default search action
31st USENIX Security Symposium 2022
- Kevin R. B. Butler, Kurt Thomas:
31st USENIX Security Symposium, USENIX Security 2022, Boston, MA, USA, August 10-12, 2022. USENIX Association 2022, ISBN 978-1-939133-31-1
Measurement I: Network
- Hyeonmin Lee, Md. Ishtiaq Ashiq, Moritz Müller, Roland van Rijswijk-Deij, Ted Taekyoung Kwon, Taejoong Chung:
Under the Hood of DANE Mismanagement in SMTP. 1-16 - Yi Chen, Di Tang, Yepeng Yao, Mingming Zha, XiaoFeng Wang, Xiaozhong Liu, Haixu Tang, Dongfang Zhao:
Seeing the Forest for the Trees: Understanding Security Hazards in the 3GPP Ecosystem through Intelligent Analysis on Change Requests. 17-34 - Guannan Liu, Xing Gao, Haining Wang, Kun Sun:
Exploring the Unchartered Space of Container Registry Typosquatting. 35-51 - Brian Kondracki, Johnny So, Nick Nikiforakis:
Uninvited Guests: Analyzing the Identity and Behavior of Certificate Transparency Bots. 53-70
Kernel Security
- Kyle Zeng, Yueqi Chen, Haehyun Cho, Xinyu Xing, Adam Doupé, Yan Shoshitaishvili, Tiffany Bao:
Playing for K(H)eaps: Understanding and Improving Linux Kernel Exploit Reliability. 71-88 - Sungbae Yoo, Jinbum Park, Seolheui Kim, Yeji Kim, Taesoo Kim:
In-Kernel Control-Flow Integrity on Commodity OSes using ARM Pointer Authentication. 89-106 - Atri Bhattacharyya, Uros Tesic, Mathias Payer:
Midas: Systematic Kernel TOCTTOU Protection. 107-124 - Jian Liu, Lin Yi, Weiteng Chen, Chengyu Song, Zhiyun Qian, Qiuping Yi:
LinKRID: Vetting Imbalance Reference Counting in Linux kernel with Symbolic Execution. 125-142
Web Security I: Vulnerabilities
- Song Li, Mingqing Kang, Jianwei Hou, Yinzhi Cao:
Mining Node.js Vulnerabilities via Object Dependence Graph and Query. 143-160 - Ranjita Pai Kasturi, Jonathan Fuller, Yiting Sun, Omar Chabklo, Andres Rodriguez, Jeman Park, Brendan Saltaformaggio:
Mistrust Plugins You Must: A Large-Scale Study Of Malicious Plugins In WordPress Marketplaces. 161-178 - Seyed Ali Mirheidari, Matteo Golinelli, Kaan Onarlioglu, Engin Kirda, Bruno Crispo:
Web Cache Deception Escalates! 179-196 - Sunnyeo Park, Daejun Kim, Suman Jana, Sooel Son:
FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities. 197-214
Crypto I: Attacking Implementations
- Marcel Maehren, Philipp Nieting, Sven Hebrok, Robert Merget, Juraj Somorovsky, Jörg Schwenk:
TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries. 215-232 - George Arnold Sullivan, Jackson Sippe, Nadia Heninger, Eric Wustrow:
Open to a fault: On the passive compromise of TLS keys via transient errors. 233-250 - Alon Shakevsky, Eyal Ronen, Avishai Wool:
Trust Dies in Darkness: Shedding Light on Samsung's TrustZone Keymaster Design. 251-268 - Martin R. Albrecht, Raphael Eikenberg, Kenneth G. Paterson:
Breaking Bridgefy, again: Adopting libsignal is not enough. 269-286
User Studies I: At-Risk Users
- Kovila P. L. Coopamootoo, Maryam Mehrnezhad, Ehsan Toreini:
"I feel invaded, annoyed, anxious and I may protect myself": Individuals' Feelings about Online Tracking and their Protective Behaviour across Gender and Country. 287-304 - Christine Geeng, Mike Harris, Elissa M. Redmiles, Franziska Roesner:
"Like Lesbians Walking the Perimeter": Experiences of U.S. LGBTQ+ Folks With Online Security, Safety, and Privacy Advice. 305-322 - Julia Slupska, Selina Y. Cho, Marissa Begonia, Ruba Abu-Salma, Nayanatara Prakash, Mallika Balakrishnan:
"They Look at Vulnerability and Use That to Abuse You": Participatory Threat Modelling with Migrant Domestic Workers. 323-340 - Julia Slupska, Angelika Strohmayer:
Networks of Care: Tech Abuse Advocates' Digital Security Practices. 341-358
Software Vulnerabilities
- Nikolaos Alexopoulos, Manuel Brack, Jan Philipp Wagner, Tim Grube, Max Mühlhäuser:
How Long Do Vulnerabilities Live in the Code? A Large-Scale Empirical Measurement Study on FOSS Vulnerability Lifetimes. 359-376 - Octavian Suciu, Connor Nelson, Zhuoer Lyu, Tiffany Bao, Tudor Dumitras:
Expected Exploitability: Predicting the Development of Functional Vulnerability Exploits. 377-394 - Qiushi Wu, Yue Xiao, Xiaojing Liao, Kangjie Lu:
OS-Aware Vulnerability Prioritization via Differential Severity Analysis. 395-412 - Jayakrishna Vadayath, Moritz Eckert, Kyle Zeng, Nicolaas Weideman, Gokulkrishna Praveen Menon, Yanick Fratantonio, Davide Balzarotti, Adam Doupé, Tiffany Bao, Ruoyu Wang, Christophe Hauser, Yan Shoshitaishvili:
Arbiter: Bridging the Static and Dynamic Divide in Vulnerability Discovery on Binary Programs. 413-430
Network Security I: Scanning & Censorship
- Raphael Hiesgen, Marcin Nawrocki, Alistair King, Alberto Dainotti, Thomas C. Schmidt, Matthias Wählisch:
Spoki: Unveiling a New Wave of Scanners through a Reactive Network Telescope. 431-448 - Abhishek Bhaskar, Paul Pearce:
Many Roads Lead To Rome: How Packet Headers Influence DNS Censorship Measurement. 449-464 - Michael Harrity, Kevin Bock, Frederick Sell, Dave Levin:
GET /out: Automated Discovery of Application-Layer Censorship Evasion Strategies. 465-483 - Diwen Xue, Reethika Ramesh, Arham Jain, Michalis Kallitsis, J. Alex Halderman, Jedidiah R. Crandall, Roya Ensafi:
OpenVPN is Open to VPN Fingerprinting. 483-500
Differential Privacy
- Andrea Gadotti, Florimond Houssiau, Meenatchi Sundaram Muthu Selva Annamalai, Yves-Alexandre de Montjoye:
Pool Inference Attacks on Local Differential Privacy: Quantifying the Privacy Guarantees of Apple's Count Mean Sketch in Practice. 501-518 - Yongji Wu, Xiaoyu Cao, Jinyuan Jia, Neil Zhenqiang Gong:
Poisoning Attacks to Local Differential Privacy Protocols for Key-Value Data. 519-536 - Jacob Imola, Takao Murakami, Kamalika Chaudhuri:
Communication-Efficient Triangle Counting under Local Differential Privacy. 537-554 - Maya Dotan, Saar Tochner, Aviv Zohar, Yossi Gilad:
Twilight: A Differentially Private Payment Channel Network. 555-570
Measurement II: Auditing & Best Practices
- Ben Burgess, Avi Ginsberg, Edward W. Felten, Shaanan Cohney:
Watching the watchers: bias and vulnerability in remote proctoring software. 571-588 - J. Alex Halderman:
The Antrim County 2020 Election Incident: An Independent Forensic Investigation. 589-605 - Victor Le Pochat, Laura Edelson, Tom van Goethem, Wouter Joosen, Damon McCoy, Tobias Lauinger:
An Audit of Facebook's Political Ad Policy Enforcement. 607-624 - Qinge Xie, Shujun Tang, Xiaofeng Zheng, Qingran Lin, Baojun Liu, Haixin Duan, Frank Li:
Building an Open, Robust, and Stable Voting-Based Domain Top List. 625-642
Side Channels I: Hardware
- Moritz Lipp, Daniel Gruss, Michael Schwarz:
AMD Prefetch Attacks through Power and Time. 643-660 - Yi Han, Matthew Chan, Zahra Aref, Nils Ole Tippenhauer, Saman A. Zonouz:
Hiding in Plain Sight? On the Efficacy of Power Side Channel-Based Control Flow Monitoring. 661-678 - Yingchen Wang, Riccardo Paccagnella, Elizabeth Tang He, Hovav Shacham, Christopher W. Fletcher, David Kohlbrenner:
Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on x86. 679-697 - Zirui Neil Zhao, Adam Morrison, Christopher W. Fletcher, Josep Torrellas:
Binoculars: Contention-Based Side-Channel Attacks Exploiting the Page Walker. 699-716
Web Security II: Fingerprinting
- Konstantinos Solomos, Panagiotis Ilia, Soroush Karami, Nick Nikiforakis, Jason Polakis:
The Dangers of Human Touch: Fingerprinting Browser Extensions through User Actions. 717-733 - Soroush Karami, Faezeh Kalantari, Mehrnoosh Zaeifi, Xavier J. Maso, Erik Trickel, Panagiotis Ilia, Yan Shoshitaishvili, Adam Doupé, Jason Polakis:
Unleash the Simulacrum: Shifting Browser Realities for Robust Extension-Fingerprinting Prevention. 735-752 - Giovanni Cherubin, Rob Jansen, Carmela Troncoso:
Online Website Fingerprinting: Evaluating Website Fingerprinting Attacks on Tor in the Real World. 753-770 - Jean-Pierre Smith, Luca Dolfi, Prateek Mittal, Adrian Perrig:
QCSD: A QUIC Client-Side Website-Fingerprinting Defence Framework. 771-789
Crypto II: Performance Improvements
- Mahimna Kelkar, Phi Hung Le, Mariana Raykova, Karn Seth:
Secure Poisson Regression. 791-808 - Zhicong Huang, Wen-jie Lu, Cheng Hong, Jiansheng Ding:
Cheetah: Lean and Fast Secure Two-Party Deep Neural Network Inference. 809-826 - Jean-Luc Watson, Sameer Wagh, Raluca Ada Popa:
Piranha: A GPU Platform for Secure Computation. 827-844 - Daniel J. Bernstein, Billy Bob Brumley, Ming-Shing Chen, Nicola Tuveri:
OpenSSLNTRU: Faster post-quantum TLS key exchange. 845-862
User Studies II: Sharing
- Yijing Liu, Yan Jia, Qingyin Tan, Zheli Liu, Luyi Xing:
How Are Your Zombie Accounts? Understanding Users' Practices and Expectations on Mobile App Account Deletion. 863-880 - Eyitemi Moju-Igbene, Hanan Abdi, Alan Lu, Sauvik Das:
"How Do You Not Lose Friends?": Synthesizing a Design Space of Social Controls for Securing Shared Digital Resources Via Participatory Design Jams. 881-898 - Bailey Kacsmar, Kyle Tilbury, Miti Mazmudar, Florian Kerschbaum:
Caring about Sharing: User Perceptions of Multiparty Data Sharing. 899-916 - Masoud Mehrabi Koushki, Yue Huang, Julia Rubin, Konstantin Beznosov:
Neither Access nor Control: A Longitudinal Investigation of the Efficacy of User Access-Control Solutions on Smartphones. 917-935
Hardware Security I: Attacks & Defenses
- David Schrammel, Samuel Weiser, Richard Sadek, Stefan Mangard:
Jenny: Securing Syscalls for PKU-based Memory Isolation Systems. 936-952 - Gökçen Yilmaz Dayanikli, Sourav Sinha, Devaprakash Muniraj, Ryan M. Gerdes, Mazen Farhood, Mani Mina:
Physical-Layer Attacks Against Pulse Width Modulation-Controlled Actuators. 953-970 - Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, Cristiano Giuffrida:
Branch History Injection: On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks. 971-988 - Andrei Tatar, Daniël Trujillo, Cristiano Giuffrida, Herbert Bos:
TLB;DR: Enhancing TLB-based Attacks with TLB Desynchronized Reverse Engineering. 989-1007
Fuzzing I: Networks
- Sunwoo Kim, Young Min Kim, Jaewon Hur, Suhwan Song, Gwangmu Lee, Byoungyoung Lee:
FuzzOrigin: Detecting UXSS vulnerabilities in Browsers through Origin Fuzzing. 1008-1023 - Matheus E. Garbelini, Vaibhav Bedi, Sudipta Chattopadhyay, Sumei Sun, Ernest Kurniawan:
BrakTooth: Causing Havoc on Bluetooth Link Manager via Directed Fuzzing. 1025-1042 - Johannes Krupp, Ilya Grishchenko, Christian Rossow:
AmpFuzz: Fuzzing for Amplification DDoS Vulnerabilities. 1043-1060 - Bahruz Jabiyev, Steven Sprecher, Anthony Gavazzi, Tommaso Innocenti, Kaan Onarlioglu, Engin Kirda:
FRAMESHIFTER: Security Implications of HTTP/2-to-HTTP/1 Conversion Anomalies. 1061-1075
Smart Homes I
- Yan Meng, Jiachun Li, Matthew Pillari, Arjun Deopujari, Liam Brennan, Hafsah Shamsie, Haojin Zhu, Yuan Tian:
Your Microphone Array Retains Your Identity: A Robust Voice Liveness Detection System for Smart Speakers. 1077-1094 - Rahul Anand Sharma, Elahe Soltanaghaei, Anthony Rowe, Vyas Sekar:
Lumos: Identifying and Localizing Diverse Hidden IoT Devices in an Unfamiliar Environment. 1095-1112 - Jeffrey Young, Song Liao, Long Cheng, Hongxin Hu, Huixing Deng:
SkillDetective: Automated Policy-Violation Detection of Voice Assistant Applications in the Wild. 1113-1130 - Ruiwen He, Xiaoyu Ji, Xinfeng Li, Yushi Cheng, Wenyuan Xu:
"OK, Siri" or "Hey, Google": Evaluating Voiceprint Distinctiveness via Content-based PROLE Score. 1131-1148
Measurement III
- Xander Bouwman, Victor Le Pochat, Pawel Foremski, Tom van Goethem, Carlos Hernandez Gañán, Giovane C. M. Moura, Samaneh Tajalizadehkhoob, Wouter Joosen, Michel van Eeten:
Helping hands: Measuring the impact of a large threat intelligence sharing community. 1149-1165 - Yun Shen, Pierre-Antoine Vervier, Gianluca Stringhini:
A Large-scale Temporal Measurement of Android Malicious Apps: Persistence, Migration, and Lessons Learned. 1167-1184 - Chuhan Wang, Kaiwen Shen, Minglei Guo, Yuxuan Zhao, Mingming Zhang, Jianjun Chen, Baojun Liu, Xiaofeng Zheng, Haixin Duan, Yanzhong Lin, Qingfeng Pan:
A Large-scale and Longitudinal Measurement Study of DKIM Deployment. 1185-1201 - Renuka Kumar, Apurva Virkud, Ram Sundara Raman, Atul Prakash, Roya Ensafi:
A Large-scale Investigation into Geodifferences in Mobile Apps. 1203-1220
Fuzzing II: Low-Level
- Alexander Bulekov, Bandan Das, Stefan Hajnoczi, Manuel Egele:
Morphuzz: Bending (Input) Space to Fuzz Virtual Devices. 1221-1238 - Tobias Scharnowski, Nils Bars, Moritz Schloegel, Eric Gustafson, Marius Muench, Giovanni Vigna, Christopher Kruegel, Thorsten Holz, Ali Abbasi:
Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing. 1239-1256 - Cheolwoo Myung, Gwangmu Lee, Byoungyoung Lee:
MundoFuzz: Hypervisor Fuzzing with Statistical Coverage Testing and Grammar Inference. 1257-1274 - Zekun Shen, Ritik Roongta, Brendan Dolan-Gavitt:
Drifuzz: Harvesting Bugs in Device Drivers from Golden Seeds. 1275-1290
Wireless Security
- Martin Kotuliak, Simon Erni, Patrick Leu, Marc Röschlin, Srdjan Capkun:
LTrack: Stealthy Tracking of Mobile Phones in LTE. 1291-1306 - Sangwook Bae, Mincheol Son, Dongkwan Kim, CheolJun Park, Jiho Lee, Sooel Son, Yongdae Kim:
Watching the Watchers: Practical Video Identification Attack in LTE Networks. 1307-1324 - CheolJun Park, Sangwook Bae, Beomseok Oh, Jiho Lee, Eunkyu Lee, Insu Yun, Yongdae Kim:
DoLTEst: In-depth Downlink Negative Testing Framework for LTE Devices. 1325-1342 - Patrick Leu, Giovanni Camurati, Alexander Heinrich, Marc Roeschlin, Claudio Anliker, Matthias Hollick, Srdjan Capkun, Jiska Classen:
Ghost Peak: Practical Distance Reduction Attacks Against HRP UWB Ranging. 1343-1359
ML I: Federated Learning
- Nishanth Chandran, Divya Gupta, Sai Lakshmi Bhavana Obbattu, Akash Shah:
SIMC: ML Inference Secure Against Malicious Clients at Semi-Honest Cost. 1361-1378 - Timothy Stevens, Christian Skalka, Christelle Vincent, John H. Ring, Samuel Clark, Joseph P. Near:
Efficient Differentially Private Secure Aggregation for Federated Learning via Hardness of Learning with Errors. 1379-1395 - Chong Fu, Xuhong Zhang, Shouling Ji, Jinyin Chen, Jingzheng Wu, Shanqing Guo, Jun Zhou, Alex X. Liu, Ting Wang:
Label Inference Attacks Against Vertical Federated Learning. 1397-1414 - Thien Duc Nguyen, Phillip Rieger, Huili Chen, Hossein Yalame, Helen Möllering, Hossein Fereidooni, Samuel Marchal, Markus Miettinen, Azalia Mirhoseini, Shaza Zeitouni, Farinaz Koushanfar, Ahmad-Reza Sadeghi, Thomas Schneider:
FLAME: Taming Backdoors in Federated Learning. 1415-1432
Deanonymization
- Xinyu Tang, Saeed Mahloujifar, Liwei Song, Virat Shejwalkar, Milad Nasr, Amir Houmansadr, Prateek Mittal:
Mitigating Membership Inference Attacks by Self-Distillation Through a Novel Ensemble Architecture. 1433-1450 - Theresa Stadler, Bristena Oprisanu, Carmela Troncoso:
Synthetic Data - Anonymisation Groundhog Day. 1451-1468 - Aloni Cohen:
Attacks on Deidentification's Defenses. 1469-1486 - Xiaojie Guo, Ye Han, Zheli Liu, Ding Wang, Yan Jia, Jin Li:
Birds of a Feather Flock Together: How Set Bias Helps to Deanonymize You via Revealed Intersection Sizes. 1487-1504 - Mojtaba Zaheri, Yossi Oren, Reza Curtmola:
Targeted Deanonymization via the Cache Side Channel: Attacks and Defenses. 1505-1523
Mobile Security
- Sigmund Albert Gorski III, Seaver Thorn, William Enck, Haining Chen:
FReD: Identifying File Re-Delegation in Android System Services. 1525-1542 - Kai Wang, Richard Mitev, Chen Yan, Xiaoyu Ji, Ahmad-Reza Sadeghi, Wenyuan Xu:
GhostTouch: Targeted Attacks on Touchscreens without Physical Touch. 1543-1559 - Abdullah Imran, Habiba Farrukh, Muhammad Ibrahim, Z. Berkay Celik, Antonio Bianchi:
SARA: Secure Android Remote Authorization. 1561-1578 - Jianfeng Li, Hao Zhou, Shuohan Wu, Xiapu Luo, Ting Wang, Xian Zhan, Xiaobo Ma:
FOAP: Fine-Grained Open-World Android App Fingerprinting. 1579-1596 - Lei Zhang, Zhibo Zhang, Ancong Liu, Yinzhi Cao, Xiaohan Zhang, Yanjun Chen, Yuan Zhang, Guangliang Yang, Min Yang:
Identity Confusion in WebView-based Mobile App-in-app Ecosystems. 1597-1613
Web Security III: Bots & Authentication
- Cormac Herley:
Automated Detection of Automated Traffic. 1615-1632 - Ruofan Liu, Yun Lin, Xianglin Yang, Siang Hwee Ng, Dinil Mon Divakaran, Jin Song Dong:
Inferring Phishing Intention via Webpage Appearance and Dynamics: A Deep Vision Based Approach. 1633-1650 - Xu Lin, Panagiotis Ilia, Saumya Solanki, Jason Polakis:
Phish in Sheep's Clothing: Exploring the Authentication Pitfalls of Browser Fingerprinting. 1651-1668 - Jaron Mink, Licheng Luo, Natã M. Barbosa, Olivia Figueira, Yang Wang, Gang Wang:
DeepPhish: Understanding User Trust Towards Artificially Generated Profiles in Online Social Networks. 1669-1686 - Matteo Cardaioli, Stefano Cecconello, Mauro Conti, Simone Milani, Stjepan Picek, Eugen Saraci:
Hand Me Your PIN! Inferring ATM PINs of Users Typing with a Covered Hand. 1687-1704
Crypto III: Private Matching & Lookups
- Anunay Kulshrestha, Jonathan R. Mayer:
Estimating Incidental Collection in Foreign Intelligence Surveillance: Large-Scale Multiparty Private Set Intersection with Union and Sum. 1705-1722 - Rasoul Akhavan Mahdavi, Florian Kerschbaum:
Constant-weight PIR: Single-round Keyword PIR via Constant-weight Equality Operators. 1723-1740 - Yiping Ma, Ke Zhong, Tal Rabin, Sebastian Angel:
Incremental Offline/Online PIR. 1741-1758 - Daniel Günther, Maurice Heymann, Benny Pinkas, Thomas Schneider:
GPU-accelerated PIR with Client-Independent Preprocessing for Large-Scale Applications. 1759-1776 - Yiqing Hua, Armin Namavari, Kaishuo Cheng, Mor Naaman, Thomas Ristenpart:
Increasing Adversarial Uncertainty to Scale Private Similarity Testing. 1777-1794
Passwords
- Avinash Sudhodanan, Andrew Paverd:
Pre-hijacked accounts: An Empirical Study of Security Failures in User Account Creation on the Web. 1795-1812 - Asuman Senol, Gunes Acar, Mathias Humbert, Frederik J. Zuiderveen Borgesius:
Leaky Forms: A Study of Email and Password Exfiltration Before Form Submission. 1813-1830 - Bijeeta Pal, Mazharul Islam, Marina Sanusi Bohuk, Nick Sullivan, Luke Valenta, Tara Whalen, Christopher A. Wood, Thomas Ristenpart, Rahul Chatterjee:
Might I Get Pwned: A Second Generation Compromised Credential Checking Service. 1831-1848 - Peter Mayer, Collins W. Munyendo, Michelle L. Mazurek, Adam J. Aviv:
Why Users (Don't) Use Password Managers at a Large Educational Institution. 1849-1866 - Marina Sanusi Bohuk, Mazharul Islam, Suleman Ahmad, Michael M. Swift, Thomas Ristenpart, Rahul Chatterjee:
Gossamer: Securely Measuring Password-based Logins. 1867-1884
Smart Vehicles
- Ce Zhou, Qiben Yan, Yan Shi, Lichao Sun:
DoubleStar: Long-Range Attack Towards Depth Estimation based Obstacle Avoidance in Autonomous Systems. 1885-1902 - R. Spencer Hallyburton, Yupei Liu, Yulong Cao, Z. Morley Mao, Miroslav Pajic:
Security Analysis of Camera-LiDAR Fusion Against Black-Box Attacks on Autonomous Vehicles. 1903-1920 - Lei Xue, Yangyang Liu, Tianqi Li, Kaifa Zhao, Jianfeng Li, Le Yu, Xiapu Luo, Yajin Zhou, Guofei Gu:
SAID: State-aware Defense Against Injection Attacks on In-vehicle Network. 1921-1938 - Le Yu, Yangyang Liu, Pengfei Jing, Xiapu Luo, Lei Xue, Kaifa Zhao, Yajin Zhou, Ting Wang, Guofei Gu, Sen Nie, Shi Wu:
Towards Automatically Reverse Engineering Vehicle Diagnostic Protocols. 1939-1956 - Chen Yan, Zhijian Xu, Zhanyuan Yin, Xiaoyu Ji, Wenyuan Xu:
Rolling Colors: Adversarial Laser Exploits against Traffic Light Recognition. 1957-1974
Web Security IV: Defenses
- Jay Bosamiya, Wen Shih Lim, Bryan Parno:
Provably-Safe Multilingual Software Sandboxing using WebAssembly. 1975-1992 - Youkun Shi, Yuan Zhang, Tianhan Luo, Xiangyu Mao, Yinzhi Cao, Ziwen Wang, Yudi Zhao, Zongan Huang, Min Yang:
Backporting Security Patches of Web Applications: A Prototype Design and Implementation on Injection Vulnerability Patches. 1993-2010 - Yunang Chen, Yue Gao, Nick Ceccio, Rahul Chatterjee, Kassem Fawaz, Earlence Fernandes:
Experimental Security Analysis of the App Model in Business Collaboration Platforms. 2011-2028 - Phakpoom Chinprutthiwong, Jianwei Huang, Guofei Gu:
SWAPP: A New Programmable Playground for Web Application Security. 2029-2046 - Sebastian Roth, Stefano Calzavara, Moritz Wilhelm, Alvise Rabitti, Ben Stock:
The Security Lottery: Measuring Client-Side Web Security Inconsistencies. 2047-2064
ML II
- Chong Xiang, Saeed Mahloujifar, Prateek Mittal:
PatchCleanser: Certifiably Robust Defense against Adversarial Patches for Any Image Classifier. 2065-2082