April 26-28, 2017 in Paris, France

2nd IEEE European Symposium on Security and Privacy


Accepted Papers

The full schedule of EuroS&P is also available.

WALNUT: Waging Doubt on the Integrity of MEMS Accelerometers with Acoustic Injection Attacks
Timothy Trippel (University of Michigan), Ofir Weisse (University of Michigan), Wenyuan Xu (University of South Carolina), Peter Honeyman (University of Michigan), Kevin Fu (University of Michigan)
Compiler-Agnostic Function Detection in Binaries
Dennis Andriesse (Vrije Universiteit Amsterdam), Asia Slowinska (Lastline, Inc.), Herbert Bos (Vrije Universiteit Amsterdam)
Open Doors for Bob and Mallory: Open Port Usage in Android Apps and Security Implications
Yunhan Jack Jia (University of Michigan), Qi Alfred Chen (University of Michigan), Yikai Lin (University of Michigan), Chao Kong (University of Michigan), Z. Morley Mao (University of Michigan)
Privacy-Preserving User Auditable Pseudonym Systems
Jan Camenisch (IBM Research - Zurich), Anja Lehmann (IBM Research - Zurich)
Auditable Data Structures
Michael Goodrich (University of California - Irvine), Evgenios Kornaropoulos (Brown University), Michael Mitzenmacher (Harvard University), Roberto Tamassia (Brown University)
CodeArmor: Virtualizing the Code Space to Counter Disclosure Attacks
Xi Chen (VU Amsterdam), Cristiano Giuffrida (VU Amsterdam), Herbert Bos (VU Amsterdam)
ARTist: The Android Runtime Instrumentation and Security Toolkit
Michael Backes (CISPA, Saarland University & MPI-SWS), Sven Bugiel (CISPA, Saarland University), Oliver Schranz (CISPA, Saarland University), Philipp von Styp-Rekowsky (CISPA, Saarland University), Sebastian Weisgerber (CISPA, Saarland University)
Designing and proving an EMV-compliant payment protocol for mobile devices
Véronique Cortier (Loria - CNRS), Alicia Filipiak (Loria - Orange), Jan Florent (Orange), Said Gharout (Orange), Jacques Traoré (Orange)
Refining Authenticated Key Agreement with Strong Adversaries
David Basin (ETH Zurich), Joseph Lallemand (ENS Cachan, Université Paris-Saclay), Christoph Sprenger (ETH Zurich)
Sealed-Glass Proofs: Using Transparent Enclaves to Prove and Sell Knowledge
Florian Tramèr (EPFL), Fan Zhang (Cornell), Huang Lin (EPFL), Jean-Pierre Hubaux (EPFL), Ari Juels (Cornell Tech), Elaine Shi (Cornell)
FairTest: Discovering Unwarranted Associations in Data-Driven Applications
Florian Tramèr (EPFL), Vaggelis Atlidakis (Columbia University), Roxana Geambasu (Columbia University), Daniel Hsu (Columbia University), Jean-Pierre Hubaux (EPFL), Mathias Humbert (CISPA, Saarland University), Ari Juels (Cornell Tech), Huang Lin (EPFL)
SoK: Single Sign-On Security – An Evaluation of OpenID Connect
Christian Mainka (Horst Görtz Institute for IT-Security), Vladislav Mladenov (Horst Görtz Institute for IT-Security), Tobias Wich (ecsec GmbH), Jörg Schwenk (Horst Görtz Institute for IT-Security)
9-1-1 DDoS: Attacks, Analysis and Mitigation
Mordechai Guri (Ben-Gurion University of the Negev), Yisroel Mirsky (Ben-Gurion University of the Negev), Yuval Elovici (Ben-Gurion University of the Negev)
Outsmarting Network Security with SDN Teleportation
Kashyap Thimmaraju (TU Berlin/T-Labs), Liron Schiff (Tel Aviv University), Stefan Schmid (Aalborg University/TU Berlin)
LUNA: Quantifying and Leveraging Uncertainty in Android Malware Analysis through Bayesian Machine Learning
Michael Backes (CISPA, Saarland University & MPI-SWS), Mohammad Nauman (MPI-SWS)
Confidante: Usable Encrypted Email – A Case Study With Lawyers and Journalists
Adam Lerner (University of Washington), Eric Zeng (University of Washington), Franziska Roesner (University of Washington)
Reasoning about Probabilistic Defense Mechanisms against Remote Attacks
Martín Ochoa (Singapore University of Technology and Design), Sebastian Banescu (Technische Universität München), Cynthia Disenfeld (University of Toronto), Gilles Barthe (IMDEA Software), Vijay Ganesh (University of Waterloo)
Privacy Threats through Ultrasonic Side Channels on Mobile Devices
Daniel Arp (Technische Universität Braunschweig), Erwin Quiring (Technische Universität Braunschweig), Christian Wressnegger (Technische Universität Braunschweig), Konrad Rieck (Technische Universität Braunschweig)
Efficient and Flexible Discovery of PHP Application Vulnerabilities
Michael Backes (CISPA, Saarland University & MPI-SWS), Konrad Rieck (TU Braunschweig), Malte Skoruppa (CISPA, Saarland University), Ben Stock (CISPA, Saarland University), Fabian Yamaguchi (TU Braunschweig)
Secure Queries on an Encrypted Multi-Writer Table
Angelo Massimo Perillo (Università di Salerno, Italy), Giuseppe Persiano (Università di Salerno, Italy), Alberto Trombetta (Università dell'Insubria, Italy)
Replay Attacks on Zero Round-Trip Time: The Case of the TLS 1.3 Handshake Candidates
Marc Fischlin (Technische Universität Darmstadt, Germany), Felix Günther (Technische Universität Darmstadt, Germany)
A Formal Security Analysis of the Signal Messaging Protocol
Katriel Cohn-Gordon (University of Oxford), Cas Cremers (University of Oxford), Benjamin Dowling (Queensland University of Technology), Luke Garratt (University of Oxford), Douglas Stebila (McMaster University)
Symbolic Models for Isolated Execution Environments
Charlie Jacomme (ENS Cachan, Université Paris-Saclay), Steve Kremer (LORIA, Inria Nancy & CNRS & Université de Lorraine), Guillaume Scerri (University of Bristol)
Automated Verification for Secure Messaging Protocols and their Implementations: A Symbolic and Computational Approach
Nadim Kobeissi (INRIA Paris), Karthikeyan Bhargavan (INRIA Paris), Bruno Blanchet (INRIA Paris)
Revisiting Browser Security in the Modern Era: New Data-only Attacks and Defenses
Roman Rogowski (University of North Carolina at Chapel Hill), Micah Morton (University of North Carolina at Chapel Hill), Forrest Li (University of North Carolina at Chapel Hill), Kevin Z. Snow (University of North Carolina at Chapel Hill), Fabian Monrose (University of North Carolina at Chapel Hill), Michalis Polychronakis (Stony Brook University)
Block Me If You Can: A Large-Scale Study of Tracker-Blocking Tools
Georg Merzdovnik (SBA Research), Markus Huber (Fachhochschule St. Pölten), Damjan Buhov (SBA Research), Nick Nikiforakis (Stony Brook University), Sebastian Neuner (SBA Research), Martin Schmiedecker (SBA Research), Edgar Weippl (SBA Research)
A Novel Approach for Reasoning about Liveness in Cryptographic Protocols and its Application to Fair Exchange
Michael Backes (CISPA, Saarland University & MPI-SWS), Jannik Dreier (INRIA), Steve Kremer (INRIA), Robert Kuennemann (CISPA, Saarland University)
Content delivery over TLS: a cryptographic analysis of Keyless SSL
Karthikeyan Bhargavan (Inria de Paris), Ioana Boureanu Carlson (Imperial College London), Pierre-Alain Fouque (Université de Rennes 1/IRISA), Cristina Onete (INSA/IRISA Rennes), Benjamin Richard (Orange/ IRISA Rennes)
Efficient Accumulators with Applications to Anonymity-Preserving Revocation
Foteini Baldimtsi (Boston University), Jan Camenisch (IBM Zurich), Maria Dubovitskaya (IBM Zurich), Anna Lysyanskaya (Brown University), Leo Reyzin (Boston University), Kai Samelin (IBM Zurich), Sophia Yakoubov (Boston University)
Redactable Blockchain - or - Rewriting History in Bitcoin and Friends
Giuseppe Ateniese (Stevens Institute of Technology), Bernardo Magri (Sapienza University of Rome), Daniele Venturi (University of Trento), Ewerton Andrade (University of São Paulo)
Reputation Metrics Design to Improve Intermediary Incentives for Security of TLDs
Maciej Korczynski (Delft University of Technology), Samaneh Tajalizadehkhoob (Delft University of Technology), Arman Noroozian (Delft University of Technology), Maarten Wullink (SIDN Labs), Cristian Hesselman (SIDN Labs), Michel van Eeten (Delft University of Technology)
When Cellular Networks Met IPv6: Security Problems of Middleboxes in IPv6 Cellular Networks
Hyunwook Hong (KAIST), Hyunwoo Choi (KAIST), Dongkwan Kim (KAIST), Hongil Kim (KAIST), Byeongdo Hong (KAIST), Jiseong Noh (KAIST), Yongdae Kim (KAIST)
Towards Practical Attacks on Argon2i and Balloon Hashing
Joel Alwen (IST Austria), Jeremiah Blocki (Purdue University)
SoK: Fraud in Telephony Networks
Merve Sahin (Eurecom), Aurélien Francillon (Eurecom), Payas Gupta (New York University Abu Dhabi), Mustaque Ahamad (Georgia Institute of Technology)
An Expressive (Zero-Knowledge) Set Accumulator
Jonathan Katz (University of Maryland), Charalampos Papamanthou (University of Maryland), Yupeng Zhang (University of Maryland)
Internet Censorship in Thailand: User practices, potential threats and necessary responses
Genevieve Gebhart (University of Washington Information School), Tadayoshi Kohno (University of Washington Computer Science & Engineering), Anonymous
On the Effectiveness of Virtualization Based Memory Isolation on Multicore Platforms
Siqi Zhao (Singapore Management University), Xuhua Ding (Singapore Management University)
Large-scale Analysis & Detection of Authentication Cross-Site Request Forgeries
Avinash Sudhodanan (Fondazione Bruno Kessler), Nicolas Dolgin (SAP Labs France), Roberto Carbone (Fondazione Bruno Kessler), Umberto Morelli (Fondazione Bruno Kessler), Luca Compagna (SAP Labs France), Alessandro Armando (Fondazione Bruno Kessler)