ACM Annual Conference on Computer Security Applications, ACSAC 2014


Title/Authors Title Research Artifacts
[?] A research artifact is any by-product of a research project that is not directly included in the published research paper. In Computer Science research this is often source code and data sets, but it could also be media, documentation, inputs to proof assistants, shell-scripts to run experiments, etc.
Details

Spam ain't as diverse as it seems: throttling OSN spam with templates underneath

Hongyu Gao, Yi Yang, Kai Bu, Yan Chen, Doug Downey, Kathy Lee, Alok N. Choudhary

Spam ain't as diverse as it seems: throttling OSN spam with templates underneath

Details
Discussion Comments: 0
Verification: Authors have not verified information

Centrality metrics of importance in access behaviors and malware detections

Weixuan Mao, Zhongmin Cai, Xiaohong Guan, Don Towsley

Centrality metrics of importance in access behaviors and malware detections

Details
Discussion Comments: 0
Verification: Authors have not verified information

JShield: towards real-time and vulnerability-based detection of polluted drive-by download attacks

Yinzhi Cao, Xiang Pan, Yan Chen, Jianwei Zhuge

JShield: towards real-time and vulnerability-based detection of polluted drive-by download attacks

Details
Discussion Comments: 0
Verification: Authors have not verified information

Through the eye of the PLC: semantic security monitoring for industrial processes

Dina Hadziosmanovic, Robin Sommer, Emmanuele Zambon, Pieter H. Hartel

Through the eye of the PLC: semantic security monitoring for industrial processes

Details
Discussion Comments: 0
Verification: Authors have not verified information

SEER: practical memory virus scanning as a service

Jason Gionta, Ahmed M. Azab, William Enck, Peng Ning, Xiaolan Zhang

SEER: practical memory virus scanning as a service

Details
Discussion Comments: 0
Verification: Authors have not verified information

Morpheus: automatically generating heuristics to detect Android emulators

Yiming Jing, Ziming Zhao, Gail-Joon Ahn, Hongxin Hu

Morpheus: automatically generating heuristics to detect Android emulators

Details
Discussion Comments: 0
Verification: Authors have not verified information

Design and implementation of an Android host-based intrusion prevention system

Mingshen Sun, Min Zheng, John C. S. Lui, Xuxian Jiang

Design and implementation of an Android host-based intrusion prevention system

Details
Discussion Comments: 0
Verification: Authors have not verified information

Towards a scalable resource-driven approach for detecting repackaged Android applications

Yuru Shao, Xiapu Luo, Chenxiong Qian, Pengfei Zhu, Lei Zhang

Towards a scalable resource-driven approach for detecting repackaged Android applications

Details
Discussion Comments: 0
Verification: Authors have not verified information

Network dialog minimization and network dialog diffing: two novel primitives for network security applications

M. Zubair Rafique, Juan Caballero, Christophe Huygens, Wouter Joosen

Network dialog minimization and network dialog diffing: two novel primitives for network security applications

Details
Discussion Comments: 0
Verification: Authors have not verified information

Understanding visual perceptions of usability and security of Android's graphical password pattern

Adam J. Aviv, Dane Fichter

Understanding visual perceptions of usability and security of Android's graphical password pattern

Details
Discussion Comments: 0
Verification: Authors have not verified information

Differentially private data aggregation with optimal utility

Fabienne Eigner, Matteo Maffei, Ivan Pryvalov, Francesca Pampaloni, Aniket Kate

Differentially private data aggregation with optimal utility

Details
Discussion Comments: 0
Verification: Authors have not verified information

MACE: high-coverage and robust memory analysis for commodity operating systems

Qian Feng, Aravind Prakash, Heng Yin, Zhiqiang Lin

MACE: high-coverage and robust memory analysis for commodity operating systems

Details
Discussion Comments: 0
Verification: Authors have not verified information

Whitewash: outsourcing garbled circuit generation for mobile devices

Henry Carter, Charles Lever, Patrick Traynor

Whitewash: outsourcing garbled circuit generation for mobile devices

Details
Discussion Comments: 0
Verification: Authors have not verified information

CPS: market analysis of attacks against demand response in the smart grid

Carlos Barreto, Alvaro A. Cárdenas, Nicanor Quijano, Eduardo Mojica-Nava

CPS: market analysis of attacks against demand response in the smart grid

Details
Discussion Comments: 0
Verification: Authors have not verified information

MoRePriv: mobile OS support for application personalization and privacy

Drew Davidson, Matt Fredrikson, Benjamin Livshits

MoRePriv: mobile OS support for application personalization and privacy

Details
Discussion Comments: 0
Verification: Authors have not verified information

Exploring and mitigating privacy threats of HTML5 geolocation API

Hyungsub Kim, Sangho Lee, Jong Kim

Exploring and mitigating privacy threats of HTML5 geolocation API

Details
Discussion Comments: 0
Verification: Authors have not verified information

Hot-hardening: getting more out of your security settings

Sebastian Biedermann, Stefan Katzenbeisser, Jakub Szefer

Hot-hardening: getting more out of your security settings

Details
Discussion Comments: 0
Verification: Authors have not verified information

IMSI-catch me if you can: IMSI-catcher-catchers

Adrian Dabrowski, Nicola Pianta, Thomas Klepp, Martin Mulazzani, Edgar R. Weippl

IMSI-catch me if you can: IMSI-catcher-catchers

Details
Discussion Comments: 0
Verification: Authors have not verified information

DNS authentication as a service: preventing amplification attacks

Amir Herzberg, Haya Shulman

DNS authentication as a service: preventing amplification attacks

Details
Discussion Comments: 0
Verification: Authors have not verified information

Challenges and implications of verifiable builds for security-critical open-source software

Xavier de Carné de Carnavalet, Mohammad Mannan

Challenges and implications of verifiable builds for security-critical open-source software

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

Leveraging semantic signatures for bug search in binary programs

Jannik Pewny, Felix Schuster, Lukas Bernhard, Thorsten Holz, Christian Rossow

Leveraging semantic signatures for bug search in binary programs

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

Towards automated integrity protection of C++ virtual function tables in binary programs

Robert Gawlik, Thorsten Holz

Towards automated integrity protection of C++ virtual function tables in binary programs

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

A taste of tweets: reverse engineering Twitter spammers

Chao Yang, Jialong Zhang, Guofei Gu

A taste of tweets: reverse engineering Twitter spammers

Details
Discussion Comments: 0
Verification: Authors have not verified information

CPS: driving cyber-physical systems to unsafe operating conditions by timing DoS attacks on sensor signals

Marina Krotofil, Alvaro A. Cárdenas, Bradley Manning, Jason Larsen

CPS: driving cyber-physical systems to unsafe operating conditions by timing DoS attacks on sensor signals

Details
Discussion Comments: 0
Verification: Authors have not verified information

Scalability, fidelity and stealth in the DRAKVUF dynamic malware analysis system

Tamas K. Lengyel, Steve Maresca, Bryan D. Payne, George D. Webster, Sebastian Vogl, Aggelos Kiayias

Scalability, fidelity and stealth in the DRAKVUF dynamic malware analysis system

Details
Discussion Comments: 0
Verification: Authors have not verified information

Cloud radar: near real-time detection of security failures in dynamic virtualized infrastructures

Sören Bleikertz, Carsten Vogel, Thomas Groß

Cloud radar: near real-time detection of security failures in dynamic virtualized infrastructures

Details
Discussion Comments: 0
Verification: Authors have not verified information

Android security framework: extensible multi-layered access control on Android

Michael Backes, Sven Bugiel, Sebastian Gerling, Philipp von Styp-Rekowsky

Android security framework: extensible multi-layered access control on Android

Details
Discussion Comments: 0
Verification: Authors have not verified information

New models of cache architectures characterizing information leakage from cache side channels

Tianwei Zhang, Ruby B. Lee

New models of cache architectures characterizing information leakage from cache side channels

Details
Discussion Comments: 0
Verification: Authors have not verified information

On the privacy provisions of Bloom filters in lightweight bitcoin clients

Arthur Gervais, Srdjan Capkun, Ghassan O. Karame, Damian Gruber

On the privacy provisions of Bloom filters in lightweight bitcoin clients

Details
Discussion Comments: 0
Verification: Authors have not verified information

Scippa: system-centric IPC provenance on Android

Michael Backes, Sven Bugiel, Sebastian Gerling

Scippa: system-centric IPC provenance on Android

Details
Discussion Comments: 0
Verification: Authors have not verified information

ICE: a passive, high-speed, state-continuity scheme

Raoul Strackx, Bart Jacobs, Frank Piessens

ICE: a passive, high-speed, state-continuity scheme

Details
Discussion Comments: 0
Verification: Authors have not verified information

NodeSentry: least-privilege library integration for server-side JavaScript

Willem De Groef, Fabio Massacci, Frank Piessens

NodeSentry: least-privilege library integration for server-side JavaScript

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

Relation extraction for inferring access control rules from natural language artifacts

John Slankas, Xusheng Xiao, Laurie A. Williams, Tao Xie

Relation extraction for inferring access control rules from natural language artifacts

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

CPS: beyond usability: applying value sensitive design based methods to investigate domain characteristics for security for implantable cardiac devices

Tamara Denning, Daniel B. Kramer, Batya Friedman, Matthew R. Reynolds, Brian T. Gill, Tadayoshi Kohno

CPS: beyond usability: applying value sensitive design based methods to investigate domain characteristics for security for implantable cardiac devices

Details
Discussion Comments: 0
Verification: Authors have not verified information

TroGuard: context-aware protection against web-based socially engineered trojans

Rui Han, Alejandro Mesa, Mihai Christodorescu, Saman A. Zonouz

TroGuard: context-aware protection against web-based socially engineered trojans

Details
Discussion Comments: 0
Verification: Authors have not verified information

OSPF vulnerability to persistent poisoning attacks: a systematic analysis

Gabi Nakibly, Adi Sosnovich, Eitan Menahem, Ariel Waizel, Yuval Elovici

OSPF vulnerability to persistent poisoning attacks: a systematic analysis

Details
Discussion Comments: 0
Verification: Authors have not verified information

Advanced Wi-Fi attacks using commodity hardware

Mathy Vanhoef, Frank Piessens

Advanced Wi-Fi attacks using commodity hardware

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

Less is more: cipher-suite negotiation for DNSSEC

Amir Herzberg, Haya Shulman, Bruno Crispo

Less is more: cipher-suite negotiation for DNSSEC

Details
Discussion Comments: 0
Verification: Authors have not verified information

Taking two-factor to the next level: protecting online poker, banking, healthcare and other applications

Aviel D. Rubin

Taking two-factor to the next level: protecting online poker, banking, healthcare and other applications

Details
Discussion Comments: 0
Verification: Author has not verified information

It's the psychology stupid: how heuristics explain software vulnerabilities and how priming can illuminate developer's blind spots

Daniela Oliveira, Marissa Rosenthal, Nicole Morin, Kuo-Chuan Yeh, Justin Cappos, Yanyan Zhuang

It's the psychology stupid: how heuristics explain software vulnerabilities and how priming can illuminate developer's blind spots

Details
Discussion Comments: 0
Verification: Authors have not verified information

Assisted deletion of related content

Hubert Ritzdorf, Nikolaos Karapanos, Srdjan Capkun

Assisted deletion of related content

Details
Discussion Comments: 0
Verification: Authors have not verified information

Lightweight authentication of freshness in outsourced key-value stores

Yuzhe Tang, Ting Wang, Ling Liu, Xin Hu, Jiyong Jang

Lightweight authentication of freshness in outsourced key-value stores

Details
Discussion Comments: 0
Verification: Authors have not verified information

A security evaluation of AIS automated identification system

Marco Balduzzi, Alessandro Pasta, Kyle Wilhoit

A security evaluation of AIS automated identification system

Details
Discussion Comments: 0
Verification: Authors have not verified information

Interrupt-oriented bugdoor programming: a minimalist approach to bugdooring embedded systems firmware

Samuel Junjie Tan, Sergey Bratus, Travis Goodspeed

Interrupt-oriented bugdoor programming: a minimalist approach to bugdooring embedded systems firmware

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

TrueClick: automatically distinguishing trick banners from genuine download links

Sevtap Duman, Kaan Onarlioglu, Ali Osman Ulusoy, William K. Robertson, Engin Kirda

TrueClick: automatically distinguishing trick banners from genuine download links

Details
Discussion Comments: 0
Verification: Authors have not verified information

Using automatic speech recognition for attacking acoustic CAPTCHAs: the trade-off between usability and security

Hendrik Meutzner, Viet-Hung Nguyen, Thorsten Holz, Dorothea Kolossa

Using automatic speech recognition for attacking acoustic CAPTCHAs: the trade-off between usability and security

Details
Discussion Comments: 0
Verification: Authors have not verified information

Uncovering network tarpits with degreaser

Lance Alt, Robert Beverly, Alberto Dainotti

Uncovering network tarpits with degreaser

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

IntFlow: improving the accuracy of arithmetic error detection using information flow tracking

Marios Pomonis, Theofilos Petsios, Kangkook Jee, Michalis Polychronakis, Angelos D. Keromytis

IntFlow: improving the accuracy of arithmetic error detection using information flow tracking

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information