2021年网络安全领域四大顶会的论文录用均已揭晓,InForSec特整理相关信息分享给网络安全学术社区。
NDSS 会议(全称The Network and Distributed System Security Symposium)是和CCS,USENIX SECURITY及IEEE S&P并称的计算机系统安全领域的四大顶级会议之一。
目前为CCF B 类会议,2021年共有两轮(夏季、秋季)论文征稿,NDSS 2021会议共发表87篇论文(录取比例为15.2%,2020年录取率为17.3%,2019年录取率为17%,2018录取率为21.4%,),其中共有7篇是来自中国的学人研究成果。(注:数据为人工统计,如有疏漏,还请指正。)
NDSS 2021 创新成果涉及互联网安全、移动无线网络安全、数据安全、密码、人工智能安全、硬件安全、软件安全、区块链安全、安全分析、物联网安全以及无人系统安全等众多领域。
以下为NDSS 2021年录取论文列表:
| 论文标题 | 作者信息 | 第一作者单位 | 一作单位所在国家 |
| All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers | Christoph Hagen (University of Würzburg); Christian Weinert (TU Darmstadt); Christoph Sendner and Alexandra Dmitrienko (University of Würzburg); Thomas Schneider (TU Darmstadt) | University of Würzburg | 德国 |
| As Strong As Its Weakest Link: How to Break Blockchain DApps at RPC Service | Kai Li, Jiaqi Chen, Xianghong Liu, and Yuzhe Tang (Syracuse University); XiaoFeng Wang (Indiana University Bloomington); Xiapu Luo (The Hong Kong Polytechnic University) | Syracuse University(雪城大学) | 美国 |
| Awakening the Web’s Sleeper Agents: Misusing Service Workers for Privacy Leakage | Soroush Karami, Panagiotis Ilia, and Jason Polakis (University of Illinois at Chicago) | University of Illinois at Chicago | 美国 |
| Bringing Balance to the Force: Dynamic Analysis of the Android Application Framework | Abdallah Dawoud and Sven Bugiel (CISPA Helmholtz Center for Information Security) | CISPA Helmholtz Center for Information Security | 德国 |
| C$^2$SR: Cybercrime Scene Reconstruction for Post-mortem Forensic Analysis | Yonghwi Kwon (University of Virginia); Weihang Wang (University at Buffalo, SUNY); Jinho Jung (Georgia Institute of Technology); Kyu Hyung Lee (University of Georgia); Roberto Perdisci (University of Georgia and Georgia Tech) | University of Virginia | 美国 |
| Deceptive Deletions for Protecting Withdrawn Posts on Social Media Platforms | Mohsen Minaei (Visa Research); S Chandra Mouli (Purdue University); Mainack Mondal (IIT Kharagpur); Bruno Ribeiro and Aniket Kate (Purdue University) | Visa Research | 美国 |
| DOVE: A Data-Oblivious Virtual Environment | Hyun Bin Lee (University of Illinois at Urbana-Champaign); Tushar Jois (Johns Hopkins University); Christopher Fletcher and Carl A. Gunter (University of Illinois at Urbana-Champaign) | University of Illinois at Urbana-Champaign伊利诺伊大学香槟分校 | 美国 |
| Evading Voltage-Based Intrusion Detection on Automotive CAN | Rohit Bhatia (Purdue University); Vireshwar Kumar (Indian Institute of Technology Delhi); Khaled Serag and Z. Berkay Celik (Purdue University); Mathias Payer (EPFL); Dongyan Xu (Purdue University) | Purdue University | 美国 |
| Forward and Backward Private Conjunctive Searchable Symmetric Encryption | Sikhar Patranabis (ETH Zurich); Debdeep Mukhopadhyay (IIT Kharagpur) | ETH Zurich苏黎世联邦理工学院 | 瑞士 |
| From WHOIS to WHOWAS: A Large-Scale Measurement Study of Domain Registration Privacy under the GDPR | Chaoyi Lu (Tsinghua University; Beijing National Research Center for Information Science and Technology); Baojun Liu (Tsinghua University; Beijing National Research Center for Information Science and Technology; Qi An Xin Group); Yiming Zhang (Tsinghua University; Beijing National Research Center for Information Science and Technology); Zhou Li (University of California, Irvine); Fenglu Zhang (Tsinghua University); Haixin Duan (Tsinghua University; Qi An Xin Group); Ying Liu (Tsinghua University); Joann Qiongna Chen (University of California, Irvine); Jinjin Liang and Zaifeng Zhang (360 Netlab); Shuang Hao (University of Texas at Dallas); Min Yang (Fudan University) | Tsinghua University; Beijing National Research Center for Information Science and Technology | 中国 |
| Hey Alexa, is this Skill Safe?: Taking a Closer Look at the Alexa Skill Ecosystem | Christopher Lentzsch (Ruhr-Universität Bochum); Sheel Jayesh Shah (North Carolina State University); Benjamin Andow (Google); Martin Degeling (Ruhr-Universität Bochum); Anupam Das and William Enck (North Carolina State University) | Ruhr-Universität Bochum波鸿鲁尔大学 | 德国 |
| Let’s Stride Blindfolded in a Forest: Sublinear Multi-Client Decision Trees Evaluation | Jack P. K. Ma and Raymond K. H. Tai (The Chinese University of Hong Kong); Yongjun Zhao (Nanyang Technological University); Sherman S.M. Chow (The Chinese University of Hong Kong) | The Chinese University of Hong Kong | 中国香港 |
| More than a Fair Share: Network Data Remanence Attacks against Secret Sharing-based Schemes | Leila Rashidi (University of Calgary); Daniel Kostecki (Northeastern University); Alexander James (University of Calgary); Anthony Peterson (Northeastern University); Majid Ghaderi (University of Calgary); Samuel Jero (MIT Lincoln Laboratory); Cristina Nita-Rotaru (Northeastern University); Hamed Okhravi (MIT Lincoln Laboratory); Reihaneh Safavi-Naini (University of Calgary) | University of Calgary卡尔加里大学 | 加拿大 |
| Obfuscated Access and Search Patterns in Searchable Encryption | Zhiwei Shang and Simon Oya (University of Waterloo); Andreas Peter (University of Twente); Florian Kerschbaum (University of Waterloo) | University of Waterloo滑铁卢大学 | 加拿大 |
| Peerlock: Flexsealing BGP | Tyler McDaniel, Jared M. Smith, and Max Schuchard (University of Tennessee, Knoxville) | University of Tennessee, Knoxville田纳西大学-诺克斯维尔 | 美国 |
| POP and PUSH: Demystifying and Defending against (Mach) Port-oriented Programming | Min Zheng and Xiaolong Bai (Orion Security Lab, Alibaba Group); Yajin Zhou (Zhejiang University); Chao Zhang (Institute for Network Science and Cyberspace of Tsinghua University); Fuping Qu (Orion Security Lab, Alibaba Group) | Orion Security Lab, Alibaba Group阿里安全猎户座实验室 | 中国 |
| Processing Dangerous Paths – On Security and Privacy of the Portable Document Format | Jens Müller, Dominik Noss, Christian Mainka, Vladislav Mladenov, and Jörg Schwenk (Ruhr University Bochum) | Ruhr University Bochum波鸿鲁尔大学 | 德国 |
| Reining in the Web’s Inconsistencies with Site Policy | Stefano Calzavara (Università Ca’ Foscari Venezia); Tobias Urban (Institute for Internet Security, Westphalian University of Applied Sciences and Ruhr University Bochum); Dennis Tatang (Ruhr University Bochum); Marius Steffens and Ben Stock (CISPA Helmholtz Center for Information Security) | Università Ca’ Foscari Venezia意大利威尼斯大学 | 意大利 |
| Rosita: Towards Automatic Elimination of Power-Analysis Leakage in Ciphers | Madura A. Shelton (University of Adelaide); Niels Samwel and Lejla Batina (Radboud University); Francesco Regazzoni (University of Amsterdam and ALaRI – USI); Markus Wagner (University of Adelaide); Yuval Yarom (University of Adelaide and Data61) | University of Adelaide阿德莱德大学 | 澳大利亚 |
| Screen Gleaning: A Screen Reading TEMPEST Attack on Mobile Devices Exploiting an Electromagnetic Side Channel | Zhuoran Liu (Radboud university); Niels Samwel, Léo Weissbart, Zhengyu Zhao, Dirk Lauret, Lejla Batina, and Martha Larson (Radboud University) | Radboud university拉德堡德大学 | 荷兰 |
| The Abuser Inside Apps: Finding the Culprit Committing Mobile Ad Fraud | Joongyum Kim, Jung-hwan Park, and Sooel Son (KAIST) | KAIST | 韩国 |
| Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages | Ruian Duan, Omar Alrawi, Ranjita Pai Kasturi, Ryan Elder, Brendan Saltaformaggio, and Wenke Lee (Georgia Institute of Technology) | Georgia Institute of Technology | 美国 |
| XDA: Accurate, Robust Disassembly with Transfer Learning | Kexin Pei (Columbia University); Jonas Guan (University of Toronto); David Williams-King, Junfeng Yang, and Suman Jana (Columbia University) | Columbia University | 美国 |
| Zoom on the Keystrokes: Exploiting Video Calls for Keystroke Inference Attacks | Mohd Sabra (University of Texas at San Antonio); Anindya Maiti (University of Oklahoma); Murtuza Jadliwala (University of Texas at San Antonio) | University of Texas at San Antonio | 美国 |
| A Devil of a Time: How Vulnerable is NTP to Malicious Timeservers? | Yarin Perry, Neta Rozen-Schiff, and Michael Schapira (Hebrew University of Jerusalem) | Hebrew University of Jerusalem | 以色列 |
| A Formal Analysis of the FIDO UAF Protocol | Haonan Feng, Hui Li, and Xuesong Pan (Beijing University of Posts and Telecommunications, Beijing, China); Ziming Zhao (University at Buffalo) | Beijing University of Posts and Telecommunications, Beijing, China | 中国 |
| ALchemist: Fusing Application and Audit Logs for Precise Attack Provenance without Instrumentation | Le Yu (Purdue University); Shiqing Ma (Rutgers University); Zhuo Zhang, Guanhong Tao, Xiangyu Zhang, and Dongyan Xu (Purdue University); Vincent E. Urias and Han Wei Lin (Sandia National Laboratories); Gabriela Ciocarlie (SRI); Vinod Yegneswaran (SRI International); Ashish Gehani (SRI) | Purdue University | 美国 |
| BaseSpec: Comparative Analysis of Baseband Software and Cellular Specifications for L3 Protocols | Eunsoo Kim, Dongkwan Kim, CheolJun Park, Insu Yun, and Yongdae Kim (KAIST) | KAIST | 韩国 |
| Bitcontracts: Supporting Smart Contracts in Legacy Blockchains | Karl Wüst, Loris Diana, and Kari Kostiainen (ETH Zurich); Ghassan Karame (NEC Laboratories Europe GmbH); Sinisa Matetic and Srdjan Capkun (ETH Zurich) | ETH Zurich | 瑞士 |
| CHANCEL: Efficient Multi-client Isolation Under Adversarial Programs | Adil Ahmad (Purdue University); Juhee Kim (Seoul National University); Jaebaek Seo (Google); Insik Shin (KAIST); Pedro Fonseca (Purdue University); Byoungyoung Lee (Seoul National University) | Purdue University | 美国 |
| CV-Inspector: Towards Automating Detection of Adblock Circumvention | Hieu Le (University of California, Irvine); Athina Markopoulou (University of California, Irvine); Zubair Shafiq (University of California, Davis) | University of California, Irvine | 美国 |
| Data Poisoning Attacks to Deep Learning Based Recommender Systems | Hai Huang and Jiaming Mu (Tsinghua University); Neil Zhenqiang Gong (Duke University); Qi Li (Tsinghua University); Bin Liu (IBM); Mingwei Xu (Tsinghua University) | Tsinghua University | 中国 |
| Detecting Kernel Memory Leaks in Specialized Modules with Ownership Reasoning | Navid Emamdoost, Qiushi Wu, Kangjie Lu, and Stephen McCamant (University of Minnesota) | University of Minnesota | 美国 |
| Differential Training: A Generic Framework to Reduce Label Noises for Android Malware Detection | Jiayun Xu (School of Information Systems, Singapore Management University, Singapore); Yingjiu Li (University of Oregon); Robert H. Deng (School of Information Systems, Singapore Management University, Singapore) | School of Information Systems, Singapore Management University, Singapore | 新加坡 |
| Does Every Second Count? Time-based Evolution of Malware Behavior in Sandboxes | Alexander Küchler (Fraunhofer AISEC); Alessandro Mantovani (EURECOM); Yufei Han and Leyla Bilge (NortonLifeLock Research Group); Davide Balzarotti (EURECOM) | Fraunhofer AISEC | 德国 |
| EarArray: Defending against DolphinAttack via Acoustic Attenuation | Guoming Zhang, Xiaoyu Ji, and Xinfeng Li (Zhejiang University); Gang Qu (University of Maryland); Wenyuan Xu (Zhejing University) | Zhejiang University | 中国 |
| Emilia: Catching Iago in Legacy Code | Rongzhen Cui (University of Toronto); Lianying Zhao (Carleton University); David Lie (University of Toronto) | University of Toronto | 加拿大 |
| FARE: Enabling Fine-grained Attack Categorization under Low-quality Labeled Data | Junjie Liang and Wenbo Guo (The Pennsylvania State University); Tongbo Luo (JD.com); Vasant Honavar (Pennsylvania State University); Gang Wang (University of Illinois at Urbana-Champaign); Xinyu Xing (Pennsylvania State University) | The Pennsylvania State University | 美国 |
| Favocado: Fuzzing Binding Code of JavaScript Engines Using Semantically Correct Test Cases | Sung Ta Dinh and Haehyun Cho (Arizona State University); Kyle Martin (North Carolina State University); Adam Oest (PayPal, Inc.); Yihui Zeng (Arizona State University); Alexandros Kapravelos (North Carolina State University); Tiffany Bao, Ruoyu “Fish” Wang, Yan Shoshitaishvili, and Adam Doupe (Arizona State University); Gail-Joon Ahn (Arizona State University and Samsung Research) | Arizona State University | 美国 |
| FlowLens: Enabling Efficient Flow Classification for ML-based Network Security Applications | Diogo Barradas, Nuno Santos, and Luis Rodrigues (INESC-ID, Instituto Superior Técnico, Universidade de Lisboa); Salvatore Signorello (Faculdade de Ciências, Universidade de Lisboa); Fernando Ramos and André Madeira (INESC-ID, Instituto Superior Técnico, Universidade de Lisboa) | INESC-ID, Instituto Superior Técnico, Universidade de Lisboa | 葡萄牙 |
| FLTrust: Byzantine-robust Federated Learning via Trust Bootstrapping | Xiaoyu Cao (Duke University); Minghong Fang and Jia Liu (The Ohio State University); Neil Zhenqiang Gong (Duke University) | Duke University | 美国 |
| From Library Portability to Para-rehosting: Natively Executing Open-source Microcontroller OSs on Commodity Hardware | Wenqiang Li (Institute of Information Engineering, Chinese Academy of Sciences and University of Kansas); Le Guan (University of Georgia); Jingqiang Lin (University of Science and Technology of China); Jiameng Shi (University of Georgia); Fengjun Li (University of Kansas) | Institute of Information Engineering, Chinese Academy of Sciences and University of Kansas | 中国 |
| GALA: Greedy ComputAtion for Linear Algebra in Privacy-Preserved Neural Networks | Qiao Zhang (Old Dominion University); Chunsheng Xin and Hongyi Wu (Old Dominion University, Norfolk, VA 23529, USA) | Old Dominion University | 美国 |
| HERA: Hotpatching of Embedded Real-time Applications | Christian Niesler, Sebastian Surminski, and Lucas Davi (University of Duisburg-Essen) | University of Duisburg-Essen | 德国 |
| Hunting the Haunter — Efficient Relational Symbolic Execution for Spectre with HauntedRelSE | Lesly-Ann Daniel and Sébastien Bardin (CEA, List, France); Tamara Rezk (Inria, France) | CEA, List, France | 法国 |
| Improving Signal’s Sealed Sender | Ian Martiny (University of Colorado); Gabriel Kaptchuk (Boston University); Adam Aviv (The George Washington University); Dan Roche (U.S. Naval Avademy); Eric Wustrow (University of Colorado Boulder) | University of Colorado | 美国 |
| IoTSafe: Enforcing Safety and Security Policy with Real IoT Physical Interaction Discovery | Wenbo Ding (Clemson University); Hongxin Hu (University at Buffalo); Long Cheng (Clemson University) | Clemson University | 美国 |
| KUBO: Precise and Scalable Detection of User-triggerable Undefined Behavior Bugs in OS Kernel | Changming Liu (Northeastern University); Yaohui Chen (Facebook, Inc.); Long Lu (Northeastern University) | Northeastern University | 美国 |
| Manipulating the Byzantine: Optimizing Model Poisoning Attacks and Defenses for Federated Learning | Virat Shejwalkar and Amir Houmansadr (UMass Amherst) | UMass Amherst | 美国 |
| MINOS: A Lightweight Real-Time Cryptojacking Detection System | Faraz Naseem, Ahmet Aris, Leonardo Babun, Selcuk Uluagac, and Ege Tekiner (Florida International University) | Florida International University | 美国 |
| Mondrian: Comprehensive Inter-domain Network Zoning Architecture | Jonghoon Kwon and Hähni Claude (ETH Zürich); Patrick Bamert (Zürcher Kantonalbank); Adrian Perrig (ETH Zürich) | ETH Zürich | 瑞士 |
| NetPlier: Probabilistic Network Protocol Reverse Engineering from Message Traces | Yapeng Ye, Zhuo Zhang, Fei Wang, Xiangyu Zhang, and Dongyan Xu (Purdue University) | Purdue University | 美国 |
| OblivSketch: Oblivious Network Measurement as a Cloud Service | Shangqi Lai, Xingliang YUAN, and Joseph Liu (Monash University); Xun Yi (RMIT University); Qi Li (Tsinghua University); Dongxi Liu (Data61, CSIRO); Nepal Surya (Data61 CSIRO Australia) | Monash University | 澳大利亚 |
| On the Insecurity of SMS One-Time Password Messages against Local Attackers in Modern Mobile Devices | Zeyu Lei and Yuhong Nan (Purdue University); Yanick Fratantonio (EURECOM); Antonio Bianchi (Purdue University) | Purdue University | 美国 |
| PFirewall: Semantics-Aware Customizable Data Flow Control for Home Automation Systems | Haotian Chi (Temple University); Qiang Zeng (University of South Carolina); Xiaojiang Du (Temple University); Lannan Luo (University of South Carolina) | Temple University | 美国 |
| PGFUZZ: Policy-Guided Fuzzing for Robotic Vehicles | Hyungsub Kim, Muslum Ozgur Ozmen, Antonio Bianchi, Z. Berkay Celik, and Dongyan Xu (Purdue University) | Purdue University | 美国 |
| PHOENIX: Device-Centric Cellular Network Protocol Monitoring using Runtime Verification | Mitziu Echeverria, Zeeshan Ahmed, Bincheng Wang, and M. Fareed Arif (The University of Iowa); Syed Rafiul Hussain (Pennsylvania State University); Omar Chowdhury (The University of Iowa) | The University of Iowa | 美国 |
| POSEIDON: Privacy-Preserving Federated Neural Network Learning | Sinem Sav, Apostolos Pyrgelis, Juan Ramón Troncoso-Pastoriza, David Froelicher, Jean-Philippe Bossuat, Joao André Gomes de Sá E Sousa, and Jean-Pierre Hubaux (EPFL) | EPFL | 瑞士 |
| Practical Blind Membership Inference Attack via Differential Comparisons | Bo Hui, Yuchen Yang, and Haolin Yuan (Johns Hopkins University); Philippe Burlina (The Johns Hopkins University Applied Physics Laboratory); Neil Zhenqiang Gong (Duke University); Yinzhi Cao (Johns Hopkins University) | Johns Hopkins University | 美国 |
| Practical Non-Interactive Searchable Encryption with Forward and Backward Privacy | Shi-Feng Sun, Ron Steinfeld, and Shangqi Lai (Monash University, Australia); Xingliang YUAN (Monash University); Amin Sakzad and Joseph Liu (Monash University, Australia); Surya Nepal (Data61 CSIRO, Australia); Dawu Gu (Shanghai Jiao Tong University, China) | Monash University, Australia | 澳大利亚 |
| Preventing and Detecting State Inference Attacks on Android | Andrea Possemato (EURECOM / IDEMIA); Dario Nisi and Yanick Fratantonio (EURECOM) | EURECOM / IDEMIA | 法国 |
| PrivacyFlash Pro: Automating Privacy Policy Generation for Mobile Apps | Sebastian Zimmeck, Rafael Goldstein, and David Baraka (Wesleyan University) | Wesleyan University | 美国 |
| ProPoS: A Probabilistic Proof-of-Stake Protocol | Daniel Reijsbergen, Pawel Szalachowski, Junming Ke, Zengpeng Li, and Jianying Zhou (Singapore University of Technology and Design) | Singapore University of Technology and Design | 新加坡 |
| QPEP: An Actionable Approach to Secure and Performant Broadband From Geostationary Orbit | James Pavur (Oxford University); Martin Strohmeier and Vincent Lenders (armasuisse); Ivan Martinovic (Oxford University) | Oxford University | 英国 |
| RandRunner: Distributed Randomness from Trapdoor VDFs with Strong Uniqueness | Philipp Schindler, Aljosha Judmayer, and Markus Hittmeir (SBA Research); Nicholas Stifter (SBA Research, TU Wien); Edgar Weippl (Universität Wien) | SBA Research | 奥地利 |
| Refining Indirect Call Targets at the Binary Level | Sun Hyoung Kim (Penn State); Cong Sun (Xidian University); Dongrui Zeng and Gang Tan (Penn State) | Penn State | 美国 |
| Reinforcement Learning-based Hierarchical Seed Scheduling for Greybox Fuzzing | Jinghan Wang, Chengyu Song, and Heng Yin (University of California, Riverside) | University of California, Riverside | 美国 |
| ROV++: Improved Deployable Defense against BGP Hijacking | Reynaldo Morillo, Justin Furuness, Cameron Morris, James Breslin, Amir Herzberg, and Bing Wang (University of Connecticut) | University of Connecticut | 美国 |
| SerialDetector: Principled and Practical Exploration of Object Injection Vulnerabilities for the Web | Mikhail Shcherbakov and Musard Balliu (KTH Royal Institute of Technology) | KTH Royal Institute of Technology | 瑞典 |
| Shadow Attacks: Hiding and Replacing Content in Signed PDFs | Christian Mainka, Vladislav Mladenov, and Simon Rohlmann | Ruhr-Universität Bochum | 德国 |
| SpecTaint: Speculative Taint Analysis for Discovering Spectre Gadgets | Zhenxiao Qi (UC Riverside); Qian Feng (Baidu USA); Yueqiang Cheng (Baidu Security); Mengjia Yan (UIUC); Peng Li (Baidu X-Lab); Heng Yin (UC Riverside); Tao Wei (Baidu X-Lab) | UC Riverside | 美国 |
| SquirRL: Automating Attack Analysis on Blockchain Incentive Mechanisms with Deep Reinforcement Learning | Charlie Hou (CMU, IC3); Mingxun Zhou (Peking University); Yan Ji and Phil Daian (Cornell Tech, IC3); Florian Tramèr (Stanford University); Giulia Fanti (CMU, IC3); Ari Juels (Cornell Tech, IC3) | CMU, IC3 | 美国 |
| SymQEMU: Compilation-based symbolic execution for binaries | Sebastian Poeplau (EURECOM and Code Intelligence); Aurélien Francillon (EURECOM) | EURECOM and Code Intelligence | 法国 |
| Tales of Favicons and Caches: Persistent Tracking in Modern Browsers | Konstantinos Solomos, John Kristoff, Chris Kanich, and Jason Polakis (University of Illinois at Chicago) | University of Illinois at Chicago | 美国 |
| TASE: Reducing Latency of Symbolic Execution with Transactional Memory | Adam Humphries (University of North Carolina); Kartik Cating-Subramanian (University of Colorado); Michael K. Reiter (Duke University) | University of North Carolina | 美国 |
| The Bluetooth CYBORG: Analysis of the Full Human-Machine Passkey Entry AKE Protocol | Michael Troncoso and Britta Hale (Naval Postgraduate School) | Naval Postgraduate School | 美国 |
| To Err.Is Human: Characterizing the Threat of Unintended URLs in Social Media | Beliz Kaleli (Boston University); Brian Kondracki (Stony Brook University); Manuel Egele (Boston University); Nick Nikiforakis (Stony Brook University); Gianluca Stringhini (Boston University) | Boston University | 美国 |
| Towards Understanding and Detecting Cyberbullying in Real-world Images | Nishant Vishwamitra and Hongxin Hu (University at Buffalo); Feng Luo and Long Cheng (Clemson University) | University at Buffalo | 美国 |
| Trust the Crowd: Wireless Witnessing to Detect Attacks on ADS-B-Based Air-Traffic Surveillance | Kai Jansen (Ruhr University Bochum); Liang Niu and Nian Xue (New York University Abu Dhabi); Ivan Martinovic (University of Oxford); Christina Pöpper (New York University Abu Dhabi) | Ruhr University Bochum | 德国 |
| Understanding and Detecting International Revenue Share Fraud | Merve Sahin (SAP Security Research); Aurélien Francillon (EURECOM) | SAP Security Research | 法国 |
| Understanding the Growth and Security Considerations of ECS | Athanasios Kountouras, Panagiotis Kintis, Athanasios Avgetidis, Thomas Papastergiou, and Charles Lever (Georgia Institute of Technology); Michalis Polychronakis (Stony Brook University); Manos Antonakakis (Georgia Institute of Technology) | Georgia Institute of Technology | 美国 |
| Understanding Worldwide Private Information Collection on Android | Yun Shen and Pierre-Antoine Vervier (NortonLifeLock Research Group); Gianluca Stringhini (Boston University) | NortonLifeLock Research Group | 美国 |
| WATSON: Abstracting Behaviors from Audit Logs via Aggregation of Contextual Semantics | Jun Zeng (National University of Singapore); Zheng Leong Chua (Independent Researcher); Kaihang Ji and Zhenkai Liang (National University of Singapore); Jian Mao (Beihang University) | National University of Singapore | 新加坡 |
| Who’s Hosting the Block Party? Studying Third-Party Blockage of CSP and SRI | Marius Steffens (CISPA Helmholtz Center for Information Security); Marius Musch and Martin Johns (TU Braunschweig); Ben Stock (CISPA Helmholtz Center for Information Security) | CISPA Helmholtz Center for Information Security | 德国 |
| WINNIE : Fuzzing Windows Applications with Harness Synthesis and Fast Cloning | Jinho Jung and Stephen Tong (Georgia Institute of Technology); Hong Hu (Pennsylvania State University); Jungwon Lim, Yonghwi Jin, and Taesoo Kim (Georgia Institute of Technology) | Georgia Institute of Technology | 美国 |
| Your Phone is My Proxy: Detecting and Understanding Mobile Proxy Networks | Xianghang Mi (University at Buffalo); Siyuan Tang, Zhengyi Li, and Xiaojing Liao (Indiana University Bloomington); Feng Qian (University of Minnesota – Twin Cities); XiaoFeng Wang (Indiana University Bloomington) | University at Buffalo | 美国 |
| Доверя́й, но проверя́й: SFI safety for native-compiled Wasm | Evan Johnson, David Thien, and Yousef Alhessi (University of California San Diego); Shravan Narayan (University Of California San Diego); Fraser Brown (Stanford University); Sorin Lerner (University of California San Diego); Tyler McMullen (Fastly Labs); Stefan Savage and Deian Stefan (University of California San Diego) | University of California San Diego | 美国 |
