usenixsecurity 2017 Aug. 16, 2017 to Aug. 18, 2017, vancouver,canada

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
When Your Threat Model Is "Everything": Defensive Security in Modern Newsrooms Erinn Clark N/A
How Double-Fetch Situations turn into Double-Fetch Vulnerabilities: A Study of Double Fetches in the Linux Kernel Kai Lu , Pengfei Wang , Jens Krinke , Gen Li , Steve Dodier-lazaro N/A
Postmortem Program Analysis with Hardware-Enhanced Post-Crash Artifacts Jun (Jim) Xu , Peng Liu , Bing Mao , Xinyu Xing , Ping Chen , Dongliang Mu N/A
Ninja: Towards Transparent Tracing and Debugging on ARM Fengwei Zhang , Zhenyu Ning N/A
Prime+Abort: A Timer-Free High-Precision L3 Cache Attack using Intel TSX David Kohlbrenner , Craig Disselkoen , Leo Porter , Dean Tullsen N/A
On the effectiveness of mitigations against floating-point timing channels Hovav Shacham , David Kohlbrenner N/A
Constant-Time Callees with Variable-Time Callers Cesar Pereida García , Billy Bob Brumley N/A
Neural Nets Can Learn Function Type Signatures From Binaries Zhenkai Liang , Prateek Saxena , Zheng Leong Chua , Shiqi Shen N/A
CAn’t Touch This: Software-only Mitigation against Rowhammer Attacks targeting Kernel Memory Ahmad-reza Sadeghi , Christopher Liebchen , Lucas Davi , David Gens , Ferdinand Brasser N/A
Efficient Protection of Path-Sensitive Control Security Taesoo Kim , Wenke Lee , Chengyu Song , Chenxiong Qian , Ren Ding , Bill Harris N/A
Digtool: A Virtualization-Based Framework for Detecting Kernel Vulnerabilities Jianfeng Pan , Guanglu Yan , Xiaocao Fan N/A
kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels Thorsten Holz , Sebastian Schinzel , Robert Gawlik , Sergej Schumilo , Cornelius Aschermann N/A
Venerable Variadic Vulnerabilities Vanquished Mathias Payer , Michael Franz , Alessandro Di Federico , Scott A. Carr , Priyam Biswas , Prabhu Rajasekaran , Stijn Volckaert , Yeoul Na N/A
Towards Practical Tools for Side Channel Aware Software Engineering: 'Grey Box' Modelling for Instruction Leakages Elisabeth Oswald , Carolyn Whitnall , David Mccann N/A
Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory Manuel Costa , Felix Schuster , Istvan Haller , Daniel Gruss , Julian Lettner , Olya Ohrimenko N/A
CacheD: Identifying Cache-Based Timing Channels in Production Software Danfeng Zhang , Pei Wang , Dinghao Wu , Shuai Wang , Xiao Liu N/A
An Ant in a World of Grasshoppers Ellen cram Kowalczyk N/A
From Problems to Patterns to Practice: Privacy and User Respect in a Complex World Lea Kissner N/A
BinSim: Trace-based Semantic Binary Diffing via System Call Sliced Segment Equivalence Checking Dinghao Wu , Jiang Ming , Dongpeng Xu , Yufei Jiang N/A
PlatPal: Detecting Malicious Documents with Platform Diversity Taesoo Kim , Meng Xu N/A
Malton: Towards On-Device Non-Invasive Mobile Malware Analysis for ART Guofei Gu , Xiapu Luo , Yajin Zhou , Lei Xue , Ting Chen N/A
Global Measurement of DNS Manipulation Roya Ensafi , Nick Feamster , Vern Paxson , Frank h. Li , Paul Pearce , Ben Jones , Nick Weaver N/A
Characterizing the Nature and Dynamics of Tor Exit Blocking Phillipa Gill , Vern Paxson , Paul Pearce , Sadia Afroz , Rishab Nithyanand , Michael Carl Tschantz , Rachee Singh N/A
DeTor: Provably Avoiding Geographic Regions in Tor Dave Levin , Zhihao Li , Stephen Herwig N/A
SmartAuth: User-Centered Authorization for the Internet of Things Xiaofeng Wang , Nan Zhang , Blase Ur , Yuan Tian , Patrick Tague , Yueh-hsun Lin , Xianzheng Guo N/A
AWare: Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings Trent Jaeger , Jens Grossklags , Giuseppe Petracca , Yuqiong Sun , Ahmad-atamli Reineh N/A
6thSense: A Context-aware Sensor-based Attack Detector for Smart Devices A. Selcuk Uluagac , Amit Kumar Sikder , Hidayet Aksu N/A
Identifier Binding Attacks and Defenses in Software-Defined Networks Cristina Nita-rotaru , Hamed Okhravi , Richard Skowyra , David Bigelow , Samuel Jero , William Koch N/A
HELP: Helper-Enabled In-Band Device Pairing Resistant Against Signal Cancellation Ming Li , Loukas Lazos , Nirnimesh Ghose N/A
Attacking the Brain: Races in the SDN Control Plane Guofei Gu , Lei Xu , Jialong Zhang , Sungmin Hong , Jeff Huang N/A
Detecting Credential Spearphishing in Enterprise Settings David A. Wagner , Vern Paxson , Mobin Javed , Aashish Sharma , Grant Ho N/A
SLEUTH: Real-time Attack Scenario Reconstruction from COTS Audit Data R. Sekar , Birhanu Eshete , Scott d. Stoller , Rigel Gjomemo , V.n. Venkatakrishnan , Md Nahid Hossain , Sadegh M. Milajerdi , Junao Wang N/A
When the Weakest Link is Strong: Secure Collaboration in the Case of the Panama Papers Franziska Roesner , Kelly Caine , Mahdi Nasrullah Al-ameen , Susan E. Mcgregor , Elizabeth Anne Watkins N/A
Hacking in Darkness: Return-oriented Programming against Secure Enclaves Taesoo Kim , Brent ByungHoon Kang , Yeongjin Jang , Marcus Peinado , Jinsoo Jang , Jaehyuk Lee , Changho Choi , Nohyun Kwak , Yeseul Choi N/A
vTZ: Virtualizing ARM TrustZone Haibo Chen , Haibing Guan , Yubin Xia , Binyu Zang , Zhichao Hua , Jinyu Gu N/A
Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing Taesoo Kim , Marcus Peinado , Ming-wei Shih , Sangho Lee , Prasun Gera , Hyesoon Kim N/A
AuthentiCall: Efficient Identity and Content Authentication for Phone Calls Patrick Traynor , Thomas Shrimpton , Bradley Reaves , Logan Blue , Hadi Abdullah , Luis Vargas N/A
Picking Up My Tab: Understanding and Mitigating Synchronized Token Lifting and Spending in Mobile Payment Kehuan Zhang , Xiaofeng Wang , Nan Zhang , Zhou Li , Zhe Zhou , Tongxin Li , Xiaolong Bai , Xianghang Mi , Shi-min Hu N/A
TrustBase: An Architecture to Repair and Strengthen Certificate-based Authentication Scott Ruoti , Kent Seamons , Mark O’neill , Jordan Whitehead , Scott Heidbrink , Daniel Zappala , Dan Bunker , Luke Dickinson , Travis Hendershot , Joshua Reynolds N/A
Transcend: Detecting Concept Drift in Malware Classification Models Zhi Wang , Lorenzo Cavallaro , Ilia Nouretdinov , Roberto Jordaney , Kumar Sharad , Santanu K. Dash , Davide Papini N/A
Syntia: Synthesizing the Semantics of Obfuscated Code Thorsten Holz , Moritz Contag , Cornelius Aschermann , Tim Blazytko N/A
Predicting the Resilience of Obfuscated Code Against Symbolic Execution Attacks via Machine Learning Alexander Pretschner , Sebastian Banescu , Christian Collberg N/A
Differential Privacy: From Theory to Deployment Abhradeep Guha Thakurta N/A
OSS-Fuzz - Google's continuous fuzzing service for open source software Kostya Serebryany N/A
Extension Breakdown: Security Analysis of Browsers Extension Resources Control Policies Davide Balzarotti , Igor Santos , Iskander Sanchez-rola N/A
CCSP: Controlled Relaxation of Content Security Policies by Runtime Policy Composition Michele Bugliesi , Stefano Calzavara , Alvise Rabitti N/A
Same-Origin Policy: Evaluation in Modern Browsers Marcus Niemietz , Jörg Schwenk , Christian Mainka N/A
Locally Differentially Private Protocols for Frequency Estimation Somesh Jha , Jeremiah Blocki , Ninghui Li , Tianhao Wang N/A
BLENDER: Enabling Local Search with a Hybrid Differential Privacy Model Benjamin Livshits , Aleksandra Korolova , Brendan Avent , David Zeber , Torgeir Hovden N/A
Computer Security, Privacy, and DNA Sequencing: Compromising Computers with Synthesized DNA, Privacy Leaks, and More Tadayoshi Kohno , Karl Koscher , Luis Ceze , Peter Ney , Lee Organick N/A
BootStomp: On the Security of Bootloaders in Mobile Devices Christopher Kruegel , Giovanni Vigna , Eric Gustafson , Yan Shoshitaishvili , Yanick Fratantonio , Antonio Bianchi , Aravind Machiry , Nilo Redini , Dipanjan Das N/A
Seeing Through The Same Lens: Introspecting Guest Address Space At Native Speed Xuhua Ding , Dawu Gu , Wen Xu , Siqi Zhao N/A
Oscar: A Practical Page-Permissions-Based Scheme for Thwarting Dangling Pointers David A. Wagner , Petros Maniatis , Thurston H.y. Dang N/A
PDF Mirage: Content Masking Attack Against Information-Based Online Services Yao Liu , Ian Markwood , Dakun Shen , Zhuo Lu N/A
Loophole: Timing Attacks on Shared Event Loops in Chrome Boris Köpf , Pepe Vila N/A
Game of Registrars: An Empirical Analysis of Post-Expiration Domain Name Takeovers William Robertson , Kaan Onarlioglu , Tobias Lauinger , Abdelberi Chaabane , Ahmet Salih Buyukkayhan N/A
Speeding up detection of SHA-1 collision attacks using unavoidable attack conditions Marc Stevens , Daniel Shumow N/A
Phoenix: Rebirth of a Cryptographic Password-Hardening Service Sherman Chow , Dominique Schröder , Russell Lai , Christoph Egger N/A
Vale: Verifying High-Performance Cryptographic Assembly Code Bryan Parno , Jacob r. Lorch , Manos Kapritsos , Srinath Setty , Chris Hawblitzel , Ashay Rane , Barry Bond , K. Leino , Laure Thompson N/A
Moderator: Michael Bailey, University of Illinois, at Urbana-Champaign Damon Mccoy , Nick Sullivan , Tom Anderson N/A
Exploring User Perceptions of Discrimination in Online Targeted Advertising Michelle l. Mazurek , Michael Carl Tschantz , Elissa M. Redmiles , Angelisa C. Plane N/A
Measuring the Insecurity of Mobile Deep Links of Android Danfeng Yao , Gang Wang , Fang Liu , Chun Wang , Andres Pico N/A
How the Web Tangled Itself: Uncovering the History of Client-Side Web (In)Security Martin Johns , Ben Stock , Marius Backes N/A
Towards Efficient Heap Overflow Discovery Dengguo Feng , Purui Su , Chao Zhang , Yi Yang , Xiangkun Jia , Huafeng Huang N/A
DR. CHECKER: A Soundy Analysis for Linux Kernel Drivers Christopher Kruegel , Giovanni Vigna , Chad Spensky , Nick Stephens , Aravind Machiry , Jake Corina N/A
Dead Store Elimination (Still) Considered Harmful Kirill Levchenko , Sorin Lerner , Brian Johannesmeyer , Zhaomo Yang , Anders Trier Olesen N/A
Telling Your Secrets without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution Raoul Strackx , Frank Piessens , Rudiger Kapitza , Jo Van Bulck , Nico Weichbrodt N/A
CLKSCREW: Exposing the Perils of Security-Oblivious Energy Management Salvatore Stolfo , Adrian Tang , Simha Sethumadhavan N/A
AutoLock: Why Cache Attacks on ARM Are Harder Than You Think Thomas Eisenbarth , Johann Heyszl , Gorka Irazoqui , Marc Green , Leandro Rodrigues-lima , Andreas Zankl N/A
Understanding the Mirai Botnet Elie Bursztein , Manos Antonakakis , Joshua Mason , Luca Invernizzi , Michael Bailey , Kurt Thomas , Jaime Cochran , Deepak Kumar , Nick Sullivan , Matt Bernhard , Damian Menscher , Chad Seaman , Zane Ma , Michalis Kallitsis , Tim April , Zakir Halderman , Chaz Lever , Yi Zhou N/A
MPI: Multiple Perspective Attack Investigation with Semantic Aware Execution Partitioning Dongyan Xu , Xiangyu Zhang , Juan Zhai , Shiqing Ma , Kyu Hyung Lee , Fei Wang N/A
Detecting Android Root Exploits by Learning from Root Providers Chengyu Song , Zhiyun Qian , Srikanth V. Krishnamurthy , Ioannis Gasparis N/A
USB Snooping Made Easy: Crosstalk Leakage Attacks on USB Hubs Daniel Genkin , Yuval Yarom , Yang Su , Damith Ranasinghe N/A
Reverse Engineering x86 Processor Microcode Thorsten Holz , Christof Paar , Robert Gawlik , Benjamin Kollenda , Philipp Koppe , Marc Fyrbiak , Christian Kison , Ruhr-university Bochum N/A
See No Evil, Hear No Evil, Feel No Evil, Print No Evil? Malicious Fill Patterns Detection in Additive Manufacturing Raheem Beyah , Saman A. Zonouz , Luis Garcia , Christian Bayens , Tuan Le , Mehdi Javanmard N/A
The Loopix Anonymity System George Danezis , Sebastian Meiser , Tariq Elahi , Jamie Hayes , Ania M. Piotrowska N/A
MCMix: Anonymous Messaging via Secure Multiparty Computation Aggelos Kiayias , Riivo Talviste , Thomas Zacharias , Nikolaos Alexopoulos N/A
ORide: A Privacy-Preserving yet Accountable Ride-Hailing Service Jean-pierre Hubaux , Italo Dacosta , Kévin Huguenin , Guillaume Endignoux , Anh Pham , Juan Pastoriza N/A
Adaptive Android Kernel Live Patching Zhi Wang , Yulong Zhang , Tao Wei , Yue Chen , Liangzhao Xia , Chenfu Bao N/A
CHAINIAC: Proactive Software-Update Transparency via Collectively Signed Skipchains and Verified Builds Bryan Ford , Justin Cappos , Philipp Jovanovic , Nicolas Gailly , Ismail Khoffi , Linus Gasser , Kirill Nikitin , Eleftherios Kokoris-kogias N/A
ROTE: Rollback Protection for Trusted Execution Srdjan Capkun , Ari Juels , Kari Kostiainen , Arthur Gervais , David Sommer , Sinisa Matetic , Mansoor Ahmed , Aritra Dhar N/A
A Longitudinal, End-to-End View of the DNSSEC Ecosystem Dave Levin , David r. Choffnes , Christo Wilson , Balakrishnan Chandrasekaran , Alan Mislove , Roland Van Rijswijk-deij , Taejoong Chung , Bruce M. Maggs N/A
Measuring HTTPS Adoption on the Web Chris Palmer , Parisa Tabriz , Adrienne porter Felt , Richard Barnes , April King , Chris Bentzel N/A
"I Have No Idea What I'm Doing" - On the Usability of Deploying HTTPS Edgar Weippl , Katharina Krombholz , Martin Schmiedecker , Wilfried Mayer N/A
Beauty and the Burst: Remote Identification of Encrypted Video Streams Vitaly Shmatikov , Eran Tromer , Roei Schuster N/A
Walkie-Talkie: An Efficient Defense Against Passive Website Fingerprinting Attacks Ian Goldberg , Tao Wang N/A
A Privacy Analysis of Cross-device Tracking Steven M. Bellovin , Sebastian Zimmeck , Jie S. Li , Hyungtae Kim , Tony Jebara N/A
SmartPool: Practical Decentralized Pooled Mining Prateek Saxena , Jason Teutsch , Loi Luu , Yaron Velner N/A
REM: Resource-Efficient Mining for Blockchains Ari Juels , Fan Zhang , Ittay Eyal , Robert Escriva , Robbert Van Renesse N/A
Ensuring Authorized Updates in Multi-user Database-Backed Applications Atul Prakash , Kevin Eykholt , Barzan Mozafari N/A
Qapla: Policy compliance for database-backed systems Deepak Garg , Peter Druschel , Eslam Elnikety , Aastha Mehta , Katura Harvey N/A