IEEE Security and Privacy, S&P 2017


Title/Authors Title Research Artifacts
[?] A research artifact is any by-product of a research project that is not directly included in the published research paper. In Computer Science research this is often source code and data sets, but it could also be media, documentation, inputs to proof assistants, shell-scripts to run experiments, etc.
Details

SoK: Exploiting Network Printers

Jens Muller, Vladislav Mladenov, Juraj Somorovsky, Jörg Schwenk

SoK: Exploiting Network Printers

Details
Discussion Comments: 0
Verification: Authors have not verified information

Identifying Personal DNA Methylation Profiles by Genotype Inference

Michael Backes, Pascal Berrang, Matthias Bieg, Roland Eils, Carl Herrmann, Mathias Humbert, Irina Lehmann

Identifying Personal DNA Methylation Profiles by Genotype Inference

Details
Discussion Comments: 0
Verification: Authors have not verified information

Implementing and Proving the TLS 1.3 Record Layer

Antoine Delignat-Lavaud, Cédric Fournet, Markulf Kohlweiss, Jonathan Protzenko, Aseem Rastogi, Nikhil Swamy, Santiago Zanella Béguelin, Karthikeyan Bhargavan, Jianyang Pan, Jean Karim Zinzindohoue

Implementing and Proving the TLS 1.3 Record Layer

Details
Discussion Comments: 0
Verification: Authors have not verified information

SoK: Science, Security and the Elusive Goal of Security as a Scientific Pursuit

Cormac Herley, Paul C. van Oorschot

SoK: Science, Security and the Elusive Goal of Security as a Scientific Pursuit

Details
Discussion Comments: 0
Verification: Authors have not verified information

SymCerts: Practical Symbolic Execution for Exposing Noncompliance in X.509 Certificate Validation Implementations

Sze Yiu Chau, Omar Chowdhury, Md. Endadul Hoque, Huangyi Ge, Aniket Kate, Cristina Nita-Rotaru, Ninghui Li

SymCerts: Practical Symbolic Execution for Exposing Noncompliance in X.509 Certificate Validation Implementations

Details
Discussion Comments: 0
Verification: Authors have not verified information

Skyfire: Data-Driven Seed Generation for Fuzzing

Junjie Wang, Bihuan Chen, Lei Wei, Yang Liu

Skyfire: Data-Driven Seed Generation for Fuzzing

Details
Discussion Comments: 0
Verification: Authors have not verified information

Counter-RAPTOR: Safeguarding Tor Against Active Routing Attacks

Yixin Sun, Anne Edmundson, Nick Feamster, Mung Chiang, Prateek Mittal

Counter-RAPTOR: Safeguarding Tor Against Active Routing Attacks

Details
Discussion Comments: 0
Verification: Authors have not verified information

Hardening Java's Access Control by Abolishing Implicit Privilege Elevation

Philipp Holzinger, Ben Hermann, Johannes Lerch, Eric Bodden, Mira Mezini

Hardening Java's Access Control by Abolishing Implicit Privilege Elevation

Details
Discussion Comments: 0
Verification: Authors have not verified information

Backward-Bounded DSE: Targeting Infeasibility Questions on Obfuscated Codes

Sébastien Bardin, Robin David, Jean-Yves Marion

Backward-Bounded DSE: Targeting Infeasibility Questions on Obfuscated Codes

Details
Discussion Comments: 0
Verification: Authors have not verified information

CoSMeDis: A Distributed Social Media Platform with Formally Verified Confidentiality Guarantees

Thomas Bauereiß, Armando Pesenti Gritti, Andrei Popescu, Franco Raimondi

CoSMeDis: A Distributed Social Media Platform with Formally Verified Confidentiality Guarantees

Details
Discussion Comments: 0
Verification: Authors have not verified information

IoT Goes Nuclear: Creating a ZigBee Chain Reaction

Eyal Ronen, Adi Shamir, Achi-Or Weingarten, Colin O'Flynn

IoT Goes Nuclear: Creating a ZigBee Chain Reaction

Details
Discussion Comments: 0
Verification: Authors have not verified information

Stack Overflow Considered Harmful? The Impact of Copy&Paste on Android Application Security

Felix Fischer, Konstantin Böttinger, Huang Xiao, Christian Stransky, Yasemin Acar, Michael Backes, Sascha Fahl

Stack Overflow Considered Harmful? The Impact of Copy&Paste on Android Application Security

Details
Discussion Comments: 0
Verification: Authors have not verified information

Spotless Sandboxes: Evading Malware Analysis Systems Using Wear-and-Tear Artifacts

Najmeh Miramirkhani, Mahathi Priya Appini, Nick Nikiforakis, Michalis Polychronakis

Spotless Sandboxes: Evading Malware Analysis Systems Using Wear-and-Tear Artifacts

Details
Discussion Comments: 0
Verification: Authors have not verified information

VUDDY: A Scalable Approach for Vulnerable Code Clone Discovery

Seulbae Kim, Seunghoon Woo, Heejo Lee, Hakjoo Oh

VUDDY: A Scalable Approach for Vulnerable Code Clone Discovery

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

Under the Shadow of Sunshine: Understanding and Detecting Bulletproof Hosting on Legitimate Service Provider Networks

Sumayah A. Alrwais, Xiaojing Liao, Xianghang Mi, Peng Wang, Xiaofeng Wang, Feng Qian, Raheem A. Beyah, Damon McCoy

Under the Shadow of Sunshine: Understanding and Detecting Bulletproof Hosting on Legitimate Service Provider Networks

Details
Discussion Comments: 0
Verification: Authors have not verified information

Leakage-Abuse Attacks against Order-Revealing Encryption

Paul Grubbs, Kevin Sekniqi, Vincent Bindschaedler, Muhammad Naveed, Thomas Ristenpart

Leakage-Abuse Attacks against Order-Revealing Encryption

Details
Discussion Comments: 0
Verification: Authors have not verified information

Towards Evaluating the Robustness of Neural Networks

Nicholas Carlini, David A. Wagner

Towards Evaluating the Robustness of Neural Networks

Details
Discussion Comments: 0
Verification: Authors have not verified information

Side-Channel Attacks on Shared Search Indexes

Liang Wang, Paul Grubbs, Jiahui Lu, Vincent Bindschaedler, David Cash, Thomas Ristenpart

Side-Channel Attacks on Shared Search Indexes

Details
Discussion Comments: 0
Verification: Authors have not verified information

SysPal: System-Guided Pattern Locks for Android

Geumhwan Cho, Jun Ho Huh, Junsung Cho, Seongyeol Oh, Youngbae Song, Hyoungshick Kim

SysPal: System-Guided Pattern Locks for Android

Details
Discussion Comments: 0
Verification: Authors have not verified information

Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits

Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, David Brumley

Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits

Details
Discussion Comments: 0
Verification: Authors have not verified information

How to Learn Klingon without a Dictionary: Detection and Measurement of Black Keywords Used by the Underground Economy

Hao Yang, Xiulin Ma, Kun Du, Zhou Li, Hai-Xin Duan, XiaoDong Su, Guang Liu, Zhifeng Geng, Jianping Wu

How to Learn Klingon without a Dictionary: Detection and Measurement of Black Keywords Used by the Underground Economy

Details
Discussion Comments: 0
Verification: Authors have not verified information

XHOUND: Quantifying the Fingerprintability of Browser Extensions

Oleksii Starov, Nick Nikiforakis

XHOUND: Quantifying the Fingerprintability of Browser Extensions

Details
Discussion Comments: 0
Verification: Authors have not verified information

Verifying and Synthesizing Constant-Resource Implementations with Types

Van Chan Ngo, Mario Dehesa-Azuara, Matthew Fredrikson, Jan Hoffmann

Verifying and Synthesizing Constant-Resource Implementations with Types

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

Membership Inference Attacks Against Machine Learning Models

Reza Shokri, Marco Stronati, Congzheng Song, Vitaly Shmatikov

Membership Inference Attacks Against Machine Learning Models

Details
Discussion Comments: 0
Verification: Authors have not verified information

Finding and Preventing Bugs in JavaScript Bindings

Fraser Brown, Shravan Narayan, Riad S. Wahby, Dawson R. Engler, Ranjit Jhala, Deian Stefan

Finding and Preventing Bugs in JavaScript Bindings

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

NORAX: Enabling Execute-Only Memory for COTS Binaries on AArch64

Yaohui Chen, Dongli Zhang, Ruowen Wang, Rui Qiao, Ahmed M. Azab, Long Lu, Hayawardh Vijayakumar, Wenbo Shen

NORAX: Enabling Execute-Only Memory for COTS Binaries on AArch64

Details
Discussion Comments: 0
Verification: Authors have not verified information

Hijacking Bitcoin: Routing Attacks on Cryptocurrencies

Maria Apostolaki, Aviv Zohar, Laurent Vanbever

Hijacking Bitcoin: Routing Attacks on Cryptocurrencies

Details
Discussion Comments: 0
Verification: Authors have not verified information

IKP: Turning a PKI Around with Decentralized Automated Incentives

Stephanos Matsumoto, Raphael M. Reischuk

IKP: Turning a PKI Around with Decentralized Automated Incentives

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

The Feasibility of Dynamically Granted Permissions: Aligning Mobile Privacy with User Preferences

Primal Wijesekera, Arjun Baokar, Lynn Tsai, Joel Reardon, Serge Egelman, David Wagner, Konstantin Beznosov

The Feasibility of Dynamically Granted Permissions: Aligning Mobile Privacy with User Preferences

Details
Discussion Comments: 0
Verification: Authors have not verified information

Scalable Bias-Resistant Distributed Randomness

Ewa Syta, Philipp Jovanovic, Eleftherios Kokoris-Kogias, Nicolas Gailly, Linus Gasser, Ismail Khoffi, Michael J. Fischer, Bryan Ford

Scalable Bias-Resistant Distributed Randomness

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

SmarPer: Context-Aware and Automatic Runtime-Permissions for Mobile Devices

Katarzyna Olejnik, Italo Dacosta, Joana Soares Machado, Kévin Huguenin, Mohammad Emtiyaz Khan, Jean-Pierre Hubaux

SmarPer: Context-Aware and Automatic Runtime-Permissions for Mobile Devices

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

To Catch a Ratter: Monitoring the Behavior of Amateur DarkComet RAT Operators in the Wild

Brown Farinholt, Mohammad Rezaeirad, Paul Pearce, Hitesh Dharmdasani, Haikuo Yin, Stevens Le Blond, Damon McCoy, Kirill Levchenko

To Catch a Ratter: Monitoring the Behavior of Amateur DarkComet RAT Operators in the Wild

Details
Author Comments:
Discussion Comments: 0
Sharing: Not able to share produced artifacts
Verification: Authors have verified information

Protecting Bare-Metal Embedded Systems with Privilege Overlays

Abraham A. Clements, Naif Saleh Almakhdhub, Khaled S. Saab, Prashast Srivastava, Jinkyu Koo, Saurabh Bagchi, Mathias Payer

Protecting Bare-Metal Embedded Systems with Privilege Overlays

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

Augur: Internet-Wide Detection of Connectivity Disruptions

Paul Pearce, Roya Ensafi, Frank Li, Nick Feamster, Vern Paxson

Augur: Internet-Wide Detection of Connectivity Disruptions

Details
Discussion Comments: 0
Verification: Authors have not verified information

CRLite: A Scalable System for Pushing All TLS Revocations to All Browsers

James Larisch, David R. Choffnes, Dave Levin, Bruce M. Maggs, Alan Mislove, Christo Wilson

CRLite: A Scalable System for Pushing All TLS Revocations to All Browsers

Details
Discussion Comments: 0
Verification: Authors have not verified information

A Lustrum of Malware Network Communication: Evolution and Insights

Chaz Lever, Platon Kotzias, Davide Balzarotti, Juan Caballero, Manos Antonakakis

A Lustrum of Malware Network Communication: Evolution and Insights

Details
Author Comments:
Discussion Comments: 0
Sharing: Not able to share produced artifacts
Verification: Authors have verified information

The Password Reset MitM Attack

Nethanel Gelernter, Senia Kalma, Bar Magnezi, Hen Porcilan

The Password Reset MitM Attack

Details
Discussion Comments: 0
Verification: Authors have not verified information

How They Did It: An Analysis of Emission Defeat Devices in Modern Automobiles

Moritz Contag, Guo Li, Andre Pawlowski, Felix Domke, Kirill Levchenko, Thorsten Holz, Stefan Savage

How They Did It: An Analysis of Emission Defeat Devices in Modern Automobiles

Details
Discussion Comments: 0
Verification: Authors have not verified information

Verified Models and Reference Implementations for the TLS 1.3 Standard Candidate

Karthikeyan Bhargavan, Bruno Blanchet, Nadim Kobeissi

Verified Models and Reference Implementations for the TLS 1.3 Standard Candidate

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

A Framework for Universally Composable Diffie-Hellman Key Exchange

Ralf Küsters, Daniel Rausch

A Framework for Universally Composable Diffie-Hellman Key Exchange

Details
Discussion Comments: 0
Verification: Authors have not verified information

Catena: Efficient Non-equivocation via Bitcoin

Alin Tomescu, Srinivas Devadas

Catena: Efficient Non-equivocation via Bitcoin

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

SecureML: A System for Scalable Privacy-Preserving Machine Learning

Payman Mohassel, Yupeng Zhang

SecureML: A System for Scalable Privacy-Preserving Machine Learning

Details
Discussion Comments: 0
Verification: Authors have not verified information

Machine-Checked Proofs of Privacy for Electronic Voting Protocols

Véronique Cortier, Constantin Catalin Dragan, François Dupressoir, Benedikt Schmidt, Pierre-Yves Strub, Bogdan Warinschi

Machine-Checked Proofs of Privacy for Electronic Voting Protocols

Details
Discussion Comments: 0
Verification: Authors have not verified information

Optimized Honest-Majority MPC for Malicious Adversaries - Breaking the 1 Billion-Gate Per Second Barrier

Toshinori Araki, Assi Barak, Jun Furukawa, Tamar Lichter, Yehuda Lindell, Ariel Nof, Kazuma Ohara, Adi Watzman, Or Weinstein

Optimized Honest-Majority MPC for Malicious Adversaries - Breaking the 1 Billion-Gate Per Second Barrier

Details
Discussion Comments: 0
Verification: Authors have not verified information

One TPM to Bind Them All: Fixing TPM 2.0 for Provably Secure Anonymous Attestation

Jan Camenisch, Liqun Chen, Manu Drijvers, Anja Lehmann, David Novick, Rainer Urian

One TPM to Bind Them All: Fixing TPM 2.0 for Provably Secure Anonymous Attestation

Details
Discussion Comments: 0
Verification: Authors have not verified information

HVLearn: Automated Black-Box Analysis of Hostname Verification in SSL/TLS Implementations

Suphannee Sivakorn, George Argyros, Kexin Pei, Angelos D. Keromytis, Suman Jana

HVLearn: Automated Black-Box Analysis of Hostname Verification in SSL/TLS Implementations

Details
Discussion Comments: 0
Verification: Authors have not verified information

An Experimental Security Analysis of an Industrial Robot Controller

Davide Quarta, Marcello Pogliani, Mario Polino, Federico Maggi, Andrea Maria Zanchettin, Stefano Zanero

An Experimental Security Analysis of an Industrial Robot Controller

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

From Trash to Treasure: Timing-Sensitive Garbage Collection

Mathias V. Pedersen, Aslan Askarov

From Trash to Treasure: Timing-Sensitive Garbage Collection

Details
Discussion Comments: 0
Verification: Authors have not verified information

Cloak and Dagger: From Two Permissions to Complete Control of the UI Feedback Loop

Yanick Fratantonio, Chenxiong Qian, Simon P. Chung, Wenke Lee

Cloak and Dagger: From Two Permissions to Complete Control of the UI Feedback Loop

Details
Discussion Comments: 0
Verification: Authors have not verified information

Obstacles to the Adoption of Secure Communication Tools

Ruba Abu-Salma, M. Angela Sasse, Joseph Bonneau, Anastasia Danilova, Alena Naiakshina, Matthew Smith

Obstacles to the Adoption of Secure Communication Tools

Details
Discussion Comments: 0
Verification: Authors have not verified information

IVD: Automatic Learning and Enforcement of Authorization Rules in Online Social Networks

Paul Marinescu, Chad Parry, Marjori Pomarole, Yuan Tian, Patrick Tague, Ioannis Papagiannis

IVD: Automatic Learning and Enforcement of Authorization Rules in Online Social Networks

Details
Discussion Comments: 0
Verification: Authors have not verified information

Is Interaction Necessary for Distributed Private Learning?

Adam D. Smith, Abhradeep Thakurta, Jalaj Upadhyay

Is Interaction Necessary for Distributed Private Learning?

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced no artifacts
Verification: Authors have verified information

SoK: Cryptographically Protected Database Search

Benjamin Fuller, Mayank Varia, Arkady Yerukhimovich, Emily Shen, Ariel Hamlin, Vijay Gadepally, Richard Shay, John Darby Mitchell, Robert K. Cunningham

SoK: Cryptographically Protected Database Search

Details
Discussion Comments: 0
Verification: Authors have not verified information

Pyramid: Enhancing Selectivity in Big Data Protection with Count Featurization

Mathias Lécuyer, Riley Spahn, Roxana Geambasu, Tzu-Kuo Huang, Siddhartha Sen

Pyramid: Enhancing Selectivity in Big Data Protection with Count Featurization

Details
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information

Comparing the Usability of Cryptographic APIs

Yasemin Acar, Michael Backes, Sascha Fahl, Simson L. Garfinkel, Doowon Kim, Michelle L. Mazurek, Christian Stransky

Comparing the Usability of Cryptographic APIs

Details
Discussion Comments: 0
Verification: Authors have not verified information

Multi-touch Authentication Using Hand Geometry and Behavioral Information

Yunpeng Song, Zhongmin Cai, Zhi-Li Zhang

Multi-touch Authentication Using Hand Geometry and Behavioral Information

Details
Discussion Comments: 0
Verification: Authors have not verified information

vSQL: Verifying Arbitrary SQL Queries over Dynamic Outsourced Databases

Yupeng Zhang, Daniel Genkin, Jonathan Katz, Dimitrios Papadopoulos, Charalampos Papamanthou

vSQL: Verifying Arbitrary SQL Queries over Dynamic Outsourced Databases

Details
Discussion Comments: 0
Verification: Authors have not verified information

Securing Augmented Reality Output

Kiron Lebeck, Kimberly Ruth, Tadayoshi Kohno, Franziska Roesner

Securing Augmented Reality Output

Details
Discussion Comments: 0
Verification: Authors have not verified information

Cryptographic Function Detection in Obfuscated Binaries via Bit-Precise Symbolic Loop Mapping

Dongpeng Xu, Jiang Ming, Dinghao Wu

Cryptographic Function Detection in Obfuscated Binaries via Bit-Precise Symbolic Loop Mapping

Details
Discussion Comments: 0
Verification: Authors have not verified information

NEZHA: Efficient Domain-Independent Differential Testing

Theofilos Petsios, Adrian Tang, Salvatore J. Stolfo, Angelos D. Keromytis, Suman Jana

NEZHA: Efficient Domain-Independent Differential Testing

Details
Artifacts for some papers are reviewed by an artifact evaluation, reproducibility, or similarly named committee. This is one such paper that passed review.
Artifact evaluation badge awarded
Author Comments:
Discussion Comments: 0
Sharing: Research produced artifacts
Verification: Authors have verified information