CCS·2018

ACM 计算机与通信安全会议(CCS, ACM Conference on Computer and Communications Security)属于CCF A类会议,行业四大会议之一。CCS 2018年共收到809篇论文,录取134篇论文,录用率为16.6%。


1、PrinTracker: Fingerprinting 3D Printers using Commodity Scanners

PrinTracker:使用商品扫描仪的指纹识别3D打印机

2、Unveiling Hardware-based Data Prefetcher, a Hidden Source of Information Leakage

推出基于硬件的数据预取器,一种隐藏的信息泄漏源

3、The Gap Game

差距策略

4、Large-Scale and Language-Oblivious Code Authorship Identification

大规模和语言不明的代码作者身份识别

5、Block Oriented Programming: Automating Data-Only Attacks

面向块的编程:自动化仅数据攻击

6、Asking for a Friend: Evaluating Response Biases in Security User Studies

询问朋友:评估安全用户研究中的响应偏差

7、Utility-aware synthesis of differentially private and attack-resilient location traces

差异私有和攻击弹性位置跟踪的实用程序感知合成

8、CALM: Consistent Adaptive Local Marginal for Marginal Release under Local Differential Privacy

CALM:本地差异隐私下边际释放的一致自适应局部边际

9、HyperFlow: A High-Assurance Processor Architecture for Practical Timing-Safe Information Flow Security

HyperFlow:一种高保障处理器架构,用于实用的定时安全信息流安全

10、Ohm’, s Law in Data Centers: A Voltage Side Channel for Timing Power Attacks

数据中心的欧姆定律:用于定时功率攻击的电压侧通道

11、When Good Components Go Bad: Formally Secure Compilation Despite Dynamic Compromise

当好的组件变坏时:尽管存在动态妥协,但是正式安全的编译

12、Towards Usable Checksums: Automating the Integrity Verification of Web Downloads for the Masses

走向可用的校验和:为大众自动完成Web下载的完整性验证

13、On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees

关于端到端加密:具有强大安全保障的异步组消息传递

14、Lord of the x86 Rings: A Portable User Mode Privilege Separation Architecture on x86

x86环之王:x86上的便携式用户模式权限分离架构

15、Towards Fine-grained Network Security Forensics and Diagnosis in the SDN Era

SDN时代走向细粒度的网络安全取证与诊断

16、MVG Mechanism: Differential Privacy under Matrix-Valued Query

MVG机制:矩阵值查询下的差异隐私

17、Scission: Signal Characteristic-Based Sender Identification and Intrusion Detection in Automotive Networks

分裂:基于信号特征的汽车网络中的发送者识别和入侵检测

18、Detecting Attacks Against Robotic Vehicles: A Control Invariant Approach

检测机器人车辆的攻击:控制不变方法

19、Result Pattern Hiding Searchable Encryption for Conjunctive Queries

结果模式隐藏联合查询的可搜索加密

20、Yet Another Text Captcha Solver: A Generative Adversarial Network Based Approach

另一个文本Captcha解算器:基于生成对抗网络的方法

21、No Training Hurdles: Fast Training-Agnostic Attacks to Infer Your Typing

没有训练障碍:快速训练 - 不可知的攻击推断你的打字

22、Practical state recovery attacks against legacy RNG implementations

针对传统RNG实施的实际状态恢复攻击

23、Model-Reuse Attacks on Learning Systems

学习系统的模型重用攻击

24、Lawful Device Access without Mass Surveillance Risk: A Systems Approach

没有质量监控风险的合法设备访问:系统方法

25、Cross-App Poisoning in Software-Defined Networking

软件定义网络中的跨应用程序中毒

26、ABY3: A Mixed Protocol Framework for Machine Learning

ABY3:机器学习的混合协议框架

27、ret2spec: Speculative Execution Using Return Stack Buffers

ret2spec:使用返回堆栈缓冲区的推测执行

28、Voting: you can’, t have privacy without verifiability

投票:你可以在没有可证实性的情况下拥有隐私

29、NodeMerge: Template Based Efficient Data Reduction For Big-Data Causality Analysis

NodeMerge:基于模板的高效数据减少,适用于大数据因果关系分析

30、Reinforcing System-Assigned Passphrases Through Implicit Learning

通过内隐学习强化系统分配的密码

31、Tight on Budget? Tight Bounds for r-Fold Approximate Differential Privacy

预算紧张? r-Fold近似差分隐私的严格界限

32、Towards Verified, Constant-time Floating Point Operations

迈向经过验证的恒定时间浮点运算

33、“What was that site doing with my Facebook password?”, Designing Password-Reuse Notifications

“那个网站用我的Facebook密码做了什么?”,设计密码重用通知

34、Deep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning

深度指纹识别:深度学习破坏网站指纹识别防御

35、On the Accuracy of Password Strength Meters

论密码强度计的准确性

36、Fraud De-Anonymization For Fun and Profit

有趣和利润的欺诈去匿名化

37、Towards Paving the Way for Large-Scale Windows Malware Analysis: Generic Binary Unpacking with Orders-of-Magnitude Performance Boost

为大规模Windows恶意软件分析铺平道路:通过具有数量级别性能提升的通用二进制解包

38、Milkomeda: Safeguarding the Mobile GPU Interface Using WebGL’s Security Checks

Milkomeda:使用WebGL的安全检查来保护移动GPU接口

39、Bandwidth-Hard Functions: Reductions and Lower Bounds

带宽 - 硬功能:减少和降低边界

40、DISE: DIstributed Symmetric-key Encryption

DISE:分配对称密钥加密

41、Pseudo Constant Time Implementations of TLS Are Only Pseudo Secure

TLS的伪恒定时间实现仅是伪安全的

42、Runtime Analysis of Whole-System Provenance

全系统种源的运行时分析

43、PatternListener: Cracking Android Pattern Lock Using Acoustic Signals

模式监听器:使用声学信号破解Android模式锁

44、Phishing Attacks on Modern Android

现代Android上的网络钓鱼攻击

45、Predicting Impending Exposure to Malicious Content from User Behavior

预测即将暴露于用户行为中的恶意内容

46、CHECKMATE: Practical Security Analysis of Smart Contracts

检查:智能合约的实用安全性分析

47、Truth Will Out: Departure-Based Process-Level Detection of Stealthy Attacks on Control Systems

真相将会出现:基于离境的过程级别检测控制系统的隐身攻击

48、Practical Backward-Secure Searchable Encryption from Symmetric Puncturable Encryption

对称可穿透加密的实用后向安全可搜索加密

49、Pinpointing Insecure Cryptographic Keys from Execution Traces

从执行跟踪中精确定位不安全的加密密钥

50、Clickjacking on Android: The Final Countdown

Android上的Clickjacking:最终倒计时

51、HyCC: Compilation of Hybrid Protocols for Practical Secure Computation

HyCC:实用安全计算混合协议的编译

52、Prime and Prejudice: Primality Testing Under Adversarial Conditions

主要和偏见:在对抗条件下的原始性测试

53、Fast Secure Multiparty ECDSA with Practical Distributed Key Generation and Applications to Cryptocurrency Custody

快速安全的多方ECDSA,具有实用的分布式密钥生成和应用于加密货币保管

54、Partially specified channels: The TLS 1.3 record layer without elision

部分指定的通道:没有省略的TLS 1.3记录层

55、Domain Validation ++ for MitM-Resilient PKI

针对MitM-Resilient PKI的域验证++

56、Secure Opportunistic Multipath Key Exchange

安全机会多路径密钥交换

57、LEMNA: Explaining Deep Learning based Security Applications

LEMNA:解释基于深度学习的安全应用程序

58、Using Logic Programming to Recover C++ Classes and Methods from Compiled Executables

使用逻辑编程从编译的可执行文件中恢复C ++类和方法

59、Investigating Operators’ Perspective on Security Misconfigurations

调查运营商对安全性错误配置的看法

60、BitML: a calculus for Bitcoin smart contracts

BitML:比特币智能合约的微积分

61、Time-Based Remote Device Fingerprinting

基于时间的远程设备指纹识别

62、Enforcing Unique Code Target Property for Control-Flow Integrity

为控制流完整性实施唯一代码目标属性

63、On the Security of the PKCS#1 v1.5 Signature Scheme

论PKCS#1 v1.5签名方案的安全性

64、AIM-SDN: Attacking Information Mismanagement in SDN-datastores

AIM-SDN:攻击SDN数据存储中的信息管理不善

65、Mitigating Risk while Complying with Data Retention Laws

在遵守数据保留法的同时降低风险

66、An End-to-End System for Large Scale P2P MPC-as-a-Service and Low-Bandwidth MPC for Weak Participants

面向弱势参与者的大规模P2P MPC即服务和低带宽MPC的端到端系统

67、Screaming Channels: When Electromagnetic Side Channels Meet Radio Transceivers

尖叫声道:当电磁侧通道遇到无线电收发器时

68、Detecting User Experience Issues of the Tor Browser In The Wild

检测野外Tor浏览器的用户体验问题

69、Evaluating Fuzz Testing

评估模糊测试

70、Improved Non-Interactive Zero Knowledge with Applications to Post-Quantum Signatures

通过应用后量子签名改进非交互式零知识

71、Faceted Secure Multi Execution

分面安全多重执行

72、Release the Kraken: New KRACKs in the 802.11 Standard

发布Kraken:802.11标准中的新KRACK

73、EviHunter: Identifying Digital Evidence in the Permanent Storage of Android Devices via Static Analysis

EviHunter:通过静态分析识别Android设备永久存储中的数字证据

74、Preserving Both Privacy and Utility in Network Trace Anonymization

在网络跟踪匿名化中保护隐私和效用

75、Secure Search via Sketching for Homomorphic Encryption

通过草图进行同态加密的安全搜索

76、Tiresias: Predicting Security Events Through Deep Learning

Tiresias:通过深度学习预测安全事件

77、BEAT: Asynchronous BFT Made Practical

BEAT:异步BFT实用

78、DeepMem: Learning Graph Neural Network Models for Fast and Robust Memory Forensic Analysis

DeepMem:学习图形神经网络模型,用于快速和稳健的记忆取证分析

79、A better method to analyze blockchain consistency

分析区块链一致性的更好方法

80、Privacy-preserving Dynamic Learning of Tor Network Traffic

Tor网络流量的隐私保护动态学习

81、The Multi-user Security of GCM, Revisited: Tight Bounds for Nonce Randomization

重新审视GCM的多用户安全性:随机数随机化的严格界限

82、Situational Access Control in the Internet of Things

物联网中的情境访问控制

83、Toward Detecting Violations of Differential Privacy

检测违反差异隐私的行为

84、TACHYON: Fast Signatures from Compact Knapsack

TACHYON:紧凑型背包的快速签名

85、HoMonit: Monitoring Smart Home Apps from Encrypted Traffic

HoMonit:从加密流量监控智能家居应用

86、Private Stateful Information Retrieval

私有状态信息检索

87、Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary CPU Interrupt Logic

复仇女神:研究基本CPU中断逻辑中的微体系结构时序泄漏

88、Mystique: Uncovering Information Leakage from Browser Extensions

神秘:从浏览器扩展中发现信息泄漏

89、DeepCorr: Strong Flow Correlation Attacks on Tor Using Deep Learning

DeepCorr:使用深度学习对Tor进行强流关联攻击

90、Symbolic Proofs for Lattice-Based Cryptography

基于格的密码学的符号证明

91、A Robust and Efficient Defense against Use-after-Free Exploits via Concurrent Pointer Sweeping

通过并发指针扫描实现免费利用后的强大而有效的防御

92、VMHunt: A Verifiable Approach to Partial-Virtualized Binary Code Simplification

VMHunt:部分虚拟化二进制码简化的可验证方法

93、ALCHEMY: A Language and Compiler for Homomorphic Encryption Made easY

ALCHEMY:同态加密的语言和编译器很容易

94、Threat Intelligence Computing

威胁情报计算

95、Pinto: Enabling Video Privacy for Commodity IoT Cameras

Pinto:为商品物联网相机提供视频隐私

96、Rendered Insecure: GPU side channel attacks are practical

渲染不安全:GPU侧通道攻击是实用的

97、Measuring Information Leakage in Website Fingerprinting Attacks and Defenses

衡量网站指纹识别攻击和防御中的信息泄漏

98、New Constructions for Forward and Backward Private Symmetric Searchable Encryption

前向和后向私有对称可搜索加密的新构造

99、Property Inference Attacks on Deep Neural Networks using Permutation Invariant Representations

基于置换不变表示的深度神经网络的属性推断攻击

100、JN-SAF: Precise and Efficient NDK/JNI-aware Inter-language Static Analysis Framework for Security Vetting of Android Applications with Native Code

JN-SAF:精确高效的NDK / JNI感知的语言间静态分析框架,用于使用本机代码的Android应用程序的安全审查

101、Labeled PSI from Fully Homomorphic Encryption with Malicious Security

具有恶意安全性的完全同态加密标记的PSI

102、Secure Outsourced Matrix Computation and Application to Neural Networks

安全外包矩阵计算及其在神经网络中的应用

103、Effective Program Debloating via Reinforcement Learning

通过强化学习有效的程序去除

104、PASTA: PASsword-based Threshold Authentication

PASTA:基于PASsword的阈值认证

105、How You Get Bullets in Your Back: A Systematical Study about Cryptojacking in Real-world

你如何得到子弹:关于现实世界中的加密劫持的系统研究

106、If This Then What? Controlling Flows in IoT Apps

如果这样那么怎样? 控制物联网应用中的流量

107、Precise Android API Protection Mapping Derivation and Reasoning

精确的Android API保护映射派生和推理

108、Invetter: Locating Insecure Input Validations in Android Services

Invetter:在Android服务中查找不安全的输入验证

109、Check it Again: Detecting Lacking-Recheck Bugs in OS Kernels

再次检查:检测缺少 - 重新检查OS内核中的错误

110、Lattice-Based zk-SNARKs from Square Span Programs

来自Square Span程序的基于格的zk-SNARK

111、Formal Analysis of 5G Authentication

5G认证的形式化分析

112、Revery: from Proof-of-Concept to Exploitable (One Step towards Automatic Exploit Generation)

Revery:从概念验证到可利用(向自动漏洞生成的一步)

113、Ouroboros Genesis: Composable Proof-of-Stake Blockchains with Dynamic Availability

Ouroboros起源:具有动态可用性的可组合证明区块链

114、Hawkeye: Towards a Desired Directed Grey-box Fuzzer

Hawkeye:走向一个理想的定向灰盒子模糊器

115、nanoPI: Extreme-Scale Actively-Secure Multi-Party Computation

nanoPI:极端规模的主动安全多方计算

116、Secure Computation with Differentially Private Access Patterns

使用差分私有访问模式进行安全计算

117、Lattice-Based Group Signatures and Zero-Knowledge Proofs of Automorphism Stability

基于格的群签名和自同构稳定性的零知识证明

118、RapidChain: Fast Blockchain Consensus via Full Sharding

RapidChain:通过完全分片快速区块链共识

119、Generalizing the SPDZ Compiler For Other Protocols

推广其他协议的SPDZ编译器

120、Machine Learning with Membership Privacy

会员隐私的机器学习

121、General State Channel Networks

一般国家频道网络

122、FairSwap: How to fairly exchange digital goods

FairSwap:如何公平交换数字商品

123、An In-depth Look into Drive-by Mining and its Defense

对挖掘采矿及其防御的深入研究

124、Fast Multiparty Threshold ECDSA with Fast Trustless Setup

具有快速无信任设置的快速多方阈值ECDSA

125、Web’, s Sixth Sense: A Study of Scripts Accessing Smartphone Sensors

Web的第六感:对脚本访问智能手机传感器的研究

126、An Exploratory Analysis of Microcode as a Building Block for System Defenses

微码作为系统防御构件的探索性分析

127、vNIDS: Towards Elastic Security with Safe and Efficient Virtualization of Network Intrusion Detection Systems

vNIDS:通过安全高效的网络入侵检测系统虚拟化实现弹性安全

128、DP-Finder: Finding Differential Privacy Violations by Sampling and Optimization

DP-Finder:通过采样和优化查找差异隐私冲突

129、Pump up the Volume: Practical Database Reconstruction from Volume Leakage on Range Queries

提高容量:从范围查询中的卷泄漏重建实际数据库

130、On the Safety of IoT Device Physical Interaction Control

物联网设备物理交互控制的安全性

131、Debin: Predicting Debug Information in Stripped Binaries

Debin:预测剥离二进制文件中的调试信息

132、Pride and Prejudice in Progressive Web Apps: Abusing Native App-like Features in Web Applications

渐进式Web应用程序中的傲慢与偏见:滥用Web应用程序中的本机应用程序特性

133、Compressing Vector OLE

压缩矢量OLE

你可能感兴趣的:(CCS·2018)