NDSS Symposium 2014 Accepted Papers
On the Mismanagement and Maliciousness of Networks
Jing Zhang, Zakir Durumeric, Michael Bailey, Manish Karir and Mingyan Liu
No Direction Home: The True Cost of Routing Around Decoys
Amir Houmansadr, Edmund L. Wong and Vitaly Shmatikov
Gaining Control of Cellular Traffic Accounting by Spurious TCP Retransmission
Younghwan Go, EunYoung Jeong, Jongil Won, Yongdae Kim, Denis Foo Kune and KyoungSoo Park
CyberProbe: Towards Internet-Scale Active Detection of Malicious Servers
Antonio Nappa, Zhaoyan Xu, M. Zubair Rafique, Juan Caballero and Guofei Gu
Amplification Hell: Revisiting Network Protocols for DDoS Abuse
Christian Rossow
ROPecker: A Generic and Practical Approach for Defending Against ROP Attacks
Yueqiang Cheng, Zongwei Zhou, Miao Yu, Xuhua Ding and Robert H. Deng
A Trusted Safety Verifier for Process Controller Code
Stephen McLaughlin, Saman Zonouz, Devin Pohly and Patrick McDaniel
Avatar: A Framework to Support Dynamic Security Analysis of Embedded Systems’ Firmwares
Jonas Zaddach, Luca Bruno, Aurelien Francillon and Davide Balzarotti
SAFEDISPATCH: Securing C++ Virtual Calls from Memory Corruption Attacks
Dongseok Jang, Zachary Tatlock and Sorin Lerner
HYBRID-BRIDGE: Efficiently Bridging the Semantic Gap in Virtual Machine Introspection via Decoupled Execution and Training Memoization
Alireza Saberi, Yangchun Fu and Zhiqiang Lin
Screenmilker: How to Milk Your Android Screen for Secrets
Chia-Chi Lin, Hongyang Li, Xiaoyong Zhou and XiaoFeng Wang
AccelPrint: Imperfections of Accelerometers Make Smartphones Trackable
Sanorita Dey, Nirupam Roy, Wenyuan Xu, Romit Roy Choudhury and Srihari Nelakuditi
Smartphones as Practical and Secure Location Verification Tokens for Payments
Claudio Marforio, Nikolaos Karapanos, Claudio Soriente, Kari Kostiainen and Srdjan Capkun
Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks
Martin Georgiev, Suman Jana and Vitaly Shmatikov
Inside Job: Understanding and Mitigating the Threat of External Device Mis-Bonding on Android
Muhammad Naveed, Xiaoyong Zhou, Soteris Demetriou, XiaoFeng Wang and Carl A Gunter
DSpin: Detecting Automatically Spun Content on the Web
Qing Zhang, David Y. Wang and Geoffrey M. Voelker
Toward Black-Box Detection of Logic Flaws in Web Applications
Giancarlo Pellegrino and Davide Balzarotti
Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud
Arnar Birgisson, Joe Gibbs Politz, Ulfar Erlingsson, Ankur Taly, Michael Vrable and Mark Lentczner
Detecting Logic Vulnerabilities in E-Commerce Applications
Fangqi Sun, Liang Xu and Zhendong Su
Simulation of Built-in PHP Features for Precise Static Code Analysis
Johannes Dahse and Thorsten Holz
Enhanced Certificate Transparency and End-to-end Encrypted Mail
Mark D. Ryan
Privacy through Pseudonymity in Mobile Telephony Systems
Myrto Arapinis, Loretta Ilaria Mancini, Eike Ritter and Mark Ryan
Privacy-Preserving Distributed Stream Monitoring
Arik Friedman, Izchak Sharfman, Daniel Keren and Assaf Schuster
The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network
Rob Jansen, Florian Tschorsch, Aaron Johnson and Bjorn Scheuermann
Selling Off Privacy at Auction
Lukasz Olejnik, Minh-Dung Tran and Claude Castelluccia
The Tangled Web of Password Reuse
Anupam Das, Joseph Bonneau, Matthew Caesar, Nikita Borisov and XiaoFeng Wang
On the Semantic Patterns of Passwords and their Security Impact
Rafael Veras, Christopher Collins and Julie Thorpe
From Very Weak to Very Strong: Analyzing Password-Strength Meters
Xavier de Carné de Carnavalet and Mohammad Mannan
Copker: Computing with Private Keys without RAM
Le Guan, Jingqiang Lin, Bo Luo and Jiwu Jing
Practical Dynamic Searchable Encryption with Small Leakage
Emil Stefanov, Charalampos Papamanthou and Elaine Shi
Decentralized Anonymous Credentials
Christina Garman, Matthew Green and Ian Miers
Dynamic Searchable Encryption in Very-Large Databases: Data Structures and Implementation
David Cash, Joseph Jaeger, Stanislaw Jarecki, Charanjit Jutla, Hugo Krawczyk, Marcel-Catalin Ros and Michael Steiner
Authentication Using Pulse-Response Biometrics
Kasper B. Rasmussen, Marc Roeschlin, Ivan Martinovic and Gene Tsudik
Hardening Persona – Improving Federated Web Login
Michael Dietz and Dan S. Wallach
Two-Factor Authentication Resilient to Server Compromise Using Mix-Bandwidth Devices
Maliheh Shirvanian, Stanislaw Jarecki, Nitesh Saxena and Naveen Nathan
Leveraging USB to Establish Host Identity Using Commodity Devices
Adam Bates, Ryan Leonard, Hannah Pruse, Daniel Lowd and Kevin R. B. Butler
PlaceAvoider: Steering First-Person Cameras away from Sensitive Spaces
Robert Templeman, Mohammed Korayem, David Crandall and Apu Kapadia
Auditable Version Control Systems
Bo Chen and Reza Curtmola
Power Attack: An Increasing Threat to Data Centers
Zhang Xu, Haining Wang, Zichen Xu and Xiaorui Wang
Scambaiter: Understanding Targeted Nigerian Scams on Craigslist
Youngsam Park, Jackie Jones, Damon McCoy, Elaine Shi and Markus Jakobsson
Botcoin: Monetizing Stolen Cycles
Danny Yuxing Huang, Hitesh Dharmdasani, Sarah Meiklejohn, Vacha Dave, Chris Grier, Damon McCoy, Stefan Savage, Nicholas Weaver, Alex C. Snoeren and Kirill Levchenko
A Machine-learning Approach for Classifying and Categorizing Android Sources and Sinks
Siegfried Rasthofer, Steven Arzt and Eric Bodden
AirBag: Boosting Smartphone Resistance to Malware Infection
Chiachih Wu, Yajin Zhou, Kunal Patel, Zhenkai Liang and Xuxian Jiang
SMV-HUNTER: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps
David Sounthiraraj, Justin Sahs, Garret Greenwood, Zhiqiang Lin and Latifur Khan
AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks in Android Applications
Mu Zhang and Heng Yin
Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications
Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel and Giovanni Vigna
Nazca: Detecting Malware Distribution in Large-Scale Networks
Luca Invernizzi, Stanislav Miskovic, Ruben Torres, Christopher Kruegel, Sabyasachi Saha, Giovanni Vigna, Sung-Ju Lee and Marco Mellia
Persistent Data-only Malware: Function Hooks without Code
Sebastian Vogl, Jonas Pfoh, Thomas Kittel and Claudia Eckert Technische Universitat Munchen
Drebin: Effective and Explainable Detection of Android Malware in Your Pocket
Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon and Konrad Rieck
Gyrus: A Framework for User-Intent Monitoring of Text-Based Networked Applications
Yeongjin Jang, Simon P. Chung, Bryan D. Payne and Wenke Lee
Neural Signatures of User-Centered Security: An fMRI Study of Phishing, and Malware Warnings
Ajaya Neupane, Nitesh Saxena, Keya Kuruvilla, Michael Georgescu and Rajesh Kana
Web PKI: Closing the Gap between Guidelines and Practices
Antoine Delignat-Lavaud, Mart ́ın Abadi, Andrew Birrell, Ilya Mironov, Ted Wobber and Yinglian Xie
Efficient Private File Retrieval by Combining ORAM and PIR
Travis Mayberry, Erik-Oliver Blass and Agnes Hui Chan
Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems
Matthias Schulz, Adrian Loch and Matthias Hollick
Practical Issues with TLS Client Certificate Authentication
Arnis Parsovs
Let SDN Be Your Eyes: Secure Forensics in Data Center Networks
Adam Bates, Kevin Butler, Andreas Haeberlen, Micah Sherr and Wenchao Zhou
Towards a Richer Set of Services in Software-Defined Networks
Roberto Bifulco and Ghassan Karame
A Tradeoff between Caching Efficiency and Data Protection for Video Services in CCN
Eunsang Cho, Jongho Shin, Jaeyoung Choi, Ted Taekyoung Kwon and Yanghee Choi
Needle in a Haystack: Mitigating Content Poisoning in Named-Data Networking
Cesar Ghali, Gene Tsudik and Ersin Uzun
Cellpot: A Concept for Next Generation Cellular Network Honeypots
Ravishankar Borgaonkar, Steffen Liebergeld and Matthias Lange
Zero-Communication Seed Establishment for Anti-Jamming Techniques
Kim Pecina, Esfandiar Mohammadi and Christina Popper
Even Rockets Cannot Make Pigs Fly Sustainably: Can BGP be Secured with BGPsec?
Qi Li, Yih-Chun Hu and Xinwen Zhang
Communication Pattern Monitoring: Improving the Utility of Anomaly Detection for Industrial Control Systems
Man-Ki Yoon and Gabriela Ciocarlie
Should I Protect You? Understanding Developers’ Behavior to Privacy-Preserving APIs
Shubham Jain and Janne Lindqvist
The Privacy and Security Behaviors of Smartphone App Developers
Rebecca Balebako, Abigail Marsh, Jialiu Lin, Jason Hong and Lorrie Faith Cranor
Is Your Inseam a Biometric? A Case Study on the Role of Usability Studies in Developing Public Policy
Rebecca Balebako, Rich Shay and Lorrie Faith Cranor
Learning from “Shadow Security”: Why understanding non-compliance provides the basis for effective security
Iacovos Kirlappos, Simon Parkin and Angela Sasse
A Comparative Usability Study of Two-Factor Authentication
Emiliano De Cristofaro, Honglu Du, Julien Freudiger and Greg Norcie
Beyond Access Control: Managing Online Privacy via Exposure
Mainack Mondal, Peter Druschel, Krishna P. Gummadi and Alan Mislove
Spiny CACTOS: OSN users attitudes and perceptions towards cryptographic access control tools
Ero Balsa, Laura Brandimarte, Alessandro Acquisti, Claudia Diaz and Seda Gürses
Dynamic Cognitive Game CAPTCHA Usability and Detection of Streaming-Enabled Farming
Manar Mohamed, Song Gao, Nitesh Saxena and Chengcui Zhang
A Field Study of Run-Time Location Access Disclosures on Android Smartphones
Huiqing Fu, Yulong Yang, Nileema Shingte, Janne Lindqvist and Marco Gruteser
Survey on the Fate of Digital Footprints after Death
Carsten Grimm and Sonia Chiasson
An Exploratory Ethnographic Study of Issues and Concerns with Whole Genome Sequencing
Emiliano De Cristofaro
On a Scale from 1 to 10, How Private Are You? Scoring Facebook Privacy Settings
Tehila Minkus and Nasir Memon
Why Johnny Can’t Blow The Whistle: Identifying and Reducing Usability Issues in Anonymity Systems
Greg Norcie, Jim Blythe, Kelly Caine and L Jean Camp
Introducing Precautionary Behavior by Temporal Diversion of Voter Attention from Casting to Verifying their Vote
Jurlind Budurushi, Marcel Woide and Melanie Volkamer
Voter, What Message Will Motivate You To Verify Your Vote?
M. Maina Olembo, Karen Renaud, Steffen Bartsch and Melanie Volkamer