SecuritySymposium 2015 Aug. 12, 2015 to Aug. 14, 2015, washington,USA

Event Page

Tell us about missing data
Title Speakers Summary Topic Types
Opening Remarks and Awards Jaeyeon Jung N/A
Inherent Cyber Insecurity and Our National Security: Surviving on a Diet of Poisoned Fruit Richard J. Danzig Cyber systems are a security paradox. Even as they grant unprecedented powers, they also make ...
Post-Mortem of a Zombie: Conficker Cleanup After Six Years Hadi Asghari , Michel Van Eeten , Michael Ciere N/A
Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking Applications in the Developing World Patrick Traynor , Adam Bates , Bradley Reaves , Nolen Scaife , Kevin R.b. Butler N/A
Measuring the Longitudinal Evolution of the Online Anonymous Marketplace Ecosystem Nicolas Christin , Kyle Soska N/A
Under-Constrained Symbolic Execution: Correctness Checking for Real Code Dawson Engler , David A. Ramos N/A
TaintPipe: Pipelined Symbolic Taint Analysis Peng Liu , Dinghao Wu , Jun Wang , Jiang Ming , Gaoyao Xiao N/A
Type Casting Verification: Stopping an Emerging Attack Vector Taesoo Kim , Wenke Lee , Byoungyoung Lee , Chengyu Song N/A
Machine vs. Machine: Lessons from the First Year of Cyber Grand Challenge Mike Walker In 2014 DARPA launched the Cyber Grand Challenge: a competition that seeks to create automatic ...
All Your Biases Belong to Us: Breaking RC4 in WPA-TKIP and TLS Frank Piessens , Mathy Vanhoef N/A
Attacks Only Get Better: Password Recovery Attacks Against RC4 in TLS Kenneth g. Paterson , Christina Garman , Thyla Merwe N/A
Eclipse Attacks on Bitcoin’s Peer-to-Peer Network Sharon Goldberg , Ethan Heilman , Alison Kendler , Aviv Zohar N/A
Compiler-instrumented, Dynamic Secret-Redaction of Legacy Processes for Attacker Deception Kevin W. Hamlen , Frederico Araujo N/A
Control-Flow Bending: On the Effectiveness of Control-Flow Integrity Mathias Payer , David A. Wagner , Thomas R. Gross , Antonio Barresi , Nicolas Carlini N/A
Automatic Generation of Data-Oriented Exploits Zhenkai Liang , Prateek Saxena , Zheng Leong Chua , Hong Hu , Sendroiu Adrian N/A
Transforming Innovative Security Concepts into Disruptive Security Companies Rick Gordon Security operations people worldwide continue to be overwhelmed by global malicious actors who enjoy an ...
Protocol State Fuzzing of TLS Implementations Erik Poll , Joeri De Ruiter N/A
Verified Correctness and Security of OpenSSL HMAC Andrew W. Appel , Lennart Beringer , Adam Petcher , Katherine Q. Ye N/A
Not-Quite-So-Broken TLS: Lessons in Re-Engineering a Security Protocol Specification and Implementation Hannes Mehnert , Anil Madhavapeddy , David Kaloper-meršinjak , Peter Sewell N/A
To Pin or Not to Pin—Helping App Developers Bullet Proof Their TLS Connections Matthew Smith , Sascha Fahl , Marten Oltrogge , Yasemin Acar , Sergej Dechand N/A
De-anonymizing Programmers via Code Stylometry Rachel Greenstadt , Fabian "fabs" Yamaguchi , Arvind Narayanan , Richard Harang , Aylin Caliskan-islam , Andrew Liu , Clare Voss N/A
RAPTOR: Routing Attacks on Privacy in Tor Prateek Mittal , Jennifer Rexford , Mung Chiang , Yixin Sun , Anne Edmundson , Laurent Vanbever , Oscar Li N/A
Circuit Fingerprinting Attacks: Passive Deanonymization of Tor Hidden Services Marc Dacier , David Lazar , Albert Kwon , Mashael Alsabah , Srinivas Devadas N/A
SecGraph: A Uniform and Open-source Evaluation System for Graph Data Anonymization and De-anonymization Prateek Mittal , Xin Hu , Raheem Beyah , Shouling Ji , Weiqing Li N/A
Conducting Usable Security Studies: It's Complicated Lorrie Faith Cranor User studies are critical to understanding how users perceive and interact with security and privacy ...
Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobilizer Roel Verdult , Flavio D. Garcia , Baris Ege N/A
Trustworthy Whole-System Provenance for the Linux Kernel Adam Bates , Thomas Moyer , Kevin R.b. Butler , Dave (jing) Tian N/A
Securing Self-Virtualizing Ethernet Devices Dan Tsafrir , Muli Ben-yehuda , Igor Smolyar N/A
EASEAndroid: Automatic Policy Analysis and Refinement for Security Enhanced Android via Large-Scale Semi-Supervised Learning William Enck , Peng Ning , Wu Zhou , Xinwen Zhang , Ruowen Wang , Douglas Reeves , Dingbang Xu , Ahmed M. Azab N/A
Marionette: A Programmable Network Traffic Obfuscation System Thomas Shrimpton , Kevin P. Dyer , Scott E. Coull N/A
CONIKS: Bringing Key Transparency to End Users Michael J. Freedman , Edward W. Felten , Joseph Bonneau , Aaron Blankstein , Marcela S. Melara N/A
Investigating the Computer Security Practices and Needs of Journalists Franziska Roesner , Susan E. Mcgregor , Polina Charters , Tobin Holliday N/A
Why Johnny and Janie Can’t Code Safely: Bringing Software Assurance to the Masses Bart Miller While we’re all furiously working on new techniques to automate the finding of weaknesses and ...
Constants Count: Practical Improvements to Oblivious RAM Elaine Shi , Marten van Dijk , Christopher Fletcher , Ling Ren , Emil Stefanov , Albert Kwon , Srinivas Devadas N/A
Raccoon: Closing Digital Side-Channels through Obfuscated Execution Ashay Rane , Calvin Lin , Mohit Tiwari N/A
M2R: Enabling Stronger Privacy in MapReduce Computation Prateek Saxena , Ee-chien Chang , Tien Dinh , Beng Chin Ooi , Chunwang Zhang N/A
Measuring Real-World Accuracies and Biases in Modeling Password Guessability Lorrie Faith Cranor , Lujo Bauer , Nicolas Christin , Blase Ur , Saranga Komanduri , Michelle l. Mazurek , Sean M. Segreti , Darya Kurilova , William Shay N/A
Sound-Proof: Usable Two-Factor Authentication Based on Ambient Sound Srdjan Capkun , Claudio Marforio , Nikolaos Karapanos , Claudio Soriente N/A
Android Permissions Remystified: A Field Study on Contextual Integrity David A. Wagner , Serge Egelman , Konstantin Beznosov , Primal Wijesekera , Arjun Baokar , Ashkan Hosseini N/A
Preventing Security Bugs through Software Design Christoph Kern Many security bugs, such as Cross-Site-Scripting (XSS), SQL injection, buffer overruns, etc, are in isolation ...
Phasing: Private Set Intersection Using Permutation-based Hashing Benny Pinkas , Thomas Schneider , Gil Segev , Michael Zohner N/A
Faster Secure Computation through Automatic Parallelization Stefan Katzenbeisser , Niklas Buescher N/A
The Pythia PRF Service Ari Juels , Thomas Ristenpart , Adam Everspaugh , Rahul Chaterjee , Samuel Scott N/A
EVILCOHORT: Detecting Communities of Malicious Accounts on Online Services Christopher Kruegel , Giovanni Vigna , Manuel Egele , Gianluca Stringhini , Gregoire Jacob , Pierre Mourlanne N/A
Trends and Lessons from Three Years Fighting Malicious Extensions Niels Provos , Moheeb Abu Rajab , Panayiotis Mavrommatis , Jean-philippe Gravel , Kurt Thomas , Nav Jagpal , Eric Dingle N/A
Meerkat: Detecting Website Defacements through Image-based Object Recognition Christopher Kruegel , Giovanni Vigna , Kevin Borgolte N/A
Using Formal Methods to Eliminate Exploitable Bugs Kathleen Fisher For decades, formal methods have offered the promise of software that doesn’t have exploitable bugs. ...
Recognizing Functions in Binaries with Neural Networks Dawn Song , Reza Moazzezi , Eui Shin N/A
Reassembleable Disassembling Pei Wang , Dinghao Wu , Shuai Wang N/A
How the ELF Ruined Christmas Christopher Kruegel , Giovanni Vigna , Yan Shoshitaishvili , Alessandro Di Federico , Amat Cama N/A
Panel on Research Ethics Niels Provos , Stuart E. Schechter , Michael Bailey , Erin Kenneally N/A
Perspectives on Securing Cyberspace Deborah A. Frincke Cybersecurity research within the National Security Agency/Central Security Service Research Directorate is a complex, mission-driven ...
Finding Unknown Malice in 10 Seconds: Mass Vetting for New Threats at the Google-Play Scale Xiaofeng Wang , Peng Liu , Kai Chen , Nan Zhang , Peng Wang , Heqing Huang , Yeonjoon Lee , Wei Zou N/A
You Shouldn’t Collect My Secrets: Thwarting Sensitive Keystroke Leakage in Mobile IME Apps Zhiqiang Lin , Haibo Chen , Haibing Guan , Binyu Zang , Jin Chen , Erick Bauman N/A
Boxify: Full-fledged App Sandboxing for Stock Android Michael Backes , Sven Bugiel , Philipp von Styp-rekowsky , Christian Hammer , Oliver Schranz N/A
Cookies Lack Integrity: Real-World Implications Nicholas Weaver , Shuo Chen , Haixin Duan , Jinjin Liang , Jian Jiang , Xiaofeng Zheng , Tao Wan N/A
The Unexpected Dangers of Dynamic JavaScript Martin Johns , Ben Stock , Sebastian Lekies , Martin Wentzel N/A
ZigZag: Automatically Hardening Web Applications Against Client-side Validation Vulnerabilities Christopher Kruegel , Giovanni Vigna , William Robertson , Engin Kirda , Michael Weissbacher N/A
Anatomization and Protection of Mobile Apps’ Location Privacy Threats Kang G. Shin , Kassem Fawaz , Huan Feng N/A
LinkDroid: Reducing Unregulated Aggregation of App Usage Behaviors Kang G. Shin , Kassem Fawaz , Huan Feng N/A
PowerSpy: Location Tracking Using Mobile Device Power Analysis Dan Boneh , Gabi Nakibly , Yan Michalevsky , Aaron Schulman , Gunaa Arumugam Veerapandian N/A
In the Compression Hornet’s Nest: A Security Study of Data Compression in Network Services Davide Balzarotti , Neeraj Suri , Giancarlo Pellegrino , Stefan Winter N/A
Bohatei: Flexible and Elastic DDoS Defense Vyas Sekar , Michael Bailey , Seyed K. Fayaz , Yoshiaki Tobioka N/A
Boxed Out: Blocking Cellular Interconnect Bypass Fraud at the Network Edge Patrick Traynor , Henry Carter , Adam Bates , Ethan Shernan , Bradley Reaves N/A
GSMem: Data Exfiltration from Air-Gapped Computers over GSM Frequencies Yuval Elovici , Mordechai Guri , Gabi Kedma , Assaf Kachlon , Ofer Hasson , Yisroel Mirsky N/A
Thermal Covert Channels on Multi-core Platforms Srdjan Capkun , Ramya Jayaram Masti , Aanjhan Ranganathan , Devendra Rai , Christian Müller , Lothar Thiele N/A
Rocking Drones with Intentional Sound Noise on Gyroscopic Sensors Yongdae Kim , Yunmok Son , Hocheol Shin , Dongkwan Kim , Youngseok Park , Juhwan Noh , Kibum Choi , Jungwoo Choi N/A
Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches Daniel Gruss , Raphael Spreitzer , Stefan Mangard N/A
A Placement Vulnerability Study in Multi-Tenant Public Clouds Thomas Ristenpart , Venkatanathan Varadarajan , Michael M. Swift , Yinqian Zhang N/A
A Measurement Study on Co-residence Threat inside the Cloud Haining Wang , Zhenyu Wu , Zhang Xu N/A
Towards Discovering and Understanding Task Hijacking in Android Peng Liu , Yulong Zhang , Tao Wei , Hui Xue , Chuangang Ren N/A
Cashtags: Protecting the Input and Display of Sensitive Data Peter L. Reiher , Michael Mitchell , An-i Andy Wang N/A
SUPOR: Precise and Scalable Sensitive User Input Detection for Android Apps Xusheng Xiao , Kangjie Lu , Xiangyu Zhang , Zhenyu Wu , Guofei Jiang , Zhichun Li , Jianjun Huang N/A
UIPicker: User-Input Privacy Identification in Mobile Applications Xiaofeng Wang , Guofei Gu , Yuhong Nan , Min Yang , Zhemin Yang , Shunfan Zhou N/A
Cloudy with a Chance of Breach: Forecasting Cyber Security Incidents Michael Bailey , Yang Liu , Jing Zhang , Manish Karir , Mingyan Liu , Parinaz Naghizadeh , Armin Sarabi N/A
WebWitness: Investigating, Categorizing, and Mitigating Malware Download Paths Manos Antonakakis , Roberto Perdisci , Terry Nelms , Mustaque Ahamad N/A
Vulnerability Disclosure in the Age of Social Media: Exploiting Twitter for Predicting Real-World Exploits Tudor Dumitras , Carl Sabottke , Octavian Suciu N/A