USENIX Security Best Papers CollectingUSENIX协会是501(c)(3)非营利组织,致力于支持先进的计算机系统社区并扩大创新研究的范围。我们以组织会议和发表研究而闻名,但是我们最大的优势在于在计算机系统中建立社区。我们以多种方式代表着我们社区的利益,包括我们与计算机研究协会的专业联系。
Anjo Vahldiek-Oberwagner, Eslam Elnikety, Nuno O. Duarte, Michael Sammler,Peter Druschel,Deepak Garg
USENIX Security Symposium, pp.1221-1238, (2019)
Cited by19BibtexViews18Links
0
0
Joel Reardon, Álvaro Feal, Primal Wijesekera, Amit Elazari Bar On, Narseo Vallina-Rodriguez,Serge Egelman
USENIX Security Symposium, no. 4 (2019): 603-620
Cited by16BibtexViews27Links
0
0
Kurt Thomas, Jennifer Pullman, Kevin Yeo, Ananth Raghunathan, Patrick Gage Kelley, Luca Invernizzi, Borbala Benko, Tadek Pietraszek, Sarvar Patel,Dan Boneh,Elie Bursztein
USENIX Security Symposium, pp.1556-1571, (2019)
Cited by10BibtexViews42Links
0
0
USENIX Security Symposium, pp.1273-1290, (2019)
Our work showed that 14% of our randomly sampled organizations, ranging from small to large, experienced lateral phishing attacks within a seven-month time period, and that attackers succeeded in compromising new accounts at least 11% of the time
Cited by9BibtexViews67Links
0
0
Christine Chen, Nicola Dell,Franziska Roesner
USENIX Security Symposium, pp.89-104, (2019)
Cited by3BibtexViews26Links
0
0
Huahong Tu, Adam Doupé,Ziming Zhao,Gail-Joon Ahn
USENIX Security Symposium, pp.1327-1340, (2019)
Cited by2BibtexViews23Links
0
0
David A. Ramos,Dawson R. Engler
USENIX Annual Technical Conference, (2015)
We evaluated our tool on large-scale systems code from BIND, OpenSSL, and the Linux kernel, and we found a total of 79 bugs, including two OpenSSL denial-of-service vulnerabilities
Cited by118BibtexViews49Links
0
0
USENIX Security, (2014): 17-32
We show that differential privacy substantially interferes with the main purpose of these models in personalized medicine: for ε values that protect genomic privacy, which is the central privacy concern in our application, the risk of negative patient outcomes increases beyond ac...
Cited by237BibtexViews62Links
0
0
USENIX Security, pp.625-640, (2014)
Significant recent research advances have made it possible to design systems that can automatically determine with high accuracy the maliciousness of a target website. While highly useful, such systems are reactive by nature. In this paper, we take a complementary approach, and a...
Cited by99BibtexViews55Links
0
0
USENIX Security, pp.255-269, (2014)
State-of-the-art memory forensics involves signature-based scanning of memory images to uncover data structure instances of interest to investigators. A largely unaddressed challenge is that investigators may not be able to interpret the content of data structure fields, even wit...
Cited by23BibtexViews34Links
0
0
USENIX Security, pp.337-352, (2013)
We presented a robust implementation that scales to large binaries as well as complex, low-level libraries that include hand-coded assembly
Cited by467BibtexViews50Links
0
0
USENIX Security, pp.495-510, (2013)
We have proposed the use of 3D integration circuit technology to enhance the security of digital integrated circuits via circuit obfuscation
Cited by144BibtexViews38Links
0
0
USENIX Security Symposium, pp.35-35, (2012)
We investigated the security of random number generation on a broad scale by performing and analyzing the most comprehensive Internet-wide scans of TLS certificates and SSH host keys to date
Cited by384BibtexViews64Links
0
0
USENIX Security Symposium, pp.31-31, (2012)
We present a novel method for detecting server equivocation in which users collaborate to verify object histories, and more efficient mechanisms for ensuring fork* consistency based on history trees
Cited by76BibtexViews62Links
0
0
USENIX Security Symposium, pp.3-3, (2010)
Capsicum lends itself to adoption by blending immediate security improvements to current applications with the long-term prospects of a more capability-oriented future. We illustrate this through adaptations of widely-used applications, from the simple gzip to Google’s highly-com...
Cited by175BibtexViews39Links
0
0
USENIX Security Symposium, pp.22-22, (2010)
VEX is a proofof-concept tool for detecting potential security vulnerabilities in browser extensions using static analysis for explicit flows
Cited by131BibtexViews48Links
0
0
Communications of The ACM, no. 5 (2008): 91-98
Our experiments show that this fact enables a variety of security attacks that can extract sensitive information such as cryptographic keys from memory, despite the operating system’s efforts to protect memory contents
Cited by1396BibtexViews95Links
0
0
;login:, no. 6 (2008): 107-122
We introduced a new system to generate blacklists for contributors to a large-scale security-log sharing infrastructure
Cited by174BibtexViews41Links
0
0
USENIX Security, (2006)
We have argued that software-based fault isolation can be a practical tool in constructing secure systems
Cited by236BibtexViews35Links
0
0
USENIX Security, (2006)
As our covert channel relies on manipulating the timing of keypresses to piggyback information, the keyboard needs to be in use for the channel to work and be tested
Cited by230BibtexViews36Links
0
0
Keywords
Operating SystemControl Flow IntegritySecurity AnalysisSensitive DataAccepted PracticeAccess Secure ResourceAdditional HardwareAdditional Key Words And Phrases: BackscatterApplication BoundaryAttack Technique
Authors
Ariel J. Feldman
Paper 2
J. Alex Halderman
Paper 2
Nadia Heninger
Paper 2
Edward W. Felten
Paper 2
Geoffrey M. Voelker
Paper 2
Nick Feamster
Paper 2
Stefan Savage
Paper 2
Sean Quinlan
Paper 1
Emil Sit
Paper 1
Ziming Zhao
Paper 1