NDSS 2015:San Diego, California, USA

22nd Annual Network and Distributed System Security Symposium, NDSS 2015, San Diego, California, USA, February 8-11, 2015. The Internet Society 【DBLP Link

Paper Num: 50 || Session Num: 12

Session 1: Web Security 5

1. Identifying Cross-origin Resource Status Using Application Cache.

Paper Link】 【Pages】:

【Authors】: Sangho Lee ; Hyungsub Kim ; Jong Kim

【Abstract】:

【Keywords】:

2. Parking Sensors: Analyzing and Detecting Parked Domains.

Paper Link】 【Pages】:

【Authors】: Thomas Vissers ; Wouter Joosen ; Nick Nikiforakis

【Abstract】:

【Keywords】:

3. Seven Months' Worth of Mistakes: A Longitudinal Study of Typosquatting Abuse.

Paper Link】 【Pages】:

【Authors】: Pieter Agten ; Wouter Joosen ; Frank Piessens ; Nick Nikiforakis

【Abstract】:

【Keywords】:

4. Upgrading HTTPS in mid-air: An empirical study of strict transport security and key pinning.

Paper Link】 【Pages】:

【Authors】: Michael Kranch ; Joseph Bonneau

【Abstract】:

【Keywords】:

5. I Do Not Know What You Visited Last Summer: Protecting users from stateful third-party web tracking with TrackingFree browser.

Paper Link】 【Pages】:

【Authors】: Xiang Pan ; Yinzhi Cao ; Yan Chen

【Abstract】:

【Keywords】:

Session 2: Mobile Security 5

6. Information Flow Analysis of Android Applications in DroidSafe.

Paper Link】 【Pages】:

【Authors】: Michael I. Gordon ; Deokhwan Kim ; Jeff H. Perkins ; Limei Gilham ; Nguyen Nguyen ; Martin C. Rinard

【Abstract】:

【Keywords】:

7. What's in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources.

Paper Link】 【Pages】:

【Authors】: Soteris Demetriou ; Xiao-yong Zhou ; Muhammad Naveed ; Yeonjoon Lee ; Kan Yuan ; XiaoFeng Wang ; Carl A. Gunter

【Abstract】:

【Keywords】:

8. EdgeMiner: Automatically Detecting Implicit Control Flow Transitions through the Android Framework.

Paper Link】 【Pages】:

【Authors】: Yinzhi Cao ; Yanick Fratantonio ; Antonio Bianchi ; Manuel Egele ; Christopher Kruegel ; Giovanni Vigna ; Yan Chen

【Abstract】:

【Keywords】:

9. CopperDroid: Automatic Reconstruction of Android Malware Behaviors.

Paper Link】 【Pages】:

【Authors】: Kimberly Tam ; Salahuddin J. Khan ; Aristide Fattori ; Lorenzo Cavallaro

【Abstract】:

【Keywords】:

10. DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices.

Paper Link】 【Pages】:

【Authors】: Xueqiang Wang ; Kun Sun ; Yuewu Wang ; Jiwu Jing

【Abstract】:

【Keywords】:

Session 3: Detection, Analysis, Prevention & Response - Part I 5

11. VTint: Protecting Virtual Function Tables' Integrity.

Paper Link】 【Pages】:

【Authors】: Chao Zhang ; Chengyu Song ; Kevin Zhijie Chen ; Zhaofeng Chen ; Dawn Song

【Abstract】:

【Keywords】:

12. Phoneypot: Data-driven Understanding of Telephony Threats.

Paper Link】 【Pages】:

【Authors】: Payas Gupta ; Bharat Srinivasan ; Vijay Balasubramaniyan ; Mustaque Ahamad

【Abstract】:

【Keywords】:

13. SeCReT: Secure Channel between Rich Execution Environment and Trusted Execution Environment.

Paper Link】 【Pages】:

【Authors】: Jin Soo Jang ; Sunjune Kong ; Minsu Kim ; Daegyeong Kim ; Brent ByungHoon Kang

【Abstract】:

【Keywords】:

14. FreeSentry: protecting against use-after-free vulnerabilities due to dangling pointers.

Paper Link】 【Pages】:

【Authors】: Yves Younan

【Abstract】:

【Keywords】:

15. EKHunter: A Counter-Offensive Toolkit for Exploit Kit Infiltration.

Paper Link】 【Pages】:

【Authors】: Birhanu Eshete ; Abeer Alhuzali ; Maliheh Monshizadeh ; Phillip A. Porras ; Venkat N. Venkatakrishnan ; Vinod Yegneswaran

【Abstract】:

【Keywords】:

Session 4: Privacy - Part I 5

16. Machine Learning Classification over Encrypted Data.

Paper Link】 【Pages】:

【Authors】: Raphael Bost ; Raluca Ada Popa ; Stephen Tu ; Shafi Goldwasser

【Abstract】:

【Keywords】:

17. Gracewipe: Secure and Verifiable Deletion under Coercion.

Paper Link】 【Pages】:

【Authors】: Lianying Zhao ; Mohammad Mannan

【Abstract】:

【Keywords】:

18. Privacy Preserving Payments in Credit Networks: Enabling trust with privacy in online marketplaces.

Paper Link】 【Pages】:

【Authors】: Pedro Moreno-Sanchez ; Aniket Kate ; Matteo Maffei ; Kim Pecina

【Abstract】:

【Keywords】:

19. Checking More and Alerting Less: Detecting Privacy Leakages via Enhanced Data-flow Analysis and Peer Voting.

Paper Link】 【Pages】:

【Authors】: Kangjie Lu ; Zhichun Li ; Vasileios P. Kemerlis ; Zhenyu Wu ; Long Lu ; Cong Zheng ; Zhiyun Qian ; Wenke Lee ; Guofei Jiang

【Abstract】:

【Keywords】:

20. DEFY: A Deniable, Encrypted File System for Log-Structured Storage.

Paper Link】 【Pages】:

【Authors】: Timothy Peters ; Mark A. Gondree ; Zachary N. J. Peterson

【Abstract】:

【Keywords】:

Session 5: Detection, Analysis, Prevention & Response - Part II 4

21. Preventing Use-after-free with Dangling Pointers Nullification.

Paper Link】 【Pages】:

【Authors】: Byoungyoung Lee ; Chengyu Song ; Yeongjin Jang ; Tielei Wang ; Taesoo Kim ; Long Lu ; Wenke Lee

【Abstract】:

【Keywords】:

22. StackArmor: Comprehensive Protection From Stack-based Memory Error Vulnerabilities for Binaries.

Paper Link】 【Pages】:

【Authors】: Xi Chen ; Asia Slowinska ; Dennis Andriesse ; Herbert Bos ; Cristiano Giuffrida

【Abstract】:

【Keywords】:

23. Isomeron: Code Randomization Resilient to (Just-In-Time) Return-Oriented Programming.

Paper Link】 【Pages】:

【Authors】: Lucas Davi ; Christopher Liebchen ; Ahmad-Reza Sadeghi ; Kevin Z. Snow ; Fabian Monrose

【Abstract】:

【Keywords】:

24. Thwarting Cache Side-Channel Attacks Through Dynamic Software Diversity.

Paper Link】 【Pages】:

【Authors】: Stephen Crane ; Andrei Homescu ; Stefan Brunthaler ; Per Larsen ; Michael Franz

【Abstract】:

【Keywords】:

Session 6a: Detection, Analysis, Prevention & Response - Part III 3

25. Principled Sampling for Anomaly Detection.

Paper Link】 【Pages】:

【Authors】: Brendan Juba ; Christopher Musco ; Fan Long ; Stelios Sidiroglou-Douskos ; Martin C. Rinard

【Abstract】:

【Keywords】:

26. Integrated Circuit (IC) Decamouflaging: Reverse Engineering Camouflaged ICs within Minutes.

Paper Link】 【Pages】:

【Authors】: Mohamed El Massad ; Siddharth Garg ; Mahesh V. Tripunitara

【Abstract】:

【Keywords】:

27. Opaque Control-Flow Integrity.

Paper Link】 【Pages】:

【Authors】: Vishwath Mohan ; Per Larsen ; Stefan Brunthaler ; Kevin W. Hamlen ; Michael Franz

【Abstract】:

【Keywords】:

Session 6b: Privacy - Part II 2

Paper Link】 【Pages】:

【Authors】: Nitesh Mor ; Oriana Riva ; Suman Nath ; John Kubiatowicz

【Abstract】:

【Keywords】:

29. NSEC5: Provably Preventing DNSSEC Zone Enumeration.

Paper Link】 【Pages】:

【Authors】: Sharon Goldberg ; Moni Naor ; Dimitrios Papadopoulos ; Leonid Reyzin ; Sachin Vasant ; Asaf Ziv

【Abstract】:

【Keywords】:

Session 7: Social Networks and Cloud Services 4

30. Predicting Users' Motivations behind Location Check-Ins and Utility Implications of Privacy Protection Mechanisms.

Paper Link】 【Pages】:

【Authors】: Igor Bilogrevic ; Kévin Huguenin ; Stefan Mihaila ; Reza Shokri ; Jean-Pierre Hubaux

【Abstract】:

【Keywords】:

31. On Your Social Network De-anonymizablity: Quantification and Large Scale Evaluation with Seed Knowledge.

Paper Link】 【Pages】:

【Authors】: Shouling Ji ; Weiqing Li ; Neil Zhenqiang Gong ; Prateek Mittal ; Raheem A. Beyah

【Abstract】:

【Keywords】:

32. Efficient RAM and control flow in verifiable outsourced computation.

Paper Link】 【Pages】:

【Authors】: Riad S. Wahby ; Srinath T. V. Setty ; Zuocheng Ren ; Andrew J. Blumberg ; Michael Walfish

【Abstract】:

【Keywords】:

33. Integro: Leveraging Victim Prediction for Robust Fake Account Detection in OSNs.

Paper Link】 【Pages】:

【Authors】: Yazan Boshmaf ; Dionysios Logothetis ; Georgos Siganos ; Jorge Lería ; José Lorenzo ; Matei Ripeanu ; Konstantin Beznosov

【Abstract】:

【Keywords】:

Session 8: Authentication 5

34. Spaced Repetition and Mnemonics Enable Recall of Multiple Strong Passwords.

Paper Link】 【Pages】:

【Authors】: Jeremiah Blocki ; Saranga Komanduri ; Lorrie Faith Cranor ; Anupam Datta

【Abstract】:

【Keywords】:

35. ABY - A Framework for Efficient Mixed-Protocol Secure Two-Party Computation.

Paper Link】 【Pages】:

【Authors】: Daniel Demmler ; Thomas Schneider ; Michael Zohner

【Abstract】:

【Keywords】:

36. Preventing Lunchtime Attacks: Fighting Insider Threats With Eye Movement Biometrics.

Paper Link】 【Pages】:

【Authors】: Simon Eberz ; Kasper Bonne Rasmussen ; Vincent Lenders ; Ivan Martinovic

【Abstract】:

【Keywords】:

37. Knock Yourself Out: Secure Authentication with Short Re-Usable Passwords.

Paper Link】 【Pages】:

【Authors】: Benjamin Güldenring ; Volker Roth ; Lars Ries

【Abstract】:

【Keywords】:

38. Verified Contributive Channel Bindings for Compound Authentication.

Paper Link】 【Pages】:

【Authors】: Karthikeyan Bhargavan ; Antoine Delignat-Lavaud ; Alfredo Pironti

【Abstract】:

【Keywords】:

Session 9: Web Security 4

39. The Devil is in the Constants: Bypassing Defenses in Browser JIT Engines.

Paper Link】 【Pages】:

【Authors】: Michalis Athanasakis ; Elias Athanasopoulos ; Michalis Polychronakis ; Georgios Portokalidis ; Sotiris Ioannidis

【Abstract】:

【Keywords】:

40. Exploiting and Protecting Dynamic Code Generation.

Paper Link】 【Pages】:

【Authors】: Chengyu Song ; Chao Zhang ; Tielei Wang ; Wenke Lee ; David Melski

【Abstract】:

【Keywords】:

41. Too LeJIT to Quit: Extending JIT Spraying to ARM.

Paper Link】 【Pages】:

【Authors】: Wilson Lian ; Hovav Shacham ; Stefan Savage

【Abstract】:

【Keywords】:

42. Run-time Monitoring and Formal Analysis of Information Flows in Chromium.

Paper Link】 【Pages】:

【Authors】: Lujo Bauer ; Shaoying Cai ; Limin Jia ; Timothy Passaro ; Michael Stroucken ; Yuan Tian

【Abstract】:

【Keywords】:

Session 10: Network Security 4

43. Mind Your Blocks: On the Stealthiness of Malicious BGP Hijacks.

Paper Link】 【Pages】:

【Authors】: Pierre-Antoine Vervier ; Olivier Thonnard ; Marc Dacier

【Abstract】:

【Keywords】:

44. SPHINX: Detecting Security Attacks in Software-Defined Networks.

Paper Link】 【Pages】:

【Authors】: Mohan Dhawan ; Rishabh Poddar ; Kshiteej Mahajan ; Vijay Mann

【Abstract】:

【Keywords】:

45. Securing the Software Defined Network Control Layer.

Paper Link】 【Pages】:

【Authors】: Phillip A. Porras ; Steven Cheung ; Martin W. Fong ; Keith Skinner ; Vinod Yegneswaran

【Abstract】:

【Keywords】:

46. Poisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures.

Paper Link】 【Pages】:

【Authors】: Sungmin Hong ; Lei Xu ; Haopei Wang ; Guofei Gu

【Abstract】:

【Keywords】:

Session 11: Detection, Analysis, Prevention & Response - Part IV 4

47. Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware.

Paper Link】 【Pages】:

【Authors】: Yan Shoshitaishvili ; Ruoyu Wang ; Christophe Hauser ; Christopher Kruegel ; Giovanni Vigna

【Abstract】:

【Keywords】:

48. vfGuard: Strict Protection for Virtual Function Calls in COTS C++ Binaries.

Paper Link】 【Pages】:

【Authors】: Aravind Prakash ; Xunchao Hu ; Heng Yin

【Abstract】:

【Keywords】:

49. P2C: Understanding Output Data Files via On-the-Fly Transformation from Producer to Consumer Executions.

Paper Link】 【Pages】:

【Authors】: Yonghwi Kwon ; Fei Peng ; Dohyeong Kim ; Kyungtae Kim ; Xiangyu Zhang ; Dongyan Xu ; Vinod Yegneswaran ; John Qian

【Abstract】:

【Keywords】:

50. No More Gotos: Decompilation Using Pattern-Independent Control-Flow Structuring and Semantic-Preserving Transformations.

Paper Link】 【Pages】:

【Authors】: Khaled Yakdan ; Sebastian Eschweiler ; Elmar Gerhards-Padilla ; Matthew Smith

【Abstract】:

【Keywords】: