Paper downloading method: All papers exclude S&P 2018 can be found by Google Scholar. For those papers accepted by S&P 2018, you can download them from this website: https://www.computer.org/csdl/proceedings/sp/2018/4353/00/index.html The below papers are published in the top security conferences within 2 years. You should better select your presentation paper from these papers. If you select the paper outsides this list, please make sure this paper has been published by our 1 st and 2 nd tier conferences within recent years. Topic 1: Electrical Cash - Nakamoto, Satoshi. Bitcoin: A Peer-to-Peer Electronic Cash System. 24 May 2009 - ZEUS: Analyzing Safety of Smart Contracts. NDSS’18 - Chainspace: A Sharded Smart Contracts Platform. NDSS’18 - Settling Payments Fast and Private: Efficient Decentralized Routing for Path- Based Transactions. NDSS’18 - SmartPool: Practical Decentralized Pooled Mining. Usenix Security'17 - REM: Resource-Efficient Mining for Blockchains. Usenix Security'17 - Picking Up My Tab: Understanding and Mitigating Synchronized Token Lifting and Spending in Mobile Payment. Usenix Security'17 - Revive: Rebalancing Off-Blockchain Payment Networks. CCS’17 - Concurrency and Privacy with Payment-Channel Networks. CCS’17 - Bolt: Anonymous Payment Channels for Decentralized Currencies. CCS’17 - Fairness in an Unfair World: Fair Multiparty Computation from Public Bulletin Boards. CCS’17 - On the Economics of Offline Password Cracking. S&P 2018 Topic 2: Smart Phone Security - Automated Analysis of Privacy Requirements for Mobile Apps, NDSS'17 - How They Did It: An Analysis of Emission Defeat Devices in Modern Automobiles, S&P’17 - ABC: Enabling Smartphone Authentication with Built-in Camera. NDSS’18
- Finding Clues for Your Secrets: Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps. NDSS’18 - Mass Discovery of Android Traffic Imprints through Instantiated Partial Execution. CCS’17 - Unleashing the Walking Dead: Understanding Cross-App Remote Infections on Mobile WebViews. CCS’17 - The Rise of the Citizen Developer: Assessing the Security Impact of Online App Generators S&P’18 - Mobile Application Web API Reconnaissance: Web-to-Mobile Inconsistencies & Vulnerabilities S&P’18 Topic 3: IoT Security I - Do You Feel What I Hear? Enabling Autonomous IoT Device Pairing using Different Sensor Types. S&P’18 - DolphinAttack: Inaudible Voice Commands, ACM CCS’17 - Speechless: Analyzing the Threat to Speech Privacy from Smartphone Motion Sensors, S&P’18 - SmartAuth: User-Centered Authorization for the Internet of Things, Usenix Security’17 - Geosocial Query with User-Controlled Privacy. Wisec’17 - An Autonomic and Permissionless Android Covert Channel. Wisec’17 - Topic 4: IoT Security II - IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing. NDSS’18 - Fear and Logging in the Internet of Things. NDSS’18 - Decentralized Action Integrity for Trigger-Action IoT Platforms. NDSS’18 - AWare: Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings. Usenix Security’17 - 6thSense: A Context-aware Sensor-based Attack Detector for Smart Devices. Usenix Security’17 - Coresident Evil: Noisy Vibrational Pairing in the Face of Co-located Acoustic Eavesdropping. Wisec’17 - YELP: Masking Sound-based Opportunistic Attacks in Zero-Effort Deauthentication. Wisec’17 Topic 5: Adversarial ML/ML Privacy - Feature Squeezing: Detecting Adversarial Examples in Deep Neural Networks.
NDSS’18 - Trojaning Attack on Neural Networks. NDSS’18 - Evading Classifiers by Morphing in the Dark. CCS’17 - MagNet: a Two-Pronged Defense against Adversarial Examples. CCS’17 - Machine Learning Models that Remember Too Much. CCS’17 - Deep Models Under the GAN: Information Leakage from Collaborative Deep Learning. CCS’17 - Oblivious Neural Network Predictions via MiniONN transformations. CCS’17 - Membership Inference Attacks against Machine Learning Models. S&P’17 - SecureML: A System for Scalable Privacy-Preserving Machine Learning. S&P’17 - Topic 6: Social Network Security - IVD: Automatic Learning and Enforcement of Authorization Rules in Online Social Networks, oakland'17 - Automated Crowdturfing Attacks and Defenses in Online Review Systems, ACM CCS’17 - Smoke Screener or Straight Shooter: Detecting Elite Sybil Attacks in User- Review Social Networks, NDSS'18, 2018. - Inside Job: Applying Traffic Analysis to Measure Tor from Within. NDSS’18 - Practical Attacks Against Graph-based Clustering. CCS’17 - POISED: Spotting Twitter Spam Off the Beaten Paths. CCS’17 Topic 7: Mobile Advertisement Security - Investigating Ad Transparency Mechanisms in Social Media: A Case Study of Facebooks Explanations, NDSS’18, 2018 - Exploring User Perceptions of Discrimination in Online Targeted Advertising. Usenix Security’18 - Privacy Risks with Facebook's PII-based Targeting: Auditing a Data Broker's Advertising Interface. S&P’18 - Are these Ads Safe: Detecting Hidden Attacks through the Mobile App-Web Interfaces, NDSS 2016 - The Price of Free: Privacy Leakage in Personalized Mobile In-Apps Ads, NDSS’16 - What Mobile Ads Know About Mobile Users, NDSS’16 - Tracing Information Flows Between Ad Exchanges Using Retargeted Ads, Usenix Security'16 Topic 8: Cloud Security - SoK: Cryptographically Protected Database Search, S&P'17
- TenantGuard: Scalable Runtime Verification of Cloud-Wide VM-Level Network Isolation, NDSS'17 - Reduced Cooling Redundancy: A New Security Vulnerability in a Hot Data Center. NDSS’18 - OBLIVIATE: A Data Oblivious Filesystem for Intel SGX. NDSS’18 - Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates. NDSS’18 - Proofs of Data Residency: Checking whether Your Cloud Files Have Been Relocated. AsiaCCS’17 - DoS Attacks on Your Memory in the Cloud. AsiaCCS’17 - Cache-based Application Detection in the Cloud using Machine Learning. AisaCCS’17 Topic 9: TLS/SSL security - Removing Secrets from Android’s TLS. NDSS’18 - Stacco: Differentially Analyzing Side-Channel Traces for Detecting SSL/TLS Vulnerabilities in Secure Enclaves. CCS’17 - A Comprehensive Symbolic Analysis of TLS 1.3. CCS’17 - Verified Correctness and Security of mbedTLS HMAC-DRBG. CCS’17 - Implementing and Proving the TLS 1.3 Record Layer. S&P’17 - HVLearn: Automated Black-box Analysis of Hostname Verification in SSL/TLS Implementations. S&P’17 - A Formal Treatment of Accountable Proxying over TLS. S&P’18 Topic 10: Side Channel - Privacy Threats through Ultrasonic Side Channels on Mobile Device, EURO S&P’17 - EyeTell: Video-Assisted Touchscreen Keystroke Inference from Eye Movements , S&P’18 - AutoLock: Why Cache Attacks on ARM Are Harder Than You Think. Usenix Security’17 - Precise Detection of Side-Channel Vulnerabilities using Quantitative Cartesian Hoare Logic. CCS’17 - Watch Me, but Don't Touch Me! Contactless Control Flow Monitoring via Electromagnetic Emanations. CCS’17 - Viden: Attacker Identification on In-Vehicle Networks. CCS’17
Recommend
More recommend