✅作者简介:大家好我是王大梨,是一名虽然菜但是爱分享的程序员、架构师、信息安全爱好者
个人主页:王大梨的csdn博客
碎碎念:程序员中的杂学家,涉猎的范围很多,信息安全、大数据等等。
如果觉得博主的文章还不错的话,请三连支持一下博主哦
针对 GAN 的属性推断攻击
Junhao Zhou, Yufei Chen, and Chao Shen (西安交通大学);
张扬(CISPA 亥姆霍兹信息安全中心)
SpiralSpy:探索隐蔽且实用的隐蔽通道,通过毫米波传感攻击气隙计算设备
Zhengxiong Li (University at Buffalo, SUNY); Baicheng Chen and Xingyu Chen (University at Buffalo); Huining Li (SUNY University at Buffalo); Chenhan Xu (University at Buffalo, SUNY); Feng Lin (Zhejiang University); Chris Xiaoxuan Lu (University of Edinburgh); Kui Ren (Zhejiang University); Wenyao Xu (SUNY Buffalo)
Subverting Stateful Firewalls with Protocol States
Amit Klein (Bar Ilan University)
Local and Central Differential Privacy for Robustness and Privacy in Federated Learning
Mohammad Naseri (University College London); Jamie Hayes (DeepMind); Emiliano De Cristofaro (University College London & Alan Turing Institute)
Droid 在细节中:Android 沙盒的环境感知规避
The Droid is in the Details: Environment-aware Evasion of Android Sandboxes
Brian Kondracki, Babak Amin Azad, Najmeh Miramirkhani, and Nick Nikiforakis (Stony Brook University)
基于配置的攻击的取证分析
Forensic Analysis of Configuration-based Attacks
Muhammad Adil Inam and Wajih Ul Hassan (University of Illinois at Urbana-Champaign); Ali Ahad (University of Virginia); Adam Bates (University of Illinois at Urbana-Champaign); Rashid Tahir (University of Prince Mugrin); Tianyin Xu (University of Illinois at Urbana-Champaign); Fareed Zaffar (LUMS)
堆栈的驯服:将堆栈数据与内存错误隔离开来
The Taming of the Stack: Isolating Stack Data from Memory Errors
Kaiming Huang and Yongzhe Huang (Penn State University); Mathias Payer (EPFL); Zhiyun Qian (UC Riverside); Jack Sampson, Gang Tan, and Trent Jaeger (Penn State University)
HARPO:学习颠覆在线行为广告
HARPO: Learning to Subvert Online Behavioral Advertising
Jiang Zhang and Konstantinos Psounis (University of Southern California); Muhammad Haroon and Zubair Shafiq (University of California, Davis)
获取模型! 针对机器学习模型的模型劫持攻击
Get a Model! Model Hijacking Attack Against Machine Learning Models
Ahmed Salem, Michael Backes, and Yang Zhang (CISPA Helmholtz Center for Information Security)
Sumparfi:Uvas 的反欺骗 GPS 接收器
SemperFi: Anti-spoofing GPS Receiver for UAVs
Harshad Sathaye, Gerald LaMountain, Pau Closas, and Aanjhan Ranganathan (Northeastern University)
PoF:车辆排的跟随证明
PoF: Proof-of-Following for Vehicle Platoons
Ziqi Xu, Jingcheng Li, and Yanjun Pan (University of Arizona); Loukas Lazos and Ming Li (University of Arizona, Tucson); Nirnimesh Ghose (University of Nebraska–Lincoln)
远程内存重复数据删除攻击
Remote Memory-Deduplication Attacks
Martin Schwarzl, Erik Kraft, Moritz Lipp, and Daniel Gruss (Graz University of Technology)
用于云威胁取证的可解释联合 Transformer 日志学习
Interpretable Federated Transformer Log Learning for Cloud Threat Forensics
Gonzalo De La Torre Parra (University of the Incarnate Word, TX, USA);
Luis Selvera (Secure AI and Autonomy Lab, The University of Texas at San Antonio, TX, USA);
Joseph Khoury (The Cyber Center For Security and Analytics, University of Texas at San Antonio, TX, USA);
Hector Irizarry (Raytheon, USA);
Elias Bou-Harb (The Cyber Center For Security and Analytics, University of Texas at San Antonio, TX, USA); Paul Rad (Secure AI and Autonomy Lab, The University of Texas at San Antonio, TX, USA)
ProvTalk:在网络功能虚拟化 (NFV) 中实现可解释的多级来源分析
ProvTalk: Towards Interpretable Multi-level Provenance Analysis in Networking Functions Virtualization (NFV)
Azadeh Tabiban and Heyang Zhao (CIISE, Concordia University, Montreal, QC, Canada);
Yosr Jarraya and Makan Pourzandi (Ericsson Security Research, Ericsson Canada, Montreal, QC, Canada);
Mengyuan Zhang (Department of Computing, The Hong Kong Polytechnic University, China);
Lingyu Wang (CIISE, Concordia University, Montreal, QC, Canada)
安全计算中的二分搜索
Binary Search in Secure Computation
Marina Blanton and Chen Yuan (University at Buffalo (SUNY))
超越:补充美国数字安全合规要求的组织努力
Above and Beyond: Organizational Efforts to Complement U.S. Digital Security Compliance Mandates
Rock Stevens (University of Maryland); Faris Bugra Kokulu and Adam Doupé (Arizona State University); Michelle L. Mazurek (University of Maryland)
使用模糊匿名投诉计数系统 (FACTS) 在加密消息中打击假新闻
Fighting Fake News in Encrypted Messaging with the Fuzzy Anonymous Complaint Tally System (FACTS)
Linsheng Liu (George Washington University); Daniel S. Roche (United States Naval Academy); Austin Theriault and Arkady Yerukhimovich (George Washington University)
块缓存:安全架构的按需和可扩展缓存隔离
Chunked-Cache: On-Demand and Scalable Cache Isolation for Security Architectures
Ghada Dessouky, Emmanuel Stapf, Pouya Mahmoody, Alexander Gruler, and Ahmad-Reza Sadeghi (Technical University of Darmstadt)
hbACSS:如何稳健地分享许多秘密
hbACSS: How to Robustly Share Many Secrets
Thomas Yurek and Licheng Luo (University of Illinois at Urbana-Champaign); Jaiden Fairoze (University of California, Berkeley); Aniket Kate (Purdue University); Andrew Miller (University of Illinois at Urbana-Champaign)
使用仪表化车队进行城市传感中的隐私,将空气污染监测用作用例
Privacy in Urban Sensing with Instrumented Fleets, Using Air Pollution Monitoring As A Usecase
Ismi Abidi (IIT Delhi); Ishan Nangia (MPI-SWS); Paarijaat Aditya (Nokia Bell Labs); Rijurekha Sen (IIT Delhi)
固件:蜂窝基带固件的透明动态分析
FirmWire: Transparent Dynamic Analysis for Cellular Baseband Firmware
Grant Hernandez (University of Florida); Marius Muench (Vrije Universiteit Amsterdam); Dominik Maier (TU Berlin); Alyssa Milburn (Vrije Universiteit Amsterdam); Shinjo Park (TU Berlin); Tobias Scharnowski (Ruhr-University Bochum); Tyler Tucker, Patrick Traynor, and Kevin Butler (University of Florida)
具有正确操作的简洁证明的透明字典
Transparency Dictionaries with Succinct Proofs of Correct Operation
Ioanna Tzialla (New York University); Abhiram Kothapalli and Bryan Parno (Carnegie Mellon University); Srinath Setty (Microsoft Research)
Repttack:利用云调度程序来引导协同定位攻击
Repttack: Exploiting Cloud Schedulers to Guide Co-Location Attacks
Chongzhou Fang, Han Wang, and Najmeh Nazari (University of California, Davis); Behnam Omidi (George Mason University); Avesta Sasan (University of California, Davis); Khaled N. Khasawneh (George Mason University); Setareh Rafatirad and Houman Homayoun (University of California, Davis)
V-Range:在 5G 无线网络中实现安全测距
V-Range: Enabling Secure Ranging in 5G Wireless Networks
Mridula Singh (CISPA – Helmholtz Center for Information Security); Marc Roeschlin (ETH Zurich); Aanjhan Ranganathan (Northeastern University); Srdjan Capkun (ETH Zurich)
FedCRI:联合移动网络风险情报
FedCRI: Federated Mobile Cyber-Risk Intelligence
Hossein Fereidooni (Technical University of Darmstadt); Alexandra Dmitrienko (University of Wuerzburg); Phillip Rieger, Markus Miettinen, and Ahmad-Reza Sadeghi (Technical University of Darmstadt); Felix Madlener (KOBIL)
EqualNet:长期网络拓扑混淆的安全实用防御
EqualNet: A Secure and Practical Defense for Long-term Network Topology Obfuscation
Jinwoo Kim (KAIST); Eduard Marin (Telefonica Research (Spain)); Mauro Conti (University of Padua); Seungwon Shin (KAIST)
DeepSight:通过深度模型检查减轻联邦学习中的后门攻击
DeepSight: Mitigating Backdoor Attacks in Federated Learning Through Deep Model Inspection
Phillip Rieger, Thien Duc Nguyen, Markus Miettinen, and Ahmad-Reza Sadeghi (Technical University of Darmstadt)
EMS:基于覆盖的模糊测试的历史驱动突变
EMS: History-Driven Mutation for Coverage-based Fuzzing
Chenyang Lyu and Shouling Ji (Zhejiang University); Xuhong Zhang (Zhejiang University & Zhejiang University NGICS Platform); Hong Liang (Zhejiang University); Binbin Zhao (Georgia Institute of Technology); Kangjie Lu (University of Minnesota); Raheem Beyah (Georgia Institute of Technology)
CFInsight:CFI 政策的综合指标
CFInsight: A Comprehensive Metric for CFI Policies
Tommaso Frassetto, Patrick Jauernig, David Koisser, and Ahmad-Reza Sadeghi (Technical University of Darmstadt)
揭示 Android 中跨上下文不一致的访问控制执行
Uncovering Cross-Context Inconsistent Access Control Enforcement in Android
Hao Zhou (The Hong Kong Polytechnic University); Haoyu Wang (Beijing University of Posts and Telecommunications); Xiapu Luo (The Hong Kong Polytechnic University); Ting Chen (University of Electronic Science and Technology of China); Yajin Zhou (Zhejiang University); Ting Wang (Pennsylvania State University)
你看到的不是网络推断的:基于语义矛盾检测对抗样本
What You See is Not What the Network Infers: Detecting Adversarial Examples Based on Semantic Contradiction
Yijun YANG, RuiYuan Gao, YU LI, Qiuxia Lai, and Qiang Xu (The Chinese University of Hong Kong)
NAME-NN:基于注意力的 QoE 感知规避后门攻击
ATTEQ-NN: Attention-based QoE-aware Evasive Backdoor Attacks
Xueluan Gong (Wuhan University); Yanjiao Chen (Zhejiang University); Jianshuo Dong and Qian Wang (Wuhan University)
针对商业代码虚拟化混淆器的选择程序集攻击
Chosen-Assembly Attack Against Commercial Code Virtualization Obfuscators
Shijia Li, Chunfu Jia, Pengda Qiu, and Qiyuan Chen (College of Computer Science, NanKai University and the Tianjin Key Laboratory of Network and Data Security Technology); Jiang Ming (University of Texas at Arlington); Debin Gao (Singapore Management University)
使用 HAKCs 防止内核黑客攻击
Preventing Kernel Hacks with HAKCs
Derrick McKee (Purdue University); Yianni Giannaris, Carolina Ortega, and Howard Shrobe (MIT CSAIL); Mathias Payer (EPFL); Hamed Okhravi and Nathan Burow (MIT Lincoln Laboratory)
像 1996 年一样构建嵌入式系统
Building Embedded Systems Like It’s 1996
Ruotong Yu (Stevens Institute of Technology); Francesca Del Nin (University of Padua); Yuchen Zhang and Shan Huang (Stevens Institute of Technology); Pallavi Kaliyar (University of Padua); Sarah Zakto (Cyber Independent Testing Lab); Mauro Conti (University of Padua); Georgios Portokalidis and Jun Xu (Stevens Institute of Technology)
使用对抗性测试评估 VPN 实施对 DoS 攻击的敏感性
Evaluating Susceptibility of VPN Implementations to DoS Attacks Using Adversarial Testing
Fabio Streun, Joel Wanner, and Adrian Perrig (ETH Zurich)
D-Box:为嵌入式应用程序启用 DMA 的划分
D-Box: DMA-enabled compartmentalization for embedded applications
Alejandro Mera, Yi Hui Chen, Ruimin Sun, Engin Kirda, and Long Lu (Northeastern University)
同上:以线路速率进行 WAN 流量混淆
ditto: WAN Traffic Obfuscation at Line Rate
Roland Meier (ETH Zürich); Vincent Lenders (armasuisse); Laurent Vanbever (ETH Zürich)
Tetrad:主动保护 4PC 以进行安全训练和推理
Tetrad: Actively Secure 4PC for Secure Training and Inference
Nishat Koti and Arpita Patra (IISc Bangalore); Rahul Rachuri (Aarhus University, Denmark); Ajith Suresh (IISc, Bangalore)
跨语言攻击
Cross-Language Attacks
Samuel Mergendahl, Nathan Burow, and Hamed Okhravi (MIT Lincoln Laboratory)
FakeGuard:探索触觉响应以减轻商业指纹反欺骗中的漏洞
FakeGuard: Exploring haptic response to mitigate the vulnerability in commercial fingerprint anti-spoofing
Aditya Singh Rathore (University at Buffalo, SUNY); Yijie Shen (Zhejiang University); Chenhan Xu and Jacob Snyderman (University at Buffalo, SUNY); Jinsong Han and Fan Zhang (Zhejiang University); Zhengxiong Li (University at Buffalo, SUNY); Feng Lin (Zhejiang University); Wenyao Xu (University at Buffalo, SUNY); Kui Ren (Zhejiang University)
关于合成基因组数据的效用和隐私
On Utility and Privacy in Synthetic Genomic Data
Bristena Oprisanu (UCL); Georgi Ganev (UCL & Hazy); Emiliano De Cristofaro (UCL)
DRAWN APART:一种基于远程 GPU 指纹的设备识别技术
DRAWN APART: A Device Identification Technique based on Remote GPU Fingerprinting
Tomer Laor (Ben-Gurion Univ. of the Negev); Naif Mehanna and Antonin Durey (Univ. Lille / Inria); Vitaly Dyadyuk (Ben-Gurion Univ. of the Negev); Pierre Laperdrix (CNRS, Univ. Lille, Inria Lille); Clémentine Maurice (CNRS); Yossi Oren (Ben-Gurion Univ. of the Negev); Romain Rouvoy (Univ. Lille / Inria / IUF); Walter Rudametkin (Univ. Lille / Inria); Yuval Yarom (University of Adelaide)
PHYjacking:针对Android零权限授权攻击的物理输入劫持
PHYjacking: Physical Input Hijacking for Zero-Permission Authorization Attacks on Android
Xianbo Wang, Shangcheng Shi, Yikang Chen, and Wing Cheong Lau (The Chinese University of Hong Kong)
Euler:通过可扩展的时间图链接预测检测网络横向运动
Euler: Detecting Network Lateral Movement via Scalable Temporal Graph Link Prediction
Isaiah J. King and H. Howie Huang (The George Washington University)
愚弄自动驾驶汽车的眼睛:针对交通标志识别系统的强大物理对抗示例
Fooling the Eyes of Autonomous Vehicles: Robust Physical Adversarial Examples Against Traffic Sign Recognition Systems
Wei Jia (School of Cyber Science and Engineering, Huazhong University of Science and Technology); Haichun Zhang (Huazhong University of Science and Technology); Zhaojun Lu (School of Cyber Science and Engineering, Huazhong University of Science and Technology); Jie Wang (Shenzhen Kaiyuan Internet Security Co., Ltd); Zhenglin Liu (Huazhong University of Science and Technology); Gang Qu (University of Maryland)
真相会让你自由:在智能环境中启用实用的取证能力
The Truth Shall Set Thee Free: Enabling Practical Forensic Capabilities in Smart Environments
Leonardo Babun, Amit Kumar Sikder, Abbas Acar, and Selcuk Uluagac (Florida International University)
Clarion:来自多方洗牌协议的匿名通信
Clarion: Anonymous Communication from Multiparty Shuffling Protocols
Saba Eskandarian (University of North Carolina at Chapel Hill); Dan Boneh (Stanford University)
可测试性 Tarpits:代码模式对 Web 应用程序安全测试的影响
Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications
Feras Al-Kassar, Giulia Clerici, and Luca Compagna (SAP Security Research); Davide Balzarotti (EURECOM); Fabian Yamaguchi (ShiftLeft Inc)
针对经过时间证明的多证书攻击及其对策
Multi-Certificate Attacks against Proof-of-Elapsed-Time and Their Countermeasures
Huibo Wang (Baidu Security); Guoxing Chen (Shanghai Jiao Tong University); Yinqian Zhang (Southern University of Science and Technology); Zhiqiang Lin (Ohio State University)
对重复的 Linux 内核错误报告的深入分析
An In-depth Analysis of Duplicated Linux Kernel Bug Reports
Dongliang Mu (Huazhong University of Science and Technology); Yuhang Wu, Yueqi Chen, and Zhenpeng Lin (Pennsylvania State University); Chensheng Yu (George Washington University); Xinyu Xing (Pennsylvania State University); Gang Wang (University of Illinois at Urbana-Champaign)
具有恶意安全性的元数据隐藏文件共享系统
A Metadata-Hiding File-Sharing System with Malicious Security
Weikeng Chen (UC Berkeley); Thang Hoang (Virginia Tech); Jorge Guajardo (Robert Bosch Research and Technology Center); Attila A. Yavuz (University of South Florida)
信任或不信任:具有可信执行环境的混合多方计算
To Trust or Not to Trust: Hybrid Multi-party Computation with Trusted Execution Environment
Pengfei Wu and Ee-Chien Chang (School of Computing, National University of Singapore); Jianting Ning (Fujian Normal University); Hongbin Wang and Jiamin Shen (School of Computing, National University of Singapore)
物理世界攻击下自动驾驶规划中拒绝服务漏洞的系统发现
Systematic Discovery of Denial-of-Service Vulnerability in Autonomous Driving Planning under Physical-World Attacks
Ziwen Wan, Junjie Shen, and Jalen Chuang (University of California, Irvine); Xin Xia (The University of California, Los Angeles); Joshua Garcia (University of California, Irvine); Jiaqi Ma (The University of California, Los Angeles); Qi Alfred Chen (University of California, Irvine)
RamBoAttack:一种强大且查询效率高的深度神经网络决策利用
RamBoAttack: A Robust and Query Efficient Deep Neural Network Decision Exploit
viet vo (The University of Adelaide); Damith C. Ranasinghe (University of Adelaide); Ehsan Abbasnejad (The University of Adelaide)
Shaduf:非周期支付渠道再平衡
Shaduf: Non-Cycle Payment Channel Rebalancing
Zhonghui Ge, Yi Zhang, Yu Long, and Dawu Gu (Shanghai Jiao Tong University)
异构智能家居网络中的轻量级 IoT Cryptojacking 检测机制
A Lightweight IoT Cryptojacking Detection Mechanism in Heterogeneous Smart Home Networks
Ege Tekiner, Abbas Acar, and Selcuk Uluagac (Florida International University)
无线流量上的数据包级开放世界应用程序指纹
Packet-Level Open-World App Fingerprinting on Wireless Traffic
Jianfeng Li, Shuohan Wu, Hao Zhou, and Xiapu Luo (The Hong Kong Polytechnic University); Ting Wang (Penn State); Yangyang Liu (The Hong Kong Polytechnic University); Xiaobo Ma (Xi’an Jiaotong University)
ROV-MI:大规模、准确和高效的 ROV 部署测量
ROV-MI: Large-Scale, Accurate and Efficient Measurement of ROV Deployment
Wenqi Chen (Tsinghua University); Zhiliang Wang ([email protected]); Dongqi Han (Institute for Network Sciences and Cyberspace, Tsinghua University); Chenxin Duan, Xia Yin, Jiahai Yang, and Xingang Shi (Tsinghua University)
SynthCT:迈向便携式恒定时间代码
SynthCT: Towards Portable Constant-Time Code
Sushant Dinesh, Grant Garrett-Grossman, and Christopher W. Fletcher (University of Illinois at Urbana Champaign)
KASPER:在 Linux 中扫描通用瞬态执行小工具
KASPER: Scanning for Generalized Transient Execution Gadgets in the Linux
Kernel Brian Johannesmeyer, Jakob Koschel, and Cristiano Giuffrida (Vrije Universiteit Amsterdam); Kaveh Razavi (ETH Zurich); Herbert Bos (Vrije Universiteit Amsterdam)
HeadStart:大规模有效验证和低延迟的参与式随机生成
HeadStart: Efficiently Verifiable and Low-Latency Participatory Randomness Generation at Scale
Hsun Lee, Yuming Hsu, Jing-Jie Wang, Hao Cheng Yang, and Yu-Heng Chen (National Taiwan University); Yih-Chun Hu (University of Illinois at Urbana-Champaign); Hsu-Chun Hsiao (National Taiwan University)
F-PKI:在 HTTPS 公钥基础设施中实现创新和信任灵活性
F-PKI: Enabling Innovation and Trust Flexibility in the HTTPS Public-Key Infrastructure
Laurent Chuat (ETH Zurich); Cyrill Krähenbühl (ETH Zürich); Prateek Mittal (Princeton University); Adrian Perrig (ETH Zurich)
RVPLAYER:通过假设推理重播的机器人车辆取证
RVPLAYER: Robotic Vehicle Forensics by Replay with What-if Reasoning
Hongjun Choi, Zhiyuan Cheng, and Xiangyu Zhang (Purdue University)
GhostTalk:通过电力线侧信道对智能手机语音助手的交互式攻击
GhostTalk: Interactive Attack on Smartphone Voice Assistant Through Power Line Side-Channel
Yuanda Wang, Hanqing Guo, and Qiben Yan (Michigan State University)
让我们进行身份验证:用于用户身份验证的自动证书
Let’s Authenticate: Automated Certificates for User Authentication
James Conners, Stephen Derbidge, Natalie Farnsworth, Kyler Gates, Stephen Lambert, Christopher McClain, and Daniel Zappala (Brigham Young University)
揭开非法药物促销的本地商业搜索中毒的神秘面纱
Demystifying Local Business Search Poisoning for Illicit Drug Promotion
Peng Wang, Zilong Lin, Xiaojing Liao, and XiaoFeng Wang (Indiana University Bloomington)
VPNInspector:VPN 生态系统的系统调查
VPNInspector: Systematic Investigation of the VPN Ecosystem
Reethika Ramesh (University of Michigan); Leonid Evdokimov (Independent); Diwen Xue and Roya Ensafi (University of Michigan)
用于数据竞争检测的上下文敏感和定向并发模糊测试
Context-Sensitive and Directional Concurrency Fuzzing for Data-Race Detection
Zu-Ming Jiang and Jia-Ju Bai (Tsinghua University); Kangjie Lu (University of Minnesota); Shi-Min Hu (Tsinghua University)
隐藏真实的自我! 保护 3D 打印机知识产权免受光学侧通道攻击
Hiding My Real Self! Protecting 3D Printer Intellectual Property Against Optical Side-Channel Attacks
Sizhuang Liang (Georgia Institute of Technology); Saman Zonouz (Rutgers University); Raheem Beyah (Georgia Institute of Technology)
探索原型:测量一百万个真实世界网站的客户端原型污染漏洞
Probe the Proto: Measuring Client-Side Prototype Pollution Vulnerabilities of One Million Real-world Websites
Zifeng Kang, Song Li, and Yinzhi Cao (Johns Hopkins University)
MobFuzz:灰盒模糊测试中的自适应多目标优化
MobFuzz: Adaptive Multi-objective Optimization in Gray-box Fuzzing
Gen Zhang, Pengfei Wang, Tai Yue, Xiangdong Kong, Shan Huang, Xu Zhou, and Kai Lu (National University of Defense Technology)
LogicMEM:通过逻辑推理为纯二进制内存取证自动生成配置文件
LogicMEM: Automatic Profile Generation for Binary-Only Memory Forensics via Logic Inference
Zhenxiao Qi, Yu Qu, and Heng Yin (UC Riverside)
MIRROR:具有高保真度的深度学习网络的模型反演
MIRROR: Model Inversion for Deep LearningNetwork with High Fidelity
Shengwei An, Guanhong Tao, Qiuling Xu, Yingqi Liu, and Guangyu Shen (Purdue University); Yuan Yao and Jingwei Xu (Nanjing University); Xiangyu Zhang (Purdue University)
无需硬件设备和仿真器的语义通知驱动程序模糊测试
Semantic-Informed Driver Fuzzing Without Both the Hardware Devices and the Emulators
Wenjia Zhao (Xi’an Jiaotong University and University of Minnesota); Kangjie Lu and Qiushi Wu (University of Minnesota); Yong Qi (Xi’an Jiaotong University)
FANDEMIC:电源管理IC的固件攻击构建和部署以及对物联网应用的影响
FANDEMIC: Firmware Attack Construction and Deployment on Power Management IC and Impacts on IoT Applications
Ryan Tsang, Doreen Joseph, Asmita Jha, and Soheil Salehi (University of California, Davis); Nadir Carreon (University of Arizona); Prasant Mohapatra and Houman Homayoun (University of California, Davis)
COOPER:使用协同变异测试脚本语言的绑定代码
COOPER: Testing the Binding Code of Scripting Languages with Cooperative Mutation
Peng Xu (Institute of Software/CAS China; University of Chinese Academy of Sciences); Wang Yanhao (QI-ANXIN Technology Research Institute); Hong Hu (Penn State University); Purui Su (Institute of Software/CAS China)
NC-Max:打破中本聪共识中的安全性能权衡
NC-Max: Breaking the Security-Performance Tradeoff in Nakamoto Consensus
Ren Zhang, Dingwei Zhang, and Quake Wang (Nervos); Shichen Wu (Shandong University); Jan Xie (Nervos); Bart Preneel (imec-COSIC, KU Leuven)
渐进式审查:Linux 中 UBI 错误的增量检测
Progressive Scrutiny: Incremental Detection of UBI bugs in the Linux
Kernel Yizhuo Zhai, Yu Hao, Zheng Zhang, Weiteng Chen, Guoren Li, Zhiyun Qian, Chengyu Song, Manu Sridharan, and Srikanth V. Krishnamurthy (University of California, Riverside); Trent Jaeger (The Pennsylvania State University); Paul Yu (U.S. Army Research Laboratory)
PMTUD 不是灵丹妙药:重新审视针对 TCP 的 IP 分片攻击
PMTUD is not Panacea: Revisiting IP Fragmentation Attacks against TCP
Xuewei Feng and Qi Li (Tsinghua University); Kun Sun (George Mason University); Ke Xu and Baojun Liu (Tsinghua University); Xiaofeng Zheng (Institute for Network Sciences and Cyberspace, Tsinghua University; QiAnXin Technology Research Institute & Legendsec Information Technology (Beijing) Inc.); Qiushi Yang (QiAnXin Technology Research Institute & Legendsec Information Technology (Beijing) Inc.); Haixin Duan (Institute for Network Science and Cyberspace, Tsinghua University; Qi An Xin Group Corp.); Zhiyun Qian (UC Riverside)
ScriptChecker:使用任务功能驯服第三方脚本执行
ScriptChecker: To Tame Third-party Script Execution With Task Capabilities
Wu Luo (Peking University); Xuhua Ding (Singapore Management University); Pengfei Wu (School of Computing, National University of Singapore); Xiaolei Zhang, Qingni Shen, and Zhonghai Wu (Peking University)
Speeding Dumbo:推动异步 BFT 实践
Speeding Dumbo: Pushing Asynchronous BFT to Practice
Bingyong Guo (Institute of Software, Chinese Academy of Sciences); Yuan Lu (Institute of Software Chinese Academy of Sciences); Zhenliang Lu and Qiang Tang (The University of Sydney); jing xu (Institute of Software, Chinese Academy of Sciences); Zhenfeng Zhang (TCA of State Key Laboratory of Computer Science, Institute of Software, Chinese Academy of Sciences)
危险集成:了解团队聊天系统的应用程序扩展中的安全风险
Hazard Integrated: Understanding Security Risks in App Extensions to Team Chat Systems
Mingming Zha (Indiana University Bloomington); Jice Wang (UCAS); Yuhong Nan (Sun Yat-sen University); Xiaofeng Wang (Indiana Unversity Bloomington); Yuqing Zhang and Zelin Yang (National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences)
简单翻译了一下论文题目,之后我会挑出自己感兴趣的论文阅读并将阅读笔记分享给大家。