"A Virtual Honeypot Framework"
Niels Provos, ... -- Usenix 2004
"Space-Efficient Block Storage Integrity"
Ke Yang, ... -- NDSS 2005
"Packet Vaccine: Black-box Exploit Detection and Signature Generation"
Jun Xu, ... -- CCS 2006
"Dynamic pharming attacks and the locked same-origin policies for web browsers"
Umesh Shankar, ... -- CCS 2007
"Denial of Service or Denial of Security? How Attacks on Reliability can Compromise Anonymity"
Parisa Tabriz, ... -- CCS 2007
"MemSherlock: An Automated Debugger for Unknown Memory Corruption Vulnerabilities"
Jun Xu, ... -- CCS 2007
"Provable Data Possession at Untrusted Stores"
Lea Kissner, ... -- CCS 2007
"Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority"
Niels Provos, ... -- NDSS 2008
"Towards Practical Biometric Key Generation with Randomized Biometric Templates"
Lucas Ballard, ... -- CCS 2008
"All Your iFRAMEs Point to Us"
Niels Provos, Panayiotis Mavrommatis, ... -- Usenix 2008
"To Catch a Predator: A Natural Language Approach for Eliciting Malicious Payloads"
Niels Provos, ... -- Usenix 2008
"Native Client: A Sandbox for Portable, Untrusted x86 Native Code"
Bennet Yee, David Sehr, Gregory Dardyk, J. Chen, Robert Muth, Tavis Ormandy, Shiki Okasaka, Neha Narula, Nicholas Fullagar, ... -- Oakland 2009
"Improving Tor using a TCP-over-DTLS Tunnel"
Joel Reardon, ... -- Usenix 2009
"xBook: Redesigning Privacy Control in Social Networking Platforms"
Sumeer Bhola, ... -- Usenix 2009
"Protecting Browsers from Extension Vulnerabilities"
Aaron Boodman, ... -- NDSS 2010
"Large-Scale Automatic Classification of Phishing Pages"
Colin Whittaker, Brian Ryner, Marria Nazif, ... -- NDSS 2010
"Practical leakage-resilient pseudorandom generators"
Moti Yung, ... -- CCS 2010
"Protecting browsers from cross-origin CSS attacks"
Chris Evans, ... -- CCS 2010
"Adapting Software Fault Isolation to Contemporary CPU Architectures"
David Sehr, Robert Muth, Cliff Biffle, Victor Khimenko, Egor Pasko, Karl Schimpf, Bennet Yee, Brad Chen, ... -- Usenix 2010
"Automated Analysis of Security-Critical JavaScript APIs"
Ulfar Erlingsson, Mark Miller, Jasvir Nagra, ... -- Oakland 2011
"App Isolation: Get the Security of Multiple Browsers with Just One"
Charles Reis, Adam Barth, ... -- CCS 2011
"Context-Sensitive Auto-Sanitization in Web Templating Languages Using Type Qualifiers"
Mike Samuel, ... -- CCS 2011
"SHELLOS: Enabling Fast Detection and Forensic Analysis of Code Injection Attacks"
Niels Provos, ... -- Usenix 2011
"Manufacturing Compromise: The Emergence of Exploit-as-a-Service"
Lucas Ballard, Panayiotis Mavrommatis, Niels Provos, Moheeb Abu Rajab, ... -- CCS 2012
"Strengthening User Authentication through Opportunistic Cryptographic Identity Assertions"
Dirk Balfanz, ... -- CCS 2012
"Origin-Bound Certificates: A Fresh Approach to Strong Client Authentication for the Web"
Dirk Balfanz, ... -- Usenix 2012
"CAMP: Content-Agnostic Malware Protection"
Niels Provos, Moheeb Abu Rajab, Lucas Ballard, Noe Lutz, Panayiotis Mavrommatis, ... -- NDSS 2013
"SoK: The Evolution of Sybil Defense via Social Networks"
Silvio Lattanzi, ... -- Oakland 2013
"Design, Implementation and Verification of an eXtensible and Modular Hypervisor Framework"
Jonathan M. McCune, ... -- Oakland 2013
"Polyglots: Crossing Origins by Crossing Formats"
Billy Rios, ... -- CCS 2013
"Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness"
Adrienne Porter Felt, ... -- Usenix 2013
"Strato: A Retargetable Framework for Low-Level Inlined-Reference Monitors"
Ulfar Erlingsson, ... -- Usenix 2013
"Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud"
Ulfar Erlingsson, Ankur Taly, Michael Vrable, Mark Lentczner, ... -- NDSS 2014
"Cloak and Swagger: Understanding Data Sensitivity Through the Lens of User Anonymity"
Aleksandra Korolova, Elie Bursztein, Geetanjali Sampemane, ... -- Oakland 2014
"Are You Ready to Lock? Understanding User Motivations for Smartphone Locking Behaviors"
Kerwell Liao, Sunny Consolvo, ... -- CCS 2014
"Dialing Back Abuse on Phone Verified Accounts"
Kurt Thomas, Dima Iatskiv, Elie Bursztein, Tadek Pietraszek, ... -- CCS 2014
"RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response"
Ulfar Erlingsson, Vasyl Pihur, ... -- CCS 2014
"Security Vulnerability in Processor-Interconnect Router Design"
Dennis Abts, ... -- CCS 2014
"Enforcing Forward-Edge Control-Flow Integrity in GCC & LLVM"
Caroline Tice, Tom Roeder, Peter Collingbourne, Ulfar Erlingsson, Luis Lozano, Geoff Pike, ... -- Usenix 2014
"When Governments Hack Opponents: A Look at Actors and Technology"
Morgan Marquis-Boire, ... -- Usenix 2014
"Predicting Users' Motivations behind Location Check-Ins and Utility Implications of Privacy Protection Mechanisms"
Igor Bilogrevic, ... -- NDSS 2015
"Ad Injection at Scale: Assessing Deceptive Advertisement Modifications"
Kurt Thomas, Elie Bursztein, Nav Jagpal, Moheeb Abu Rajab, Niels Provos, Alexandros Kapravelos, ... -- Oakland 2015
"Geppetto: Versatile Verifiable Computation"
Benjamin Kreuter, ... -- Oakland 2015
"GraphSC: Parallel Secure Computation Made Easy"
Nina Taft, ... -- Oakland 2015
"Security of the J-PAKE Password-Authenticated Key Exchange Protocol"
Philip MacKenzie, ... -- Oakland 2015
"Trends and Lessons from Three Years Fighting Malicious Extensions"
Nav Jagpal, Eric Dingle, Moheeb Abu Rajab, Panayiotis Mavrommatis, Niels Provos, Kurt Thomas, ... -- Usenix 2015
"What Mobile Ads Know About Mobile Users"
Sooel Son, ... -- NDSS 2016
"Cloak of Visibility: Detecting When Machines Browse a Different Web"
Luca Invernizzi, Kurt Thomas, Jean-Michel Picod, Elie Bursztein, ... -- Oakland 2016
"Users Really Do Plug in USB Drives They Find"
Elie Bursztein, ... -- Oakland 2016
"PREDATOR: Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration"
Brad Miller, ... -- CCS 2016
"Deep Learning with Differential Privacy"
Martin Abadi, Andy Chu, Brendan McMahan, Ilya Mironov, Kunal Talwar, Li Zhang, ... -- CCS 2016
"CSP is Dead, Long Live CSP: On the Insecurity of Whitelists and the Future of Content Security Policy"
Lukas Weichselbaum, Michele Spagnuolo, Sebastian Lekies, Artur Janc, ... -- CCS 2016
"Frodo: Take off the ring! Practical, Quantum-Secure Key Exchange from LWE"
Ilya Mironov, Ananth Raghunathan, ... -- CCS 2016
"Investigating Commercial Pay-Per-Install and the Distribution of Unwanted Software"
Kurt Thomas, Juan Antonio Elices Crespo, Ryan Rasti, Jean-Michel Picod, Lucas Ballard, Elie Bursztein, Moheeb Abu Rajab, Niels Provos, ... -- Usenix 2016
"UberSpark: Enforcing Secure Object Abstractions for Automated Compositional Security Analysis of a Hypervisor"
Petros Maniatis, ... -- Usenix 2016
"DROWN: Breaking TLS using SSLv2"
Emilia Kasper, ... -- Usenix 2016
"Automated Synthesis of Semantic Malware Signatures using Maximum Satisfiability"
Saswat Anand, ... -- NDSS 2017
"The Security Impact of HTTPS Interception"
Elie Bursztein, ... -- NDSS 2017
"Code-reuse attacks for the Web: Breaking Cross-Site Scripting Mitigations via Script Gadgets"
Sebastian Lekies, Krzysztof Kotowicz, Eduardo Vela, ... -- CCS 2017
"Data breaches, phishing, or malware? Understanding the risks of stolen credentials"
Kurt Thomas, Ali Zand, Jake Barrett, Juri Ranieri, Eric Severance, Luca Invernizzi, Yarik Markov, Oxana Comanescu, Vijay Eranti, Angelika Moscicki, Dan Margolis, Elie Bursztein, ... -- CCS 2017
"Let's go in for a closer look: Observing passwords in their natural habitat"
Alain Forget, ... -- CCS 2017
"Practical Secure Aggregation for Privacy-Preserving Machine Learning"
Keith Bonawitz, Vladimir Ivanov, Ben Kreuter, H. Brendan McMahan, Sarvar Patel, Daniel Ramage, Aaron Segal, Karn Seth, ... -- CCS 2017
"Where the Wild Warnings Are: Root Causes of Chrome HTTPS Certificate Errors"
Mustafa Emre Acer, Emily Stark, Adrienne Porter Felt, Matt Braithwaite, Ryan Sleevi, Parisa Tabriz, ... -- CCS 2017
"Oscar: A Practical Page-Permissions-Based Scheme for Thwarting Dangling Pointers"
Petros Maniatis, ... -- Usenix 2017
"Understanding the Mirai Botnet"
Elie Bursztein, Luca Invernizzi, Damian Menscher, Kurt Thomas, ... -- Usenix 2017
"Measuring HTTPS Adoption on the Web"
Adrienne Porter Felt, Chris Palmer, Chris Bentzel, ... -- Usenix 2017
"Tracking Ransomware End-to-end"
Luca Invernizzi, Elie Bursztein, Kylie McRoberts, ... -- Oakland 2018
"Towards Usable Checksums: Automating the Integrity Verification of Web Downloads for the Masses"
Igor Bilogrevic, ... -- CCS 2018
"Private Stateful Information Retrieval"
Sarvar Patel, Giuseppe Persiano, Kevin Yeo, ... -- CCS 2018
"Meltdown: Reading Kernel Memory from User Space"
Jann Horn, ... -- Usenix 2018
"Turning Your Weakness Into a Strength: Watermarking Deep Neural Networks by Backdooring"
Moustapha Cisse, ... -- Usenix 2018
"FlowCog: Context-aware Semantics Extraction and Analysis of Information Flow Leaks in Android Apps"
Xiang Pan, ... -- Usenix 2018
"KHyperLogLog: Estimating Reidentifiability and Joinability of Large Data at Scale"
Pern Hui Chia, Irippuge Milinda Perera, Daniel Simmons-Marengo, Chao Li, Wei-Yen Day, Qiushi Wang, Miguel Guevara, ... -- Oakland 2019
"Measuring the End-User Impact of Certificate Transparency"
Emily Stark, Ryan Sleevi, Devon O'Brien, Eran Messeri, Adrienne Porter Felt, Parisa Tabriz, ... -- Oakland 2019
"Spectre Attacks: Exploiting Speculative Execution"
Jann Horn, ... -- Oakland 2019
"True2F: Backdoor-resistant authentication tokens"
Dominic Rizzo, ... -- Oakland 2019
"Distributed Vector-OLE: Improved Constructions and Implementation"
Mariana Raykova, ... -- CCS 2019
"Five Years of the Right to be Forgotten"
Kurt Thomas, Theo Bertram, Elie Bursztein, Stephanie Caro, Hubert Chao, Rutledge Chin Feman, Peter Fleischer, Albin Gustafsson, Jess Hemerly, Chris Hibbert, Luca Invernizzi, Lanah Kammourieh Donnelly, Jason Ketover, Jay Laefer, Paul Nicholas, Yuan Niu, Harjinder Obhi, David Price, Andrew Strait, Al Verney, ... -- CCS 2019
"HyperService: Interoperability and Programmability across Heterogeneous Blockchains"
Zhuotao Liu, ... -- CCS 2019
"Make Some ROOM for the Zeros: Data Sparsity in Secure Distributed Machine Learning"
Mariana Raykova, ... -- CCS 2019
"Mitigating Leakage in Secure Cloud-Hosted Data Structures: Volume Hiding for Multi-Maps via Hashing"
Sarvar Patel, Giuseppe Persiano, Kevin Yeo, Moti Yung, ... -- CCS 2019
"Protecting accounts from credential stuffing with password breach alerting"
Kurt Thomas, Jennifer Pullman, Kevin Yeo, Ananth Raghunathan, Patrick Gage Kelley, Luca Invernizzi, Borbala Benko, Tadek Pietraszek, Sarvar Patel, Elie Bursztein, ... -- Usenix 2019
"Site Isolation: Process Separation for Web Sites within the Browser"
Charles Reis, Alexander Moshchuk, Nasko Oskov, ... -- Usenix 2019
"The Web's Identity Crisis: Understanding the Effectiveness of Website Identity Indicators"
Christopher Thompson, Martin Shelton, Emily Stark, Maximilian Walker, Emily Schechter, Adrienne Porter Felt, ... -- Usenix 2019
"Private Summation in the Multi-Message Shuffle Model"
Adria Gascon, ... -- CCS 2020
"Secure Single-Server Aggregation with (Poly)Logarithmic Overhead"
Kallista Bonawitz, Adria Gascon, Tancrede Lepoint, Mariana Raykova, ... -- CCS 2020
"Sunrise to Sunset: Analyzing the End-to-end Life Cycle and Effectiveness of Phishing Attacks at Scale"
Ali Zand, Kurt Thomas, ... -- Usenix 2020
"See No Evil: Phishing for Permissions with False Transparency"
Guliz Seray Tuncay, ... -- Usenix 2020
"FuzzGen: Automatic Fuzzer Generation"
Kyriakos Ispoglou, Daniel Austin, Vishwath Mohan, ... -- Usenix 2020
"Hey Alexa, is this Skill Safe?: Taking a Closer Look at the Alexa Skill Ecosystem"
Benjamin Andow, ... -- NDSS 2021
"CHANCEL: Efficient Multi-client Isolation Under Adversarial Programs"
Jaebaek Seo, ... -- NDSS 2021
"Adversary Instantiation: Lower bounds for differentially private machine learning"
Shuang Song, Abhradeep Thakurta, Nicolas Papernot, Nicholas Carlini, ... -- Oakland 2021
"Is Private Learning Possible with Instance Encoding?"
Nicholas Carlini, Abhradeep Thakurta, ... -- Oakland 2021
"SoK: Hate, Harassment, and the Changing Landscape of Online Abuse"
Kurt Thomas, Sunny Consolvo, Patrick Gage Kelley, Elie Bursztein, ... -- Oakland 2021
"MPC-Friendly Commitments for Publicly Verifiable Covert Security"
Adria Gascon, ... -- CCS 2021
"On the Renyi Differential Privacy of the Shuffle Model"
Ananda Suresh, Peter Kairouz, ... -- CCS 2021
"PriSEC: A Privacy Settings Enforcement Controller"
Hamza Harkous, ... -- Usenix 2021
""Shhh...be quiet!" Reducing the Unwanted Interruptions of Notification Permission Prompts on Chrome"
Igor Bilogrevic, Balazs Engedy, Judson L. Porter III, Nina Taft, Kamila Hasanbega, Andrew Paseltiner, Hwi Kyoung Lee, Edward Jung, Meggyn Watkins, PJ McLachlan, Jason James, ... -- Usenix 2021
"A Large Scale Study of User Behavior, Expectations and Engagement with Android Permissions"
Sai Teja Peddinti, Nina Taft, ... -- Usenix 2021
""Why wouldn't someone think of democracy as a target?": Security practices & challenges of people involved with U.S. political campaigns"
Sunny Consolvo, Patrick Gage Kelley, Tara Matthews, Kurt Thomas, Lee Dunn, Elie Bursztein, ... -- Usenix 2021
"Poisoning the Unlabeled Dataset of Semi-Supervised Learning"
Nicholas Carlini, ... -- Usenix 2021
"Communication–Computation Trade-offs in PIR"
Asra Ali, Sarvar Patel, Mariana Raykova, Phillipp Schoppmann, Karn Seth, Kevin Yeo, ... -- Usenix 2021
"PolyScope: Multi-Policy Access Control Analysis to Compute Authorized Attack Operations in Android Systems"
Haining Chen, ... -- Usenix 2021
"Extracting Training Data from Large Language Models"
Nicholas Carlini, Katherine Lee, Adam Roberts, Colin Raffel, ... -- Usenix 2021
"An Investigation of the Android Kernel Patch Ecosystem"
Billy Lau, ... -- Usenix 2021
"Reducing HSM Reliance in Payments through Proxy Re-Encryption"
Atul Luykx, ... -- Usenix 2021
"Back to the Drawing Board: A Critical Evaluation of Poisoning Attacks on Federated Learning"
Peter Kairouz, Daniel Ramage, ... -- Oakland 2022
"Hark: A Deep Learning System for Navigating Privacy Feedback at Scale"
Hamza Harkous, Sai Teja Peddinti, Animesh SrivastavaAe, Nina Taft, ... -- Oakland 2022
"Membership inference attacks from first principles"
Andreas Terzis, ... -- Oakland 2022
"SoK: A Framework for Unifying At-Risk User Research"
Tara Matthews, Sunny Consolvo, Patrick Gage Kelley, Manya Sleeper, Kurt Thomas, ... -- Oakland 2022
"Distributed, Private, Sparse Histograms in the Two-Server Model"
James Bell, Adria Gascon, Badih Ghazi, Ravi Kumar, Pasin Manurangsi, Mariana Raykova, Phillipp Schoppmann, ... -- CCS 2022
"LibAFL: A Framework to Build Modular and Reusable Fuzzers"
Dominik Maier, ... -- CCS 2022
"Proving UNSAT in Zero Knowledge"
William R. Harris, ... -- CCS 2022
"Truth Serum: Poisoning Machine Learning Models to Reveal Their Secrets"
Matthew Jagielski, Nicholas Carlini, ... -- CCS 2022
"FReD: Identifying File Re-Delegation in Android System Services"
Haining Chen, ... -- Usenix 2022
"How to Abuse and Fix Authenticated Encryption Without Key Commitment"
Ange Albertini, Thai Duong, Stefan Kolbl, Atul Luykx, Sophie Schmieg, ... -- Usenix 2022
"Secure Poisson Regression"
Phi Hung Le, Mariana Raykova, Karn Seth, ... -- Usenix 2022
"FLAME: Taming Backdoors in Federated Learning"
Azalia Mirhoseini, ... -- Usenix 2022
"Fuzzing Hardware Like Software"
Alex Chernyakhovsky, Garret Kelly, Dominic Rizzo, ... -- Usenix 2022
"Smart Home Privacy Policies Demystified: A Study of Availability, Content, and Coverage"
Benjamin Andow, ... -- Usenix 2022
"Half-Double: Hammering From the Next Row Over"
Salman Qazi, Yoongu Kim, Nicolas Boichat, Mattias Nissler, ... -- Usenix 2022
"End-to-Same-End Encryption: Modularly Augmenting an App with an Efficient, Portable, and Blind Cloud Storage"
Moti Yung, ... -- Usenix 2022