All the Numbers are US: Large-scale Abuse of...
Christoph Hagen (University of Würzburg), Christian Weinert (TU Darmstadt), Christoph Sendner (University of Würzburg),...
More DetailsNDSS Symposium 2021 Accepted Papers
Summer Cycle
As Strong As Its Weakest Link: How to...
Kai Li (Syracuse University), Jiaqi Chen (Syracuse University), Xianghong Liu (Syracuse University), Yuzhe Tang...
More DetailsAwakening the Web's Sleeper Agents: Misusing Service Workers...
Soroush Karami (University of Illinois at Chicago), Panagiotis Ilia (University of Illinois at Chicago),...
More DetailsBringing Balance to the Force: Dynamic Analysis of...
Abdallah Dawoud (CISPA Helmholtz Center for Information Security), Sven Bugiel (CISPA Helmholtz Center for...
More DetailsC^2SR: Cybercrime Scene Reconstruction for Post-mortem Forensic Analysis
Yonghwi Kwon (University of Virginia), Weihang Wang (University at Buffalo, SUNY), Jinho Jung (Georgia...
More DetailsDeceptive Deletions for Protecting Withdrawn Posts on Social...
Mohsen Minaei (Visa Research), S Chandra Mouli (Purdue University), Mainack Mondal (IIT Kharagpur), Bruno...
More DetailsDOVE: A Data-Oblivious Virtual Environment
Hyun Bin Lee (University of Illinois at Urbana-Champaign), Tushar M. Jois (Johns Hopkins University),...
More DetailsEvading Voltage-Based Intrusion Detection on Automotive CAN
Rohit Bhatia (Purdue University), Vireshwar Kumar (Indian Institute of Technology Delhi), Khaled Serag (Purdue...
More DetailsFlexsealing BGP Against Route Leaks: Peerlock Active Measurement...
Tyler McDaniel (University of Tennessee, Knoxville), Jared M. Smith (University of Tennessee, Knoxville), Max...
More DetailsForward and Backward Private Conjunctive Searchable Symmetric Encryption
Sikhar Patranabis (ETH Zurich), Debdeep Mukhopadhyay (IIT Kharagpur)
More DetailsFrom WHOIS to WHOWAS: A Large-Scale Measurement Study...
Chaoyi Lu (Tsinghua University; Beijing National Research Center for Information Science and Technology), Baojun...
More DetailsHey Alexa, is this Skill Safe?: Taking a...
Christopher Lentzsch (Ruhr-Universität Bochum), Sheel Jayesh Shah (North Carolina State University), Benjamin Andow (Google),...
More DetailsLet’s Stride Blindfolded in a Forest: Sublinear Multi-Client...
Jack P. K. Ma (The Chinese University of Hong Kong), Raymond K. H. Tai...
More DetailsMore than a Fair Share: Network Data Remanence...
Leila Rashidi (University of Calgary), Daniel Kostecki (Northeastern University), Alexander James (University of Calgary),...
More DetailsObfuscated Access and Search Patterns in Searchable Encryption
Zhiwei Shang (University of Waterloo), Simon Oya (University of Waterloo), Andreas Peter (University of...
More DetailsPOP and PUSH: Demystifying and Defending against (Mach)...
Min Zheng (Orion Security Lab, Alibaba Group), Xiaolong Bai (Orion Security Lab, Alibaba Group),...
More DetailsProcessing Dangerous Paths – On Security and Privacy...
Jens Müller (Ruhr University Bochum), Dominik Noss (Ruhr University Bochum), Christian Mainka (Ruhr University...
More DetailsReining in the Web's Inconsistencies with Site Policy
Stefano Calzavara (Università Ca' Foscari Venezia), Tobias Urban (Institute for Internet Security and Ruhr...
More DetailsRosita: Towards Automatic Elimination of Power-Analysis Leakage in...
Madura A. Shelton (University of Adelaide), Niels Samwel (Radboud University), Lejla Batina (Radboud University),...
More DetailsScreen Gleaning: A Screen Reading TEMPEST Attack on...
Zhuoran Liu (Radboud university), Niels Samwel (Radboud University), Léo Weissbart (Radboud University), Zhengyu Zhao...
More DetailsThe Abuser Inside Apps: Finding the Culprit Committing...
Joongyum Kim (KAIST), Jung-hwan Park (KAIST), Sooel Son (KAIST)
More DetailsTowards Measuring Supply Chain Attacks on Package Managers...
Ruian Duan (Georgia Institute of Technology), Omar Alrawi (Georgia Institute of Technology), Ranjita Pai...
More DetailsXDA: Accurate, Robust Disassembly with Transfer Learning
Kexin Pei (Columbia University), Jonas Guan (University of Toronto), David Williams-King (Columbia University), Junfeng...
More DetailsZoom on the Keystrokes: Exploiting Video Calls for...
Mohd Sabra (University of Texas at San Antonio), Anindya Maiti (University of Oklahoma), Murtuza...
More DetailsFall Cycle
A Devil of a Time: How Vulnerable is...
Yarin Perry (The Hebrew University of Jerusalem), Neta Rozen-Schiff (The Hebrew University of Jerusalem),...
More DetailsA Formal Analysis of the FIDO UAF Protocol
Haonan Feng (Beijing University of Posts and Telecommunications), Hui Li (Beijing University of Posts...
More DetailsALchemist: Fusing Application and Audit Logs for Precise...
Le Yu (Purdue University), Shiqing Ma (Rutgers University), Zhuo Zhang (Purdue University), Guanhong Tao...
More DetailsBaseSpec: Comparative Analysis of Baseband Software and Cellular...
Eunsoo Kim (KAIST), Dongkwan Kim (KAIST), CheolJun Park (KAIST), Insu Yun (KAIST), Yongdae Kim...
More DetailsBitcontracts: Supporting Smart Contracts in Legacy Blockchains
Karl Wüst (ETH Zurich), Loris Diana (ETH Zurich), Kari Kostiainen (ETH Zurich), Ghassan Karame...
More DetailsCHANCEL: Efficient Multi-client Isolation Under Adversarial Programs
Adil Ahmad (Purdue University), Juhee Kim (Seoul National University), Jaebaek Seo (Google), Insik Shin...
More DetailsCV-Inspector: Towards Automating Detection of Adblock Circumvention
Hieu Le (University of California, Irvine), Athina Markopoulou (University of California, Irvine), Zubair Shafiq...
More DetailsData Poisoning Attacks to Deep Learning Based Recommender...
Hai Huang (Tsinghua University), Jiaming Mu (Tsinghua University), Neil Zhenqiang Gong (Duke University), Qi...
More DetailsDetecting Kernel Memory Leaks in Specialized Modules with...
Navid Emamdoost (University of Minnesota), Qiushi Wu (University of Minnesota), Kangjie Lu (University of...
More DetailsDifferential Training: A Generic Framework to Reduce Label...
Jiayun Xu (Singapore Management University), Yingjiu Li (University of Oregon), Robert H. Deng (Singapore...
More DetailsDoes Every Second Count? Time-based Evolution of Malware...
Alexander Küchler (Fraunhofer AISEC), Alessandro Mantovani (EURECOM), Yufei Han (NortonLifeLock Research Group), Leyla Bilge...
More DetailsEarArray: Defending against DolphinAttack via Acoustic Attenuation
Guoming Zhang (Zhejiang University), Xiaoyu Ji (Zhejiang University), Xinfeng Li (Zhejiang University), Gang Qu...
More DetailsEmilia: Catching Iago in Legacy Code
Rongzhen Cui (University of Toronto), Lianying Zhao (Carleton University), David Lie (University of Toronto)
More DetailsFARE: Enabling Fine-grained Attack Categorization under Low-quality Labeled...
Junjie Liang (The Pennsylvania State University), Wenbo Guo (The Pennsylvania State University), Tongbo Luo...
More DetailsFavocado: Fuzzing the Binding Code of JavaScript Engines...
Sung Ta Dinh (Arizona State University), Haehyun Cho (Arizona State University), Kyle Martin (North...
More DetailsFlowLens: Enabling Efficient Flow Classification for ML-based Network...
Diogo Barradas (INESC-ID, Instituto Superior Técnico, Universidade de Lisboa), Nuno Santos (INESC-ID, Instituto Superior...
More DetailsFLTrust: Byzantine-robust Federated Learning via Trust Bootstrapping
Xiaoyu Cao (Duke University), Minghong Fang (The Ohio State University), Jia Liu (The Ohio...
More DetailsFrom Library Portability to Para-rehosting: Natively Executing Microcontroller...
Wenqiang Li (State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy...
More DetailsGALA: Greedy ComputAtion for Linear Algebra in Privacy-Preserved...
Qiao Zhang (Old Dominion University), Chunsheng Xin (Old Dominion University), Hongyi Wu (Old Dominion...
More DetailsHERA: Hotpatching of Embedded Real-time Applications
Christian Niesler (University of Duisburg-Essen), Sebastian Surminski (University of Duisburg-Essen), Lucas Davi (University of...
More DetailsHunting the Haunter — Efficient Relational Symbolic Execution...
Lesly-Ann Daniel (CEA, List, France), Sébastien Bardin (CEA, List, France), Tamara Rezk (Inria, France)
More DetailsImproving Signal's Sealed Sender
Ian Martiny (University of Colorado Boulder), Gabriel Kaptchuk (Boston University), Adam Aviv (The George...
More DetailsIoTSafe: Enforcing Safety and Security Policy with Real...
Wenbo Ding (Clemson University), Hongxin Hu (University at Buffalo), Long Cheng (Clemson University)
More DetailsKUBO: Precise and Scalable Detection of User-triggerable Undefined...
Changming Liu (Northeastern University), Yaohui Chen (Facebook Inc.), Long Lu (Northeastern University)
More DetailsLaKSA: A Probabilistic Proof-of-Stake Protocol
Daniel Reijsbergen (Singapore University of Technology and Design), Pawel Szalachowski (Singapore University of Technology...
More DetailsManipulating the Byzantine: Optimizing Model Poisoning Attacks and...
Virat Shejwalkar (UMass Amherst), Amir Houmansadr (UMass Amherst)
More DetailsMINOS: A Lightweight Real-Time Cryptojacking Detection System
Faraz Naseem (Florida International University), Ahmet Aris (Florida International University), Leonardo Babun (Florida International...
More DetailsMondrian: Comprehensive Inter-domain Network Zoning Architecture
Jonghoon Kwon (ETH Zürich), Claude Hähni (ETH Zürich), Patrick Bamert (Zürcher Kantonalbank), Adrian Perrig...
More DetailsNetPlier: Probabilistic Network Protocol Reverse Engineering from Message...
Yapeng Ye (Purdue University), Zhuo Zhang (Purdue University), Fei Wang (Purdue University), Xiangyu Zhang...
More DetailsOblivSketch: Oblivious Network Measurement as a Cloud Service
Shangqi Lai (Monash University), Xingliang Yuan (Monash University), Joseph K. Liu (Monash University), Xun...
More DetailsOn the Insecurity of SMS One-Time Password Messages...
Zeyu Lei (Purdue University), Yuhong Nan (Purdue University), Yanick Fratantonio (Eurecom & Cisco Talos),...
More DetailsPFirewall: Semantics-Aware Customizable Data Flow Control for Smart...
Haotian Chi (Temple University), Qiang Zeng (University of South Carolina), Xiaojiang Du (Temple University),...
More DetailsPGFUZZ: Policy-Guided Fuzzing for Robotic Vehicles
Hyungsub Kim (Purdue University), Muslum Ozgur Ozmen (Purdue University), Antonio Bianchi (Purdue University), Z....
More DetailsPhantomCache: Obfuscating Cache Conflicts with Localized Randomization
Qinhan Tan (Zhejiang University), Zhihua Zeng (Zhejiang University), Kai Bu (Zhejiang University), Kui Ren...
More DetailsPHOENIX: Device-Centric Cellular Network Protocol Monitoring using Runtime...
Mitziu Echeverria (The University of Iowa), Zeeshan Ahmed (The University of Iowa), Bincheng Wang...
More DetailsPOSEIDON: Privacy-Preserving Federated Neural Network Learning
Sinem Sav (EPFL), Apostolos Pyrgelis (EPFL), Juan Ramón Troncoso-Pastoriza (EPFL), David Froelicher (EPFL), Jean-Philippe...
More DetailsPractical Blind Membership Inference Attack via Differential Comparisons
Bo Hui (The Johns Hopkins University), Yuchen Yang (The Johns Hopkins University), Haolin Yuan...
More DetailsPractical Non-Interactive Searchable Encryption with Forward and Backward...
Shi-Feng Sun (Monash University, Australia), Ron Steinfeld (Monash University, Australia), Shangqi Lai (Monash University,...
More DetailsPreventing and Detecting State Inference Attacks on Android
Andrea Possemato (IDEMIA and EURECOM), Dario Nisi (EURECOM), Yanick Fratantonio (EURECOM and Cisco Talos)
More DetailsPrivacyFlash Pro: Automating Privacy Policy Generation for Mobile...
Sebastian Zimmeck (Wesleyan University), Rafael Goldstein (Wesleyan University), David Baraka (Wesleyan University)
More DetailsQPEP: An Actionable Approach to Secure and Performant...
James Pavur (Oxford University), Martin Strohmeier (armasuisse), Vincent Lenders (armasuisse), Ivan Martinovic (Oxford University)
More DetailsRandRunner: Distributed Randomness from Trapdoor VDFs with Strong...
Philipp Schindler (SBA Research), Aljosha Judmayer (SBA Research), Markus Hittmeir (SBA Research), Nicholas Stifter...
More DetailsRefining Indirect Call Targets at the Binary Level
Sun Hyoung Kim (Penn State), Cong Sun (Xidian University), Dongrui Zeng (Penn State), Gang...
More DetailsReinforcement Learning-based Hierarchical Seed Scheduling for Greybox Fuzzing
Jinghan Wang (University of California, Riverside), Chengyu Song (University of California, Riverside), Heng Yin...
More DetailsROV++: Improved Deployable Defense against BGP Hijacking
Reynaldo Morillo (University of Connecticut), Justin Furuness (University of Connecticut), Cameron Morris (University of...
More DetailsSerialDetector: Principled and Practical Exploration of Object Injection...
Mikhail Shcherbakov (KTH Royal Institute of Technology), Musard Balliu (KTH Royal Institute of Technology)
More DetailsShadow Attacks: Hiding and Replacing Content in Signed...
Christian Mainka (Ruhr University Bochum), Vladislav Mladenov (Ruhr University Bochum), Simon Rohlmann (Ruhr University...
More DetailsSODA: A Generic Online Detection Framework for Smart...
Ting Chen (University of Electronic Science and Technology of China), Rong Cao (University of...
More DetailsSpecTaint: Speculative Taint Analysis for Discovering Spectre Gadgets
Zhenxiao Qi (UC Riverside), Qian Feng (Baidu USA), Yueqiang Cheng (NIO Security Research), Mengjia...
More DetailsSquirRL: Automating Attack Analysis on Blockchain Incentive Mechanisms...
Charlie Hou (CMU, IC3), Mingxun Zhou (Peking University), Yan Ji (Cornell Tech, IC3), Phil...
More DetailsSymQEMU: Compilation-based symbolic execution for binaries
Sebastian Poeplau (EURECOM and Code Intelligence), Aurélien Francillon (EURECOM)
More DetailsTales of Favicons and Caches: Persistent Tracking in...
Konstantinos Solomos (University of Illinois at Chicago), John Kristoff (University of Illinois at Chicago),...
More DetailsTASE: Reducing Latency of Symbolic Execution with Transactional...
Adam Humphries (University of North Carolina), Kartik Cating-Subramanian (University of Colorado), Michael K. Reiter...
More DetailsThe Bluetooth CYBORG: Analysis of the Full Human-Machine...
Michael Troncoso (Naval Postgraduate School), Britta Hale (Naval Postgraduate School)
More DetailsTo Err.Is Human: Characterizing the Threat of Unintended...
Beliz Kaleli (Boston University), Brian Kondracki (Stony Brook University), Manuel Egele (Boston University), Nick...
More DetailsTowards Understanding and Detecting Cyberbullying in Real-world Images
Nishant Vishwamitra (University at Buffalo), Hongxin Hu (University at Buffalo), Feng Luo (Clemson University),...
More DetailsTrust the Crowd: Wireless Witnessing to Detect Attacks...
Kai Jansen (Ruhr University Bochum), Liang Niu (New York University), Nian Xue (New York...
More DetailsUIScope: Accurate, Instrumentation-free, and Visible Attack Investigation for...
Runqing Yang (Zhejiang University), Shiqing Ma (Rutgers University), Haitao Xu (Arizona State University), Xiangyu...
More DetailsUnderstanding and Detecting International Revenue Share Fraud
Merve Sahin (SAP Security Research), Aurélien Francillon (EURECOM)
More DetailsUnderstanding the Growth and Security Considerations of ECS
Athanasios Kountouras (Georgia Institute of Technology), Panagiotis Kintis (Georgia Institute of Technology), Athanasios Avgetidis...
More DetailsUnderstanding Worldwide Private Information Collection on Android
Yun Shen (NortonLifeLock Research Group), Pierre-Antoine Vervier (NortonLifeLock Research Group), Gianluca Stringhini (Boston University)
More DetailsWATSON: Abstracting Behaviors from Audit Logs via Aggregation...
Jun Zeng (National University of Singapore), Zheng Leong Chua (Independent Researcher), Yinfang Chen (National...
More DetailsWho's Hosting the Block Party? Studying Third-Party Blockage...
Marius Steffens (CISPA Helmholtz Center for Information Security), Marius Musch (TU Braunschweig), Martin Johns...
More DetailsWINNIE : Fuzzing Windows Applications with Harness Synthesis...
Jinho Jung (Georgia Institute of Technology), Stephen Tong (Georgia Institute of Technology), Hong Hu...
More DetailsYour Phone is My Proxy: Detecting and Understanding...
Xianghang Mi (University at Buffalo), Siyuan Tang (Indiana University Bloomington), Zhengyi Li (Indiana University...
More DetailsДоверя́й, но проверя́й: SFI safety for native-compiled Wasm
Evan Johnson (University of California San Diego), David Thien (University of California San Diego),...
More Details