IEEE Security and Privacy, S&P 2014


Title/Authors Title Research Artifacts
[?] A research artifact is any by-product of a research project that is not directly included in the published research paper. In Computer Science research this is often source code and data sets, but it could also be media, documentation, inputs to proof assistants, shell-scripts to run experiments, etc.
Details

ANONIZE: A Large-Scale Anonymous Survey System

Susan Hohenberger, Steven Myers, Rafael Pass, Abhi Shelat

ANONIZE: A Large-Scale Anonymous Survey System

Details
Discussion Comments: 0
Verification: Authors have not verified information

From Zygote to Morula: Fortifying Weakened ASLR on Android

Byoungyoung Lee, Long Lu, Tielei Wang, Taesoo Kim, Wenke Lee

From Zygote to Morula: Fortifying Weakened ASLR on Android

Details
Discussion Comments: 0
Verification: Authors have not verified information

Upgrading Your Android, Elevating My Malware: Privilege Escalation through Mobile OS Updating

Luyi Xing, Xiaorui Pan, Rui Wang, Kan Yuan, XiaoFeng Wang

Upgrading Your Android, Elevating My Malware: Privilege Escalation through Mobile OS Updating

Details
Discussion Comments: 0
Verification: Authors have not verified information

An Expressive Model for the Web Infrastructure: Definition and Application to the Browser ID SSO System

Daniel Fett, Ralf Küsters, Guido Schmitz

An Expressive Model for the Web Infrastructure: Definition and Application to the Browser ID SSO System

Details
Discussion Comments: 0
Verification: Authors have not verified information

All Your Screens Are Belong to Us: Attacks Exploiting the HTML5 Screen Sharing API

Yuan Tian, Ying Chuan Liu, Amar Bhosale, Lin-Shung Huang, Patrick Tague, Collin Jackson

All Your Screens Are Belong to Us: Attacks Exploiting the HTML5 Screen Sharing API

Details
Discussion Comments: 0
Verification: Authors have not verified information

A Study of Probabilistic Password Models

Jerry Ma, Weining Yang, Min Luo, Ninghui Li

A Study of Probabilistic Password Models

Details
Discussion Comments: 0
Verification: Authors have not verified information

Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations

Chad Brubaker, Suman Jana, Baishakhi Ray, Sarfraz Khurshid, Vitaly Shmatikov

Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

Blind Seer: A Scalable Private DBMS

Vasilis Pappas, Fernando Krell, Binh Vo, Vladimir Kolesnikov, Tal Malkin, Seung Geol Choi, Wesley George, Angelos D. Keromytis, Steve Bellovin

Blind Seer: A Scalable Private DBMS

Details
Discussion Comments: 0
Verification: Authors have not verified information

Automated Verification of Group Key Agreement Protocols

Benedikt Schmidt, Ralf Sasse, Cas Cremers, David A. Basin

Automated Verification of Group Key Agreement Protocols

Details
Discussion Comments: 0
Verification: Authors have not verified information

Pivot: Fast, Synchronous Mashup Isolation Using Generator Chains

James Mickens

Pivot: Fast, Synchronous Mashup Isolation Using Generator Chains

Details
Discussion Comments: 0
Verification: Author has not verified information

Automated Analysis of Security Protocols with Global State

Steve Kremer, Robert Künnemann

Automated Analysis of Security Protocols with Global State

Details
Discussion Comments: 0
Verification: Authors have not verified information

Doppelgänger Finder: Taking Stylometry to the Underground

Sadia Afroz, Aylin Caliskan Islam, Ariel Stolerman, Rachel Greenstadt, Damon McCoy

Doppelgänger Finder: Taking Stylometry to the Underground

Details
Discussion Comments: 0
Verification: Authors have not verified information

The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations

Xiao-yong Zhou, Yeonjoon Lee, Nan Zhang, Muhammad Naveed, XiaoFeng Wang

The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations

Details
Discussion Comments: 0
Verification: Authors have not verified information

Stealing Webpages Rendered on Your Browser by Exploiting GPU Vulnerabilities

Sangho Lee, Youngsok Kim, Jangwoo Kim, Jong Kim

Stealing Webpages Rendered on Your Browser by Exploiting GPU Vulnerabilities

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

When HTTPS Meets CDN: A Case of Authentication in Delegated Service

Jinjin Liang, Jian Jiang, Hai-Xin Duan, Kang Li, Tao Wan, Jianping Wu

When HTTPS Meets CDN: A Case of Authentication in Delegated Service

Details
Discussion Comments: 0
Verification: Authors have not verified information

Bootstrapping Privacy Compliance in Big Data Systems

Shayak Sen, Saikat Guha, Anupam Datta, Sriram K. Rajamani, Janice Y. Tsai, Jeannette M. Wing

Bootstrapping Privacy Compliance in Big Data Systems

Details
Discussion Comments: 0
Verification: Authors have not verified information

Stopping a Rapid Tornado with a Puff

Jose Lopes, Nuno Neves

Stopping a Rapid Tornado with a Puff

Details
Discussion Comments: 0
Verification: Authors have not verified information

Hunting the Red Fox Online: Understanding and Detection of Mass Redirect-Script Injections

Zhou Li, Sumayah A. Alrwais, XiaoFeng Wang, Eihal Alowaisheq

Hunting the Red Fox Online: Understanding and Detection of Mass Redirect-Script Injections

Details
Discussion Comments: 0
Verification: Authors have not verified information

Hacking Blind

Andrea Bittau, Adam Belay, Ali José Mashtizadeh, David Mazières, Dan Boneh

Hacking Blind

Details
Discussion Comments: 0
Verification: Authors have not verified information

Quantifying Information Flow for Dynamic Secrets

Piotr Mardziel, Mário S. Alvim, Michael W. Hicks, Michael R. Clarkson

Quantifying Information Flow for Dynamic Secrets

Details
Discussion Comments: 0
Verification: Authors have not verified information

Hidden GEMs: Automated Discovery of Access Control Vulnerabilities in Graphical User Interfaces

Collin Mulliner, William K. Robertson, Engin Kirda

Hidden GEMs: Automated Discovery of Access Control Vulnerabilities in Graphical User Interfaces

Details
Discussion Comments: 0
Verification: Authors have not verified information

SoK: Introspections on Trust and the Semantic Gap

Bhushan Jain, Mirza Basim Baig, Dongli Zhang, Donald E. Porter, Radu Sion

SoK: Introspections on Trust and the Semantic Gap

Details
Discussion Comments: 0
Verification: Authors have not verified information

Practical Evasion of a Learning-Based Classifier: A Case Study

Nedim Srndic, Pavel Laskov

Practical Evasion of a Learning-Based Classifier: A Case Study

Details
Discussion Comments: 0
Verification: Authors have not verified information

Dynamic Searchable Encryption via Blind Storage

Muhammad Naveed, Manoj Prabhakaran, Carl A. Gunter

Dynamic Searchable Encryption via Blind Storage

Details
Discussion Comments: 0
Verification: Authors have not verified information

Dancing with Giants: Wimpy Kernels for On-Demand Isolated I/O

Zongwei Zhou, Miao Yu, Virgil D. Gligor

Dancing with Giants: Wimpy Kernels for On-Demand Isolated I/O

Details
Discussion Comments: 0
Verification: Authors have not verified information

Permacoin: Repurposing Bitcoin Work for Data Preservation

Andrew Miller, Ari Juels, Elaine Shi, Bryan Parno, Jonathan Katz

Permacoin: Repurposing Bitcoin Work for Data Preservation

Details
Discussion Comments: 0
Verification: Authors have not verified information

Automating Isolation and Least Privilege in Web Services

Aaron Blankstein, Michael J. Freedman

Automating Isolation and Least Privilege in Web Services

Details
Discussion Comments: 0
Verification: Authors have not verified information

Wysteria: A Programming Language for Generic, Mixed-Mode Multiparty Computations

Aseem Rastogi, Matthew A. Hammer, Michael Hicks

Wysteria: A Programming Language for Generic, Mixed-Mode Multiparty Computations

Details
Discussion Comments: 0
Verification: Authors have not verified information

ZEBRA: Zero-Effort Bilateral Recurring Authentication

Shrirang Mare, Andres Molina-Markham, Cory Cornelius, Ronald A. Peterson, David Kotz

ZEBRA: Zero-Effort Bilateral Recurring Authentication

Details
Discussion Comments: 0
Verification: Authors have not verified information

Zerocash: Decentralized Anonymous Payments from Bitcoin

Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza

Zerocash: Decentralized Anonymous Payments from Bitcoin

Details
Discussion Comments: 0
Verification: Authors have not verified information

Automating Efficient RAM-Model Secure Computation

Chang Liu, Yan Huang, Elaine Shi, Jonathan Katz, Michael W. Hicks

Automating Efficient RAM-Model Secure Computation

Details
Discussion Comments: 0
Verification: Authors have not verified information

Framing Signals - A Return to Portable Shellcode

Erik Bosman, Herbert Bos

Framing Signals - A Return to Portable Shellcode

Details
Discussion Comments: 0
Verification: Authors have not verified information

Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS

Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Alfredo Pironti, Pierre-Yves Strub

Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS

Details
Discussion Comments: 0
Verification: Authors have not verified information

Not-So-Random Numbers in Virtualized Linux and the Whirlwind RNG

Adam Everspaugh, Yan Zhai, Robert Jellinek, Thomas Ristenpart, Michael M. Swift

Not-So-Random Numbers in Virtualized Linux and the Whirlwind RNG

Details
Author Comments: I'm happy to help anyone that has questions about this research or help using, understanding, or building on any of our research artifacts. I can currently be reached at: adam.everspaugh@gmail.com.
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

Secure Multiparty Computations on Bitcoin

Marcin Andrychowicz, Stefan Dziembowski, Daniel Malinowski, Lukasz Mazurek

Secure Multiparty Computations on Bitcoin

Details
Discussion Comments: 0
Verification: Authors have not verified information

Formal Analysis of Chaumian Mix Nets with Randomized Partial Checking

Ralf Küsters, Tomasz Truderung, Andreas Vogt

Formal Analysis of Chaumian Mix Nets with Randomized Partial Checking

Details
Discussion Comments: 0
Verification: Authors have not verified information

Out of Control: Overcoming Control-Flow Integrity

Enes Göktas, Elias Athanasopoulos, Herbert Bos, Georgios Portokalidis

Out of Control: Overcoming Control-Flow Integrity

Details
Discussion Comments: 0
Verification: Authors have not verified information

KCoFI: Complete Control-Flow Integrity for Commodity Operating System Kernels

John Criswell, Nathan Dautenhahn, Vikram S. Adve

KCoFI: Complete Control-Flow Integrity for Commodity Operating System Kernels

Details
Discussion Comments: 0
Verification: Authors have not verified information

SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks

Michael Rushanan, Aviel D. Rubin, Denis Foo Kune, Colleen M. Swanson

SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks

Details
Discussion Comments: 0
Verification: Authors have not verified information

Analyzing Forged SSL Certificates in the Wild

Lin-Shung Huang, Alex Rice, Erling Ellingsen, Collin Jackson

Analyzing Forged SSL Certificates in the Wild

Details
Discussion Comments: 0
Verification: Authors have not verified information

Chip and Skim: Cloning EMV Cards with the Pre-play Attack

Mike Bond, Omar Choudary, Steven J. Murdoch, Sergei P. Skorobogatov, Ross J. Anderson

Chip and Skim: Cloning EMV Cards with the Pre-play Attack

Details
Discussion Comments: 0
Verification: Authors have not verified information

SoK: Automated Software Diversity

Per Larsen, Andrei Homescu, Stefan Brunthaler, Michael Franz

SoK: Automated Software Diversity

Details
Discussion Comments: 0
Verification: Authors have not verified information

Cloak and Swagger: Understanding Data Sensitivity through the Lens of User Anonymity

Sai Teja Peddinti, Aleksandra Korolova, Elie Bursztein, Geetanjali Sampemane

Cloak and Swagger: Understanding Data Sensitivity through the Lens of User Anonymity

Details
Author Comments:
Discussion Comments: 0
Sharing: Not able to share produced artifacts
Verification: Authors have verified information

Modeling and Discovering Vulnerabilities with Code Property Graphs

Fabian Yamaguchi, Nico Golde, Daniel Arp, Konrad Rieck

Modeling and Discovering Vulnerabilities with Code Property Graphs

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information