default search action
24th NDSS 2017: San Diego, CA, USA
- 24th Annual Network and Distributed System Security Symposium, NDSS 2017, San Diego, California, USA, February 26 - March 1, 2017. The Internet Society 2017
Session 1: Applied Crypto and Cryptocurrencies
- Ian Miers, Payman Mohassel:
IO-DSSE: Scaling Dynamic Searchable Encryption to Millions of Indexes By Improving Locality. - Adam J. Aviv, Seung Geol Choi, Travis Mayberry, Daniel S. Roche:
ObliviSync: Practical Oblivious File Backup and Synchronization. - Ethan Heilman, Leen Alshenibr, Foteini Baldimtsi, Alessandra Scafuro, Sharon Goldberg:
TumbleBit: An Untrusted Bitcoin-Compatible Anonymous Payment Hub. - Tim Ruffing, Pedro Moreno-Sanchez, Aniket Kate:
P2P Mixing and Unlinkable Bitcoin Transactions. - Giulio Malavolta, Pedro Moreno-Sanchez, Aniket Kate, Matteo Maffei:
SilentWhispers: Enforcing Security and Privacy in Decentralized Credit Networks.
Session 2A: Virtualization and SDN
- Seungsoo Lee, Changhoon Yoon, Chanhee Lee, Seungwon Shin, Vinod Yegneswaran, Phillip A. Porras:
DELTA: A Security Assessment Framework for Software-Defined Networks. - Tianlong Yu, Seyed Kaveh Fayaz, Michael P. Collins, Vyas Sekar, Srinivasan Seshan:
PSI: Precise Security Instrumentation for Enterprise Networks. - Juan Deng, Hongda Li, Hongxin Hu, Kuang-Ching Wang, Gail-Joon Ahn, Ziming Zhao, Wonkyu Han:
On the Safety and Efficiency of Virtual Firewall Elasticity Control. - Le Shi, Yuming Wu, Yubin Xia, Nathan Dautenhahn, Haibo Chen, Binyu Zang, Jinming Li:
Deconstructing Xen.
Session 2B: Web Security
- Tobias Lauinger, Abdelberi Chaabane, Sajjad Arshad, William Robertson, Christo Wilson, Engin Kirda:
Thou Shalt Not Depend on Me: Analysing the Use of Outdated JavaScript Libraries on the Web. - Phani Vadrevu, Jienan Liu, Bo Li, Babak Rahbarinia, Kyu Hyung Lee, Roberto Perdisci:
Enabling Reconstruction of Attacks on Users via Efficient Browsing Snapshots. - Yinzhi Cao, Song Li, Erik Wijmans:
(Cross-)Browser Fingerprinting via OS and Hardware Level Features. - Guolei Yang, Neil Zhenqiang Gong, Ying Cai:
Fake Co-visitation Injection Attacks to Recommender Systems.
Session 3A: User Authentication
- Simon Eberz, Nicola Paoletti, Marc Roeschlin, Andrea Patané, Marta Kwiatkowska, Ivan Martinovic:
Broken Hearted: How To Attack ECG Biometrics. - Claude Castelluccia, Markus Dürmuth, Maximilian Golla, Fatma Deniz:
Towards Implicit Visual Memory-Based Authentication. - Weitao Xu, Guohao Lan, Qi Lin, Sara Khalifa, Neil Bergmann, Mahbub Hassan, Wen Hu:
KEH-Gait: Towards a Mobile Healthcare User Authentication System by Kinetic Energy Harvesting. - Johannes Kiesel, Benno Stein, Stefan Lucks:
A Large-scale Analysis of the Mnemonic Password Advice. - Guixin Ye, Zhanyong Tang, Dingyi Fang, Xiaojiang Chen, Kwang In Kim, Ben Taylor, Zheng Wang:
Cracking Android Pattern Lock in Five Attempts.
Session 3B: Malware
- Najmeh Miramirkhani, Oleksii Starov, Nick Nikiforakis:
Dial One for Scam: A Large-Scale Analysis of Technical Support Scams. - Yu Feng, Osbert Bastani, Ruben Martins, Isil Dillig, Saswat Anand:
Automated Synthesis of Semantic Malware Signatures using Maximum Satisfiability. - Enrico Mariconti, Lucky Onwuzurike, Panagiotis Andriotis, Emiliano De Cristofaro, Gordon J. Ross, Gianluca Stringhini:
MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models. - Stevens Le Blond, Cédric Gilbert, Utkarsh Upadhyay, Manuel Gomez-Rodriguez, David R. Choffnes:
A Broad View of the Ecosystem of Socially Engineered Exploit Documents. - Bum Jun Kwon, Virinchi Srinivas, Amol Deshpande, Tudor Dumitras:
Catching Worms, Trojan Horses and PUPs: Unsupervised Detection of Silent Delivery Campaigns.
Session 4A: TLS et al.
- Luke Valenta, David Adrian, Antonio Sanso, Shaanan Cohney, Joshua Fried, Marcella Hastings, J. Alex Halderman, Nadia Heninger:
Measuring small subgroup attacks against Diffie-Hellman. - Kristen Dorey, Nicholas Chang-Fong, Aleksander Essex:
Indiscreet Logs: Diffie-Hellman Backdoors in TLS. - Jason A. Donenfeld:
WireGuard: Next Generation Kernel Network Tunnel. - Zakir Durumeric, Zane Ma, Drew Springall, Richard Barnes, Nick Sullivan, Elie Bursztein, Michael D. Bailey, J. Alex Halderman, Vern Paxson:
The Security Impact of HTTPS Interception.
Session 4B: Secure Computation
- Arpita Patra, Pratik Sarkar, Ajith Suresh:
Fast Actively Secure OT Extension for Short Secrets. - Jesper Buus Nielsen, Thomas Schneider, Roberto Trifiletti:
Constant Round Maliciously Secure 2PC with Function-independent Preprocessing using LEGO. - Ghada Dessouky, Farinaz Koushanfar, Ahmad-Reza Sadeghi, Thomas Schneider, Shaza Zeitouni, Michael Zohner:
Pushing the Communication Barrier in Secure Computation using Lookup Tables. - Wenjie Lu, Shohei Kawasaki, Jun Sakuma:
Using Fully Homomorphic Encryption for Statistical Analysis of Categorical, Ordinal and Numerical Data.
Session 5A: Mobile Privacy and Security
- Xiaorui Pan, Xueqiang Wang, Yue Duan, XiaoFeng Wang, Heng Yin:
Dark Hazard: Learning-based, Large-Scale Discovery of Hidden Sensitive Operations in Android Apps. - Wenbo Yang, Yuanyuan Zhang, Juanru Li, Hui Liu, Qing Wang, Yueheng Zhang, Dawu Gu:
Show Me the Money! Finding Flawed Implementations of Third-party In-app Payment in Android Apps. - Chuangang Ren, Peng Liu, Sencun Zhu:
WindowGuard: Systematic Protection of GUI Security in Android. - Andrea Continella, Yanick Fratantonio, Martina Lindorfer, Alessandro Puccetti, Ali Zand, Christopher Kruegel, Giovanni Vigna:
Obfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential Analysis. - Sebastian Zimmeck, Ziqi Wang, Lieyong Zou, Roger Iyengar, Bin Liu, Florian Schaub, Shomir Wilson, Norman M. Sadeh, Steven M. Bellovin, Joel R. Reidenberg:
Automated Analysis of Privacy Requirements for Mobile Apps.
Session 5B: Software and System Security (Part 1)
- Giorgi Maisuradze, Michael Backes, Christian Rossow:
Dachshund: Digging for and Securing (Non-)Blinded Constants in JIT Code. - Alyssa Milburn, Herbert Bos, Cristiano Giuffrida:
Safelnit: Comprehensive and Practical Mitigation of Uninitialized Read Vulnerabilities. - Andre Pawlowski, Moritz Contag, Victor van der Veen, Chris Ouwehand, Thorsten Holz, Herbert Bos, Elias Athanasopoulos, Cristiano Giuffrida:
MARX: Uncovering Class Hierarchies in C++ Programs. - Lucas Davi, David Gens, Christopher Liebchen, Ahmad-Reza Sadeghi:
PT-Rand: Practical Mitigation of Data-only Attacks against Page Tables. - Yeongpil Cho, Donghyun Kwon, Hayoon Yi, Yunheung Paek:
Dynamic Virtual Address Range Adjustment for Intra-Level Privilege Separation on ARM.
Session 6A: Cloud and Potpourri
- Clémentine Maurice, Manuel Weber, Michael Schwarz, Lukas Giner, Daniel Gruss, Carlo Alberto Boano, Stefan Mangard, Kay Römer:
Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud. - Lei Yu, Ling Liu, Calton Pu:
Dynamic Differential Location Privacy with Personalized Error Bounds. - Yossi Gilad, Avichai Cohen, Amir Herzberg, Michael Schapira, Haya Schulmann:
Are We There Yet? On RPKI's Deployment and Security. - Yushun Wang, Taous Madi, Suryadipta Majumdar, Yosr Jarraya, Amir Alimohammadifar, Makan Pourzandi, Lingyu Wang, Mourad Debbabi:
TenantGuard: Scalable Runtime Verification of Cloud-Wide VM-Level Network Isolation.
Session 6B: Tor
- Srdjan Matic, Carmela Troncoso, Juan Caballero:
Dissecting Tor Bridges: A Security Evaluation of their Private and Public Infrastructures. - Benjamin Greschbach, Tobias Pulls, Laura M. Roberts, Philipp Winter, Nick Feamster:
The Effect of DNS on Tor's Anonymity. - Aaron Johnson, Rob Jansen, Aaron D. Jaggard, Joan Feigenbaum, Paul Syverson:
Avoiding The Man on the Wire: Improving Tor's Security with Trust-Aware Path Selection. - Akshaya Mani, Micah Sherr:
HisTorε: Differentially Private and Robust Statistics Collection for Tor.
Session 7: Trusted Execution Environments
- Jaebaek Seo, Byoungyoung Lee, Seong-Min Kim, Ming-Wei Shih, Insik Shin, Dongsu Han, Taesoo Kim:
SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs. - Ming-Wei Shih, Sangho Lee, Taesoo Kim, Marcus Peinado:
T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs. - Aravind Machiry, Eric Gustafson, Chad Spensky, Christopher Salls, Nick Stephens, Ruoyu Wang, Antonio Bianchi, Yung Ryn Choe, Christopher Kruegel, Giovanni Vigna:
BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments. - Kartik Nayak, Christopher W. Fletcher, Ling Ren, Nishanth Chandran, Satya V. Lokam, Elaine Shi, Vipul Goyal:
HOP: Hardware makes Obfuscation Practical. - Shweta Shinde, Dat Le Tien, Shruti Tople, Prateek Saxena:
Panoply: Low-TCB Linux Applications With SGX Enclaves.
Session 8: Cyberphysical Security
- Luis Garcia, Ferdinand Brasser, Mehmet Hazar Cintuglu, Ahmad-Reza Sadeghi, Osama A. Mohammed, Saman A. Zonouz:
Hey, My Malware Knows Physics! Attacking PLCs with Physical Model Aware Rootkit. - Yunhan Jack Jia, Qi Alfred Chen, Shiqi Wang, Amir Rahmati, Earlence Fernandes, Zhuoqing Morley Mao, Atul Prakash:
ContexloT: Towards Providing Contextual Integrity to Appified IoT Platforms. - Zhenhua Li, Weiwei Wang, Christo Wilson, Jian Chen, Chen Qian, Taeho Jung, Lan Zhang, Kebin Liu, Xiangyang Li, Yunhao Liu:
FBS-Radar: Uncovering Fake Base Stations at Scale in the Wild. - Claude Fachkha, Elias Bou-Harb, Anastasis Keliris, Nasir D. Memon, Mustaque Ahamad:
Internet-scale Probing of CPS: Inference, Characterization and Orchestration Analysis. - Simon Birnbach, Richard Baker, Ivan Martinovic:
Wi-Fly?: Detecting Privacy Invasion Attacks by Consumer Drones.
Session 9: Attacks
- Ben Gras, Kaveh Razavi, Erik Bosman, Herbert Bos, Cristiano Giuffrida:
ASLR on the Line: Practical Cache Attacks on the MMU. - Kangjie Lu, Marie-Therese Walter, David Pfaff, Stefan Nümberger, Wenke Lee, Michael Backes:
Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying. - Robert Rudd, Richard Skowyra, David Bigelow, Veer Dedhia, Thomas Hobson, Stephen Crane, Christopher Liebchen, Per Larsen, Lucas Davi, Michael Franz, Ahmad-Reza Sadeghi, Hamed Okhravi:
Address Oblivious Code Reuse: On the Effectiveness of Leakage Resilient Diversity. - Xinyang Ge, Mathias Payer, Trent Jaeger:
An Evil Copy: How the Loader Betrays You.
Session 10: Software and System Security (Part II)
- Gregory J. Duck, Roland H. C. Yap, Lorenzo Cavallaro:
Stack Bounds Protection with Low Fat Pointers. - Sanjay Rawat, Vivek Jain, Ashish Kumar, Lucian Cojocar, Cristiano Giuffrida, Herbert Bos:
VUzzer: Application-aware Evolutionary Fuzzing. - Yonghwi Kwon, Brendan Saltaformaggio, I Luk Kim, Kyu Hyung Lee, Xiangyu Zhang, Dongyan Xu:
Self Destructing Exploit Executions via Input Perturbation. - Wilson Lian, Hovav Shacham, Stefan Savage:
A Call to ARMs: Understanding the Costs and Benefits of JIT Spraying Mitigations. - Ruoyu Wang, Yan Shoshitaishvili, Antonio Bianchi, Aravind Machiry, John Grosen, Paul Grosen, Christopher Kruegel, Giovanni Vigna:
Ramblr: Making Reassembly Great Again.
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.