Material de USENIX Security 2016

• August 21, 2016
• tuxotron
• Seguridad, Hacking, Conferencia

• Facebook
• Twitter
• Reddit
• LinkedIn

Otra de las conferencias referentes sobre seguridad, USENIX Security 2016, ha publicado el material presentado:

• Flip Feng Shui: Hammering a Needle in the Software Stack - PDF
• One Bit Flips, One Cloud Flops: Cross-VM Row Hammer Attacks and Privilege Escalation - PDF - Slides
• PIkit: A New Kernel-Independent Processor-Interconnect Rootkit - PDF - Slides
• Verifying Constant-Time Implementations - PDF
• Secure, Precise, and Fast Floating-Point Operations on x86 Processors - PDF - Slides
• überSpark: Enforcing Verifiable Object Abstractions for Automated Compositional Security Analysis of a Hypervisor - PDF
• Undermining Information Hiding (and What to Do about It) - PDF
• Poking Holes in Information Hiding - PDF
• What Cannot Be Read, Cannot Be Leveraged? Revisiting Assumptions of JIT-ROP Defenses - PDF - Slides
• zxcvbn: Low-Budget Password Strength Estimation - PDF - Slides
• Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks - PDF - Slides
• An Empirical Study of Textual Key-Fingerprint Representations - PDF
• Off-Path TCP Exploits: Global Rate Limit Considered Dangerous - PDF
• Website-Targeted False Content Injection by Network Operators - PDF
• The Ever-Changing Labyrinth: A Large-Scale Analysis of Wildcard DNS Powered Blackhat SEO - PDF - Slides
• A Comprehensive Measurement Study of Domain Generating Malware - PDF
• Enhancing Bitcoin Security and Performance with Strong Consistency via Collective Signing - PDF - Slides
• Faster Malicious 2-Party Secure Computation with Online/Offline Dual Execution - PDF - Slides
• Egalitarian Computing - PDF
• Post-quantum Key Exchange—A New Hope - PDF
• Automatically Detecting Error Handling Bugs Using Error Specifications - PDF
• APISan: Sanitizing API Usages through Semantic Cross-Checking - PDF
• On Omitting Commits and Committing Omissions: Preventing Git Metadata Tampering That (Re)introduces Software Vulnerabilities - PDF
• Defending against Malicious Peripherals with Cinch - PDF - Slides
• Making USB Great Again with USBFILTER - PDF - Slides
• Micro-Virtualization Memory Tracing to Detect and Prevent Spraying Attacks - PDF
• Request and Conquer: Exposing Cross-Origin Resource Size - PDF
• Trusted Browsers for Uncertain Times - PDF
• Tracing Information Flows Between Ad Exchanges Using Retargeted Ads - PDF - Slides
• Virtual U: Defeating Face Liveness Detection by Building Virtual Models from Your Public Photos - PDF - Slides
• Hidden Voice Commands - PDF - Slides
• FlowFence: Practical Data Protection for Emerging IoT Application Frameworks - PDF
• ARMageddon: Cache Attacks on Mobile Devices - PDF - Slides
• DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks - PDF - Slides
• An In-Depth Analysis of Disassembly on Full-Scale x86/x64 Binaries - PDF - Slides
• Stealing Machine Learning Models via Prediction APIs - PDF - Slides
• Oblivious Multi-Party Machine Learning on Trusted Processors - PDF
• Thoth: Comprehensive Policy Compliance in Data Retrieval Systems - PDF - Slides
• Dancing on the Lip of the Volcano: Chosen Ciphertext Attacks on Apple iMessage - PDF
• Predicting, Decrypting, and Abusing WPA2/802.11 Group Keys - PDF
• DROWN: Breaking TLS Using SSLv2 - PDF - Slides
• All Your Queries Are Belong to Us: The Power of File-Injection Attacks on Searchable Encryption - PDF - Slides
• Investigating Commercial Pay-Per-Install and the Distribution of Unwanted Software - PDF
• Measuring PUP Prevalence and PUP Distribution through Pay-Per-Install Services - PDF - Slides
• UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware - PDF - Slides
• Towards Measuring and Mitigating Social Engineering Software Download Attacks - PDF - Slides
• Specification Mining for Intrusion Detection in Networked Control Systems - PDF - Slides
• Optimized Invariant Representation of Network Traffic for Detecting Unseen Malware Variants - PDF - Slides
• Authenticated Network Time Synchronization - PDF
• fTPM: A Software-Only Implementation of a TPM Chip - PDF
• Sanctum: Minimal Hardware Extensions for Strong Software Isolation - PDF - Slides
• Ariadne: A Minimal Approach to State Continuity - PDF
• The Million-Key Question—Investigating the Origins of RSA Public Keys - PDF - Slides
• Fingerprinting Electronic Control Units for Vehicle Intrusion Detection - PDF - Slides
• Lock It and Still Lose It —on the (In)Security of Automotive Remote Keyless Entry Systems - PDF
• OblivP2P: An Oblivious Peer-to-Peer Content Sharing System - PDF
• AuthLoop: End-to-End Cryptographic Authentication for Telephony over Voice Channels - PDF
• You Are Who You Know and How You Behave: Attribute Inference Attacks via Users' Social Friends and Behaviors - PDF
• Internet Jones and the Raiders of the Lost Trackers: An Archaeological Study of Web Tracking from 1996 to 2016 - PDF
• Hey, You Have a Problem: On the Feasibility of Large-Scale Web Vulnerability Notification - PDF - Slides
• You've Got Vulnerability: Exploring Effective Vulnerability Notifications - PDF
• Mirror: Enabling Proofs of Data Replication and Retrievability in the Cloud - PDF
• ZKBoo: Faster Zero-Knowledge for Boolean Circuits - PDF
• The Cut-and-Choose Game and Its Application to Cryptographic Protocols - PDF - Slides
• On Demystifying the Android Application Framework: Re-Visiting Android Permission Specification Analysis - PDF - Slides
• Practical DIFC Enforcement on Android - PDF - Slides
• Screen after Previous Screens: Spatial-Temporal Recreation of Android App Displays from Memory Images - PDF
• Harvesting Inconsistent Security Configurations in Custom Android ROMs via Differential Analysis - PDF
• Identifying and Characterizing Sybils in the Tor Network - PDF - Slides
• k-fingerprinting: A Robust Scalable Website Fingerprinting Technique - PDF
• Protecting Privacy of BLE Device Users - PDF - Slides
• Privacy in Epigenetics: Temporal Linkability of MicroRNA Expression Profiles - PDF - Slides

• Hacking
• Seguridad
• security
• Conferencia
• usenix 2016