42nd IEEE Symposium on
Security and Privacy

Accepted Papers

A Novel Dynamic Analysis Infrastructure to Instrument Untrusted Execution Flow Across User-Kernel Spaces
Jiaqi Hong (Singapore Management University), Xuhua Ding (Singapore Management University)
Black Widow: Blackbox Data-driven Web Scanning
Benjamin Eriksson (Chalmers University of Technology), Giancarlo Pellegrino (CISPA Helmholtz Center for Information Security), Andrei Sabelfeld (Chalmers University of Technology)
CRYLOGGER: Detecting Crypto Misuses Dynamically
Luca Piccolboni (Columbia University), Giuseppe Di Guglielmo (Columbia University), Luca P. Carloni (Columbia University), Simha Sethumadhavan (Columbia University)
Co-Inflow: Coarse-Grained Information Flow Control for Java-like Languages
Jian Xiang (Harvard University), Stephen Chong (Harvard University)
Compositional Non-Interference for Fine-Grained Concurrent Programs
Dan Frumin (Radboud University), Robbert Krebbers (TU Delft), Lars Birkedal (Aarhus University)
CrawlPhish: Large-Scale Analysis of Client-Side Cloaking Techniques in Phishing
Penghui Zhang (Arizona State University ), Adam Oest (Arizona State University; PayPal, Inc.), Haehyun Cho (Arizona State University), Zhibo Sun (Arizona State University), RC Johnson (PayPal, Inc.), Brad Wardman (PayPal, Inc.), Shaown Sarker (North Carolina State University), Alexandros Kapravelos (North Carolina State University), Tiffany Bao (Arizona State University), Ruoyu Wang (Arizona State University), Yan Shoshitaishvili (Arizona State University), Adam Doupé (Arizona State University), Gail-Joon Ahn (Arizona State University; Samsung Research)
Cross-Domain Access Control Encryption: Arbitrary-Policy, Constant-Size, Efficient
Xiuhua Wang (The Chinese University of Hong Kong), Sherman Chow (The Chinese University of Hong Kong)
CrossTalk: Speculative Data Leaks across Cores Are Real
Hany Ragab (Vrije Universiteit Amsterdam), Alyssa Milburn (Vrije Universiteit Amsterdam), Kaveh Razavi (ETH Zurich), Herbert Bos (Vrije Universiteit Amsterdam), Cristiano Giuffrida (Vrije Universiteit Amsterdam)
DICE: Automatic Emulation of DMA Input Channels for Dynamic Firmware Analysis
Alejandro Mera (Northeastern University), Bo Feng (Northeastern University), Long Lu (Northeastern University), Engin Kirda (Northeastern University), William Robertson (Northeastern University)
Detecting Filter List Evasion with Event-Loop-Turn Granularity JavaScript Signatures
Quan Chen (North Carolina State University), Peter Snyder (Brave Software), Ben Livshits (Brave Software), Alexandros Kapravelos (North Carolina State University)
Diogenes: Lightweight Scalable RSA Modulus Generation with a Dishonest Majority
Megan Chen (Northeastern University; Ligero Inc.), Carmit Hazay (Bar-Ilan University; Ligero Inc.), Yuval Ishai (Technion University), Yuriy Kashnikov (Ligero Inc.), Daniele Micciancio (UC San Diego), Tarik Riviere (Ligero Inc.), Abhi Shelat (Northeastern University; Ligero Inc.), Muthuramakrishnan Venkitasubramaniam (University of Rochester; Ligero Inc.), Ruihan Wang (Ligero Inc.)
Fingerprinting the Fingerprinters: Learning to Detect Browser Fingerprinting Behaviors
Umar Iqbal (The University of Iowa), Steven Englehardt (Mozilla Corporation ), Zubair Shafiq (University of California, Davis)
Hear "No Evil", See "Kenansville": Efficient and Transferable Black-Box Attacks on Speech Recognition and Voice Identification Systems
Hadi Abdullah (University of Florida), Muhammad Sajidur Rahman (University of Florida), Washington Garcia (University of Florida), Kevin Warren (University of Florida), Anurag Swarnim Yadav (University of Florida), Tom Shrimpton (University of Florida), Patrick Traynor (University of Florida)
Improving Password Guessing via Representation Learning
Dario Pasquini (Sapienza University of Rome; Stevens Institute of Technology; Institute of Applied Computing CNR), Ankit Gangwai (University of Padua; Stevens Institute of Technology), Giuseppe Ateniese (Stevens Institute of Technology), Massimo Bernaschi (Institute of Applied Computing CNR), Mauro Conti (University of Padua)
Machine Unlearning
Lucas Bourtoule (University of Toronto; Vector Institute), Varun Chandrasekaran (University of Wisconsin-Madison), Christopher A. Choquette-Choo (University of Toronto; Vector Institute), Hengrui Jia (University of Toronto; Vector Institute), Adelin Travers (University of Toronto; Vector Institute), Baiwu Zhang (University of Toronto; Vector Institute), David Lie (University of Toronto), Nicolas Papernot (University of Toronto; Vector Institute)
Manipulation Attacks in Local Differential Privacy
Albert Cheu (Northeastern University), Adam Smith (Boston University), Jonathan Ullman (Northeastern University)
Method Confusion Attack on Bluetooth Pairing
Maximilian von Tschirschnitz (Technical University Munich), Ludwig Peuckert (Technical University Munich), Fabian Franzen (Technical University Munich), Jens Grossklags (Technical University Munich)
Reading between the Lines: An Extensive Evaluation of the Security and Privacy Implications of EPUB Reading Systems
Gertjan Franken (imec-DistriNet, KU Leuven), Tom Van Goethem (imec-DistriNet, KU Leuven), Wouter Joosen (imec-DistriNet, KU Leuven)
SoK: All You Ever Wanted to Know About x86/x64 Binary Disassembly but Were Afraid to Ask
Chengbin Pang (Stevens Institute of Technology; Nanjing University), Ruotong Yu (Stevens Institute of Technology), Yaohui Chen (Facebook Inc.), Eric Koskinen (Stevens Institute of Technology), Georgios Portokalidis (Stevens Institute of Technology), Bing Mao (Nanjing University), Jun Xu (Stevens Institute of Technology)
SoK: Computer-Aided Cryptography
Manuel Barbosa (University of Porto and INESC TEC), Gilles Barthe (Max Planck Institute for Security and Privacy; IMDEA Software Institute), Karthik Bhargavan (INRIA Paris), Bruno Blanchet (INRIA Paris), Cas Cremers (CISPA Helmholtz Center for Information Security), Kevin Liao (Max Planck Institute for Security and Privacy; Massachusetts Institute of Technology), Bryan Parno (Carnegie Mellon University)
SoK: Security and Privacy in the Age of Commercial Drones
Ben Nassi (Ben-Gurion University of the Negev), Ron Bitton (Ben-Gurion University of the Negev), Ryusuke Masuoka (Fujitsu System Integration Laboratories), Asaf Shabtai (Ben-Gurion University of the Negev), Yuval Elovici (Ben-Gurion University of the Negev)
SoK: The Faults in our ASRs: An Overview of Attacks against Automatic Speech Recognition and Speaker Identification Systems
Hadi Abdullah (University of Florida), Kevin Warren (University of Florida), Vincent Bindschaedler (University of Florida), Nicolas Papernot (University of Toronto), Patrick Traynor (University of Florida)
Systematic Analysis of Randomization-Based Protected Cache Architectures
Antoon Purnal (imec-COSIC, KU Leuven), Lukas Giner (Graz University of Technology), Daniel Gruss (Graz University of Technology), Ingrid Verbauwhede (imec-COSIC, KU Leuven)
When Function Signature Recovery Meets Compiler Optimization
Yan Lin (Singapore Management University), Debin Gao (Singapore Management University)
Who is Real Bob? Adversarial Attacks on Speaker Recognition Systems
Guangke Chen (ShanghaiTech University; Shanghai Institute of Microsystem and Information Technology, Chinese Academy of Sciences; University of Chinese Academy of Sciences), Sen Chen (Tianjin University; Nanyang Technological University), Lingling Fan (Nanyang Technological University), Xiaoning Du (Nanyang Technological University), Zhe Zhao (ShanghaiTech University), Fu Song (ShanghaiTech University; Shanghai Engineering Research Center of Intelligent Vision and Imaging), Yang Liu (Nanyang Technological University)