default search action
35th SP 2014: Berkeley, California, USA
- 2014 IEEE Symposium on Security and Privacy, SP 2014, Berkeley, CA, USA, May 18-21, 2014. IEEE Computer Society 2014, ISBN 978-1-4799-4686-0
Session 1: Attacks 1
- Zhou Li
, Sumayah A. Alrwais, XiaoFeng Wang, Eihal Alowaisheq:
Hunting the Red Fox Online: Understanding and Detection of Mass Redirect-Script Injections. 3-18 - Sangho Lee, Youngsok Kim
Stealing Webpages Rendered on Your Browser by Exploiting GPU Vulnerabilities. 19-33 - Yuan Tian, Ying Chuan Liu, Amar Bhosale, Lin-Shung Huang, Patrick Tague
All Your Screens Are Belong to Us: Attacks Exploiting the HTML5 Screen Sharing API. 34-48 - Mike Bond, Omar Choudary
Chip and Skim: Cloning EMV Cards with the Pre-play Attack. 49-64
Session 2: SSL/TLS
- Jinjin Liang, Jian Jiang, Hai-Xin Duan, Kang Li, Tao Wan, Jianping Wu:
When HTTPS Meets CDN: A Case of Authentication in Delegated Service. 67-82 - Lin-Shung Huang, Alex Rice, Erling Ellingsen, Collin Jackson:
Analyzing Forged SSL Certificates in the Wild. 83-97 - Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Alfredo Pironti, Pierre-Yves Strub:
Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS. 98-113 - Chad Brubaker, Suman Jana, Baishakhi Ray, Sarfraz Khurshid, Vitaly Shmatikov:
Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations. 114-129
Session 3: Automation
- Aaron Blankstein, Michael J. Freedman:
Automating Isolation and Least Privilege in Web Services. 133-148 - Collin Mulliner, William K. Robertson, Engin Kirda:
Hidden GEMs: Automated Discovery of Access Control Vulnerabilities in Graphical User Interfaces. 149-162 - Steve Kremer
Automated Analysis of Security Protocols with Global State. 163-178 - Benedikt Schmidt, Ralf Sasse
Automated Verification of Group Key Agreement Protocols. 179-194
Session 4: Attacks 2
- Nedim Srndic, Pavel Laskov:
Practical Evasion of a Learning-Based Classifier: A Case Study. 197-211 - Sadia Afroz, Aylin Caliskan Islam, Ariel Stolerman, Rachel Greenstadt, Damon McCoy:
Doppelgänger Finder: Taking Stylometry to the Underground. 212-226 - Andrea Bittau, Adam Belay, Ali José Mashtizadeh, David Mazières, Dan Boneh:
Hacking Blind. 227-242 - Erik Bosman, Herbert Bos
Framing Signals - A Return to Portable Shellcode. 243-258
Session 5: Systems Security
- James Mickens:
Pivot: Fast, Synchronous Mashup Isolation Using Generator Chains. 261-275 - Per Larsen, Andrei Homescu, Stefan Brunthaler
SoK: Automated Software Diversity. 276-291 - John Criswell
KCoFI: Complete Control-Flow Integrity for Commodity Operating System Kernels. 292-307 - Zongwei Zhou, Miao Yu, Virgil D. Gligor:
Dancing with Giants: Wimpy Kernels for On-Demand Isolated I/O. 308-323
Session 6: Privacy and Anonymity
- Shayak Sen, Saikat Guha, Anupam Datta, Sriram K. Rajamani, Janice Y. Tsai, Jeannette M. Wing:
Bootstrapping Privacy Compliance in Big Data Systems. 327-342 - Ralf Küsters, Tomasz Truderung, Andreas Vogt:
Formal Analysis of Chaumian Mix Nets with Randomized Partial Checking. 343-358 - Vasilis Pappas, Fernando Krell, Binh Vo, Vladimir Kolesnikov, Tal Malkin, Seung Geol Choi, Wesley George, Angelos D. Keromytis, Steven M. Bellovin:
Blind Seer: A Scalable Private DBMS. 359-374 - Susan Hohenberger, Steven A. Myers, Rafael Pass
ANONIZE: A Large-Scale Anonymous Survey System. 375-389
Session 7: Android
- Luyi Xing, Xiaorui Pan, Rui Wang, Kan Yuan, XiaoFeng Wang:
Upgrading Your Android, Elevating My Malware: Privilege Escalation through Mobile OS Updating. 393-408 - Xiao-yong Zhou, Yeonjoon Lee
The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations. 409-423 - Byoungyoung Lee, Long Lu, Tielei Wang, Taesoo Kim, Wenke Lee:
From Zygote to Morula: Fortifying Weakened ASLR on Android. 424-439
Session 8: E-Cash
- Marcin Andrychowicz, Stefan Dziembowski
Secure Multiparty Computations on Bitcoin. 443-458 - Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza:
Zerocash: Decentralized Anonymous Payments from Bitcoin. 459-474 - Andrew Miller, Ari Juels, Elaine Shi, Bryan Parno, Jonathan Katz:
Permacoin: Repurposing Bitcoin Work for Data Preservation. 475-490
Session 8: Miscellaneous
- Sai Teja Peddinti, Aleksandra Korolova, Elie Bursztein, Geetanjali Sampemane:
Cloak and Swagger: Understanding Data Sensitivity through the Lens of User Anonymity. 493-508 - José Lopes, Nuno Neves
Stopping a Rapid Tornado with a Puff. 509-523 - Michael Rushanan, Aviel D. Rubin, Denis Foo Kune, Colleen M. Swanson:
SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks. 524-539 - Piotr Mardziel, Mário S. Alvim
Quantifying Information Flow for Dynamic Secrets. 540-555
Session 9: Attacks 3
- Adam Everspaugh, Yan Zhai, Robert Jellinek, Thomas Ristenpart, Michael M. Swift:
Not-So-Random Numbers in Virtualized Linux and the Whirlwind RNG. 559-574 - Enes Göktas, Elias Athanasopoulos, Herbert Bos
Out of Control: Overcoming Control-Flow Integrity. 575-589 - Fabian Yamaguchi, Nico Golde, Daniel Arp, Konrad Rieck:
Modeling and Discovering Vulnerabilities with Code Property Graphs. 590-604 - Bhushan Jain, Mirza Basim Baig, Dongli Zhang, Donald E. Porter, Radu Sion:
SoK: Introspections on Trust and the Semantic Gap. 605-620
Session 10: Secure Computation and Storage
- Chang Liu, Yan Huang, Elaine Shi, Jonathan Katz, Michael W. Hicks
Automating Efficient RAM-Model Secure Computation. 623-638 - Muhammad Naveed, Manoj Prabhakaran, Carl A. Gunter:
Dynamic Searchable Encryption via Blind Storage. 639-654 - Aseem Rastogi, Matthew A. Hammer, Michael Hicks
Wysteria: A Programming Language for Generic, Mixed-Mode Multiparty Computations. 655-670
Session 11: Authentication
- Daniel Fett, Ralf Küsters, Guido Schmitz
An Expressive Model for the Web Infrastructure: Definition and Application to the Browser ID SSO System. 673-688 - Jerry Ma
A Study of Probabilistic Password Models. 689-704 - Shrirang Mare, Andres Molina-Markham, Cory Cornelius, Ronald A. Peterson, David Kotz
ZEBRA: Zero-Effort Bilateral Recurring Authentication. 705-720
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
last updated on 2024-11-15 19:19 CET by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint
dblp was originally created in 1993 at:
since 2018, dblp has been operated and maintained by:
the dblp computer science bibliography is funded and supported by: