Nytro Posted August 17, 2017 Report Posted August 17, 2017 USENIX Security '17 Technical Sessions All sessions will take place at the Sheraton Vancouver Wall Centre Hotel. USENIX Security '17 Program Grid Download the program in grid format (PDF). Updated 7/27/17. The full USENIX Security '17 Proceedings will be available for download on Wednesday, August 16, 2017. Individual papers may be downloaded now by registered conference attendees from their respective presentation page and will be available for download to everyone on August 16. Paper abstracts and proceedings front matter are available to everyone now. Copyright to the individual works is retained by the author. Proceedings Front Matter Proceedings Cover | Title Page and List of Organizers | Message from the Program Co-Chairs | Table of Contents Full Proceedings PDFs USENIX Security '17 Full Proceedings (PDF) USENIX Security '17 Proceedings Interior (PDF, best for mobile devices) USENIX Security '17 Proceedings Errata Slip (PDF) USENIX Security '17 Proceedings Errata Slip 2 (PDF, 8/15/17) Downloads for Registered Attendees (Sign in to your USENIX account to download these files.) USENIX Security '17 Attendee List (PDF) USENIX Security '17 Wednesday Paper Archive (PDF, includes Proceedings front matter, errata, and attendee lists) USENIX Security ’17 Thursday Paper Archive (PDF) USENIX Security ’17 Friday Paper Archive (PDF) Wednesday, August 16, 2017 7:30 am–9:00 am Continental Breakfast Grand Ballroom Foyer 9:00 am–9:30 am Opening Remarks and Awards Grand Ballroom Program Co-Chairs: Engin Kirda, Northeastern University, and Thomas Ristenpart, Cornell Tech 9:30 am–10:30 am Hide details ▾ Keynote Address Grand Ballroom When Your Threat Model Is "Everything": Defensive Security in Modern Newsrooms Erinn Clark, Lead Security Architect, First Look Media/The Intercept Show details ▸ 10:30 am–11:00 am Break with refreshments Grand Ballroom Foyer 11:00 am–12:30 pm Track 1 Hide details ▾ Bug Finding I Grand Ballroom AB Session Chair: Thorsten Holz, Ruhr-Universität Bochum How Double-Fetch Situations turn into Double-Fetch Vulnerabilities: A Study of Double Fetches in the Linux Kernel Pengfei Wang, National University of Defense Technology; Jens Krinke, University College London; Kai Lu and Gen Li, National University of Defense Technology; Steve Dodier-Lazaro, University College London AVAILABLE MEDIA Show details ▸ Postmortem Program Analysis with Hardware-Enhanced Post-Crash Artifacts Jun Xu, The Pennsylvania State University; Dongliang Mu, Nanjing University; Xinyu Xing, Peng Liu, and Ping Chen, The Pennsylvania State University; Bing Mao, Nanjing University AVAILABLE MEDIA Show details ▸ Ninja: Towards Transparent Tracing and Debugging on ARM Zhenyu Ning and Fengwei Zhang, Wayne State University AVAILABLE MEDIA Show details ▸ Track 2 Hide details ▾ Side-Channel Attacks I Grand Ballroom CD Session Chair: Yuval Yarom, University of Adelaide and Data61, CSIRO Prime+Abort: A Timer-Free High-Precision L3 Cache Attack using Intel TSX Craig Disselkoen, David Kohlbrenner, Leo Porter, and Dean Tullsen, University of California, San Diego AVAILABLE MEDIA Show details ▸ On the effectiveness of mitigations against floating-point timing channels David Kohlbrenner and Hovav Shacham, UC San Diego AVAILABLE MEDIA Show details ▸ Constant-Time Callees with Variable-Time Callers Cesar Pereida García and Billy Bob Brumley, Tampere University of Technology AVAILABLE MEDIA Show details ▸ Track 3 Hide details ▾ Systems Security I Junior Ballroom Session Chair: Long Lu, Stony Brook University Neural Nets Can Learn Function Type Signatures From Binaries Zheng Leong Chua, Shiqi Shen, Prateek Saxena, and Zhenkai Liang, National University of Singapore AVAILABLE MEDIA Show details ▸ CAn’t Touch This: Software-only Mitigation against Rowhammer Attacks targeting Kernel Memory Ferdinand Brasser, Technische Universität Darmstadt; Lucas Davi, University of Duisburg-Essen; David Gens, Christopher Liebchen, and Ahmad-Reza Sadeghi, Technische Universität Darmstadt AVAILABLE MEDIA Show details ▸ Efficient Protection of Path-Sensitive Control Security Ren Ding and Chenxiong Qian, Georgia Tech; Chengyu Song, UC Riverside; Bill Harris, Taesoo Kim, and Wenke Lee, Georgia Tech AVAILABLE MEDIA Show details ▸ 12:30 pm–2:00 pm Lunch (on your own) 2:00 pm–3:30 pm Track 1 Hide details ▾ Bug Finding II Grand Ballroom AB Session Chair: Manuel Egele, Boston University Digtool: A Virtualization-Based Framework for Detecting Kernel Vulnerabilities Jianfeng Pan, Guanglu Yan, and Xiaocao Fan, IceSword Lab, 360 Internet Security Center AVAILABLE MEDIA Show details ▸ kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels Sergej Schumilo, Cornelius Aschermann, and Robert Gawlik, Ruhr-Universität Bochum; Sebastian Schinzel, Münster University of Applied Sciences; Thorsten Holz, Ruhr-Universität Bochum AVAILABLE MEDIA Show details ▸ Venerable Variadic Vulnerabilities Vanquished Priyam Biswas, Purdue University; Alessandro Di Federico, Politecnico di Milano; Scott A. Carr, Purdue University; Prabhu Rajasekaran, Stijn Volckaert, Yeoul Na, and Michael Franz, University of California, Irvine; Mathias Payer, Purdue University AVAILABLE MEDIA Show details ▸ Track 2 Hide details ▾ Side-Channel Countermeasures Grand Ballroom CD Session Chair: Deian Stefan, University of California, San Diego Towards Practical Tools for Side Channel Aware Software Engineering: 'Grey Box' Modelling for Instruction Leakages David McCann, Elisabeth Oswald, and Carolyn Whitnall, University of Bristol AVAILABLE MEDIA Show details ▸ Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory Daniel Gruss, Graz University of Technology, Graz, Austria; Julian Lettner, University of California, Irvine, USA; Felix Schuster, Olya Ohrimenko, Istvan Haller, and Manuel Costa, Microsoft Research, Cambridge, UK AVAILABLE MEDIA Show details ▸ CacheD: Identifying Cache-Based Timing Channels in Production Software Shuai Wang, Pei Wang, Xiao Liu, Danfeng Zhang, and Dinghao Wu, The Pennsylvania State University AVAILABLE MEDIA Show details ▸ Track 3 Hide details ▾ Invited Talks Junior Ballroom Session Chair: David Molnar, Microsoft An Ant in a World of Grasshoppers Ellen Cram Kowalczyk, Microsoft Show details ▸ From Problems to Patterns to Practice: Privacy and User Respect in a Complex World Lea Kissner, Product Privacy Lead and Principal Engineer, Google Show details ▸ 3:30 pm–4:00 pm Break with refreshments Grand Ballroom Foyer 4:00 pm–5:30 pm Track 1 Hide details ▾ Malware and Binary Analysis Grand Ballroom AB Session Chair: Michael Franz, University of California, Irvine BinSim: Trace-based Semantic Binary Diffing via System Call Sliced Segment Equivalence Checking Jiang Ming, University of Texas at Arlington; Dongpeng Xu, Yufei Jiang, and Dinghao Wu, Pennsylvania State University AVAILABLE MEDIA Show details ▸ PlatPal: Detecting Malicious Documents with Platform Diversity Meng Xu and Taesoo Kim, Georgia Institute of Technology AVAILABLE MEDIA Show details ▸ Malton: Towards On-Device Non-Invasive Mobile Malware Analysis for ART Lei Xue, The Hong Kong Polytechnic University; Yajin Zhou, unaffiliated; Ting Chen, University of Electronic Science and Technology of China; Xiapu Luo, The Hong Kong Polytechnic University; Guofei Gu, Texas A&M University AVAILABLE MEDIA Show details ▸ Track 2 Hide details ▾ Censorship Grand Ballroom CD Session Chair: Patrick Traynor, University of Florida Global Measurement of DNS Manipulation Paul Pearce, UC Berkeley; Ben Jones, Princeton; Frank Li, UC Berkeley; Roya Ensafi and Nick Feamster, Princeton; Nick Weaver, ICSI; Vern Paxson, UC Berkeley AVAILABLE MEDIA Show details ▸ Characterizing the Nature and Dynamics of Tor Exit Blocking Rachee Singh, University of Massachusetts – Amherst; Rishab Nithyanand, Stony Brook University; Sadia Afroz, University of California, Berkeley and International Computer Science Institute; Paul Pearce, UC Berkeley; Michael Carl Tschantz, International Computer Science Institute; Phillipa Gill, University of Massachusetts – Amherst; Vern Paxson, University of California, Berkeley and International Computer Science Institute AVAILABLE MEDIA Show details ▸ DeTor: Provably Avoiding Geographic Regions in Tor Zhihao Li, Stephen Herwig, and Dave Levin, University of Maryland AVAILABLE MEDIA Show details ▸ Track 3 Hide details ▾ Embedded Systems Junior Ballroom Session Chair: Brendan Dolan-Gavitt, New York University SmartAuth: User-Centered Authorization for the Internet of Things Yuan Tian, Carnegie Mellon University; Nan Zhang, Indiana University, Bloomington; Yueh-Hsun Lin, Samsung; Xiaofeng Wang, Indiana University, Bloomington; Blase Ur, University of Chicago; Xianzheng Guo and Patrick Tague, Carnegie Mellon University AVAILABLE MEDIA Show details ▸ AWare: Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings Giuseppe Petracca, The Pennsylvania State University, US; Ahmad-Atamli Reineh, University of Oxford, UK; Yuqiong Sun, The Pennsylvania State University, US; Jens Grossklags, Technical University of Munich, DE; Trent Jaeger, The Pennsylvania State University, US AVAILABLE MEDIA Show details ▸ 6thSense: A Context-aware Sensor-based Attack Detector for Smart Devices Amit Kumar Sikder, Hidayet Aksu, and A. Selcuk Uluagac, Florida International University AVAILABLE MEDIA Show details ▸ 6:00 pm–7:30 pm Symposium Reception Fountain Square Don’t miss the USENIX Security ’17 Reception, featuring dinner, drinks, and the chance to connect with other attendees, speakers, and conference organizers. 8:30 pm–9:30 pm Lightning Talks Junior Ballroom This is intended as an informal session for short and engaging presentations on recent unpublished results, work in progress, or other topics of interest to the USENIX Security attendees. As in the past, talks do not always need to be serious and funny talks are encouraged! You can continue submitting talks until Wednesday, August 16, 2017, 12:00 pm PDT at https://sec17lightning.usenix.hotcrp.com or by emailing sec17lightning@usenix.org. Thursday, August 17, 2017 8:00 am–9:00 am Continental Breakfast Grand Ballroom Foyer 9:00 am–10:30 am Track 1 Hide details ▾ Networking Security Grand Ballroom AB Session Chair: Giovanni Vigna, University of California, Santa Barbara Identifier Binding Attacks and Defenses in Software-Defined Networks Samuel Jero, Purdue University; William Koch, Boston University; Richard Skowyra and Hamed Okhravi, MIT Lincoln Laboratory; Cristina Nita-Rotaru, Northeastern University; David Bigelow, MIT Lincoln Laboratory AVAILABLE MEDIA Show details ▸ HELP: Helper-Enabled In-Band Device Pairing Resistant Against Signal Cancellation Nirnimesh Ghose, Loukas Lazos, and Ming Li, Electrical and Computer Engineering, University of Arizona, Tucson, AZ AVAILABLE MEDIA Show details ▸ Attacking the Brain: Races in the SDN Control Plane Lei Xu, Jeff Huang, and Sungmin Hong, Texas A&M University; Jialong Zhang, IBM Research; Guofei Gu, Texas A&M University AVAILABLE MEDIA Show details ▸ Track 2 Hide details ▾ Targeted Attacks Grand Ballroom CD Session Chair: Adrienne Porter Felt, Google Detecting Credential Spearphishing in Enterprise Settings Grant Ho, UC Berkeley; Aashish Sharma, The Lawrence Berkeley National Labratory; Mobin Javed, UC Berkeley; Vern Paxson, UC Berkeley and ICSI; David Wagner, UC Berkeley Distinguished Paper Award Winner! AVAILABLE MEDIA Show details ▸ SLEUTH: Real-time Attack Scenario Reconstruction from COTS Audit Data Md Nahid Hossain, Stony Brook University; Sadegh M. Milajerdi, University of Illinois at Chicago; Junao Wang, Stony Brook University; Birhanu Eshete and Rigel Gjomemo, University of Illinois at Chicago; R. Sekar and Scott Stoller, Stony Brook University; V.N. Venkatakrishnan, University of Illinois at Chicago AVAILABLE MEDIA Show details ▸ When the Weakest Link is Strong: Secure Collaboration in the Case of the Panama Papers Susan E. McGregor, Columbia Journalism School; Elizabeth Anne Watkins, Columbia University; Mahdi Nasrullah Al-Ameen and Kelly Caine, Clemson University;Franziska Roesner, University of Washington AVAILABLE MEDIA Show details ▸ Track 3 Hide details ▾ Trusted Hardware Junior Ballroom Session Chair: XiaoFeng Wang, Indiana University Hacking in Darkness: Return-oriented Programming against Secure Enclaves Jaehyuk Lee and Jinsoo Jang, KAIST; Yeongjin Jang, Georgia Institute of Technology; Nohyun Kwak, Yeseul Choi, and Changho Choi, KAIST; Taesoo Kim, Georgia Institute of Technology; Marcus Peinado, Microsoft Research; Brent Byunghoon Kang, KAIST AVAILABLE MEDIA Show details ▸ vTZ: Virtualizing ARM TrustZone Zhichao Hua, Jinyu Gu, Yubin Xia, and Haibo Chen, Institute of Parallel and Distributed Systems, Shangha Jiao Tong University; Shanghai Key Laboratory of Scalable Computing and Systems, Shanghai Jiao Tong University; Binyu Zang, Institute of Parallel and Distributed Systems, Shanghai Jiao Tong University; Haibing Guan, Shanghai Key Laboratory of Scalable Computing and Systems, Shanghai Jiao Tong University AVAILABLE MEDIA Show details ▸ Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing Sangho Lee, Ming-Wei Shih, Prasun Gera, Taesoo Kim, and Hyesoon Kim, Georgia Institute of Technology; Marcus Peinado, Microsoft Research AVAILABLE MEDIA Show details ▸ 10:30 am–11:00 am Break with refreshments Grand Ballroom Foyer 11:00 am–12:30 pm Track 1 Hide details ▾ Authentication Grand Ballroom AB Session Chair: Tadayoshi Kohno, University of Washington AuthentiCall: Efficient Identity and Content Authentication for Phone Calls Bradley Reaves, North Carolina State University; Logan Blue, Hadi Abdullah, Luis Vargas, Patrick Traynor, and Thomas Shrimpton, University of Florida AVAILABLE MEDIA Show details ▸ Picking Up My Tab: Understanding and Mitigating Synchronized Token Lifting and Spending in Mobile Payment Xiaolong Bai, Tsinghua University; Zhe Zhou, The Chinese University of Hong Kong; XiaoFeng Wang, Indiana University Bloomington; Zhou Li, IEEE Member; Xianghang Mi and Nan Zhang, Indiana University Bloomington; Tongxin Li, Peking University; Shi-Min Hu, Tsinghua University; Kehuan Zhang, The Chinese University of Hong Kong AVAILABLE MEDIA Show details ▸ TrustBase: An Architecture to Repair and Strengthen Certificate-based Authentication Mark O’Neill, Scott Heidbrink, Scott Ruoti, Jordan Whitehead, Dan Bunker, Luke Dickinson, Travis Hendershot, Joshua Reynolds, Kent Seamons, and Daniel Zappala, Brigham Young University AVAILABLE MEDIA Show details ▸ Track 2 Hide details ▾ Malware and Obfuscation Grand Ballroom CD Session Chair: Guofei Gu, Texas A&M University Transcend: Detecting Concept Drift in Malware Classification Models Roberto Jordaney, Royal Holloway, University of London; Kumar Sharad, NEC Laboratories Europe; Santanu K. Dash, University College London; Zhi Wang, Nankai University; Davide Papini, Elettronica S.p.A.; Ilia Nouretdinov, and Lorenzo Cavallaro, Royal Holloway, University of London AVAILABLE MEDIA Show details ▸ Syntia: Synthesizing the Semantics of Obfuscated Code Tim Blazytko, Moritz Contag, Cornelius Aschermann, and Thorsten Holz, Ruhr-Universität Bochum AVAILABLE MEDIA Show details ▸ Predicting the Resilience of Obfuscated Code Against Symbolic Execution Attacks via Machine Learning Sebastian Banescu, Technische Universität München; Christian Collberg, University of Arizona; Alexander Pretschner, Technische Universität München AVAILABLE MEDIA Show details ▸ Track 3 Hide details ▾ Invited Talks Junior Ballroom Session Chair: Franziska Roesner, University of Washington Differential Privacy: From Theory to Deployment Abhradeep Guha Thakurta, Assistant Professor, University of California, Santa Cruz Show details ▸ OSS-Fuzz - Google's continuous fuzzing service for open source software Kostya Serebryany, Google Show details ▸ 12:30 pm–2:00 pm Symposium Luncheon Pavilion Ballroom Sponsored by Facebook The Internet Defense Prize will be presented at the Symposium Luncheon. 2:00 pm–3:30 pm Track 1 Hide details ▾ Web Security I Grand Ballroom AB Session Chair: Martin Johns, SAP SE Extension Breakdown: Security Analysis of Browsers Extension Resources Control Policies Iskander Sanchez-Rola and Igor Santos, DeustoTech, University of Deusto; Davide Balzarotti, Eurecom AVAILABLE MEDIA Show details ▸ CCSP: Controlled Relaxation of Content Security Policies by Runtime Policy Composition Stefano Calzavara, Alvise Rabitti, and Michele Bugliesi, Università Ca’ Foscari Venezia AVAILABLE MEDIA Show details ▸ Same-Origin Policy: Evaluation in Modern Browsers Jörg Schwenk, Marcus Niemietz, and Christian Mainka, Horst Görtz Institute for IT Security, Chair for Network and Data Security, Ruhr-University Bochum AVAILABLE MEDIA Show details ▸ Track 2 Hide details ▾ Privacy Grand Ballroom CD Session Chair: Ian Goldberg, University of Waterloo Locally Differentially Private Protocols for Frequency Estimation Tianhao Wang, Jeremiah Blocki, and Ninghui Li, Purdue University; Somesh Jha, University of Wisconsin Madison AVAILABLE MEDIA Show details ▸ BLENDER: Enabling Local Search with a Hybrid Differential Privacy Model Brendan Avent and Aleksandra Korolova, University of Southern California; David Zeber and Torgeir Hovden, Mozilla; Benjamin Livshits, Imperial College London AVAILABLE MEDIA Show details ▸ Computer Security, Privacy, and DNA Sequencing: Compromising Computers with Synthesized DNA, Privacy Leaks, and More Peter Ney, Karl Koscher, Lee Organick, Luis Ceze, and Tadayoshi Kohno, University of Washington AVAILABLE MEDIA Show details ▸ Track 3 Hide details ▾ Systems Security II Junior Ballroom Session Chair: William Robertson, Northeastern University BootStomp: On the Security of Bootloaders in Mobile Devices Nilo Redini, Aravind Machiry, Dipanjan Das, Yanick Fratantonio, Antonio Bianchi, Eric Gustafson, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna, UC Santa Barbara AVAILABLE MEDIA Show details ▸ Seeing Through The Same Lens: Introspecting Guest Address Space At Native Speed Siqi Zhao and Xuhua Ding, Singapore Management University; Wen Xu, Georgia Institute of Technology; Dawu Gu, Shanghai JiaoTong University AVAILABLE MEDIA Show details ▸ Oscar: A Practical Page-Permissions-Based Scheme for Thwarting Dangling Pointers Thurston H.Y. Dang, University of California, Berkeley; Petros Maniatis, Google Brain; David Wagner, University of California, Berkeley AVAILABLE MEDIA Show details ▸ 3:30 pm–4:00 pm Break with refreshments Grand Ballroom Foyer 4:00 pm–5:30 pm Track 1 Hide details ▾ Web Security II Grand Ballroom AB Session Chair: Franziska Roesner, University of Washington PDF Mirage: Content Masking Attack Against Information-Based Online Services Ian Markwood, Dakun Shen, Yao Liu, and Zhuo Lu, University of South Florida AVAILABLE MEDIA Show details ▸ Loophole: Timing Attacks on Shared Event Loops in Chrome Pepe Vila, IMDEA Software Institute & Technical University of Madrid (UPM); Boris Köpf, IMDEA Software Institute Distinguished Paper Award Winner! AVAILABLE MEDIA Show details ▸ Game of Registrars: An Empirical Analysis of Post-Expiration Domain Name Takeovers Tobias Lauinger, Northeastern University; Abdelberi Chaabane, Nokia Bell Labs; Ahmet Salih Buyukkayhan, Northeastern University; Kaan Onarlioglu, www.onarlioglu.com; William Robertson, Northeastern University AVAILABLE MEDIA Show details ▸ Track 2 Hide details ▾ Applied Cryptography Grand Ballroom CD Session Chair: Dan Boneh, Stanford University Speeding up detection of SHA-1 collision attacks using unavoidable attack conditions Marc Stevens, CWI; Daniel Shumow, Microsoft Research AVAILABLE MEDIA Show details ▸ Phoenix: Rebirth of a Cryptographic Password-Hardening Service Russell W. F. Lai, Friedrich-Alexander-University Erlangen-Nürnberg, Chinese University of Hong Kong; Christoph Egger and Dominique Schröder, Friedrich-Alexander-University Erlangen-Nürnberg; Sherman S. M. Chow, Chinese University of Hong Kong AVAILABLE MEDIA Show details ▸ Vale: Verifying High-Performance Cryptographic Assembly Code Barry Bond and Chris Hawblitzel, Microsoft Research; Manos Kapritsos, University of Michigan; K. Rustan M. Leino and Jacob R. Lorch, Microsoft Research; Bryan Parno, Carnegie Mellon University; Ashay Rane, The University of Texas at Austin; Srinath Setty, Microsoft Research; Laure Thompson, Cornell University Distinguished Paper Award Winner! AVAILABLE MEDIA Show details ▸ Track 3 Hide details ▾ DDoS Panel Junior Ballroom Moderator: Michael Bailey, University of Illinois, at Urbana-Champaign Panelists: Tom Anderson, University of Washington; Damon McCoy, New York University; Nick Sullivan, Cloudflare 6:00 pm–7:30 pm Poster Session and Happy Hour Pavilion Ballroom and Foyer Check out the cool new ideas and the latest preliminary research on display at the Poster Session and Happy Hour. Take part in discussions with your colleagues over complimentary drinks and snacks. View the list of accepted posters. 7:30 pm–9:30 pm USENIX Security '17 Doctoral Colloquium Junior Ballroom Organizer: Thorsten Holz, Ruhr-Universität Bochum Panelists: Mihai Christodorescu, Visa; Roya Ensafi, Princeton University; Ian Goldberg, University of Waterloo; Felix Schuster, Microsoft Research What opportunities await security students graduating with a PhD? On Thursday evening, students will have the opportunity to listen to informal panels of faculty and industrial researchers providing personal perspectives on their post-PhD career search. Learn about the academic job search, the industrial research job search, research fund raising, dual-career challenges, life uncertainty, and other idiosyncrasies of the ivory tower. Friday, August 18, 2017 8:00 am–9:00 am Continental Breakfast Grand Ballroom Foyer 9:00 am–10:30 am Track 1 Hide details ▾ Web Security III Grand Ballroom AB Session Chair: Adam Doupé, Arizona State University Exploring User Perceptions of Discrimination in Online Targeted Advertising Angelisa C. Plane, Elissa M. Redmiles, and Michelle L. Mazurek, University of Maryland; Michael Carl Tschantz, International Computer Science Institute AVAILABLE MEDIA Show details ▸ Measuring the Insecurity of Mobile Deep Links of Android Fang Liu, Chun Wang, Andres Pico, Danfeng Yao, and Gang Wang, Virginia Tech AVAILABLE MEDIA Show details ▸ How the Web Tangled Itself: Uncovering the History of Client-Side Web (In)Security Ben Stock, CISPA, Saarland University; Martin Johns, SAP SE; Marius Steffens and Michael Backes, CISPA, Saarland University AVAILABLE MEDIA Show details ▸ Track 2 Hide details ▾ Software Security Grand Ballroom CD Session Chair: Zhiqiang Lin, The University of Texas at Dallas Towards Efficient Heap Overflow Discovery Xiangkun Jia, TCA/SKLCS, Institute of Software, Chinese Academy of Sciences; Chao Zhang, Institute for Network Science and Cyberspace, Tsinghua University; Purui Su, Yi Yang, Huafeng Huang, and Dengguo Feng, TCA/SKLCS, Institute of Software, Chinese Academy of Sciences AVAILABLE MEDIA Show details ▸ DR. CHECKER: A Soundy Analysis for Linux Kernel Drivers Aravind Machiry, Chad Spensky, Jake Corina, Nick Stephens, Christopher Kruegel, and Giovanni Vigna, UC Santa Barbara AVAILABLE MEDIA Show details ▸ Dead Store Elimination (Still) Considered Harmful Zhaomo Yang and Brian Johannesmeyer, University of California, San Diego; Anders Trier Olesen, Aalborg University; Sorin Lerner and Kirill Levchenko, University of California, San Diego AVAILABLE MEDIA Show details ▸ Track 3 Hide details ▾ Side-Channel Attacks II Junior Ballroom Session Chair: A. Selcuk Uluagac, Florida International University Telling Your Secrets without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution Jo Van Bulck, imec-DistriNet, KU Leuven; Nico Weichbrodt and Rüdiger Kapitza, IBR DS, TU Braunschweig; Frank Piessens and Raoul Strackx, imec-DistriNet, KU Leuven AVAILABLE MEDIA Show details ▸ CLKSCREW: Exposing the Perils of Security-Oblivious Energy Management Adrian Tang, Simha Sethumadhavan, and Salvatore Stolfo, Columbia University Distinguished Paper Award Winner! AVAILABLE MEDIA Show details ▸ AutoLock: Why Cache Attacks on ARM Are Harder Than You Think Marc Green, Worcester Polytechnic Institute; Leandro Rodrigues-Lima and Andreas Zankl, Fraunhofer AISEC; Gorka Irazoqui, Worcester Polytechnic Institute; Johann Heyszl, Fraunhofer AISEC; Thomas Eisenbarth, Worcester Polytechnic Institute AVAILABLE MEDIA Show details ▸ 10:30 am–11:00 am Break with refreshments Grand Ballroom Foyer 11:00 am–12:30 pm Track 1 Hide details ▾ Understanding Attacks Grand Ballroom AB Session Chair: Blase Ur, University of Chicago Understanding the Mirai Botnet Manos Antonakakis, Georgia Institute of Technology; Tim April, Akamai; Michael Bailey, University of Illinois, Urbana-Champaign; Matt Bernhard, University of Michigan, Ann Arbor; Elie Bursztein, Google; Jaime Cochran, Cloudflare; Zakir Durumeric and J. Alex Halderman, University of Michigan, Ann Arbor; Luca Invernizzi, Google;Michalis Kallitsis, Merit Network, Inc.; Deepak Kumar, University of Illinois, Urbana-Champaign; Chaz Lever, Georgia Institute of Technology; Zane Ma and Joshua Mason, University of Illinois, Urbana-Champaign; Damian Menscher, Google; Chad Seaman, Akamai; Nick Sullivan, Cloudflare; Kurt Thomas, Google; Yi Zhou, University of Illinois, Urbana-Champaign AVAILABLE MEDIA Show details ▸ MPI: Multiple Perspective Attack Investigation with Semantic Aware Execution Partitioning Shiqing Ma, Purdue University; Juan Zhai, Nanjing University; Fei Wang, Purdue University; Kyu Hyung Lee, University of Georgia; Xiangyu Zhang and Dongyan Xu, Purdue University Distinguished Paper Award Winner! AVAILABLE MEDIA Show details ▸ Detecting Android Root Exploits by Learning from Root Providers Ioannis Gasparis, Zhiyun Qian, Chengyu Song, and Srikanth V. Krishnamurthy, University of California, Riverside AVAILABLE MEDIA Show details ▸ Track 2 Hide details ▾ Hardware Security Grand Ballroom CD Session Chair: Manuel Egele, Boston University USB Snooping Made Easy: Crosstalk Leakage Attacks on USB Hubs Yang Su, Auto-ID Lab, The School of Computer Science, The University of Adelaide; Daniel Genkin, University of Pennsylvania and University of Maryland; Damith Ranasinghe, Auto-ID Lab, The School of Computer Science, The University of Adelaide; Yuval Yarom, The University of Adelaide and Data61, CSIRO AVAILABLE MEDIA Show details ▸ Reverse Engineering x86 Processor Microcode Philipp Koppe, Benjamin Kollenda, Marc Fyrbiak, Christian Kison, Robert Gawlik, Christof Paar, and Thorsten Holz, Ruhr-University Bochum AVAILABLE MEDIA Show details ▸ See No Evil, Hear No Evil, Feel No Evil, Print No Evil? Malicious Fill Patterns Detection in Additive Manufacturing Christian Bayens, Georgia Institute of Technology; Tuan Le and Luis Garcia, Rutgers University; Raheem Beyah, Georgia Institute of Technology; Mehdi Javanmard and Saman Zonouz, Rutgers University AVAILABLE MEDIA Show details ▸ Track 3 Hide details ▾ Privacy & Anonymity Systems Junior Ballroom Session Chair: Michael Bailey, University of Illinois at Urbana–Champaign The Loopix Anonymity System Ania M. Piotrowska and Jamie Hayes, University College London; Tariq Elahi, KU Leuven; Sebastian Meiser and George Danezis, University College London AVAILABLE MEDIA Show details ▸ MCMix: Anonymous Messaging via Secure Multiparty Computation Nikolaos Alexopoulos, TU Darmstadt; Aggelos Kiayias, University of Edinburgh; Riivo Talviste, Cybernetica AS; Thomas Zacharias, University of Edinburgh AVAILABLE MEDIA Show details ▸ ORide: A Privacy-Preserving yet Accountable Ride-Hailing Service Anh Pham, Italo Dacosta, Guillaume Endignoux, and Juan Ramon Troncoso Pastoriza, EPFL; Kevin Huguenin, UNIL; Jean-Pierre Hubaux, EPFL AVAILABLE MEDIA Show details ▸ 12:30 pm–2:00 pm Lunch (on your own) 2:00 pm–3:30 pm Track 1 Hide details ▾ Software Integrity Grand Ballroom AB Session Chair: William Robertson, Northeastern University Adaptive Android Kernel Live Patching Yue Chen, Florida State University; Yulong Zhang, Baidu X-Lab; Zhi Wang, Florida State University; Liangzhao Xia, Chenfu Bao, and Tao Wei, Baidu X-Lab AVAILABLE MEDIA Show details ▸ CHAINIAC: Proactive Software-Update Transparency via Collectively Signed Skipchains and Verified Builds Kirill Nikitin, Eleftherios Kokoris-Kogias, Philipp Jovanovic, Nicolas Gailly, and Linus Gasser, École polytechnique fédérale de Lausanne (EPFL); Ismail Khoffi, University of Bonn; Justin Cappos, New York University; Bryan Ford, École polytechnique fédérale de Lausanne (EPFL) AVAILABLE MEDIA Show details ▸ ROTE: Rollback Protection for Trusted Execution Sinisa Matetic, Mansoor Ahmed, Kari Kostiainen, Aritra Dhar, David Sommer, and Arthur Gervais, ETH Zurich; Ari Juels, Cornell Tech; Srdjan Capkun, ETH Zurich AVAILABLE MEDIA Show details ▸ Track 2 Hide details ▾ Crypto Deployment Grand Ballroom CD Session Chair: Devdatta Akhawe, Dropbox A Longitudinal, End-to-End View of the DNSSEC Ecosystem Taejoong Chung, Northeastern University; Roland van Rijswijk-Deij, University of Twente and SURFnet bv; Balakrishnan Chandrasekaran, TU Berlin; David Choffnes, Northeastern University; Dave Levin, University of Maryland; Bruce M. Maggs, Duke University and Akamai Technologies; Alan Mislove and Christo Wilson, Northeastern University Distinguished Paper Award Winner! AVAILABLE MEDIA Show details ▸ Measuring HTTPS Adoption on the Web Adrienne Porter Felt, Google; Richard Barnes, Cisco; April King, Mozilla; Chris Palmer, Chris Bentzel, and Parisa Tabriz, Google AVAILABLE MEDIA Show details ▸ "I Have No Idea What I'm Doing" - On the Usability of Deploying HTTPS Katharina Krombholz, Wilfried Mayer, Martin Schmiedecker, and Edgar Weippl, SBA Research AVAILABLE MEDIA Show details ▸ Track 3 Hide details ▾ Privacy Attacks & Defense Junior Ballroom Session Chair: Thomas Eisenbarth, Universität zu Lübeck & WPI Beauty and the Burst: Remote Identification of Encrypted Video Streams Roei Schuster, Tel Aviv University, Cornell Tech; Vitaly Shmatikov, Cornell Tech; Eran Tromer, Tel Aviv University, Columbia University AVAILABLE MEDIA Show details ▸ Walkie-Talkie: An Efficient Defense Against Passive Website Fingerprinting Attacks Tao Wang, Hong Kong University of Science and Technology; Ian Goldberg, University of Waterloo AVAILABLE MEDIA Show details ▸ A Privacy Analysis of Cross-device Tracking Sebastian Zimmeck, Carnegie Mellon University; Jie S. Li and Hyungtae Kim, unaffiliated; Steven M. Bellovin and Tony Jebara, Columbia University AVAILABLE MEDIA Show details ▸ 3:30 pm–4:00 pm Break with refreshments Grand Ballroom Foyer 4:00 pm–5:00 pm Track 1 Hide details ▾ Blockchains Grand Ballroom AB Session Chair: Thomas Ristenpart, Cornell Tech SmartPool: Practical Decentralized Pooled Mining Loi Luu, National University of Singapore; Yaron Velner, The Hebrew University of Jerusalem; Jason Teutsch, TrueBit Foundation; Prateek Saxena, National University of Singapore AVAILABLE MEDIA Show details ▸ REM: Resource-Efficient Mining for Blockchains Fan Zhang, Ittay Eyal, and Robert Escriva, Cornell University; Ari Juels, Cornell Tech; Robbert van Renesse, Cornell University AVAILABLE MEDIA Show details ▸ Track 2 Hide details ▾ Databases Grand Ballroom CD Session Chair: Engin Kirda, Northeastern University Ensuring Authorized Updates in Multi-user Database-Backed Applications Kevin Eykholt, Atul Prakash, and Barzan Mozafari, University of Michigan Ann Arbor AVAILABLE MEDIA Show details ▸ Qapla: Policy compliance for database-backed systems Aastha Mehta and Eslam Elnikety, Max Planck Institute for Software Systems (MPI-SWS); Katura Harvey, University of Maryland, College Park and Max Planck Institute for Software Systems (MPI-SWS); Deepak Garg and Peter Druschel, Max Planck Institute for Software Systems (MPI-SWS) AVAILABLE MEDIA Show details ▸ Track 3 Hide details ▾ Invited Talks Junior Ballroom Session Chair: Michael Bailey, University of Illinois at Urbana–Champaign Data Hemorrhage, Inequality, and You: How Technology and Data Flows are Changing the Civil Liberties Game Shankar Narayan, Technology and Liberty Project Director, American Civil Liberties Union of Washington Show details ▸ Sursa: https://www.usenix.org/node/203932 Quote
