2018년 April 9일

Accepted Paper

  • Where’s Wally? How to Privately Discover your Friends on the Internet, Panagiotis Papadopoulos (FORTH-ICS); Antonios A. Chariton (University of Crete); Elias Athanasopoulos (University of Cyprus); and Evangelos P. Markatos (FORTH-ICS)

 

  • Sensor CON-Fusion: Defeating Kalman Filter in Signal Injection Attack, Shoei Nashimoto, Daisuke Suzuki (Mitsubishi Electric); Takeshi Sugawara, and Kazuo Sakiyama (University of Electro-Communications)

 

  • Direct Anonymous Attestation with Efficient Verifier-Local Revocation for Subscription System, Vireshwar Kumar, He Li, Noah Luther, Pranav Asokan, Jung-Min (Jerry) Park (Virginia Tech); Kaigui Bian (Peking University); Martin B. H. Weiss, and Taieb Znati (University of Pittsburgh)

 

  • Highly-Efficient Fully-Anonymous Dynamic Group Signatures, David Derler (Graz University of Technology) and Daniel Slamanig (AIT Austrian Institute of Technology)

 

  • Automated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU Features, Michael Schwarz, Daniel Gruss, Moritz Lipp (Graz University of Technology); Clémentine Maurice (CNRS, IRISA); Thomas Schuster (Graz University of Technology); Anders Fogh (G DATA Advanced Analytics); and Stefan Mangard (Graz University of Technology)

 

  • DeWiCam: Detecting Hidden Wireless Cameras via Smartphones, Yushi Cheng, Xiaoyu Ji (Zhejiang University/ Alibaba-Zhejiang University Joint Institute of Frontier Technologies); Tianyang Lu, and Wenyuan Xu (Zhejiang University)

 

  • ProcHarvester: Fully Automated Analysis of Procfs Side-Channel Leaks on Android, Raphael Spreitzer, Felix Kirchengast, Daniel Gruss, and Stefan Mangard (Graz University of Technology)

 

  • Detecting Malicious PowerShell Commands using Deep Neural Networks, Danny Hendler (Ben-Gurion University of the Negev); Shay Kels (Microsoft); and Amir Rubin (Ben-Gurion University of the Negev)

 

  • On the Strategy and Behavior of Bitcoin Mining with N-attackers, Hanqing Liu, Na Ruan, Rongtian Du, and Weijia Jia (Shanghai Jiao Tong University)

 

  • SecSAKE: Towards Secure and Efficient Outsourcing of Clinical MRI Reconstruction, Zihao Shan (State University of New York at Buffalo); Zhan Qin (The University of Texas at San Antonio); Leslie Ying, and Kui Ren (State University of New York at Buffalo)

 

  • Use-After-FreeMail: Generalizing the Use-After-Free Problem and Applying it to Email Services, Daniel Gruss, Michael Schwarz (Graz University of Technology); Matthias Wübbeling (Fraunhofer FKIE & University of Bonn); Simon Guggi (Graz University of Technology); Timo Malderle (University of Bonn); Stefan More, and Moritz Lipp (Graz University of Technology)

 

  • No One In The Middle, Jeremy Erickson, Qi Alfred Chen, Xiaochen Yu, Erinjen Lin, Robert Levy, and Z. Morley Mao (University of Michigan)

 

  • Hardware Performance Counters Can Detect Malware: Myth or Fact?, Boyou Zhou, Anmol Gupta, Rasoul Jahanshahi, Manuel Egele, and Ajay Joshi (Boston University)

 

  • Towards Measuring the Role of Phone Numbers in Twitter-Advertised Spam, Payas Gupta (Pindrop); Roberto Perdisci (University of Georgia); and Mustaque Ahamad (Georgia Institute of Technology)

 

  • Efficient Repair of Polluted Machine Learning Systems via Causal Unlearning, Yinzhi Cao (Lehigh University); Alexander Fangxiao Yu, Andrew Aday (Columbia University); Eric Stahl, Jon Merwine (Lehigh University); and Junfeng Yang (Columbia University)

 

  • Leaky Wires: Information Leakage and Covert Communication Between FPGA Long Wires, Ilias Giechaskiel, Kasper B. Rasmussen (University of Oxford); and Ken Eguro (Microsoft Research)

 

  • HlcAuth: Key-free and Secure Communications via Home-Limited Channel, Chaohao Li, Xiaoyu Ji (Zhejiang University & Alibaba-Zhejiang University Joint Institute of Frontier Technologies); Xinyan Zhou, Juchuan Zhang (Zhejiang University); Jing Tian (University of South Carolina); Yanmiao Zhang, and Wenyuan Xu (Zhejiang University)

 

  • Software-Defined Firewall: Enabling Malware Traffic Detection and Programmable Security Control, Shang Gao, Zecheng Li (Hong Kong Polytechnic University); Yuan Yao (Northwestern Polytechnical University & Hong Kong Polytechnic University); Bin Xiao (Hong Kong Polytechnic University); Songtao Guo (Southwest University); and Yuanyuan Yang (Stony Brook University)

 

  • Towards Sustainable Evolution for the TLS Public-Key Infrastructure, Taeho Lee, Christos Pappas (ETH Zurich); Pawel Szalachowski (SUTD); and Adrian Perrig (ETH Zurich)

 

  • FBSleuth: Fake Base Station Forensics via Radio Frequency Fingerprinting, Zhou Zhuang, Xiaoyu Ji, Taimin Zhang, Juchuan Zhang, Wenyuan Xu (Zhejiang University); Zhenhua Li (Tsinghua University); and Yunhao Liu (Tsinghua University; Michigan State University)

 

  • Chameleon: A Hybrid Secure Computation Framework for Machine Learning Applications, Mohammad Sadegh Riazi (University of California San Diego); Christian Weinert, Oleksandr Tkachenko (TU Darmstadt); Ebrahim Mohammadgholi Songhori (University of California San Diego); Thomas Schneider (TU Darmstadt); and Farinaz Koushanfar (University of California San Diego)

 

  • le-git-imate: Towards VerifiableWeb-based Git Repositories, Hammad Afzali (New Jersey Institute of Technology); Santiago Torres-Arias (New York University); Reza Curtmola (New Jersey Institute of Technology); and Justin Cappos (New York University)

 

  • Single Trace Attack Against RSA Key Generation in Intel SGX SSL, Samuel Weiser, Raphael Spreitzer, and Lukas Bodner (Graz University of Technology)

 

  • Ciphertext Integrity with Misuse and Leakage: Definition and Efficient Constructions with Symmetric Primitives, Francesco Berti, François Koeune, Olivier Pereira, Thomas Peters, and François-Xavier Standaert (Universite Catholique de Louvain)

 

  • Temporal Consistency of Integrity-Ensuring Computations and Applications to Embedded Systems Security, Xavier Carpent (University of California, Irvine); Karim Eldefrawy (SRI International); Norrathep Rattanavipanon, and Gene Tsudik (University of California, Irvine)

 

  • Isogrammic-Fusion ORAM: Improved Statistically Secure Privacy-Preserving Cloud Data Access for Thin Clients, Michael T. Goodrich (University of California, Irvine)

 

  • iOracle: Automated Evaluation of Access Control Policies in iOS, Luke Deshotels (North Carolina State University); Razvan Deaconescu, Costin Carabas, Iulia Manda (University POLITEHNICA of Bucharest); William Enck (North Carolina State University); Mihai Chiroiu (University POLITEHNICA of Bucharest); Ninghui Li (Purdue University); and Ahmad-Reza Sadeghi (Technische Universitat Darmstadt)

 

  • To Intercept or Not to Intercept: Analyzing TLS Interception in Network Appliances, Louis Waked, Mohammad Mannan, and Amr Youssef (Concordia University)

 

  • You Are Your Photographs: Detecting Multiple Identities of Vendors in the Darknet Marketplaces, Xiangwen Wang, Peng Peng, Chun Wang, and Gang Wang (Virginia Tech)

 

  • Leveraging Hardware Transactional Memory for Cache Side-Channel Defenses, Sanchuan Chen (The Ohio State University); Fangfei Liu (Intel Corporation); Zeyu Mi (Shanghai Jiao Tong University); Yinqian Zhang (The Ohio State University); Ruby B. Lee (Princeton University); Haibo Chen (Shanghai Jiao Tong University); and XiaoFeng Wang (Indiana University at Bloomington)

 

  • Detection under Privileged Information, Z. Berkay Celik, Patrick McDaniel (penn state); Rauf Izmailov (Vencore Labs); Nicolas Papernot, Ryan Sheatsley, Raquel Alvarez (penn state); and Ananthram Swami (Army Research Laboratory)

 

  • Pseudoentropic Isometries: A New Framework for Fuzzy Extractor Reusability, Quentin Alamelou, Paul-Edmond Berthier, Chloe Cachet, Stephane Cauchie (equensWorldline); Benjamin Fuller (University of Connecticut); Philippe Gaborit (Universite de Limoges); and Sailesh Simhadri (University of Connecticut)

 

  • A Leak-Resilient Dual Stack Scheme for Backward-Edge Control-Flow Integrity, Philipp Zieris and Julian Horsch (Fraunhofer AISEC)

 

  • NoisePrint: Attack Detection Using Sensor and Process Noise Fingerprint in Cyber Physical Systems, Chuadhry Mujeeb Ahmed (Singapore University of Technology and Design); Martin Ochoa (Singapore University of Technology and Design & Department of Applied Mathematics and Computer Science, Universidad del Rosari); Jianying Zhou, Aditya P. Mathur, Rizwan Qadeer (Singapore University of Technology and Design); Carlos Murguia (Melbourne University); and Justin Ruths (UT Dallas)

 

  • Droid M+: Developer Support for Imbibing Android’s New Permission Model, Ioannis Gasparis, Azeem Aqil, Zhiyun Qian, Chengyu Song, Srikanth V. Krishnamurthy, Rajiv Gupta (University of California, Riverside); and Edward Colbert (U.S. Army Research Lab)

 

  • On the Memory-Hardness of Data-Independent Password-Hashing Functions, Joel Alwen (IST Austria / Wickr Inc.); Peter Gazi (IOHK); Chethan Kamath, Karen Klein, Georg Osang, Krzysztof Pietrzak (IST Austria); Lenoid Reyzin (Boston University); Michal Rolinek, and Michal Rybar (IST Austria)

 

  • Secure Similar Sequence Query on Outsourced Genomic Data, Ke Cheng, Yantian Hou (Boise State University); and Liangmin Wang (Jiangsu University)

 

  • Entwining Sanitization and Personalization on Databases, Sébastien Gambs (UQAM); Julien Lolive (Universite Rennes 1); and Jean-Marc Robert (ETS)

 

  • Who is knocking on the Telnet Port: A Large-Scale Empirical Study of Network Scanning, Hwanjo Heo (KAIST/ETRI) and Seungwon Shin (KAIST)

 

  • Non-interactive and Output Expressive Private Comparison from Homomorphic Encryption, Wen-jie Lu, Jun-jie Zhou, and Jun Sakuma (University of Tsukuba)

 

  • Source Attribution of Cryptographic API Misuse in Android Applications, Ildar Muslukhov (The University of British Columbia); Yazan Boshmaf (Qatar Computing Research Institute); and Konstantin Beznosov (The University of British Columbia)

 

  • A Data-driven Attack against Support Vectors of SVM, Shigang Liu, Jun Zhang (Swinburne University of Technology); Yu Wang (Guangzhou University); Wanlei Zhou (Deakin University); Yang Xiang (Swinburne University of Technology); and Olivier De Vel. (Defence Science & Technology Group)

 

  • CUP: Comprehensive User-Space Protection for C/C++, Nathan Burow, Derrick McKee, Scott A. Carr, and Mathias Payer (Purdue University)

 

  • Large-Scale Privacy-Preserving Statistical Computations for Distributed Genome-Wide Association Studies, Oleksandr Tkachenko, Christian Weinert, Thomas Schneider, and Kay Hamacher (TU Darmstadt)

 

  • Investigating Web Defacement Campaigns at Large, Federico Maggi, Marco Balduzzi (Trend Micro Italy s.r.l.); Ryan Flores (Forward-looking Threat Research Team); Lion Gu, and Vincenzo Ciancaglini (Trend Micro, Inc.)

 

  • Beat-PIN: A User Authentication Mechanism for Wearable Devices Through Secret Beats, Ben Hutchins, Anudeep Reddy, Wenqiang Jin, Michael Zhou, Ming Li, and Lei Yang (University of Nevada, Reno)

 

  • SALAD: Secure and Lightweight Attestation of Highly Dynamic and Disruptive Networks, Florian Kohnhäuser, Niklas Büscher, and Stefan Katzenbeisser (TU Darmstadt)

 

  • 2MA: Verifying Voice Commands via Two Microphone Authentication, Logan Blue, Hadi Abdullah, Luis Vargas, and Patrick Traynor (University of Florida)

 

  • TABOR: A Graphical Model-based Approach for Anomaly Detection in Industrial Control Systems, Qin Lin (Delft University of Technology); Sridha Adepu (Singapore University of Technology and Design); Sicco Verwer (Delft University of Technology); and Aditya Mathur (Singapore University of Technology and Design)

 

  • BCD: Decomposing Binary Code Into Components Using Graph-Based Clustering, Vishal M Karande, Swarup Chandra (The University of Texas at Dallas); Zhiqiang Lin (The Ohio State University); Juan Caballero (IMDEA Software Institute); Latifur Khan, and Kevin Hamlen (The University of Texas at Dallas)

 

  • Can You Trust Your Encrypted Cloud? An Assessment of SpiderOakONE’s Security, Anders P. K. Dalskov and Claudio Orlandi (Aarhus University)
  • Cybercrime After the Sunrise: A Statistical Analysis of DNS Abuse in New gTLDs, Maciej Korczynski (Grenoble Alps University); Maarten Wullink (SIDN Labs); Samaneh Tajalizadehkhoob (Delft University of Technology); Giovane C. M. Moura (SIDN Labs); Arman Noroozian (Delft University of Technology); Drew Bagley (Secure Domain Foundation / CrowdStrike); and Cristian Hesselman (SIDN Labs)

 

  • Dazed Droids: A Longitudinal Study of Android Inter-App Vulnerabilities, Ryan Johnson (Kryptowire / George Mason University); Mohamed Elsabagh (Kryptowire); Angelos Stavrou (Kryptowire / George Mason University); and Jeff Offutt (George Mason University)

 

  • Protecting Intellectual Property of Deep Neural Networks with Watermarking, Jialong Zhang, Zhongshu Gu, Jiyong Jang, Hui Wu, Marc P Stoecklin, Heqing Huang, and Ian M Molloy (IBM Research)

 

  • Towards Fast and Semi-supervised Identification of Smart Meters Launching Data Falsification Attacks, Shameek Bhattacharjee, Aditya Thakur, and Sajal K. Das (Missouri University of Science and Technology)

 

  • Efficient Two-level Homomorphic Encryption in Prime-order Bilinear Groups and A Fast Implementation in WebAssembly, Nuttapong Attrapadung, Goichiro Hanaoka (AIST); Shigeo Mitsunari (Cybozu Labs, Inc.); Yusuke Sakai (AIST); Kana Shimizu (Waseda University); and Tadanori Teruya (AIST)

 

  • A Linear Distinguisher and its Application for Analyzing Privacy-Preserving Transformation Used in Verifiable (Outsourced) Computation, Liang Zhao (Sichuan University) and Liqun Chen (University of Surrey)

 

  • Augmenting Telephone Spam Blacklists by Mining Large CDR Datasets, Jienan Liu (University of Georgia); Babak Rahbarinia (Auburn University Montgomery); Roberto Perdisci (University of Georgia); Haitao Du, and Li Su (China Mobile Research Institute)

 

  • Don’t throw me away: Threats Caused by the Abandoned Internet Resources Used by Android Apps, Elkana G Pariwono (Waseda University); Daiki Chiba, Mitsuaki Akiyama (NTT Secure Platform Laboratories); and Tatsuya Mori (Waseda University)

 

  • The Personal Identification Chord, Ian Oakley (UNIST); Jun Ho Huh (Samsung Electronics); Junsung Cho, Geumhwan Cho (Sungkyunkwan University); Rasel Islam (UNIST); and Hyoungshick Kim (Sungkyunkwan University)

 

  • Electromagnetic Induction Attacks Against Embedded Systems, Jayaprakash Selvaraj (Iowa State University); Gokcen Yilmaz Dayanikli (Virginia Tech); Neelam Prabhu Gaunkar (Iowa State University); David Ware (Utah State University); Ryan M Gerdes (Virginia Tech); and Mani Mina (Iowa State University)

 

  • Achieving Flexibility for ABE with Outsourcing via Proxy Re-Encryption, Zuoxia Yu (The Hong Kong Polytechnic University); Man Ho Au (The Hong Kong Polytechnic University); Rupeng Yang (Shandong University & The Hong Kong Polytechnic University); Junzuo Lai (Jinan University, Guangzhou & State Key Laboratory of Cryptology); and Qiuliang Xu (Shandong University)