A View from the Cockpit: Exploring Pilot Reactions to Attacks on Avionic Systems

Matthew Smith and Martin Strohmeier (University of Oxford); Jonathan Harman (unaffiliated); Vincent Lenders (Armasuisse); Ivan Martinovic (University of Oxford)

ABSynthe: Automatic Blackbox Side-channel Synthesis on Commodity Microarchitectures

Ben Gras, Michael Kurth, Cristiano Giuffrida, Herbert Bos, and Kaveh Razavi (Vrije Universiteit Amsterdam)

An Experimental Security Analysis of Relative Matching on a Genetic Genealogy Service

Peter Ney, Luis Ceze, and Tadayoshi Kohno (University of Washington)

Automated Cross-Platform Reverse Engineering of CAN Bus Commands from Mobile Apps

Haohuang Wen and Qingchuan Zhao (Ohio State University); Qi Alfred Chen (University of California, Irvine); Zhiqiang Lin (Ohio State University)

Automated Discovery of Cross-Plane Event-Based Vulnerabilities in Software-Defined Networking

Benjamin E. Ujcich (University of Illinois at Urbana-Champaign); Samuel Jero, Richard Skowyra, and Steven R. Gomez (MIT Lincoln Laboratory); Adam Bates and William H. Sanders (University of Illinois at Urbana-Champaign); Hamed Okhravi (MIT Lincoln Laboratory)

Babar: Runtime Provenance-Based Detector for Advanced Persistent Threats

Xueyuan Han (Harvard University); Thomas Pasquier (University of Bristol); Adam Bates (University of Illinois at Urbana-Champaign); James Mickens (Harvard University); Margo Seltzer (University of British Columbia)

BLAZE: Blazing Fast Privacy-Preserving Machine Learning

Arpita Patra and Ajith Suresh (Indian Institute of Science, Bangalore)

Bobtail: Improved Blockchain Security with Low-Variance Mining

George Bissias and Brian N. Levine (University of Massachusetts Amherst)

CDN Judo: Breaking the CDN DoS Protection with Itself

Run Guo, Weizhong Li, and Baojun Liu (Tsinghua University); Shuang Hao (University of Texas, Dallas); Haixin Duan, Jia Zhang, and Kaiwen Sheng (Tsinghua University); Jianjun Chen (ICSI, Berkeley); Ying Liu (Tsinghua University)

Complex Security Policy? A Longitudinal Analysis of Deployed Content Security Policies

Sebastian Roth (CISPA Helmholtz Center for Information Security); Timothy Barron (Stony Brook University); Stefano Calzavara (Università Ca’ Foscari Venezia); Nick Nikiforakis (Stony Brook University); Ben Stock (CISPA Helmholtz Center for Information Security)

Compliance Cautions: Investigating Security Issues Associated with U.S. Digital-Security Standards

Rock Stevens (University of Maryland); Josiah Dykstra and James Chapman (Independent security professional); Wendy Knox Everette (Leviathan Security Group); Garrett Bladow and Alexander Farmer (Independent security professional); Kevin Halliday and Michelle Mazurek (University of Maryland)

Cross-Origin State Inference (COSI) Attacks: Leaking Web Site States through XS-Leaks

Avinash Sudhodanan (IMDEA Software Institute); Soheil Khodayari (CISPA Helmholtz Center for Information Security); Juan Caballero (IMDEA Software Institute)

Decentralized Control: A Case Study of Russia

Reethika Ramesh (University of Michigan); Ramakrishnan Sundara Raman (University of Michgan); Matthew Bernhard (University of Michigan); Leonid Evdokimov (Independent); Victor Ongkowijaya (University of Michigan); Anne Edmundson (Independent); Muhammad Ikram and Roya Ensafi (University of Michigan)

Deceptive Previews: A Study of the Link Preview Trustworthiness in Social Platforms

Giada Martina Stivala (CISPA Helmholtz Center for Information Security); Giancarlo Pellegrino (Stanford University / CISPA Helmholtz Center for Information Security)

DefRec: Establishing Physical Function Virtualization to Disrupt Reconnaissance of Power Grids’ Cyber-Physical Infrastructures

Hui Lin and Jianing Zhuang (University of Nevada, Reno); Yih-Chun Hu (University of Illinois, Urbana-Champaign); Huayu Zhou (University of Nevada, Reno)

DESENSITIZATION: Privacy-Aware and Attack-Preserving Crash Report

Ren Ding, Hong Hu, Wen Xu, and Taesoo Kim (Georgia Tech)

Detecting Probe-resistant Proxies

Sergey Frolov (University of Colorado); Jack Wampler and Eric Wustrow (University of Colorado Boulder)

Dynamic Searchable Encryption with Small Client Storage

Ioannis Demertzis (University of Maryland); Javad Ghareh Chamani (Hong Kong University of Science and Technology & Sharif University of Technology); Dimitrios Papadopoulos (Hong Kong University of Science and Technology); Charalampos Papamanthou (University of Maryland)

EASI: Edge-Based Sender Identification on Resource-Constrained Platforms for Automotive Networks

Marcel Kneib (Robert Bosch GmbH); Oleg Schell (Bosch Engineering GmbH); Christopher Huth (Robert Bosch GmbH)

Encrypted DNS –> Privacy? A Traffic Analysis Perspective

Sandra Siby (EPFL); Marc Juarez (KU Leuven, ESAT/COSIC and iMinds); Narseo Vallina-Rodriguez (IMDEA Networks/ICSI); Claudia Diaz (KU Leuven); Carmela Troncoso (EPFL)

Et Tu Alexa? When Commodity WiFi Devices Turn into Adversarial Motion Sensors

Yanzi Zhu (UC Santa Barbara); Zhujun Xiao and Yuxin Chen (University of Chicago); Zhijing Li (UC Santa Barbara); Max Liu, Ben Y. Zhao, and Heather Zheng (University of Chicago)

Exploring the Privacy Threats of Browser Extension Fingerprinting

Soroush Karami, Panagiotis Ilia, Konstantinos Solomos, and Jason Polakis (University of Illinois at Chicago)

Fingerprinting Network Censorship Boxes at Global Scale

Ramakrishnan Sundara Raman and Adrian Stoll (University of Michigan); Jakub Dalek (Citizen Lab, University of Toronto); Armin Sarabi and Reethika Ramesh (University of Michigan); Will Scott (Oasis Labs); Roya Ensafi (University of Michigan)

FUSE: Finding File Upload Bugs via Penetration Testing

Taekjin Lee, Seongil Wi, Suyoung Lee, and Sooel Son (KAIST)

Heterogeneous Private Information Retrieval

Hamid Mozaffari and Amir Houmansadr (University of Massachusetts Amherst)

High-Fidelity Attack Investigation with Universal Provenance

Wajih Ul Hassan, Mohammad Ali Noureddine, Pubali Datta, and Adam Bates (University of Illinois Urbana-Champaign)

Hold the Door! Fingerprinting Your Car Key to Prevent Keyless Entry Car Theft

Kyungho Joo, Wonsuk Choi, and DongHoon Lee (Korea University)

HYPER-CUBE: High-Dimensional Hypervisor Fuzzing

Sergej Schumilo, Cornelius Aschermann, Ali Abbasi, Simon Wörner, and Thorsten Holz (Ruhr-Universität Bochum)

IMP4GT: IMPersonation Attacks in 4G NeTworks

David Rupprecht, Katharina Kohls, and Thorsten Holz (Ruhr University Bochum); Christina Poepper (New York University Abu Dhabi)

Into the Deep Web: Understanding E-commerce Fraud from Autonomous Chat with Cybercriminals

Peng Wang, Xiaojing Liao, Yue Qin, and XiaoFeng Wang (Indiana University Bloomington)

Let’s Revoke: Scalable Global Certificate Revocation

Trevor Smith, Luke Dickenson, and Kent Seamons (Brigham Young University)

Locally Differentially Private Frequency Estimation Exploiting Consistency

Tianhao Wang (Purdue University); Milan Lopuhaä-Zwakenberg (Eindhoven University of Technology); Zitao Li (Purdue University); Boris Skoric (Eindhoven University of Technology); Ninghui Li (Purdue University)

MACAO: A Maliciously-Secure and Client-Efficient Active ORAM Framework

Thang Hoang (University of South Florida); Jorge Guajardo (Robert Bosch Research and Technology Center); Attila Yavuz (University of South Florida)

Melting Pot of Origins: Compromising the Intermediary Web Services that Rehost Websites

Takuya Watanabe, Eitaro Shioji, and Mitsuaki Akiyama (NTT); Tatsuya Mori (Waseda University)

Metamorph: Injecting Inaudible Commands into Over-the-air Voice Controlled Systems

Tao Chen (City University of Hong Kong); Longfei Shangguan (Microsoft Cloud&AI); Zhenjiang Li (City University of Hong Kong); Kyle Jamieson (Princeton University)

Mind the Portability: A Warriors Guide through Realistic Profiled Side-channel Analysis

Shivam Bhasin (Temasek Laboratories @ Nanyang Technological University, Singapore); Anupam Chattopadhyay (Nanyang Technological University, Singapore); Annelie Heuser (CNRS, IRISA, France); Dirmanto Jap (Nanyang Technological University, Singapore); Stjepan Picek (TU Delft, The Netherlands); Ritu Ranjan Shrivastwa (Secure-IC, France)

NoJITsu: Locking Down JavaScript Engines

Taemin Park (University of California, Irvine); Karel Dhondt (imec-DistriNet, KU Leuven); David Gens and Yeoul Na (University of California, Irvine); Stijn Volckaert (imec-DistriNet, KU Leuven); Michael Franz (University of California, Irvine, USA)

OcuLock: Exploring Human Visual System for Authentication in Virtual Reality Head-mounted Display

Shiqing Luo and Anh Nguyen (Georgia State University); Chen Song (San Diego State University); Feng Lin (Zhejiang University); Wenyao Xu (SUNY Buffalo); Zhisheng Yan (Georgia State University)

On the Resilience of Biometric Authentication Systems against Random Inputs

Benjamin Zi Hao Zhao (University of New South Wales and Data61 CSIRO); Hassan Jameel Asghar and Mohamed Ali (Dali) Kaafar (Macquarie University and Data61 CSIRO)

On Using Application-Layer Middlebox Protocols for Peeking Behind NAT Gateways

Teemu Rytilahti and Thorsten Holz (Ruhr-University Bochum)

Optimal Defense Against Adversarial Distributions for Anomaly Detection with Differential Privacy

Jairo Giraldo (University of Texas at Dallas); Alvaro Cardenas (University of California Santa Cruz); Murat Kantarcioglu (University of Texas at Dallas); Jonathan Katz (University of Maryland)

Poseidon: Enabling Cost-efficient and Agile DDoS Defense with Programmable Switches

Menghao Zhang, Guanyu Li, Shicheng Wang, and Chang Liu (Tsinghua University); Ang Chen (Rice University); Hongxin Hu (Clemson University); Guofei Gu (Texas A&M University); Qi Li, Mingwei Xu, and Jianping Wu (Tsinghua University)

Post-Quantum Authentication in TLS 1.3: A Performance Study

Dimitrios Sikeridis (The University of New Mexico); Panos Kampanakis (Cisco Systems); Michael Devetsikiotis (The University of New Mexico)

Practical Traffic Analysis Attacks on Secure Messaging Applications

Alireza Bahramali, Amir Houmansadr, Ramin Soltani, Dennis Goeckel, and Don Towsley (UMass Amherst)

Prevalence and Impact of Low-Entropy Packing Schemes in the Malware Ecosystem

Alessandro Mantovani (EURECOM); Simone Aonzo (University of Genoa); Xabier Ugarte-Pedrero (Cisco Systems); Alessio Merlo (University of Genoa); Davide Balzarotti (EURECOM)

Proof of Spacetime: Efficiently Checking Continuous Data Availability

Giuseppe Ateniese (Stevens Institute of Technology); Long Chen (New Jersey Institute of Technology); Mohammard Etemad (Microsoft); Qiang Tang (New Jersey Institute of Technology)

ProtectIOn: Root-of-Trust for IO in Compromised Platforms

Aritra Dhar, Enis Ulqinaku, Kari Kostiainen, and Srdjan Capkun (ETH Zurich)

SAE: Secure Allegation Escrows

Venkat Arun (Massachusetts Institute of Technology); Aniket Kate (Purdue University); Deepak Garg and Peter Druschel (Max Planck Institute for Software Systems); Bobby Bhattacharjee (University of Maryland)

Sidestepping RPKI’s Deployment Barriers

Tomas Hlavacek (Fraunhofer SIT); Italo Cunha (Universidade Federal de Minas Gerais); Yossi Gilad (Hebrew University of Jerusalem); Amir Herzberg (University of Connecticut, USA); Ethan Katz-Bassett (Columbia University); Michael Schapira (Hebrew University of Jerusalem); Haya Shulman (Fraunhofer SIT)

Snappy: Fast On-chain Payments with Practical Collaterals

Vasilios Mavroudis (University College London); Karl Wüst, Aritra Dhar, Kari Kostiainen, and Srdjan Capkun (ETH Zurich)

SPEECHMINER: A Framework for Investigating and Measuring Speculative Execution Vulnerabilities

Yuan Xiao, Yinqian Zhang, and Radu Teodorescu (The Ohio State University)

Strong Authentication without Temper-Resistant Hardware and Application to Federated Identities

Zhenfeng Zhang (Trusted Computing and Information Assurance Laboratory, SKLCS, Institute of Software, Chinese Academy of Sciences); Yuchen Wang (Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences & University of Chinese Academy of Sciences); Kang Yang (State Key Laboratory of Cryptology)

SwarmProxy: Unblocking the Censored Web for the Masses

Milad Nasr, Hadi Zolfaghari, Amir Houmansadr, and Amirhossein Ghafari (University of Massachusetts Amherst)

SymTCP: Eluding Stateful Deep Packet Inspection with Automated Discrepancy Discovery

Zhongjie Wang, Shitong Zhu, Yue Cao, Zhiyun Qian, Chengyu Song, and Srikanth V. Krishnamurthy (University of California, Riverside); Tracy D. Braun and Kevin S. Chan (US Army Research Laboratory)

The Attack of the Clones Against Proof-of-Authority

Parinya Ekparinya (University of Sydney); Vincent Gramoli (University of Sydney and Data61, CSIRO); Guillaume Jourjon (Data61, CSIRO)

TKPERM: Cross-platform Permission Knowledge Transfer to Detect Overprivileged Third-party Applications

Faysal Hossain Shezan and Kaiming Cheng (University of Virginia); Zhen Zhang and Yinzhi Cao (Johns Hopkins University); Yuan Tian (University of Virginia)

Towards Plausible Graph Anonymization

Yang Zhang (CISPA Helmholtz Center for Information Security); Mathias Humbert (Swiss Data Science Center, ETH Zurich and EPFL); Bartlomiej Surma, Praveen Manoharan, Jilles Vreeken, and Michael Backes (CISPA Helmholtz Center for Information Security)

Trident: Efficient 4PC Framework for Privacy Preserving Machine Learning

Harsh Chaudhari (Indian Institute of Science, Bangalore India); Sai Rahul Rachuri (International Institute of Information Technology, Bangalore, India); Ajith Suresh (Indian Institute of Science, Bangalore, India)

UISCOPE: Accurate, Instrumentation-free, Deterministic and Visible Attack Investigation

Runqing Yang (Zhejiang University); Shiqing Ma (Rutgers University); Haitao Xu (Arizona State University); Xiangyu Zhang (Purdue University); Yan Chen (Northwestern University)

uRAI: Return Address Integrity for Embedded Systems

Naif Saleh Almakhdhub (Purdue University and King Saud University); Abraham A Clements (Sandia National Labs); Saurabh Bagchi (Purdue University); Mathias Payer (EPFL)

When Match Fields Do Not Need to Match: Buffered Packets Hijacking in SDN

Jiahao Cao (Tsinghua University; George Mason University); Renjie Xie (Tsinghua University); Kun Sun (George Mason University); Qi Li (Tsinghua University); Guofei Gu (Texas A&M University); Mingwei Xu (Tsinghua University)

Withdrawing the BGP Re-Routing Curtain: Understanding and Analyzing the Security Impact of BGP Poisoning through Real-World Measurements

Jared M. Smith, Kyle Birkeland, Tyler McDaniel, and Max Schuchard (University of Tennessee, Knoxville)

Zeria: A Metadata-Hiding and Oblivious File Sharing System

Weikeng Chen and Raluca Ada Popa (UC Berkeley)

会议主页：