IEEE Security and Privacy, S&P 2015


Title/Authors Title Research Artifacts
[?] A research artifact is any by-product of a research project that is not directly included in the published research paper. In Computer Science research this is often source code and data sets, but it could also be media, documentation, inputs to proof assistants, shell-scripts to run experiments, etc.
Details

Post-Quantum Key Exchange for the TLS Protocol from the Ring Learning with Errors Problem

Joppe W. Bos, Craig Costello, Michael Naehrig, Douglas Stebila

Post-Quantum Key Exchange for the TLS Protocol from the Ring Learning with Errors Problem

Details
Discussion Comments: 0
Verification: Authors have not verified information

GenoGuard: Protecting Genomic Data against Brute-Force Attacks

Zhicong Huang, Erman Ayday, Jacques Fellay, Jean-Pierre Hubaux, Ari Juels

GenoGuard: Protecting Genomic Data against Brute-Force Attacks

Details
Discussion Comments: 0
Verification: Authors have not verified information

The Miner's Dilemma

Ittay Eyal

The Miner's Dilemma

Details
Discussion Comments: 0
Verification: Author has not verified information

Temporal Lensing and Its Application in Pulsing Denial-of-Service Attacks

Ryan Rasti, Mukul Murthy, Nicholas Weaver, Vern Paxson

Temporal Lensing and Its Application in Pulsing Denial-of-Service Attacks

Details
Discussion Comments: 0
Verification: Authors have not verified information

Cracking-Resistant Password Vaults Using Natural Language Encoders

Rahul Chatterjee, Joseph Bonneau, Ari Juels, Thomas Ristenpart

Cracking-Resistant Password Vaults Using Natural Language Encoders

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

Micro-Policies: Formally Verified, Tag-Based Security Monitors

Arthur Azevedo de Amorim, Maxime Dénès, Nick Giannarakis, Catalin Hritcu, Benjamin C. Pierce, Antal Spector-Zabusky, Andrew Tolmach

Micro-Policies: Formally Verified, Tag-Based Security Monitors

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

The Attack of the Clones: A Study of the Impact of Shared Code on Vulnerability Patching

Antonio Nappa, Richard Johnson, Leyla Bilge, Juan Caballero, Tudor Dumitras

The Attack of the Clones: A Study of the Impact of Shared Code on Vulnerability Patching

Details
Discussion Comments: 0
Verification: Authors have not verified information

Understanding and Monitoring Embedded Web Scripts

Yuchen Zhou, David Evans

Understanding and Monitoring Embedded Web Scripts

Details
Discussion Comments: 0
Verification: Authors have not verified information

Ad Injection at Scale: Assessing Deceptive Advertisement Modifications

Kurt Thomas, Elie Bursztein, Chris Grier, Grant Ho, Nav Jagpal, Alexandros Kapravelos, Damon McCoy, Antonio Nappa, Vern Paxson, Paul Pearce, Niels Provos, Moheeb Abu Rajab

Ad Injection at Scale: Assessing Deceptive Advertisement Modifications

Details
Discussion Comments: 0
Verification: Authors have not verified information

Virtual Proofs of Reality and their Physical Implementation

Ulrich Rührmair, J. L. Martinez-Hurtado, Xiaolin Xu, Christian Kraeh, Christian Hilgers, Dima Kononchuk, Jonathan J. Finley, Wayne P. Burleson

Virtual Proofs of Reality and their Physical Implementation

Details
Discussion Comments: 0
Verification: Authors have not verified information

SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies

Joseph Bonneau, Andrew Miller, Jeremy Clark, Arvind Narayanan, Joshua A. Kroll, Edward W. Felten

SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced no artifacts
Verification: Authors have verified information

SoK: A Comprehensive Analysis of Game-Based Ballot Privacy Definitions

David Bernhard, Véronique Cortier, David Galindo, Olivier Pereira, Bogdan Warinschi

SoK: A Comprehensive Analysis of Game-Based Ballot Privacy Definitions

Details
Discussion Comments: 0
Verification: Authors have not verified information

Protecting Private Keys against Memory Disclosure Attacks Using Hardware Transactional Memory

Le Guan, Jingqiang Lin, Bo Luo, Jiwu Jing, Jing Wang

Protecting Private Keys against Memory Disclosure Attacks Using Hardware Transactional Memory

Details
Discussion Comments: 0
Verification: Authors have not verified information

Connection-Oriented DNS to Improve Privacy and Security

Liang Zhu, Zi Hu, John S. Heidemann, Duane Wessels, Allison Mankin, Nikita Somaiya

Connection-Oriented DNS to Improve Privacy and Security

Details
Discussion Comments: 0
Verification: Authors have not verified information

Caelus: Verifying the Consistency of Cloud Services with Battery-Powered Devices

Beom Heyn Kim, David Lie

Caelus: Verifying the Consistency of Cloud Services with Battery-Powered Devices

Details
Discussion Comments: 0
Verification: Authors have not verified information

Leave Me Alone: App-Level Protection against Runtime Information Gathering on Android

Nan Zhang, Kan Yuan, Muhammad Naveed, Xiao-yong Zhou, XiaoFeng Wang

Leave Me Alone: App-Level Protection against Runtime Information Gathering on Android

Details
Discussion Comments: 0
Verification: Authors have not verified information

TinyGarble: Highly Compressed and Scalable Sequential Garbled Circuits

Ebrahim M. Songhori, Siam U. Hussain, Ahmad-Reza Sadeghi, Thomas Schneider, Farinaz Koushanfar

TinyGarble: Highly Compressed and Scalable Sequential Garbled Circuits

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

SurroundWeb: Mitigating Privacy Concerns in a 3D Web Browser

John Vilk, David Molnar, Benjamin Livshits, Eyal Ofek, Christopher J. Rossbach, Alexander Moshchuk, Helen J. Wang, Ran Gal

SurroundWeb: Mitigating Privacy Concerns in a 3D Web Browser

Details
Discussion Comments: 0
Verification: Authors have not verified information

Malicious-Client Security in Blind Seer: A Scalable Private DBMS

Ben A. Fisch, Binh Vo, Fernando Krell, Abishek Kumarasubramanian, Vladimir Kolesnikov, Tal Malkin, Steven M. Bellovin

Malicious-Client Security in Blind Seer: A Scalable Private DBMS

Details
Discussion Comments: 0
Verification: Authors have not verified information

VC3: Trustworthy Data Analytics in the Cloud Using SGX

Felix Schuster, Manuel Costa, Cédric Fournet, Christos Gkantsidis, Marcus Peinado, Gloria Mainar-Ruiz, Mark Russinovich

VC3: Trustworthy Data Analytics in the Cloud Using SGX

Details
Discussion Comments: 0
Verification: Authors have not verified information

How Secure and Quick is QUIC? Provable Security and Performance Analyses

Robert Lychev, Samuel Jero, Alexandra Boldyreva, Cristina Nita-Rotaru

How Secure and Quick is QUIC? Provable Security and Performance Analyses

Details
Discussion Comments: 0
Verification: Authors have not verified information

Effective Real-Time Android Application Auditing

Mingyuan Xia, Lu Gong, Yuanhao Lyu, Zhengwei Qi, Xue Liu

Effective Real-Time Android Application Auditing

Details
Discussion Comments: 0
Verification: Authors have not verified information

Secure Track Verification

Matthias Schäfer, Vincent Lenders, Jens B. Schmitt

Secure Track Verification

Details
Discussion Comments: 0
Verification: Authors have not verified information

ADSNARK: Nearly Practical and Privacy-Preserving Proofs on Authenticated Data

Michael Backes, Manuel Barbosa, Dario Fiore, Raphael M. Reischuk

ADSNARK: Nearly Practical and Privacy-Preserving Proofs on Authenticated Data

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

On Subnormal Floating Point and Abnormal Timing

Marc Andrysco, David Kohlbrenner, Keaton Mowery, Ranjit Jhala, Sorin Lerner, Hovav Shacham

On Subnormal Floating Point and Abnormal Timing

Details
Discussion Comments: 0
Verification: Authors have not verified information

SoK: Secure Messaging

Nik Unger, Sergej Dechand, Joseph Bonneau, Sascha Fahl, Henning Perl, Ian Goldberg, Matthew Smith

SoK: Secure Messaging

Details
Discussion Comments: 0
Verification: Authors have not verified information

Riposte: An Anonymous Messaging System Handling Millions of Users

Henry Corrigan-Gibbs, Dan Boneh, David Mazières

Riposte: An Anonymous Messaging System Handling Millions of Users

Details
Discussion Comments: 0
Verification: Authors have not verified information

Cross-Architecture Bug Search in Binary Executables

Jannik Pewny, Behrad Garmany, Robert Gawlik, Christian Rossow, Thorsten Holz

Cross-Architecture Bug Search in Binary Executables

Details
Discussion Comments: 0
Verification: Authors have not verified information

Automatic Inference of Search Patterns for Taint-Style Vulnerabilities

Fabian Yamaguchi, Alwin Maier, Hugo Gascon, Konrad Rieck

Automatic Inference of Search Patterns for Taint-Style Vulnerabilities

Details
Discussion Comments: 0
Verification: Authors have not verified information

Geppetto: Versatile Verifiable Computation

Craig Costello, Cédric Fournet, Jon Howell, Markulf Kohlweiss, Benjamin Kreuter, Michael Naehrig, Bryan Parno, Samee Zahur

Geppetto: Versatile Verifiable Computation

Details
Discussion Comments: 0
Verification: Authors have not verified information

A Messy State of the Union: Taming the Composite State Machines of TLS

Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Markulf Kohlweiss, Alfredo Pironti, Pierre-Yves Strub, Jean Karim Zinzindohoue

A Messy State of the Union: Taming the Composite State Machines of TLS

Details
Discussion Comments: 0
Verification: Authors have not verified information

Last-Level Cache Side-Channel Attacks are Practical

Fangfei Liu, Yuval Yarom, Qian Ge, Gernot Heiser, Ruby B. Lee

Last-Level Cache Side-Channel Attacks are Practical

Details
Discussion Comments: 0
Verification: Authors have not verified information

Program-Adaptive Mutational Fuzzing

Sang Kil Cha, Maverick Woo, David Brumley

Program-Adaptive Mutational Fuzzing

Details
Discussion Comments: 0
Verification: Authors have not verified information

A Generic Approach to Automatic Deobfuscation of Executable Code

Babak Yadegari, Brian Johannesmeyer, Ben Whitely, Saumya Debray

A Generic Approach to Automatic Deobfuscation of Executable Code

Details
Discussion Comments: 0
Verification: Authors have not verified information

Security of the J-PAKE Password-Authenticated Key Exchange Protocol

Michel Abdalla, Fabrice Benhamouda, Philip MacKenzie

Security of the J-PAKE Password-Authenticated Key Exchange Protocol

Details
Discussion Comments: 0
Verification: Authors have not verified information

CHERI: A Hybrid Capability-System Architecture for Scalable Software Compartmentalization

Robert N. M. Watson, Jonathan Woodruff, Peter G. Neumann, Simon W. Moore, Jonathan Anderson, David Chisnall, Nirav H. Dave, Brooks Davis, Khilan Gudka, Ben Laurie, Steven J. Murdoch, Robert Norton, Michael Roe, Stacey D. Son, Munraj Vadera

CHERI: A Hybrid Capability-System Architecture for Scalable Software Compartmentalization

Details
Discussion Comments: 0
Verification: Authors have not verified information

ObliVM: A Programming Framework for Secure Computation

Chang Liu, Xiao Shaun Wang, Kartik Nayak, Yan Huang, Elaine Shi

ObliVM: A Programming Framework for Secure Computation

Details
Discussion Comments: 0
Verification: Authors have not verified information

Every Second Counts: Quantifying the Negative Externalities of Cybercrime via Typosquatting

Mohammad Taha Khan, Xiang Huo, Zhou Li, Chris Kanich

Every Second Counts: Quantifying the Negative Externalities of Cybercrime via Typosquatting

Details
Discussion Comments: 0
Verification: Authors have not verified information

Towards Making Systems Forget with Machine Unlearning

Yinzhi Cao, Junfeng Yang

Towards Making Systems Forget with Machine Unlearning

Details
Discussion Comments: 0
Verification: Authors have not verified information

Forward Secure Asynchronous Messaging from Puncturable Encryption

Matthew D. Green, Ian Miers

Forward Secure Asynchronous Messaging from Puncturable Encryption

Details
Discussion Comments: 0
Verification: Authors have not verified information

What the App is That? Deception and Countermeasures in the Android User Interface

Antonio Bianchi, Jacopo Corbetta, Luca Invernizzi, Yanick Fratantonio, Christopher Kruegel, Giovanni Vigna

What the App is That? Deception and Countermeasures in the Android User Interface

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

Missing the Point(er): On the Effectiveness of Code Pointer Integrity

Isaac Evans, Sam Fingeret, Julian Gonzalez, Ulziibayar Otgonbaatar, Tiffany Tang, Howard E. Shrobe, Stelios Sidiroglou-Douskos, Martin Rinard, Hamed Okhravi

Missing the Point(er): On the Effectiveness of Code Pointer Integrity

Details
Discussion Comments: 0
Verification: Authors have not verified information

S$A: A Shared Cache Attack That Works across Cores and Defies VM Sandboxing - and Its Application to AES

Gorka Irazoqui Apecechea, Thomas Eisenbarth, Berk Sunar

S$A: A Shared Cache Attack That Works across Cores and Defies VM Sandboxing - and Its Application to AES

Details
Discussion Comments: 0
Verification: Authors have not verified information

Privacy and Access Control for Outsourced Personal Records

Matteo Maffei, Giulio Malavolta, Manuel Reinert, Dominique Schröder

Privacy and Access Control for Outsourced Personal Records

Details
Discussion Comments: 0
Verification: Authors have not verified information

SoK: Deep Packer Inspection: A Longitudinal Study of the Complexity of Run-Time Packers

Xabier Ugarte-Pedrero, Davide Balzarotti, Igor Santos, Pablo García Bringas

SoK: Deep Packer Inspection: A Longitudinal Study of the Complexity of Run-Time Packers

Details
Discussion Comments: 0
Verification: Authors have not verified information

Securing Multiparty Online Services Via Certification of Symbolic Transactions

Eric Y. Chen, Shuo Chen, Shaz Qadeer, Rui Wang

Securing Multiparty Online Services Via Certification of Symbolic Transactions

Details
Discussion Comments: 0
Verification: Authors have not verified information

GraphSC: Parallel Secure Computation Made Easy

Kartik Nayak, Xiao Shaun Wang, Stratis Ioannidis, Udi Weinsberg, Nina Taft, Elaine Shi

GraphSC: Parallel Secure Computation Made Easy

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems

Yuanzhong Xu, Weidong Cui, Marcus Peinado

Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems

Details
Discussion Comments: 0
Verification: Authors have not verified information

Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in C++ Applications

Felix Schuster, Thomas Tendyck, Christopher Liebchen, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz

Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in C++ Applications

Details
Discussion Comments: 0
Verification: Authors have not verified information

Vetting SSL Usage in Applications with SSLINT

Boyuan He, Vaibhav Rastogi, Yinzhi Cao, Yan Chen, V. N. Venkatakrishnan, Runqing Yang, Zhenrui Zhang

Vetting SSL Usage in Applications with SSLINT

Details
Discussion Comments: 0
Verification: Authors have not verified information

Bitcoin over Tor isn't a Good Idea

Alex Biryukov, Ivan Pustogarov

Bitcoin over Tor isn't a Good Idea

Details
Discussion Comments: 0
Verification: Authors have not verified information

High System-Code Security with Low Overhead

Jonas Wagner, Volodymyr Kuznetsov, George Candea, Johannes Kinder

High System-Code Security with Low Overhead

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

Secure Sampling of Public Parameters for Succinct Zero Knowledge Proofs

Eli Ben-Sasson, Alessandro Chiesa, Matthew Green, Eran Tromer, Madars Virza

Secure Sampling of Public Parameters for Succinct Zero Knowledge Proofs

Details
Discussion Comments: 0
Verification: Authors have not verified information

Readactor: Practical Code Randomization Resilient to Memory Disclosure

Stephen Crane, Christopher Liebchen, Andrei Homescu, Lucas Davi, Per Larsen, Ahmad-Reza Sadeghi, Stefan Brunthaler, Michael Franz

Readactor: Practical Code Randomization Resilient to Memory Disclosure

Details
Discussion Comments: 0
Verification: Authors have not verified information

Using Hardware Features for Increased Debugging Transparency

Fengwei Zhang, Kevin Leach, Angelos Stavrou, Haining Wang, Kun Sun

Using Hardware Features for Increased Debugging Transparency

Details
Discussion Comments: 0
Verification: Authors have not verified information