannheim); Patricia Arias-Cabarcos (University Carlos III of Madrid);
•(Un)informed Consent: Studying GDPR Consent Notices in the Field
Christine Utz (Ruhr-Universität Bochum); Martin Degeling (Ruhr-Universität Bochum); Sascha Fahl (Ruhr-Universität Bochum); Florian Schaub (University of Michigan); Thorsten Holz (Ruhr-Universität Bochum);
•1 Trillion Dollar Refund – How To Spoof PDF Signatures
Vladislav Mladenov (Ruhr University Bochum, Chair for Network and Data Security); Christian Mainka (Ruhr University Bochum, Chair for Network and Data Security); Karsten Meyer zu Selhausen (Hackmanit GmbH); Martin Grothe (Ruhr University Bochum, Chair for Network and Data Security); Jörg Schwenk (Ruhr University Bochum, Chair for Network and Data Security);
•28 Blinks Later: Tackling Practical Challenges of Eye Movement Biometrics
Simon Eberz (University of Oxford); Giulio Lovisotto (University of Oxford); Kasper Rasmussen (University of Oxford); Vincent Lenders (Armasuisse); Ivan Martinovic (University of Oxford);
•5GReasoner: A Property-Directed Security and Privacy Analysis Framework for 5G Cellular Network Protocol
Syed Rafiul Hussain (Purdue University); Mitziu Echeverria (University of Iowa); Imtiaz Karim (Purdue University); Omar Chowdhury (The University of Iowa); Elisa Bertino (Purdue University);
•A Formal Treatment of Deterministic Wallets
Poulami Das (Technische Universität Darmstadt, Germany); Sebastian Faust (Technische Universität Darmstadt, Germany); Julian Loss (Ruhr-Universität Bochum, Germany);
•A High-Assurance, Automatically-Synthesized, Evaluator for Machine-Checked (Proactively) Secure Multi-Party Computation
Vitor Pereira (INESC TEC & DCC FC Universidade do Porto); Karim Eldefrawy (SRI International);
•A Machine-Checked Proof of Security for AWS Key Management Service
José Bacelar Almeida (University of Minho and INESC TEC); Manuel Barbosa (University of Porto (FCUP) and INESC TEC); Gilles Barthe (MPI-SP and IMDEA Software Institute); Matthew Campagna (Amazon Web Services); Ernie Cohen (Amazon Web Services); Benjamin Gregoire (INRIA Sophia Antipolis); Vitor Pereira (University of Porto (FCUP) and INESC TEC); Bernardo Portela (University of Porto (FCUP) and INESC TEC); Pierre-Yves Strub (École Polytechnique); Serdar Tasiran (Amazon Web Services);
•A Tale of Two Worlds: On the Difficulty of Pointer Sanitization in Trusted Execution Environments
Jo Van Bulck (imec-DistriNet, KU Leuven, Belgium); David Oswald (School of Computer Science, University of Birmingham, UK); Eduard Marin (School of Computer Science, University of Birmingham, UK); Abdulla Aldoseri (School of Computer Science, University of Birmingham, UK); Flavio D. Garcia (School of Computer Science, University of Birmingham, UK); Frank Piessens (imec-DistriNet, KU Leuven, Belgium);
•A Usability Evaluation of Let’s Encrypt and Certbot – Usable Security Done Right?
Christian Tiefenau (University of Bonn); Emanuel von Zezschwitz (University of Bonn, Fraunhofer FKIE); Maximilian Häring (Fraunhofer FKIE); Katharina Krombholz (CISPA Helmholtz Center for Information Security); Matthew Smith (University of Bonn, Fraunhofer FKIE);
•ABS: Scanning Neural Networks for Back-doors by Artificial Brain Stimulation
Yingqi Liu (Purdue University); Wen-Chuan Lee (Purdue University); Guanhong Tao (Purdue University); Shiqing Ma (Purdue University); Yousra Aafer (Purdue University); Xiangyu Zhang (Purdue University);
•Adversarial Sensor Attack on LiDAR-based Perception in Autonomous Driving
Yulong Cao (University of Michigan); Chaowei Xiao (University of Michigan); Benjamin Cyr (University of Michigan); Yimeng Zhou (University of Michigan); Won Park (University of Michigan); Sara Rampazzi (University of Michigan); Qi Alfred Chen (University of California, Irvine); Kevin Fu (University of Michigan); Z. Morley Mao (University of Michigan);
•AdVersarial: Perceptual Ad Blocking meets Adversarial Machine Learning
Florian Tramèr (Stanford University); Pascal Dupré (CISPA); Gili Rusak (Stanford); Giancarlo Pellegrino (Stanford University, CISPA); Dan Boneh (Stanford University);
•An In-depth Look Into SDN Topology Discovery Mechanisms: Novel Attacks and Practical Countermeasures
Eduard Marin (University of Birmingham); Nicola Bucciol (University of Padua); Mauro Conti (University of Padua);
•Analyzing Subgraph Statistics from Extended Local Views with Decentralized Differential Privacy
Haipei Sun (Qatar Computing Research Institute); Xiaokui Xiao (National University of Singapore); Issa Khalil (Qatar Computing Research Institute (QCRI), HBKU); Yin Yang (College of Science and Engineering, Hamad Bin Khalifa University); Zhan Qin (ZheJiang University); Hui (Wendy) Wang (Stevens Institute of Technology); Ting Yu (Qatar Computing Research Institute);
•Are These Pairing Elements Correct? Automated Verification and Applications
Susan Hohenberger (Johns Hopkins University); Satyanarayana Vusirikala (University of Texas at Austin);
•Atomic Multi-Channel Updates with Constant Collateral in Payment-Channel Networks
Christoph Egger (Friedrich-Alexander-Universität Erlangen-Nürnberg); Pedro Moreno-Sanchez (TU Wien); Matteo Maffei (TU Wien);
•Attacking Graph-based Classification via Manipulating the Graph Structure
Binghui Wang (Iowa State University); Neil Zhenqiang Gong (Iowa State University/Duke University);
•Automatically Identifying Vulnerable BLE-IoT Devices From Google Play (and Locating Them in Real World)
Chaoshun Zuo (Ohio State University); Haohuang Wen (Ohio State University); Zhiqiang Lin (Ohio State University); Yinqian Zhang (Ohio State University);
•Balance: Dynamic Adjustment of Cryptocurrency Deposits
Dominik Harz (Imperial College London); Lewis Gudgeon (Imperial College London); Arthur Gervais (Imperial College London); William J. Knottenbelt (Imperial College London);
•Binary Control-Flow Trimming
Masoud Ghaffarinia (University of Texas at Dallas); Kevin Hamlen (University of Texas at Dallas);
•Certificate Transparency in the Wild: Exploring the Reliability of Monitors
Bingyu Li (Institute of Information Engineering, CAS); Jingqiang Lin (Institute of Information Engineering, CAS); Fengjun Li (The University of Kansas, Lawrence, USA); Qiongxiao Wang (Institute of Information Engineering, CAS); Qi Li (Tsinghua University, China); Jiwu Jing (Institute of Information Engineering, CAS); Congli Wang (Institute of Information Engineering, CAS);
•Charting the Attack Surface of Trigger-Action IoT Platforms
Qi Wang (University of Illinois at Urbana-Champaign); Pubali Datta (University of Illinois at Urbana-Champaign); Wei Yang (The University of Texas at Dallas); Si Liu (University of Illinois at Urbana-Champaign); Carl Gunter (University of Illinois at Urbana-Champaign); Adam Bates (University of Illinois at Urbana-Champaign);
•CHURP: Dynamic-Committee Proactive Secret Sharing
Sai Krishna Deepak Maram (Cornell Tech); Fan Zhang (Cornell Tech); Lun Wang (UC Berkeley); Andrew Low (UC Berkeley); Yupeng Zhang (UC Berkeley and Texas A&M); Ari Juels (Jacobs Institute, Cornell Tech); Dawn Song (UC Berkeley);
•Conjure: Summoning Proxies from Unused Address Space
Sergey Frolov (University of Colorado Boulder); Jack Wampler (University of Colorado Boulder); Sze Chuen Tan (UIUC); J. Alex Halderman (University of Michigan); Nikita Borisov (UIUC); Eric Wustrow (University of Colorado Boulder); J. Alex Halderman (University of Michigan);
•CryptoGuard: High Precision Detection of Cryptographic Vulnerabilities in Massive-sized Java Projects
Sazzadur Rahaman (Department of Computer Science, Virginia Tech); Ya Xiao (Department of Computer Science, Virginia Tech); Sharmin Afrose (Department of Computer Science, Virginia Tech); Fahad Shaon (Department of Computer Science, The University of Texas at Dallas); Ke Tian (Department of Computer Science, Virginia Tech); Miles Frantz (Department of Computer Science, Virginia Tech); Danfeng (Daphne) Yao (Department of Computer Science, Virginia Tech); Murat Kantarcioglu (Department of Computer Science, The University of Texas at Dallas);
•DeepIntent: Deep Icon-Behavior Learning for Detecting Intention-Behavior Discrepancy in Mobile Apps
Shengqu Xi (Nanjing University); Shao Yang (Case Western Reserve University); Xusheng Xiao (Case Western Reserve University); Yuan Yao (Nanjing University); Yayuan Xiong (Nanjing University); Fengyuan Xu (National Key Lab for Novel Software Technology, Nanjing University); Haoyu Wang (Beijing University of Posts and Telecommunications); Peng Gao (University of California, Berkeley); Feng Xu (Nanjing University); Jian Lu (Nanjing University);
•DeMiCPU: Device Fingerprinting with Magnetic Signals Radiated by CPU
Yushi Cheng (Zhejiang University); Xiaoyu Ji (Zhejiang University); Juchuan Zhang (Zhejiang University); Wenyuan Xu (Zhejiang University); Yi-Chao Chen (University of Texas at Austin);
•Detecting Fake Accounts in Online Social Networks at the Time of Registrations
Dong Yuan (Tsinghua University); Yuanli Miao (Tsinghua University); Neil Zhenqiang Gong (Iowa State University/Duke University); Qi Li (Tsinghua University); Dawn Song (UC Berkeley); Qian Wang (Wuhan University); Xiao Liang (Tencent);
•Different is Good: Detecting the Use of Uninitialized Variables through Differential Replay
Mengchen Cao (Orion Security Lab, Alibaba Group); Xiantong Hou (Orion Security Lab, Alibaba Group); Tao Wang (Orion Security Lab, Alibaba Group); Hunter Qu (Orion Security Lab, Alibaba Group); Yajin Zhou (Zhejiang University); Xiaolong Bai (Orion Security Lab, Alibaba Group); Fuwei Wang (Orion Security Lab, Alibaba Group);
•Differentially Private Nonparametric Hypothesis Testing
Simon Couch (Reed College); Zeki Kazan (Reed College); Kaiyan Shi (Reed College); Andrew Bray (Reed College); Adam Groce (Reed College);
•Distributed Vector-OLE: Improved Constructions and Implementation
Adrià Gascón (The Alan Turing Institute / University of Warwick); Mariana Raykova (Google); Leonie Reichert (Humboldt-Universität zu Berlin); Phillipp Schoppmann (Humboldt-Universität zu Berlin);
•Efficient MPC via Program Analysis: A Framework for Efficient Optimal Mixing
Muhammad Ishaq (University of Edinburgh); Ana Milanova (Rensselaer Polytechnic Institute); Vassilis Zikas (University of Edinburgh); Muhammad Ishaq (University of Edinburgh);
•Efficient Multi-Key Homomorphic Encryption with Packed Ciphertexts with Application to Oblivious Neural Network Inference
Hao Chen (MIcrosoft Research); Wei Dai (Microsoft Research); Miran Kim (University of Texas, Health Science Center at Houston); Yongsoo Song (Microsoft Research);
•Efficient Publicly Verifiable 2PC over a Blockchain with Applications to Financially-Secure Computations
Ruiyu Zhu (Indiana University Bloomington); Changchang Ding (Indiana University Bloomington); Yan Huang (Indiana University Bloomington);
•Efficient Two-Round OT Extension and Silent Non-Interactive Secure Computation
Elette Boyle (IDC Herzliya); Geoffroy Couteau (Karlsruhe Institute of Technology); Niv Gilboa (Ben-Gurion University of the Negev); Yuval Ishai (Technion); Lisa Kohl (Karlsruhe Institute of Technology); Peter Rindal (Visa Research); Peter Scholl (Aarhus University);
•Efficient Verifiable Secret Sharing with Share Recovery in BFT Protocols
Soumya Basu (Cornell University, IC3, VMWare Research); Alin Tomescu (MIT, VMWare Research); Ittai Abraham (VMware Research); Dahlia Malkhi (VMWare); Mike Reiter (UNC, VMWare Research); Emin Gün Sirer (Cornell, IC3);
•Efficient zero-knowledge arguments in the discrete log setting, revisited
Michael Klooß (Karlsruhe Institute of Technology); Max Hoffmann (Ruhr University Bochum); Andy Rupp (Karlsruhe Institute of Technology);
•Encrypted Databases: New Volume Attacks against Range Queries
Zichen Gui (University of Bristol); Oliver Johnson (University of Bristol); Bogdan Warinschi (University of Bristol);
•Endemic Oblivious Transfer
Peter Rindal (Visa Research); Daniel Masny (Visa Research);
•Erlay: Efficient Transaction Relay for Bitcoin
Gleb Naumenko (University of British Columbia); Gregory Maxwell (); Pieter Wuille (Blockstream); Alexandra (Sasha) Fedorova (University of British Columbia); Ivan Beschastnikh (University of British Columbia);
•Exploiting Symmetries when Proving Equivalence Properties for Security Protocols
Vincent Cheval (INRIA Nancy – Grand Est); Steve Kremer (INRIA Nancy – Grand Est); Itsaka Rakotonirina (INRIA Nancy – Grand Est); Itsaka Rakotonirina (ENS Paris-Saclay & Imdea Software Institute);
•Fallout: Reading Kernel Writes From User Space
Marina Minkin (University of Michigan); Ahmad Moghimi (Worcester Polytechnic Institute); Moritz Lipp (Graz University of Technology); Michael Schwarz (Graz University of Technology); Jo Van Bulck (KU Leuven); Daniel Genkin (University of Michigan); Daniel Gruss (Graz University of Technology); Frank Piessens (KU Leuven); Berk Sunar (Worcester Polytechnic Institute); Yuval Yarom (University of Adelaide and Data61);
•Fast Actively Secure Five Party Computation with Security Beyond Abort
Megha Byali (Indian Institute of Science, Bangalore); Carmit Hazay (Bar-Ilan University, Israel); Arpita Patra (Indian Institute of Science, Bangalore); Swati Singla (Indian Institute of Science, Bangalore);
•Flexible Byzantine Fault Tolerance
Dahlia Malkhi (VMware Research); Kartik Nayak (VMware Research); Ling Ren (VMware Research);
•GALACTICS: Gaussian Sampling for Lattice-Based Constant-Time Implementation of Cryptographic Signatures, Revisited
Gilles Barthe (MPI-SP and IMDEA Software Institute); Sonia Belaïd (CryptoExperts); Thomas Espitau (Sorbonne Université); Pierre-Alain Fouque (Univ Rennes); Mélissa Ross (ENS and Thalès); Mehdi Tibouchi (NTT Corporation); Tibouchi Mehdi (NTT Secure Platform Laboratories);
•Generic, Efficient, and Effective Deobfuscation and Semantic-Aware Attack Detection for PowerShell Scripts
Zhenyuan LI (Zhejiang University); Qi Alfred Chen (University of California, Irvine); Chunlin Xiong (Zhejiang University); Yan Chen (Northwestern University); Hai Yang (MagicShield Inc);
•Geneva: Evolving Censorship Evasion Strategies
Kevin Bock (University of Maryland); George Hughey (University of Maryland); Xiao Qiang (UC Berkeley); Dave Levin (University of Maryland);
•Gollum: Modular and Greybox Exploit Generation for Heap Overflows in Interpreters
Sean Heelan (University of Oxford); Daniel Kroening (University of Oxford); Tom Melham (University of Oxford);
•Hardware-Backed Heist: Extracting ECDSA Keys from Qualcomm’s TrustZone
Keegan Ryan (NCC Group); Keegan Ryan (NCC Group);
•HideNoSeek: Camouflaging Malicious JavaScript in Benign ASTs
Aurore Fass (CISPA Helmholtz Center for Information Security); Michael Backes (CISPA Helmholtz Center for Information Security); Ben Stock (CISPA Helmholtz Center for Information Security); Ben Stock (CISPA Helmholtz Center for Information Security);
•HoneyBadgerMPC and AsynchroMix: Practical Asynchronous MPC and its Application to Anonymous Communication
Donghang Lu (Purdue University); Thomas Yurek (UIUC); Samarth Kulshreshtha (UIUC); Rahul Govind (UIUC); Aniket Kate (Purdue University); Andrew Miller (UIUC);
•Houdini’s Escape: Breaking the Resource Rein of Linux Control Groups
Xing Gao (University of Memphis); Zhongshu Gu (IBM Research); Zhengfa Li (Independent Researcher); Hani Jamjoom (IBM Research); Cong Wang (Old Dominion University);
•How to (not) share a password: Privacy preserving protocols for finding heavy hitters with adversarial behavior
Moni Naor (Weizmann Institue); Benny Pinkas (Bar Ilan University); Eyal Ronen (Tel Aviv University, KU Leuven); Eyal Ronen (Weizmann Institute of Science);
•How to accurately and privately identify anomalies
Hafiz Asif (Rutgers University); Periklis Papakonstantinou (Rutgers University); Jaideep Vaidya (Rutgers University);
•HyperService: Interoperability and Programmability across Heterogeneous Blockchains
Zhuotao Liu (UIUC & Google); Yangxi Xiang (Beijing University of Posts and Telecommunications); Jian Shi (Case Western Reserve University); Peng Gao (University of California, Berkeley); Haoyu Wang (Beijing University of Posts and Telecommunications); Xusheng Xiao (Case Western Reserve University); Bihan Wen (Nanyang Technological University); Yih-Chun Hu (UIUC);
•Insecure Until Proven Updated: Analyzing AMD SEV’s Remote Attestation
Robert Buhren (Technische Universität Berlin); Christian Werling ();
•Intriguer: Field-Level Constraint Solving for Hybrid Fuzzing
Mingi Cho (Yonsei University); Seoyoung Kim (Yonsei University); Taekyoung Kwon (Yonsei University); Taekyoung Kwon (Yonsei University);
•Just the Tip of the Iceberg: Internet-Scale Exploitation of Routers for Cryptojacking
H.L.J. Bijmans (Delft University of Technology); T.M. Booij (Delft University of Technology); C. Doerr (Delft University of Technology); Hugo Bijmans (Delft University of Technology); Tim Booij (Delft University of Technology);
•Learning to Fuzz from Symbolic Execution with Application to Smart Contracts
Jingxuan He (ETH Zurich); Mislav Balunovic (ETH Zurich); Nodar Ambroladze (ETH Zurich); Petar Tsankov (ETH Zurich); Martin Vechev (ETH Zurich);
•LegoSNARK: Modular Design and Composition of Succinct Zero-Knowledge Proofs
Matteo Campanelli (IMDEA Software Institute, Madrid, Spain); Dario Fiore (IMDEA Software Institute, Madrid, Spain); Anaïs Querol (IMDEA Software Institute, Madrid, and Universidad Politecnica de Madrid, Spain);
•Let’s Encrypt: An Automated Certificate Authority to Encrypt the Entire Web
Josh Aas (Let’s Encrypt); Richard Barnes (Cisco); Benton Case (Stanford University); Zakir Durumeric (Stanford University); Peter Eckersley (Electronic Frontier Foundation); Alan Flores-López (Stanford University); J. Alex Halderman (University of Michigan); Jacob Hoffman-Andrews (Electronic Frontier Foundation); James Kasten (University of Michigan); Eric Rescorla (Mozilla); Seth Schoen (Electronic Frontier Foundation); Brad Warren (Electronic Frontier Foundation);
•LevioSA: Lightweight Secure Arithmetic Computation
Carmit Hazay (Bar-Ilan University); Yuval Ishai (Technion); Antonio Marcedone (Cornell-Tech); Muthu Venkitasubramaniam (University of Rochester);
•LibreCAN: Automated CAN Message Translator
Mert D. Pesé (University of Michigan, Ann Arbor); Troy Stacer (University of Michigan, Ann Arbor); C. Andrés Campos (University of Michigan, Ann Arbor); Eric Newberry (University of Michigan, Ann Arbor); Dongyao Chen (University of Michigan, Ann Arbor); Kang G. Shin (University of Michigan, Ann Arbor);
•Lifelong Anomaly Detection Through Unlearning
Min Du (University of California Berkeley); Chang Liu (Citadel Securities); Rajvardhan Oak (University of California Berkeley); Zhi Chen (University of California Berkeley); Dawn Song (University of California Berkeley);
•LightBox: Full-stack Protected Stateful Middlebox at Lightning Speed
Huayi DUAN (City University of Hong Kong); Cong Wang (City University of Hong Kong); Xingliang Yuan (Monash University); Yajin Zhou (Zhejiang University); Qian Wang (Wuhan University); Kui Ren (Zhejiang University);
•Log2vec: A Heterogeneous Graph Embedding Based Approach for Detecting Cyber Threats within Enterprise
Fucheng Liu (Institute of Information Engineering, Chinese Academy of Science); Yu Wen (Institute of Information Engineering, Chinese Academy of Sciences); Dongxue Zhang (Institute of Information Engineering, Chinese Academy of Science); Xihe Jiang (Institute of Information Engineering, Chinese Academy of Science); Xinyu Xing (The Pennsylvania State University); Dan Meng (Institute of Information Engineering, Chinese Academy of Science); Fucheng Liu (Institute of Information Engineering, Chinese Academy of Science);
•Machine-Checked Proofs for Cryptographic Standards
José Bacelar Almeida (Universidade do Minho & INESC-TEC); Cécile Baritel-Ruet (Université Côte d’Azur & Inria Sophia-Antipolis); Manuel Barbosa (Universidade do Porto & INESC-TEC); Gilles Barthe (MPI-SP & IMDEA Software Institute); François Dupressoir (University of Surrey); Benjamin Grégoire (Inria Sophia-Antipolis); Vincent Laporte (Inria); Tiago Oliveira (Universidade do Porto & INESC-TEC & FCUP); Alley Stoughton (Boston University); Pierre-Yves Strub (École Polytechnique);
•Make Some ROOM for the Zeros: Data Sparsity in Secure Distributed Machine Learning
Phillipp Schoppmann (Humboldt-Universität zu Berlin); Adrià Gascón (The Alan Turing Institute, University of Warwick); Mariana Raykova (Google); Benny Pinkas (Bar Ilan University);
•MalMax: Multi-Aspect Execution for Automated Dynamic Web Server Malware Analysis
Abbas Naderi-Afooshteh (University of Virginia); Yonghwi Kwon (University of Virginia); Jack Davidson (University of Virginia); Anh Nguyen-Tuong (University of Virginia); Ali Razmjoo-Qalaei (ZDResearch); Mohammad-Reza Zamiri-Gourabi (ZDResearch);
•Matched and Mismatched SOCs: A Qualitative Study on Security Operations Center Issues
Faris Bugra Kokulu (Arizona State University); Ananta Soneji (Arizona State University); Tiffany Bao (Arizona State University); Yan Shoshitaishvili (Arizona State University); Ziming Zhao (Rochester Institute of Technology); Adam Doupé (Arizona State University); Gail-Joon Ahn (Arizona State University and Samsung Research);
•MatRiCT: Efficient, Scalable and Post-Quantum Blockchain Confidential Transactions Protocol
Muhammed F. Esgin (Monash University and Data61, CSIRO); Raymond K. Zhao (Monash University); Ron Steinfeld (Monash University); Joseph K. Liu (Monash University); Dongxi Liu (Data61, CSIRO);
•Matryoshka: fuzzing deeply nested branches
Peng Chen (ByteDance AI lab); Jianzhong Liu (ShanghaiTech University); Hao Chen (University of California, Davis);
•Membership Privacy for Fully Dynamic Group Signatures
Michael Backes (CISPA Helmholtz Center for Information Security); Lucjan Hanzlik (CISPA Helmholtz Center for Information Security, Stanford University); Jonas Schneider-Bensch (CISPA Helmholtz Center for Information Security);
•MemGuard: Defending against Black-Box Membership Inference Attacks via Adversarial Examples
Jinyuan Jia (Iowa State University); Ahmed Salem (CISPA Helmholtz Center for Information Security); Michael Backes (CISPA Helmholtz Center for Information Security); Yang Zhang (CISPA Helmholtz Center for Information Security); Neil Zhenqiang Gong (Iowa State University);
•Mitigating Leakage in Secure Cloud-Hosted Data Structures: Volume Hiding for Multi-Maps via Hashing
Sarvar Patel (Google); Giuseppe Persiano (Universita’ di Salerno and Google); Kevin Yeo (Google); Moti Yung (Google);
•Moving Beyond Set-It-And-Forget-It Privacy Settings on Social Media
Mainack Mondal (Cornell University / University of Chicago); Günce Su Yılmaz (University of Chicago); Noah Hirsch (University of Chicago); Mohammad Taha Khan (University of Illinois at Chicago); Michael Tang (University of Chicago); Christopher Tran (University of Illinois at Chicago); Chris Kanich (University of Illinois at Chicago); Blase Ur (University of Chicago); Elena Zheleva (University of Illinois at Chicago);
•Multisketches: Practical Secure Sketches Using Off-the-Shelf Biometric Matching Algorithms
Rahul Chatterjee (Cornell University); M. Sadegh Riazi (UCSD); Tanmoy Chowdhury (GMU); Emanuela Marasco (GMU); Farinaz Koushanfar (UCSD); Ari Juels (Jacobs Institute, Cornell Tech);
•Network Hygiene, Incentives, and Regulation: Deployment of Source Address Validation in the Internet
Matthew Luckie (University of Waikato); Robert Beverly (Naval Postgraduate School); Ryan Koga (CAIDA / UC San Diego); Ken Keys (CAIDA / UC San Diego); Joshua Kroll (UC Berkeley School of Information); kc claffy (CAIDA / UC San Diego);
•Neural Network Inversion in Adversarial Setting via Background Knowledge Alignment
Ziqi Yang (National University of Singapore); Jiyi Zhang (National University of Singapore); Ee-Chien Chang (National University of Singapore); Zhenkai Liang (National University of Singapore);
•Oh, the Places You’ve Been! Design and Evaluation of a Longitudinal Transparency Tool for Third-Party Web Tracking and Inferencing
Ben Weinshel (University of Chicago); Miranda Wei (University of Chicago); Mainack Mondal (Cornell University / University of Chicago); Euirim Choi (University of Chicago); Shawn Shan (University of Chicago); Claire Dolin (University of Chicago); Michelle L. Mazurek (University of Maryland); Blase Ur (University of Chicago);
•Omniring: Scaling Up Private Payments Without Trusted Setup — Formal Foundations and a Construction of Ring Confidential Transactions with Log-size Proofs
Russell W. F. Lai (Friedrich Alexander University Erlangen-Nuremberg); Viktoria Ronge (Friedrich Alexander University Erlangen-Nuremberg); Tim Ruffing (Blockstream); Dominique Schröder (Friedrich Alexander University Erlangen-Nuremberg); Sri Aravinda Krishnan Thyagarajan (Friedrich Alexander University Erlangen-Nuremberg); Jiafan Wang (Chinese University of Hong Kong);
•Onion Ring ORAM: Efficient Constant Bandwidth Oblivious RAM from (Leveled) TFHE
Hao Chen (Microsoft Research); Ilaria Chillotti (KU Leuven); Ling Ren (VMware Research);
•OPERA: Open Remote Attestation for Intel’s Secure Enclaves
Guoxing Chen (The Ohio State University); Yinqian Zhang (The Ohio State University); Ten-Hwang Lai (The Ohio State University);
•Page Cache Attacks
Daniel Gruss (Graz University of Technology); Erik Kraft (Graz University of Technology); Trishita Tiwari (Boston University); Michael Schwarz (Graz University of Technology); Ari Trachtenberg (Boston University); Jason Hennessey (NetApp); Alex Ionescu (CrowdStrike); Anders Fogh (Intel Corporation);
•Peeves: Physical Event Verification in Smart Homes
Simon Birnbach (University of Oxford); Simon Eberz (University of Oxford); Ivan Martinovic (University of Oxford);
•PIEs: Public Incompressible Encodings for Decentralized Storage
Ethan Cecchetti (Cornell University); Benjamin Fisch (Stanford University); Ian Miers (Cornell Tech); Ari Juels (Jacobs Institute, Cornell Tech);
•POIROT: Aligning Attack Behavior with Kernel Audit Records for Cyber Threat Hunting
Sadegh M. Milajerdi (UIC); Birhanu Eshete (University of Michigan-Dearborn); Rigel Gjomemo (UIC); V.N. Venkatakrishnan (UIC);
•Post-Collusion Security and Distance Bounding
Sjouke Mauw (SnT/CSC, University of Luxembourg); Zach Smith (CSC, University of Luxembourg); Jorge Toro-Pozo (CSC, University of Luxembourg); Rolando Trujillo-Rasua (School of Information Technology, Deakin University);
•Power Adjusting and Bribery Racing: Novel Mining Attacks in the Bitcoin System
Shang Gao (The Hong Kong Polytechnic University); Zecheng Li (The Hong Kong Polytechnic University); Zhe Peng (The Hong Kong Polytechnic University); Bin Xiao (The Hong Kong Polytechnic University); Shang Gao (Microsoft Research);
•Practical Decryption exFiltration: Breaking PDF Encryption
Jens Müller (Ruhr University Bochum); Fabian Ising (Münster University of Applied Sciences); Vladislav Mladenov (Ruhr University Bochum); Christian Mainka (Ruhr University Bochum); Sebastian Schinzel (Münster University of Applied Sciences); Jörg Schwenk (Ruhr University Bochum);
•Practical Fully Secure Three-Party Computation via Sublinear Distributed ZK Proofs
Ariel Nof (Bar-Ilan University); Yuval Ishai (Technion and UCLA); Elette Boyle (IDC Herzliya); Niv Gilboa (BGU);
•Principled Unearthing of TCP Side Channel Vulnerabilities
Yue Cao (University of California, Riverside); Zhongjie Wang (University of California, Riverside); Zhiyun Qian (University of California, Riverside); Chengyu Song (University of California, Riverside); Srikanth Krishnamurthy (University of California, Riverside); Paul Yu (Army Research Laboratory);
•Prism: Deconstructing the Blockchain to Approach Physical Limits
Vivek Bagaria (Stanford University); Sreeram Kannan (University of Washington Seattle); David Tse (Stanford University); Giulia Fanti (Carnegie Mellon University); Pramod Viswanath (University of Illinois Urbana-Champaign);
•Privacy Aspects and Subliminal Channels in Zcash
Alex Biryukov (University of Luxembourg); Daniel Feher (University of Luxembourg); Giuseppe Vitto (University of Luxembourg);
•Privacy Risks of Securing Machine Learning Models against Adversarial Examples
Liwei Song (Princeton University); Reza Shokri (National University of Singapore (NUS)); Prateek Mittal (Princeton University);
•PrivDPI: Privacy-Preserving Encrypted Traffic Inspection with Reusable Obfuscated Rules
Jianting Ning (National University of Singapore); Geong Sen Poh (NUS-Singtel Cyber Security Research and Development Laboratory); Jia-Ch’ng Loh (NUS-Singtel Cyber Security Research and Development Laboratory); Jason Chia (NUS-Singtel Cyber Security Research and Development Laboratory); Ee-Chien Chang (National University of Singapore);
•Probabilistic Data Structures in Adversarial Environments
David Clayton (University of Florida); Christopher Patton (University of Florida); Thomas Shrimpton (University of Florida);
•Procedural Noise Adversarial Examples for Black-Box Attacks on Deep Neural Networks
Kenneth Co (Imperial College London); Luis Muñoz-González (Imperial College London); Emil C. Lupu (Imperial College London); Kenneth Co (Imperial College London); Sixte de Maupeou ();
•Program-mandering: Quantitative Privilege Separation
Shen Liu (The Pennsylvania State University, University Park); Dongrui Zeng (The Pennsylvania State University, University Park); Yongzhe Huang (The Pennsylvania State University, University Park); Frank Capobianco (The Pennsylvania State University, University Park); Stephen McCamant (University of Minnesota, Twin Cities); Trent Jaeger (The Pennsylvania State University, University Park); Gang Tan (The Pennsylvania State University, University Park);
•Proof Carrying Network Code
Christian Skalka (University of Vermont); John Ring (University of Vermont); David Darais (University of Vermont); Minseok Kwon (Rochester Institute of Technology); Sahil Gupta (Rochester Institute of Technology); Kyle Diller (Rochester Institute of Technology); Steffen Smolka (Cornell University); Nate Foster (Cornell University);
•Protocols for Checking Compromised Credentials
Lucy Li (Cornell University); Bijeeta Pal (Cornell University); Junade Ali (Cloudflare Inc.); Nick Sullivan (Cloudflare Inc.); Rahul Chatterjee (Cornell University); Thomas Ristenpart (Cornell Tech);
•Quantitative Verification of Neural Networks And Its Security Applications
Teodora Baluta (National University of Singapore); Shiqi Shen (National University of Singapore); Shweta Shinde (University of California, Berkeley); Kuldeep S. Meel (National University of Singapore); Prateek Saxena (National University of Singapore); Shweta Shinde (University of California, Berkeley);
•QUOTIENT: Securely Training Deep Networks via Oblivious Transfer
Adria Gascon (The Alan Turing Institute); Ali Shahin Shamsabadi (Queen Mary University London); Nitin Agrawal (University of Oxford); Matthew Kusner (University of Oxford, The Alan Turing Institute);
•Regula Sub-rosa: Latent Backdoor Attacks on Deep Neural Networks
Yuanshun Yao (University of Chicago); Huiying Li (University of Chicago); Haitao Zheng (University of Chicago); Ben Y. Zhao (University of Chicago);
•SAMPL: Scalable Auditability of Monitoring Processes using Public Ledgers
Roopa Vishwanathan (New Mexico State University); Gaurav Panwar (New Mexico State University); Satyajayant Misra (New Mexico State University); Austin Bos (New Mexico State University);
•SecTEE: A Software-based Approach to Secure Enclave Architecture Using TEE
Shijun Zhao (Institute of Software Chinese Academy of Sciences); Qianying Zhang (Capital Normal University Information Engineering Colleg); Qin Yu (Institute of Software Chinese Academy of Sciences); Wei Feng (Institute of Software Chinese Academy of Sciences); Dengguo Feng (Institute of Software Chinese Academy of Sciences);
•Securely Sampling Biased Coins with Applications to Differential Privacy
Jeffrey Champion (Northeastern University); Abhi Shelat (Northeastern University); Jonathan Ullman (Northeastern University);
•Security Certification in Payment Card Industry: Testbeds, Measurements, and Recommendations
Sazzadur Rahaman (Department of Computer Science, Virginia Tech); Danfeng (Daphne) Yao (Department of Computer Science, Virginia Tech); Gang Wang (Department of Computer Science, Virginia Tech);
•Seeing isn’t Believing: Towards More Robust Adversarial Attack Against Real World Object Detectors
Yue Zhao (SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, China; School of Cyber Security, University of Chinese Academy of Sciences, China); Hong Zhu (SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, China; School of Cyber Security, University of Chinese Academy of Sciences, China); Ruigang Liang (SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China); Qintao Shen (SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, China; School of Cyber Security, University of Chinese Academy of Sciences, China); Shengzhi Zhang (Department of Computer Science, Metropolitan College, Boston University); Kai Chen (SKLOIS, Institute of Information Engineering,Chinese Academy of Sciences, China; School of Cyber Security, University of Chinese Academy of Sciences, China);
•SEEMless: Secure End-to-End Encrypted Messaging with less Trust
Melissa Chase (Microsoft Research); Apoorvaa Deshpande (Brown University); Esha Ghosh (Microsoft Research); Harjasleen Malvai (Cornell University);
•Seems Legit: Automated Analysis of Subtle Attacks on Protocols that use Signatures
Dennis Jackson (University of Oxford); Katriel Cohn-Gordon (Facebook); Cas Cremers (CISPA Helmholtz Center for Information Security); Ralf Sasse (ETH Zürich);
•SICO: Surgical Interception Attacks by Manipulating BGP Communities
Henry Birge-Lee (Princeton University); Liang Wang (Princeton University); Jennifer Rexford (Princeton University); Prateek Mittal (Princeton University);
•Signed Cryptographic Program Verification with Typed CryptoLine
Yu-Fu Fu (Academia Sinica); Jiaxiang Liu (Academia Sinica & Shenzhen University); Xiaomu Shi (Academia Sinica & Shenzhen University); Ming-Hsien Tsai (Academia Sinica); Bow-Yaw Wang (Academia Sinica); Bo-Yin Yang (Academia Sinica);
•SLAKE: Facilitating Slab Manipulation for Exploiting Vulnerabilities in the Linux Kernel
Yueqi Chen (Pennsylvania State University); Xinyu Xing (Pennsylvania State University);
•SMoTherSpectre: exploiting speculative execution through port contention
Atri Bhattacharyya (EPFL); Alexandra Sandulescu (IBM Zurich); Matthias Neugschwandtner (IBM Zurich); Alessandro Sorniotti (IBM Zurich); Babak Falsafi (EPFL); Mathias Payer (EPFL); Anil Kurmus (IBM Zurich);
•Sonic: Zero-Knowledge SNARKs from Linear-Size Universal and Updatable Structured Reference Strings
Mary Maller (University College London); Sean Bowe (Zcash); Markulf Kohlweiss (University of Edinburgh, IOHK); Sarah Meiklejohn (University College London);
•Specifying and Enforcing Data Privacy in Smart Contracts
Samuel Steffen (ETH Zürich); Benjamin Bichsel (ETH Zürich); Mario Gersbach (ETH Zürich); Noa Melchior (ETH Zürich); Petar Tsankov (ETH Zürich); Martin Vechev (ETH Zürich);
•SPHINCS+
Andreas Hülsing (TU Eindhoven); Peter Schwabe (RU Nijmegen); Joost Rijneveld (RU Nijmegen); Stefan Kölbl (Cybercrypt); Daniel J Bernstein (University of Illinois at Chicago and Ruhr University Bochum); Ruben Niederhagen (SIT Fraunhofer);
•Stormy: Statistics in Tor by Measuring Securely
Ryan Wails (U.S. Naval Research Laboratory); Aaron Johnson (U.S. Naval Research Laboratory); Daniel Starin (Perspecta Labs); Arkady Yerukhimovich (George Washington University); S. Dov Gordon (George Mason University); Arkady Yerukhimovich (MIT Lincoln Laboratory);
•Succinct Arguments for Bilinear Group Arithmetic: Practical Structure-Preserving Cryptography
Russell W. F. Lai (Friedrich-Alexander University Erlangen-Nuremberg); Giulio Malavolta ( Carnegie Mellon University); Viktoria Ronge (Friedrich-Alexander University Erlangen-Nuremberg);
•Tesseract: Real-Time Cryptocurrency Exchange Using Trusted Hardware
Iddo Bentov (Cornell Tech); Ari Juels (Cornell Tech); Fan Zhang (Cornell Tech); Yan Ji (Cornell Tech); Phil Daian (Cornell Tech); Lorenz Breindenbach (ETH Zurich); Iddo Bentov (Cornell University);
•The Art and Craft of Fraudulent App Promotion in Google Play
Mizanur Rahman (Amazon); Nestor Hernandez (FIU); Ruben Recabarren (FIU); Ishtiaque Ahmed (University of Toronto); Bogdan Carbunar (FIU);
•The Catcher in the Field: A Fieldprint based Spoofing Detection for Text-Independent Speaker Verification
Chen Yan (Zhejiang University); Yan Long (Zhejiang University); Xiaoyu Ji (Zhejiang University); Wenyuan Xu (Zhejiang University);
•The Next 700 Policy Miners: A Universal Method for Building Policy Miners
Carlos Cotrini (ETH Zurich); Luca Corinzia (ETH Zurich); Thilo Weghorn (ETH Zurich); David Basin (ETH Zurich);
•Three years of the Right to be Forgotten
Kurt Thomas (Google); Theo Bertram (Google); Elie Bursztein (Google); Stephanie Caro (Google); Hubert Chao (Google); Rutledge Chin Feman (Google); Peter Fleischer (Google); Albin Gustafsson (Google); Jess Hemerly (Google); Chris Hibbert (Google); Luca Invernizzi (Google); Lanah Kammourieh Donnelly (Google); Jason Ketover (Google); Jay Laefer (Google); Paul Nicholas (Google); Yuan Niu (Google); Harjinder Obhi (Google); David Price (Google); Andrew Strait (Google); Al Verney (Google);
•TokenScope: Automatically Discovering Inconsistent Cryptocurrency Tokens
Ting Chen (University of Electronic Science and Technology of China); Yufei Zhang (University of Electronic Science and Technology of China); Zihao Li (University of Electronic Science and Technology of China); Xiapu Luo (The Hong Kong Polytechnic University); Ting Wang (Lehigh University); Rong Cao (University of Electronic Science and Technology of China); Xiuzhuo Xiao (University of Electronic Science and Technology of China); Xiaosong Zhang (University of Electronic Science and Technology of China);
•Towards Continuous Access Control Validation and Forensics
Chengcheng Xiang (University of California San Diego); Yudong Wu (University of California San Diego); Bingyu Shen (University of California San Diego); Mingyao Shen (University of California San Diego); Tianyin Xu (University of Illinois Urbana-Champaign); Yuanyuan Zhou (University of California San Diego); Cindy Moore (University of California San Diego); Xinxin Jin (Whova, Inc.); Tianwei Sheng (Whova, Inc.);
•Towards Memory Safety for Enclave Programs with Rust-SGX
Huibo Wang (University of Texas at Dallas); Pei Wang (Baidu X-Lab); Yu Ding (Baidu X-Lab); Mingshen Sun (Baidu X-Lab); Yiming Jing (Baidu X-Lab); Ran Duan (Baidu X-Lab); Long Li (Baidu X-Lab); Yulong Zhang (Baidu X-Lab); Tao Wei (Baidu X-Lab); Zhiqiang Lin (Ohio State University);
•Traceback for End-to-End Encrypted Messaging
Nirvan Tyagi (Cornell University); Ian Miers (Cornell Tech; University of Maryland); Thomas Ristenpart (Cornell Tech);
•Transparency Logs via Append-only Authenticated Dictionaries
Alin Tomescu (MIT); Vivek Bhupatiraju (Lexington High School); Dimitrios Papadopoulos (Hong Kong University of Science and Technology); Charalampos Papamanthou (University of Maryland); Nikos Triandopoulos (Stevens Institute of Technology); Srinivas Devadas (MIT);
•Trick or Heat? Manipulating Critical Temperature-Based Control Systems using Rectification attacks
Yazhou Tu (University of Louisiana at Lafayette); Sara Rampazzi (University of Michigan); Bin Hao (University of Louisiana at Lafayette); Angel Rodriguez (University of Michigan); Kevin Fu (University of Michigan); Xiali Hei (University of Louisiana at Lafayette);
•Triplet Fingerprinting: More Practical and Portable Website Fingerprinting with N-shot Learning
Payap Sirinam (Rochester Institute of Technology); Nate Matthews (Rochester Institute of Technology); Mohammad Saidur Rahman (Rochester Institute of Technology); Matthew Wright (Rochester Institute of Technology);
•Two-party Private Set Intersection with an Untrusted Third Party.
Phi Hung Le (George Mason University); Samuel Ranellucci (University of Maryland, George Mason University); S. Dov Gordon (George Mason University); Samuel Ranellucci (University of Maryland and George Mason University);
•Two-Thirds Honest-Majority MPC for Malicious Adversaries at Almost the Cost of Semi-Honest
Jun Furukawa (NEC Israel Research Center); Yehuda Lindell (Bar-Ilan University and Unbound Tech);
•Updatable Anonymous Credentials and Applications to Incentive Systems
Johannes Blömer (Paderborn University); Jan Bobolz (Paderborn University); Denis Diemert (Paderborn University); Fabian Eidens (Paderborn University);
•Updatable Oblivious Key Management for Storage Systems
Stanislaw Jarecki (University of California, Irvine); Hugo Krawczyk (Algorand Foundation); Jason Resch (Self);
•User Account Access Graphs
Sven Hammann (ETH Zurich); Sasa Radomirovic (University of Dundee); Ralf Sasse (ETH Zurich); David Basin (ETH Zurich);
•Velody: Harnessing Nonlinear Vibration Response for Resilient User Authentication
Jingjie Li (University of Wisconsin-Madison); Younghyun Kim (University of Wisconsin-Madison); Kassem Fawaz (University of Wisconsin-Madison);
•Verified code for verifying elections
Thomas Haines (Norwegian University of Science and Technology); Rajev Gore (The Australian National University); Mukesh Tiwari (The Australian National University); Thomas Haines (Queensland University of Technology);
•VeriSketch: Synthesizing Secure Hardware Designs with Timing-Sensitive Information Flow Properties
Armaiti Ardeshiricham (UCSD); Yoshiki Takashima (UCSD); Sicun Gao (UCSD); Ryan Kastner (UCSD);
•VoltJockey: Breaching TrustZone by Software-Controlled Voltage Manipulation over Multi-core Frequencies
Pengfei Qiu (Research Institute of Information Technology & BNRist, Tsinghua University, Beijing, China); Yongqiang Lyu (Research Institute of Information Technology & BNRist, Tsinghua University, Beijing, China); Dongsheng Wang (Research Institute of Information Technology & BNRist, Tsinghua University, Beijing, China); Gang Qu (Department of Electrical and Computer Engineering, University of Maryland, College Park, Maryland, USA);
•Watching You Watch: The Tracking Ecosystem of Over-the-Top TV Streaming Devices
Hooman Mohajeri Moghaddam (Princeton University); Gunes Acar (Princeton University); Arunesh Mathur (Princeton University); Danny Y. Huang (Princeton University); Ben Burgess (Princeton University); Nick Feamster (Princeton University); Edward Felten (Princeton University); Prateek Mittal (Princeton University); Arvind Narayanan (Princeton University);
•Where Does It Go? Refining Indirect-Call Targets with Multi-Layer Type Analysis
Kangjie Lu (University of Minnesota); Hong Hu (GeorgiaTech);
•WI is not Enough: Zero-Knowledge Contingent (Service) Payments Revisited
Georg Fuchsbauer (Inria and Ecole normale superieure);
•You Are Who You Appear to Be: A Longitudinal Study of Domain Impersonation in TLS Certificates
Richard Roberts (University of Maryland); Yaelle Goldschlag (University of Maryland); Rachel Walter (University of Maryland); Taejoong Chung (Rochester Institute of Technology); Alan Mislove (Northeastern University); Dave Levin (University of Maryland);
•You Shall Not Join: A Measurement Study of Cryptocurrency Peer-to-Peer Bootstrapping Techniques
Angelique Faye Loe (Royal Holloway, University of London); Elizabeth Quaglia (Royal Holloway, University of London);
•Your Cache Has Fallen: Cache-Poisoned Denial-of-Service Attack
Hoai Viet Nguyen (Cologne University of Applied Sciences); Luigi Lo Iacono (Cologne University of Applied Sciences); Hannes Federrath (University of Hamburg);
•ZombieLoad: Cross-Privilege-Boundary Data Sampling
Michael Schwarz (Graz University of Technology); Moritz Lipp (Graz University of Technology); Ahmad Moghimi (Worcester Polytechnic Institute); Jo Van Bulck (imec-DistriNet, KU Leuven); Julian Stecklina (Cyberus Technology); Thomas Prescher (Cyberus Technology); Daniel Gruss (Graz University of Technology);
会议主页:
https://sigsac.org/ccs/CCS2019/
安全学术圈招募队友-ing,有兴趣加入学术圈的请联系secdr#qq.com