2014

• Hayawardh Vijayakumar,Xinyang Ge,Mathias Payer,Trent Jaeger,JIGSAW: Protecting Resource Access by Inferring Programmer Expectations.
• Eli Ben-Sasson,Alessandro Chiesa,Eran Tromer,Madars Virza,Succinct Non-Interactive Zero Knowledge for a von Neumann Architecture.
• Gang Wang,Tianyi Wang,Haitao Zheng,Ben Y. Zhao,Man vs. Machine: Practical Adversarial Detection of Malicious Crowdsourcing Workers.
• Fei Peng,Zhui Deng,Xiangyu Zhang,Dongyan Xu,Zhiqiang Lin,Zhendong Su,X-Force: Force-Executing Binary Programs for Security Applications.
• Yan Michalevsky,Dan Boneh,Gabi Nakibly,Gyrophone: Recognizing Speech from Gyroscope Signals.
• Tiffany Bao,Jonathan Burket,Maverick Woo,Rafael Turner,David Brumley,BYTEWEIGHT: Learning to Recognize Functions in Binary Code.
• Johannes Dahse,Thorsten Holz,Static Detection of Second-Order Vulnerabilities in Web Applications.
• Tao Wang,Xiang Cai,Rishab Nithyanand,Rob Johnson,Ian Goldberg,Effective Attacks and Provable Defenses for Website Fingerprinting.
• Alexandros Kapravelos,Chris Grier,Neha Chachra,Christopher Kruegel,Giovanni Vigna,Vern Paxson,Hulk: Eliciting Malicious Behavior in Browser Extensions.
• Stevens Le Blond,Adina Uritesc,Cédric Gilbert,Zheng Leong Chua,Prateek Saxena,Engin Kirda,A Look at Targeted Attacks Through the Lense of an NGO.
• Daniel Demmler,Thomas Schneider,Michael Zohner,Ad-Hoc Secure Two-Party Computation on Mobile Devices using Hardware Tokens.
• Bimal Viswanath,M. Ahmad Bashir,Mark Crovella,Saikat Guha,Krishna P. Gummadi,Balachander Krishnamurthy,Alan Mislove,Towards Detecting Anomalous User Behavior in Online Social Networks.
• Daniel Luchaup,Kevin P. Dyer,Somesh Jha,Thomas Ristenpart,Thomas Shrimpton,LibFTE: A Toolkit for Constructing Practical, Format-Abiding Encryption Schemes.
• Jonathan L. Dautrich Jr.,Emil Stefanov,Elaine Shi,Burst ORAM: Minimizing ORAM Response Times for Bursty Access Patterns.
• Matthew Brocker,Stephen Checkoway,iSeeYou: Disabling the MacBook Webcam Indicator LED.
• Nikolaos Karapanos,Srdjan Capkun,On the Effective Prevention of TLS Man-in-the-Middle Attacks in Web Applications.
• Erman Pattuk,Murat Kantarcioglu,Zhiqiang Lin,Huseyin Ulusoy,Preventing Cryptographic Key Leakage in Cloud Virtual Machines.
• Yuval Yarom,Katrina Falkner,FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack.
• Brendan Saltaformaggio,Zhongshu Gu,Xiangyu Zhang,Dongyan Xu,DSCRETE: Automatic Rendering of Forensic Information from Memory Images via Application Logic Reuse.
• Kyle Soska,Nicolas Christin,Automatically Detecting Vulnerable Websites Before They Turn Malicious.
• Andrei Costin,Jonas Zaddach,Aurélien Francillon,Davide Balzarotti,A Large-Scale Analysis of the Security of Embedded Firmwares.
• Matthew Fredrikson,Benjamin Livshits,ZØ: An Optimizing Distributing Zero-Knowledge Compiler.
• Dhilung Kirat,Giovanni Vigna,Christopher Kruegel,BareCloud: Bare-metal Analysis-based Evasive Malware Detection.
• Ravi Bhoraskar,Seungyeop Han,Jinseong Jeon,Tanzirul Azim,Shuo Chen,Jaeyeon Jung,Suman Nath,Rui Wang,David Wetherall,Brahmastra: Driving Apps to Test the Security of Third-Party Components.
• Hao Shi,Abdulla Alwabel,Jelena Mirkovic,Cardinal Pill Testing of System Virtual Machines.
• Zhiwei Li,Warren He,Devdatta Akhawe,Dawn Song,The Emperor's New Password Manager: Security Analysis of Web-based Password Managers.
• Landon P. Cox,Peter Gilbert,Geoffrey Lawler,Valentin Pistol,Ali Razeen,Bi Wu,Sai Cheemalapati,SpanDex: Secure Password Tracking for Android.
• Venkatanathan Varadarajan,Thomas Ristenpart,Michael M. Swift,Scheduler-based Defenses against Cross-VM Side-channels.
• Eric Wustrow,Colleen Swanson,J. Alex Halderman,TapDance: End-to-Middle Anticensorship without Flow Blocking.
• Sumayah A. Alrwais,Kan Yuan,Eihal Alowaisheq,Zhou Li,XiaoFeng Wang,Understanding the Dark Side of Domain Parking.
• Ben Stock,Sebastian Lekies,Tobias Mueller,Patrick Spiegel,Martin Johns,Precise Client-side Protection against DOM-based Cross-Site Scripting.
• Sebastian Vogl,Robert Gawlik,Behrad Garmany,Thomas Kittel,Jonas Pfoh,Claudia Eckert,Thorsten Holz,Dynamic Hooks: Hiding Control Flow Changes within Non-Control Data.
• Benny Pinkas,Thomas Schneider,Michael Zohner,Faster Private Set Intersection Based on OT Extension.
• Michael Backes,Stefan Nürnberger,Oxymoron: Making Fine-Grained Memory Randomization Practical by Allowing Code Sharing.
• Keaton Mowery,Eric Wustrow,Tom Wypych,Corey Singleton,Chris Comfort,Eric Rescorla,J. Alex Halderman,Hovav Shacham,Stephen Checkoway,Security Analysis of a Full-Body Scanner.
• Qi Alfred Chen,Zhiyun Qian,Zhuoqing Morley Mao,Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks.
• Marc Kührer,Thomas Hupperich,Christian Rossow,Thorsten Holz,Exit from Hell? Reducing the Impact of Amplification DDoS Attacks.
• Billy Lau,Simon P. Chung,Chengyu Song,Yeongjin Jang,Wenke Lee,Alexandra Boldyreva,Mimesis Aegis: A Mimicry Privacy Shield-A System's Approach to Data Privacy on Public Cloud.
• Rob Jansen,John Geddes,Chris Wacek,Micah Sherr,Paul F. Syverson,Never Been KIST: Tor's Congestion Management Blossoms with Kernel-Informed Socket Transport.
• Joseph Bonneau,Stuart E. Schechter,Towards Reliable Storage of 56-bit Secrets in Human Memory.
• Enes Göktas,Elias Athanasopoulos,Michalis Polychronakis,Herbert Bos,Georgios Portokalidis,Size Does Matter: Why Using Gadget-Chain Length to Prevent Code-Reuse Attacks is Hard.
• Dinei Florêncio,Cormac Herley,Paul C. van Oorschot,Password Portfolios and the Finite-Effort User: Sustainably Managing Large Numbers of Accounts.
• Christopher Meyer,Juraj Somorovsky,Eugen Weiss,Jörg Schwenk,Sebastian Schinzel,Erik Tews,Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks.
• Yossef Oren,Angelos D. Keromytis,From the Aether to the Ethernet - Attacking the Internet using Broadcast Digital Television.
• Alexandre Rebert,Sang Kil Cha,Thanassis Avgerinos,Jonathan Foote,David Warren,Gustavo Grieco,David Brumley,Optimizing Seed Selection for Fuzzing.
• Nicholas Carlini,David Wagner,ROP is Still Dangerous: Breaking Modern Defenses.
• Ahmed E. Kosba,Dimitrios Papadopoulos,Charalampos Papamanthou,Mahmoud F. Sayed,Elaine Shi,Nikos Triandopoulos,TRUESET: Faster Verifiable Set Computations.
• Vasileios P. Kemerlis,Michalis Polychronakis,Angelos D. Keromytis,ret2dir: Rethinking Kernel Isolation.
• Zhigong Li,Weili Han,Wenyuan Xu,A Large-Scale Empirical Analysis of Chinese Web Passwords.
• Zakir Durumeric,Michael Bailey,J. Alex Halderman,An Internet-Wide View of Internet-Wide Scanning.
• Seth Hardy,Masashi Crete-Nishihata,Katharine Kleemola,Adam Senft,Byron Sonne,Greg Wiseman,Phillipa Gill,Ronald J. Deibert,Targeted Threat Index: Characterizing and Quantifying Politically-Motivated Targeted Malware.
• Stephan Heuser,Adwait Nadkarni,William Enck,Ahmad-Reza Sadeghi,ASM: A Programmable Interface for Extending Android Security.
• Caroline Tice,Tom Roeder,Peter Collingbourne,Stephen Checkoway,Úlfar Erlingsson,Luis Lozano,Geoff Pike,Enforcing Forward-Edge Control-Flow Integrity in GCC & LLVM.
• Saranga Komanduri,Richard Shay,Lorrie Faith Cranor,Cormac Herley,Stuart E. Schechter,Telepathwords: Preventing Weak Passwords by Reading Users' Minds.
• Mathias Lécuyer,Guillaume Ducoffe,Francis Lan,Andrei Papancea,Theofilos Petsios,Riley Spahn,Augustin Chaintreau,Roxana Geambasu,XRay: Enhancing the Web's Transparency with Differential Correlation.
• Janos Szurdi,Balazs Kocso,Gabor Cseh,Jonathan Spring,Márk Félegyházi,Chris Kanich,The Long "Taile" of Typosquatting Domain Names.
• Stephen Checkoway,Ruben Niederhagen,Adam Everspaugh,Matthew Green,Tanja Lange,Thomas Ristenpart,Daniel J. Bernstein,Jake Maskiewicz,Hovav Shacham,Matthew Fredrikson,On the Practical Exploitability of Dual EC in TLS Implementations.
• Tielei Wang,Yeongjin Jang,Yizheng Chen,Simon P. Chung,Billy Lau,Wenke Lee,On the Feasibility of Large-Scale Infections of iOS Devices.
• Manuel Egele,Maverick Woo,Peter Chapman,David Brumley,Blanket Execution: Dynamic Similarity Testing for Program Binaries and Components.
• Sebastian Zimmeck,Steven M. Bellovin,Privee: An Architecture for Automatically Analyzing Web Privacy Policies.
• Lucas Davi,Ahmad-Reza Sadeghi,Daniel Lehmann,Fabian Monrose,Stitching the Gadgets: On the Ineffectiveness of Coarse-Grained Control-Flow Integrity Protection.
• Yuchen Zhou,David Evans,SSOScan: Automated Testing of Web Applications for Single Sign-On Vulnerabilities.
• David Silver,Suman Jana,Dan Boneh,Eric Yawei Chen,Collin Jackson,Password Managers: Attacks and Defenses.
• Matthew Lentz,Viktor Erdélyi,Paarijaat Aditya,Elaine Shi,Peter Druschel,Bobby Bhattacharjee,SDDR: Light-Weight, Secure Mobile Encounters.
• Matthew Fredrikson,Eric Lantz,Somesh Jha,Simon Lin,David Page,Thomas Ristenpart,Privacy in Pharmacogenetics: An End-to-End Case Study of Personalized Warfarin Dosing.
• William R. Marczak,John Scott-Railton,Morgan Marquis-Boire,Vern Paxson,When Governments Hack Opponents: A Look at Actors and Technology.
• Omer Tripp,Julia Rubin,A Bayesian Approach to Privacy Enforcement in Smartphones.

2013

• Wilson Lian,Eric Rescorla,Hovav Shacham,Stefan Savage,Measuring the Practical Impact of DNSSEC Deployment.
• Alexandros Kapravelos,Yan Shoshitaishvili,Marco Cova,Christopher Kruegel,Giovanni Vigna,Revolver: An Automated Approach to the Detection of Evasive Web-based Malware.
• Cédric Fournet,Markulf Kohlweiss,George Danezis,Zhengqin Luo,ZQL: A Compiler for Privacy-Preserving Data Processing.
• Vern Paxson,Mihai Christodorescu,Mobin Javed,Josyula R. Rao,Reiner Sailer,Douglas Lee Schales,Marc Ph. Stoecklin,Kurt Thomas,Wietse Venema,Nicholas Weaver,Practical Comprehensive Bounds on Surreptitious Communication over DNS.
• István Haller,Asia Slowinska,Matthias Neugschwandtner,Herbert Bos,Dowsing for Overflows: A Guided Fuzzer to Find Buffer Boundary Violations.
• Tielei Wang,Kangjie Lu,Long Lu,Simon P. Chung,Wenke Lee,Jekyll on iOS: When Benign Apps Become Evil.
• Karthikeyan Bhargavan,Antoine Delignat-Lavaud,Sergio Maffeis,Language-based Defenses Against Untrusted Browser Origins.
• Martin Johns,Sebastian Lekies,Ben Stock,Eradicating DNS Rebinding with the Extended Same-origin Policy.
• Terry Nelms,Roberto Perdisci,Mustaque Ahamad,ExecScent: Mining for New C&C Domains in Live Networks with Adaptive Control Protocol Templates.
• Sven Bugiel,Stephan Heuser,Ahmad-Reza Sadeghi,Flexible and Fine-grained Mandatory Access Control on Android for Diverse Security and Privacy Policies.
• David Brumley,JongHyup Lee,Edward J. Schwartz,Maverick Woo,Native x86 Decompilation Using Semantics-Preserving Structural Analysis and Iterative Control-Flow Structuring.
• Drew Davidson,Benjamin Moench,Thomas Ristenpart,Somesh Jha,FIE on Firmware: Finding Vulnerabilities in Embedded Systems Using Symbolic Execution.
• Benjamin Livshits,Jaeyeon Jung,Automatic Mediation of Privacy-Sensitive Resource Access in Smartphone Applications.
• Zakir Durumeric,Eric Wustrow,J. Alex Halderman,ZMap: Fast Internet-wide Scanning and Its Security Applications.
• Kurt Thomas,Damon McCoy,Chris Grier,Alek Kolcz,Vern Paxson,Trafficking Fraudulent Accounts: The Role of the Underground Market in Twitter Spam and Abuse.
• Suman Jana,David Molnar,Alexander Moshchuk,Alan M. Dunn,Benjamin Livshits,Helen J. Wang,Eyal Ofek,Enabling Fine-Grained Permissions for Augmented Reality Applications with Recognizers.
• Damien Octeau,Patrick McDaniel,Somesh Jha,Alexandre Bartel,Eric Bodden,Jacques Klein,Yves Le Traon,Effective Inter-Component Communication Mapping in Android: An Essential Step Towards Holistic Security Analysis.
• Jiyong Jang,Maverick Woo,David Brumley,Towards Automatic Software Lineage Inference.
• Devdatta Akhawe,Adrienne Porter Felt,Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness.
• Frank Imeson,Ariq Emtenan,Siddharth Garg,Mahesh V. Tripunitara,Securing Computer Hardware Using 3D Integrated Circuit (IC) Technology and Split Manufacturing for Obfuscation.
• Tao Zhu,David Phipps,Adam Pridgen,Jedidiah R. Crandall,Dan S. Wallach,The Velocity of Censorship: High-Fidelity Detection of Microblog Post Deletions.
• Ziming Zhao,Gail-Joon Ahn,Jeong-Jin Seo,Hongxin Hu,On the Security of Picture Gesture Authentication.
• Rahul Pandita,Xusheng Xiao,Wei Yang,William Enck,Tao Xie,WHYPER: Towards Automating Risk Assessment of Mobile Applications.
• Ruowen Wang,Peng Ning,Tao Xie,Quan Chen,MetaSymploit: Day-One Defense against Script-based Attacks with Security-Enhanced Symbolic Analysis.
• Hojoon Lee,Hyungon Moon,DaeHee Jang,Kihwan Kim,Jihoon Lee,Yunheung Paek,Brent ByungHoon Kang,KI-Mon: A Hardware-assisted Event-triggered Monitoring Platform for Mutable Kernel Object.
• Henry Carter,Benjamin Mood,Patrick Traynor,Kevin R. B. Butler,Secure Outsourced Garbled Circuit Evaluation for Mobile Devices.
• Vasilis Pappas,Michalis Polychronakis,Angelos D. Keromytis,Transparent ROP Exploit Mitigation Using Indirect Branch Tracing.
• Henry Corrigan-Gibbs,David Isaac Wolinsky,Bryan Ford,Proactively Accountable Anonymous Messaging in Verdict.
• Bin Zeng,Gang Tan,Úlfar Erlingsson,Strato: A Retargetable Framework for Low-Level Inlined-Reference Monitors.
• Kevin Springborn,Paul Barford,Impression Fraud in On-line Advertising via Pay-Per-View Networks.
• Franziska Roesner,Tadayoshi Kohno,Securing Embedded User Interfaces: Android and Beyond.
• Matthew Finifter,Devdatta Akhawe,David Wagner,An Empirical Study of Vulnerability Rewards Programs.
• Nadhem J. AlFardan,Daniel J. Bernstein,Kenneth G. Paterson,Bertram Poettering,Jacob C. N. Schuldt,On the Security of RC4 in TLS.
• Job Noorman,Pieter Agten,Wilfried Daniels,Raoul Strackx,Anthony Van Herrewege,Christophe Huygens,Bart Preneel,Ingrid Verbauwhede,Frank Piessens,Sancus: Low-cost Trustworthy Extensible Networked Devices with a Zero-software Trusted Computing Base.
• Sriram Keelveedhi,Mihir Bellare,Thomas Ristenpart,DupLESS: Server-Aided Encryption for Deduplicated Storage.
• Nan Jiang,Yu Jin,Ann Skudlark,Zhi-Li Zhang,Greystar: Fast and Accurate Detection of SMS Spam Numbers in Large Cellular Networks Using Gray Phone Space.
• Nico Golde,Kevin Redon,Jean-Pierre Seifert,Let Me Answer That for You: Exploiting Broadcast Information in Cellular Networks.
• Ruoyu Wang,Yan Shoshitaishvili,Christopher Kruegel,Giovanni Vigna,Steal This Movie: Automatically Bypassing DRM Protection in Streaming Media Services.
• Mingwei Zhang,R. Sekar,Control Flow Integrity for COTS Binaries.
• Benjamin Kreuter,Abhi Shelat,Benjamin Mood,Kevin R. B. Butler,PCF: A Portable Circuit Format for Scalable Two-Party Secure Computation.
• Xinyu Xing,Wei Meng,Dan Doozan,Alex C. Snoeren,Nick Feamster,Wenke Lee,Take This Personally: Pollution Attacks on Personalized Services.
• Goran Doychev,Dominik Feld,Boris Köpf,Laurent Mauborgne,Jan Reineke,CacheAudit: A Tool for the Static Analysis of Cache Side Channels.
• Gang Wang,Tristan Konolige,Christo Wilson,Xiao Wang,Haitao Zheng,Ben Y. Zhao,You Are How You Click: Clickstream Analysis for Sybil Detection.

2012

• Georgios Portokalidis,Michalis Polychronakis,Angelos D. Keromytis,Evangelos P. Markatos,Privacy-Preserving Social Plugins.
• Blase Ur,Patrick Gage Kelley,Saranga Komanduri,Joel Lee,Michael Maass,Michelle L. Mazurek,Timothy Passaro,Richard Shay,Timothy Vidas,Lujo Bauer,Nicolas Christin,Lorrie Faith Cranor,How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation.
• Weidong Cui,Marcus Peinado,Zhilei Xu,Ellick Chan,Tracking Rootkit Footprints with a Practical Memory Analysis System.
• Vasileios P. Kemerlis,Georgios Portokalidis,Angelos D. Keromytis,kGuard: Lightweight Kernel Protection against Return-to-User Attacks.
• Grégoire Jacob,Engin Kirda,Christopher Kruegel,Giovanni Vigna,PUBCRAWL: Protecting Users and Businesses from CRAWLers.
• Kevin Borders,Jonathan Springer,Matthew Burnside,Chimera: A Declarative Language for Streaming Network Traffic Analysis.
• Dongseok Jang,Zachary Tatlock,Sorin Lerner,Establishing Browser Security Guarantees through Formal Shim Verification.
• Manos Antonakakis,Roberto Perdisci,Yacin Nadji,Nikolaos Vasiloglou II,Saeed Abu-Nimeh,Wenke Lee,David Dagon,From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware.
• Rob Jansen,Paul F. Syverson,Nicholas Hopper,Throttling Tor Bandwidth Parasites.
• Nicholas Carlini,Adrienne Porter Felt,David Wagner,An Evaluation of the Google Chrome Extension Security Architecture.
• Oriana Riva,Chuan Qin,Karin Strauss,Dimitrios Lymberopoulos,Progressive Authentication: Deciding When to Authenticate on Mobile Phones.
• Roel Verdult,Flavio D. Garcia,Josep Balasch,Gone in 360 Seconds: Hijacking with Hitag2.
• Matthew Maurer,David Brumley,Tachyon: Tandem Execution for Efficient Live Patch Testing.
• Amir Rahmati,Mastooreh Salajegheh,Daniel E. Holcomb,Jacob Sorber,Wayne P. Burleson,Kevin Fu,TARDIS: Time and Remanence Decay in SRAM to Implement Secure Protocols on Embedded Devices without Clocks.
• Hayawardh Vijayakumar,Joshua Schiffman,Trent Jaeger,STING: Finding Name Resolution Vulnerabilities in Programs.
• Devdatta Akhawe,Prateek Saxena,Dawn Song,Privilege Separation in HTML5 Applications.
• Zi Lin,Nicholas Hopper,New Attacks on Timing-based Network Flow Watermarks.
• Srinath T. V. Setty,Victor Vu,Nikhil Panpalia,Benjamin Braun,Andrew J. Blumberg,Michael Walfish,Taking Proof-Based Verified Computation a Few Steps Closer to Practicality.
• Taesoo Kim,Marcus Peinado,Gloria Mainar-Ruiz,STEALTHMEM: System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud.
• Gianluca Stringhini,Manuel Egele,Apostolis Zarras,Thorsten Holz,Christopher Kruegel,Giovanni Vigna,B@bel: Leveraging Email Delivery for Spam Mitigation.
• Shashi Shekhar,Michael Dietz,Dan S. Wallach,AdSplit: Separating Smartphone Advertising from Applications.
• Hristo Bojinov,Daniel Sanchez,Paul J. Reber,Dan Boneh,Patrick Lincoln,Neuroscience Meets Cryptography: Designing Crypto Primitives Secure Against Rubber Hose Attacks.
• Benjamin Kreuter,Abhi Shelat,Chih-Hao Shen,Billion-Gate Secure Computation with Malicious Adversaries.
• Yi Xu,Gerardo Reynaga,Sonia Chiasson,Jan-Michael Frahm,Fabian Monrose,Paul C. van Oorschot,Security and Usability Challenges of Moving-Object CAPTCHAs: Decoding Codewords in Motion.
• Cristiano Giuffrida,Anton Kuijsten,Andrew S. Tanenbaum,Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization.
• Nadia Heninger,Zakir Durumeric,Eric Wustrow,J. Alex Halderman,Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices.
• Lok-Kwong Yan,Heng Yin,DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis.
• Lin-Shung Huang,Alexander Moshchuk,Helen J. Wang,Stuart Schecter,Collin Jackson,Clickjacking: Attacks and Defenses.
• Adam Doupé,Ludovico Cavedon,Christopher Kruegel,Giovanni Vigna,Enemy of the State: A State-Aware Black-Box Web Vulnerability Scanner.
• Joel Reardon,Srdjan Capkun,David A. Basin,Data Node Encrypted File System: Efficient Secure Deletion for Flash Memory.
• Damon McCoy,Andreas Pitsillidis,Grant Jordan,Nicholas Weaver,Christian Kreibich,Brian Krebs,Geoffrey M. Voelker,Stefan Savage,Kirill Levchenko,PharmaLeaks: Understanding the Business of Online Pharmaceutical Affiliate Programs.
• Nuno Santos,Rodrigo Rodrigues,Krishna P. Gummadi,Stefan Saroiu,Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services.
• Anirban Dasgupta,Kunal Punera,Justin M. Rao,Xuanhui Wang,Impact of Spam Exposure on User Engagement.
• Juraj Somorovsky,Andreas Mayer,Jörg Schwenk,Marco Kampmann,Meiko Jensen,On Breaking SAML: Be Whoever You Want to Be.
• Ariel J. Feldman,Aaron Blankstein,Michael J. Freedman,Edward W. Felten,Social Networking with Frientegrity: Privacy and Integrity with an Untrusted Provider.
• Casey Devet,Ian Goldberg,Nadia Heninger,Optimally Robust Private Information Retrieval.
• Rubin Xu,Hassen Saïdi,Ross J. Anderson,Aurasium: Practical Policy Enforcement for Android Applications.
• George Argyros,Aggelos Kiayias,I Forgot Your Password: Randomness Attacks Against PHP Applications.
• Md Sazzadur Rahman,Ting-Kai Huang,Harsha V. Madhyastha,Michalis Faloutsos,Efficient and Scalable Socware Detection in Online Social Networks.
• Michael Dietz,Alexei Czeskis,Dirk Balfanz,Dan S. Wallach,Origin-Bound Certificates: A Fresh Approach to Strong Client Authentication for the Web.
• Ivan Martinovic,Doug Davies,Mario Frank,Daniele Perito,Tomas Ros,Dawn Song,On the Feasibility of Side-Channel Attacks with Brain-Computer Interfaces.
• Zhenyu Wu,Zhang Xu,Haining Wang,Whispers in the Hyper-space: High-speed Covert Channel Attacks in the Cloud.
• Christian Holler,Kim Herzig,Andreas Zeller,Fuzzing with Code Fragments.

2010

• Chad R. Meiners,Jignesh Patel,Eric Norige,Eric Torng,Alex X. Liu,Fast Regular Expression Matching Using Small TCAMs for Network Intrusion Detection and Prevention Systems.
• Sarah Meiklejohn,C. Christopher Erway,Alptekin Küpçü,Theodora Hinkle,Anna Lysyanskaya,ZKPDL: A Language-Based System for Efficient Zero-Knowledge Proofs and Electronic Cash.
• Periklis Akritidis,Cling: A Memory Allocator to Mitigate Dangling Pointers.
• Martin Burkhart,Mario Strasser,Dilip Many,Xenofontas A. Dimitropoulos,SEPIA: Privacy-Preserving Aggregation of Multi-Domain Network Events and Statistics.
• Viktoria Felmetsger,Ludovico Cavedon,Christopher Kruegel,Giovanni Vigna,Toward Automated Detection of Logic Vulnerabilities in Web Applications.
• Shishir Nagaraja,Prateek Mittal,Chi-Yao Hong,Matthew Caesar,Nikita Borisov,BotGrep: Finding P2P Bots with Structured Graph Analysis.
• Vladan Djeric,Ashvin Goel,Securing Script-Based Extensibility in Web Browsers.
• David Sehr,Robert Muth,Cliff Biffle,Victor Khimenko,Egor Pasko,Karl Schimpf,Bennet Yee,Brad Chen,Adapting Software Fault Isolation to Contemporary CPU Architectures.
• Michael Backes,Markus Dürmuth,Sebastian Gerling,Manfred Pinkal,Caroline Sporleder,Acoustic Side-Channel Attacks on Printers.
• Sruthi Bandhakavi,Samuel T. King,P. Madhusudan,Marianne Winslett,VEX: Vetting Browser Extensions for Security Vulnerabilities.
• Richard Carback,David Chaum,Jeremy Clark,John Conway,Aleksander Essex,Paul S. Herrnson,Travis Mayberry,Stefan Popoveniuc,Ronald L. Rivest,Emily Shen,Alan T. Sherman,Poorvi L. Vora,Scantegrity II Municipal Election at Takoma Park: The First E2E Binding Governmental Election with Ballot Privacy.
• Roya Ensafi,Jong Chun Park,Deepak Kapur,Jedidiah R. Crandall,Idle Port Scanning and Non-interference Analysis of Network Protocol Stacks Using Model Checking.
• Tathagata Das,Ranjita Bhagwan,Prasad Naldurg,Baaz: A System for Detecting Access Control Misconfigurations.
• John P. John,Fang Yu,Yinglian Xie,Martín Abadi,Arvind Krishnamurthy,Searching the Searchers with SearchAudit.
• Ishtiaq Rouf,Robert D. Miller,Hossen A. Mustafa,Travis Taylor,Sangho Oh,Wenyuan Xu,Marco Gruteser,Wade Trappe,Ivan Seskar,Security and Privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study.
• Payas Gupta,Debin Gao,Fighting Coercion Attacks in Key Generation using Skin Conductance.
• Phillipa Gill,Yashar Ganjali,Bernard Wong,David Lie,Dude, Where's That IP? Circumventing Measurement-based IP Geolocation.
• Petr Marchenko,Brad Karp,Structuring Protocol Implementations to Protect Sensitive Data.
• Andrea Bittau,Michael Hamburg,Mark Handley,David Mazières,Dan Boneh,The Case for Ubiquitous Transport-Level Encryption.
• Robert N. M. Watson,Jonathan Anderson,Ben Laurie,Kris Kennaway,Capsicum: Practical Capabilities for UNIX.
• Manos Antonakakis,Roberto Perdisci,David Dagon,Wenke Lee,Nick Feamster,Building a Dynamic Reputation System for DNS.
• Roberto Paleari,Lorenzo Martignoni,Emanuele Passerini,Drew Davidson,Matt Fredrikson,Jonathon T. Giffin,Somesh Jha,Automatic Generation of Remediation Procedures for Malware Infections.
• Taesoo Kim,Nickolai Zeldovich,Making Linux Protection Mechanisms Egalitarian with UserFS.
• Kasper Bonne Rasmussen,Srdjan Capkun,Realization of RF Distance Bounding.
• Gaurav Aggarwal,Elie Bursztein,Collin Jackson,Dan Boneh,An Analysis of Private Browsing Modes in Modern Browsers.
• Yitao Duan,NetEase Youdao,John Canny,Justin Z. Zhan,P4P: Practical Large-Scale Privacy-Preserving Distributed Computation Robust against Malicious Users.
• Marti Motoyama,Kirill Levchenko,Chris Kanich,Damon McCoy,Geoffrey M. Voelker,Stefan Savage,Re: CAPTCHAs-Understanding CAPTCHA-Solving Services in an Economic Context.
• Josep Balasch,Alfredo Rial,Carmela Troncoso,Bart Preneel,Ingrid Verbauwhede,Christophe Geuens,PrETP: Privacy-Preserving Electronic Toll Pricing.
• Sam Burnett,Nick Feamster,Santosh Vempala,Chipping Away at Censorship Firewalls with User-Generated Content.
• Mike Ter Louw,Karthik Thotta Ganesh,V. N. Venkatakrishnan,AdJail: Practical Enforcement of Confidentiality and Integrity Policies on Web Advertisements.

2009

• Kehuan Zhang,XiaoFeng Wang,Peeping Tom in the Neighborhood: Keystroke Eavesdropping on Multi-User Systems.
• Michael Dalton,Christos Kozyrakis,Nickolai Zeldovich,Nemesis: Preventing Authentication & Access Control Vulnerabilities in Web Applications.
• William K. Robertson,Giovanni Vigna,Static Enforcement of Web Application Integrity Through Strong Typing.
• Periklis Akritidis,Manuel Costa,Miguel Castro,Steven Hand,Baggy Bounds Checking: An Efficient and Backwards-Compatible Defense against Out-of-Bounds Errors.
• Boris Danev,Thomas S. Heydt-Benjamin,Srdjan Capkun,Physical-layer Identification of RFID Devices.
• Paruj Ratanaworabhan,V. Benjamin Livshits,Benjamin G. Zorn,NOZZLE: A Defense Against Heap-spraying Code Injection Attacks.
• Joshua Sunshine,Serge Egelman,Hazim Almuhimedi,Neha Atri,Lorrie Faith Cranor,Crying Wolf: An Empirical Study of SSL Warning Effectiveness.
• Shuang Hao,Nadeem Ahmed Syed,Nick Feamster,Alexander G. Gray,Sven Krasser,Detecting Spammers with SNARE: Spatio-temporal Network-level Automatic Reputation Engine.
• Salvatore Guarnieri,V. Benjamin Livshits,GATEKEEPER: Mostly Static Enforcement of Security and Reliability Policies for JavaScript Code.
• Helen J. Wang,Chris Grier,Alexander Moshchuk,Samuel T. King,Piali Choudhury,Herman Venter,The Multi-Principal OS Construction of the Gazelle Web Browser.
• Scott A. Crosby,Dan S. Wallach,Efficient Data Structures For Tamper-Evident Logging.
• Raluca A. Popa,Hari Balakrishnan,Andrew J. Blumberg,VPriv: Protecting Privacy in Location-Based Vehicular Services.
• David Molnar,Xue Cong Li,David Wagner,Dynamic Test Generation to Find Integer Bugs in x86 Binary Linux Programs.
• Kapil Singh,Sumeer Bhola,Wenke Lee,xBook: Redesigning Privacy Control in Social Networking Platforms.
• Nathan S. Evans,Roger Dingledine,Christian Grothoff,A Practical Congestion Attack on Tor Using Long Paths.
• Mastooreh Salajegheh,Shane S. Clark,Benjamin Ransford,Kevin Fu,Ari Juels,CCCP: Secure Remote Storage for Computational RFIDs.
• Joel Reardon,Ian Goldberg,Improving Tor using a TCP-over-DTLS Tunnel.
• Tongqing Qiu,Lusheng Ji,Dan Pei,Jia Wang,Jun Jim Xu,Hitesh Ballani,Locating Prefix Hijackers using LOCK.
• Kevin Borders,Eric Vander Weele,Billy Lau,Atul Prakash,Protecting Confidential Data on Personal Computers with Storage Capsules.
• Christina Pöpper,Mario Strasser,Srdjan Capkun,Jamming-resistant Broadcast Communication without Shared Keys.
• Roxana Geambasu,Tadayoshi Kohno,Amit A. Levy,Henry M. Levy,Vanish: Increasing Data Privacy with Self-Destructing Data.
• Clemens Kolbitsch,Paolo Milani Comparetti,Christopher Kruegel,Engin Kirda,Xiao-yong Zhou,XiaoFeng Wang,Effective and Efficient Malware Detection at the End Host.
• Adam Barth,Joel Weinberger,Dawn Song,Cross-Origin JavaScript Capability Leaks: Detection, Exploitation, and Defense.
• John Criswell,Nicolas Geoffray,Vikram S. Adve,Memory Safety for Low-Level Software/Hardware Interactions.
• Martin Vuagnoux,Sylvain Pasini,Compromising Electromagnetic Emanations of Wired and Wireless Keyboards.
• Ralf Hund,Thorsten Holz,Felix C. Freiling,Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms.

2008

• Michael C. Martin,Monica S. Lam,Automatic Generation of XSS and SQL Injection Attacks with Goal-Directed Model Checking.
• Sam Small,Joshua Mason,Fabian Monrose,Niels Provos,Adam Stubblefield,To Catch a Predator: A Natural Language Approach for Eliciting Malicious Payloads.
• Michael Dalton,Hari Kannan,Christos Kozyrakis,Real-World Buffer Overflow Protection for Userspace and Kernelspace.
• Manigandan Radhakrishnan,Jon A. Solworth,NetAuth: Supporting User-Based Network Services.
• Jon Oberheide,Evan Cooke,Farnam Jahanian,CloudAV: N-Version Antivirus in the Network Cloud.
• Jian Zhang,Phillip A. Porras,Johannes Ullrich,Highly Predictive Blacklisting.
• Rui Wang,XiaoFeng Wang,Zhuowei Li,Panalyst: Privacy-Aware Remote Error Analysis on Commodity Software .
• Negar Kiyavash,Amir Houmansadr,Nikita Borisov,Multi-flow Attacks Against Network Flow Watermarking Schemes.
• Lin Tan,Xiaolan Zhang,Xiao Ma,Weiwei Xiong,Yuanyuan Zhou,AutoISES: Automatically Inferring Security Specification and Detecting Violations.
• Lionel Litty,H. Andrés Lagar-Cavilla,David Lie,Hypervisor Support for Identifying Covertly Executing Binaries.
• Owen Harrison,John Waldron,Practical Symmetric Key Cryptography on Modern Graphics Hardware.
• J. Alex Halderman,Seth D. Schoen,Nadia Heninger,William Clarkson,William Paul,Joseph A. Calandrino,Ariel J. Feldman,Jacob Appelbaum,Edward W. Felten,Lest We Remember: Cold Boot Attacks on Encryption Keys.
• Steven Gianvecchio,Mengjun Xie,Zhengyu Wu,Haining Wang,Measurement and Classification of Humans and Bots in Internet Chat.
• Swaminathan Sundararaman,Gopalan Sivathanu,Erez Zadok,Selective Versioning in a Secure Disk System.
• Niels Provos,Panayiotis Mavrommatis,Moheeb Abu Rajab,Fabian Monrose,All Your iFRAMEs Point to Us.
• Thomas Ristenpart,Gabriel Maganis,Arvind Krishnamurthy,Tadayoshi Kohno,Privacy-Preserving Location Tracking of Lost or Stolen Devices: Cryptographic Techniques and Replacing Trusted Third Parties with DHTs.
• Gang Tan,Jason Croft,An Empirical Security Study of the Native Code in the JDK.
• Adam Barth,Collin Jackson,John C. Mitchell,Securing Frame Communication in Browsers.
• Sandra Rueda,Dave King,Trent Jaeger,Verifying Compliance of Trusted Programs.
• Karsten Nohl,David Evans,Starbug,Henryk Plötz,Reverse-Engineering a Cryptographic RFID Tag.
• Jerry Chi-Yuan Chou,Bill Lin,Subhabrata Sen,Oliver Spatscheck,Proactive Surge Protection: A Defense Mechanism for Bandwidth-Based Attacks.
• Guofei Gu,Roberto Perdisci,Junjie Zhang,Wenke Lee,BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection.
• Sebastian Zander,Steven J. Murdoch,An Improved Clock-skew Measurement Technique for Revealing Hidden Services.
• Lucas Ballard,Seny Kamara,Michael K. Reiter,The Practical Subtleties of Biometric Key Generation.
• Ari Juels,Ravikanth Pappu,Bryan Parno,Unidirectional Key Distribution Across Time and Space with Applications to RFID Security.
• Daniel Sandler,Kyle Derr,Dan S. Wallach,VoteBox: A Tamper-evident, Verifiable Electronic Voting System.
• Ben Adida,Helios: Web-based Open-Audit Voting.

2004

• Dahlia Malkhi,Noam Nisan,Benny Pinkas,Yaron Sella,Fairplay - Secure Two-Party Computation System.
• Nick L. Petroni Jr.,Timothy Fraser,Jesus Molina,William A. Arbaugh,Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor.
• Patrick Lincoln,Phillip A. Porras,Vitaly Shmatikov,Privacy-Preserving Sharing and Correlation of Security Alerts.
• Nicholas Weaver,Stuart Staniford,Vern Paxson,Very Fast Containment of Scanning Worms.
• Hyang-Ah Kim,Brad Karp,Autograph: Toward Automated, Distributed Worm Signature Detection.
• Xuxian Jiang,Dongyan Xu,Collapsar: A VM-Based Architecture for Network Attack Detention Center.
• Roger Dingledine,Nick Mathewson,Paul F. Syverson,Tor: The Second-Generation Onion Router.
• Darren Davis,Fabian Monrose,Michael K. Reiter,On User Choice in Graphical Password Schemes.
• David Brumley,Dawn Xiaodong Song,Privtrans: Automatically Partitioning Programs for Privilege Separation.
• Christopher Krügel,William K. Robertson,Fredrik Valeur,Giovanni Vigna,Static Disassembly of Obfuscated Binaries.
• Debin Gao,Michael K. Reiter,Dawn Xiaodong Song,On Gray-Box Program Tracking for Anomaly Detection.
• Drew Dean,Alan J. Hu,Fixing Races for Fun and Profit: How to Use access(2).
• Robert Johnson,David Wagner,Finding User/Kernel Pointer Bugs with Type Inference.
• Yevgeniy Miretskiy,Abhijith Das,Charles P. Wright,Erez Zadok,Avfs: An On-Access Anti-Virus File System.
• Umesh Shankar,Monica Chew,J. D. Tygar,Side Effects Are Not Sufficient to Authenticate Software.
• Jonathan S. Shapiro,John Vanderburgh,Eric Northup,David Chizmadia,Design of the EROS Trusted Window System.
• Kumar Avijit,Prateek Gupta,Deepak Gupta,TIED, LibsafePlus: Tools for Runtime Buffer Overflow Protection.
• Reiner Sailer,Xiaolan Zhang,Trent Jaeger,Leendert van Doorn,Design and Implementation of a TCG-based Integrity Measurement Architecture.
• Dirk Balfanz,Glenn Durfee,Rebecca E. Grinter,Diana K. Smetters,Paul Stewart,Network-in-a-Box: How to Set Up a Secure Wireless Network in Under a Minute.
• Jim Chow,Ben Pfaff,Tal Garfinkel,Kevin Christopher,Mendel Rosenblum,Understanding Data Lifetime via Whole System Simulation (Awarded Best Paper!).
• Julie Thorpe,Paul C. van Oorschot,Graphical Dictionaries and the Memorable Space of Graphical Passwords.
• Niels Provos,A Virtual Honeypot Framework.

2002

• Xiaolan Zhang,Antony Edwards,Trent Jaeger,Using CQUAL for Static Analysis of Authorization Hook Placement.
• Scott G. Renfro,VeriSign CZAG: Privacy Leak in X.509 Certificates.
• Eric Rescorla,Adam Cain,Brian Korver,SSLACC: A Clustered SSL Accelerator.
• Lujo Bauer,Michael A. Schneider,Edward W. Felten,A General and Flexible Access-Control System for the Web.
• Peter Gutmann,Lessons Learned in Implementing and Deploying Crypto Software.
• Vladimir Kiriansky,Derek Bruening,Saman P. Amarasinghe,Secure Execution via Program Shepherding.
• Jonathan S. Shapiro,John Vanderburgh,Access and Integrity Control in a Public-Access, High-Assurance Configuration Management System.
• Yihua Liao,V. Rao Vemuri,Using Text Categorization Techniques for Intrusion Detection.
• Markus Jakobsson,Ari Juels,Ronald L. Rivest,Making Mix Nets Robust for Electronic Voting by Randomized Partial Checking.
• David S. Peterson,Matt Bishop,Raju Pandey,A Flexible Containment Mechanism for Executing Untrusted Code.
• Jonathon T. Giffin,Somesh Jha,Barton P. Miller,Detecting Manipulated Remote Call Streams.
• Hao Chen,David Wagner,Drew Dean,Setuid Demystified.
• Kyung-suk Lhee,Steve J. Chapin,Type-Assisted Dynamic Buffer Overflow Detection.
• Chris Wright,Crispin Cowan,Stephen Smalley,James Morris,Greg Kroah-Hartman,Linux Security Modules: General Security Support for the Linux Kernel.
• Petros Maniatis,Mary Baker,Secure History Preservation Through Timeline Entanglement.
• David Martin,Andrew Schulman,Deanonymizing Users of the SafeWeb Anonymizing Service.
• Stuart Staniford,Vern Paxson,Nicholas Weaver,How to Own the Internet in Your Spare Time.
• Fabian Monrose,Michael K. Reiter,Qi Li,Daniel P. Lopresti,Chilin Shih,Toward Speech-Generated Cryptographic Keys on Resource-Constrained Devices.
• John Black,Hector Urtubia,Side-Channel Attacks on Symmetric Encryption Schemes: The Case for Authenticated Encryption.
• Russ Cox,Eric Grosse,Rob Pike,David L. Presotto,Sean Quinlan,Security in Plan 9.
• Zishuang (Eileen) Ye,Sean W. Smith,Trusted Paths for Browsers.
• Nick Feamster,Magdalena Balazinska,Greg Harfst,Hari Balakrishnan,David R. Karger,Infranet: Circumventing Web Censorship and Surveillance.