Skip to content

GoSSIP-SJTU/dailyPaper

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

92 Commits
G.O.S.S.I.P 学术论文推荐 2020
G.O.S.S.I.P 学术论文推荐 2020
 
 
G.O.S.S.I.P 学术论文推荐 2021
G.O.S.S.I.P 学术论文推荐 2021
 
 
G.O.S.S.I.P 学术论文推荐 2020.md
G.O.S.S.I.P 学术论文推荐 2020.md
 
 
README.md
README.md
 
 

Repository files navigation

G.O.S.S.I.P 学术论文推荐 2021

https://github.com/GoSSIP-SJTU/dailyPaper/

  • 2021-01-04: HideNoSeek: Camouflaging Malicious JavaScript in Benign ASTs @ CCS 2019
  • 2021-01-05: Examining Mirai's Battle over the Internet of Things @ CCS 2020
  • 2021-01-06: CogniCryptGEN: generating code for the secure usage of crypto APIs @ CGO 2020
  • 2021-01-07: "It's the Company, the Government, You and I": User Perceptions of Responsibility for Smart Home Privacy and Security @ USENIX Security 2021
  • 2021-01-08: Finding Bugs Using Your Own Code: Detecting Functionally-similar yet Inconsistent Code @ USENIX Security 2021
  • 2021-01-12: Detecting Kernel Memory Leaks in Specialized Modules with Ownership Reasoning @ NDSS 2021
  • 2021-01-13: Zipper Stack: Shadow Stacks Without Shadow @ ESORICS 2020
  • 2021-01-14: AndroEvolve: Automated Update for Android Deprecated-API Usages
  • 2021-01-15: TEEREX: Discovery and Exploitation of Memory Corruption Vulnerabilities in SGX Enclaves @ USENIX Security 2020
  • 2021-01-18: Agamotto: Accelerating Kernel Driver Fuzzing with Lightweight Virtual Machine Checkpoints @ USENIX Security 2020
  • 2021-01-19: Peek-a-Boo: I see your smart home activities, even encrypted! @ Wisec 2020
  • 2021-01-20: To Err.Is Human: Characterizing the Threat of Unintended URLs in Social Media @ NDSS 2021
  • 2021-01-21: RusTEE: Developing Memory-Safe ARM TrustZone Applications @ ACSAC 2020
  • 2021-01-22: Reining in the Web’s Inconsistencies with Site Policy @ NDSS 2021
  • 2021-01-25: Devil is Virtual: Reversing Virtual Inheritance in C++ Binaries @ CCS 2020
  • 2021-01-26: IOTSAFE: Enforcing Safety and Security Policy with Real IoT Physical Interaction Discovery @ NDSS 2021
  • 2021-01-27: The Boon and Bane of Cross-Signing: Shedding Light on a Common Practice in Public Key Infrastructures @ CCS 2020
  • 2021-01-28: The Eye of Horus: Spotting and Analyzing Attacks on Ethereum Smart Contracts
  • 2021-01-29: Favocado: Fuzzing the Binding Code of JavaScript Engines Using Semantically Correct TestCases @ NDSS 2021
  • 2021-02-01: RetroWrite: Statically Instrumenting COTS Binaries for Fuzzing and Sanitization @ IEEE S&P 2020
  • 2021-02-02: DIANE: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices @ IEEE S&P 2021
  • 2021-02-03: Tales of FAVICONS and Caches: Persistent Tracking in Modern Browsers @ NDSS 2021
  • 2021-02-04: Preventing and Detecting State Inference Attacks on Android @ NDSS 2021
  • 2021-02-05: Who’s Hosting the Block Party? Studying Third-Party Blockage of CSP and SRI @ NDSS 2021
  • 2021-02-18: OSPREY: Recovery of Variable and Data Structure via Probabilistic Analysis for Stripped Binary @ IEEE S&P 2021
  • 2021-02-19: The Tangled Genealogy of IoT Malware @ ACSAC 2020
  • 2021-02-22: POP and PUSH: Demystifying and Defending against (Mach) Port-Oriented Programming @ NDSS 2021
  • 2021-02-23 ~ 2021-02-25: NDSS 2021 参会小记
  • 2021-02-26: Who’s Debugging the Debuggers? Exposing Debug Information Bugs in Optimized Binaries @ ASPLOS 2021
  • 2021-03-01: SerialDetector: Principled and Practical Exploration of Object Injection Vulnerabilities for the Web @ NDSS 2021
  • 2021-03-02: What’s in an Exploit? An Empirical Analysis of Reflected Server XSS Exploitation Techniques @ RAID 2020
  • 2021-03-03: Guide Me to Exploit: Assisted ROP Exploit Generation for ActionScript Virtual Machine @ ACSAC 2020
  • 2021-03-04: Mitigating Data Leakage by Protecting Memory-resident Sensitive Data @ ACSAC 2019
  • 2021-03-05: Demystifying Diehard Android Apps @ ASE 2020
  • 2021-03-08: Security Study of Service Worker Cross-Site Scripting @ ACSAC 2020
  • 2021-03-09: Assessing the Impact of Script Gadgets on CSP at Scale @ ASIA CCS 2020
  • 2021-03-10: ATVHUNTER: Reliable Version Detection of Third-Party Libraries for Vulnerability Identification in Android Applications @ ICSE 2021
  • 2021-03-11: Too Quiet in the Library: An Empirical Study of Security Updates in Android Apps’ Native Code @ ICSE 2021
  • 2021-03-12: You Are What You Broadcast: Identification of Mobile and IoT Devices from (Public) WiFi @ USENIX Security 2020
  • 2021-03-15: A Tale of Two Headers: A Formal Analysis of Inconsistent Click-Jacking Protection on the Web @ USENIX Security 2020
  • 2021-03-16: SpecuSym: Speculative Symbolic Execution for Cache Timing Leak Detection @ ICSE 2020
  • 2021-03-17: Automated Third-Party Library Detection for Android Applications: Are We There Yet? @ ICSE 2021
  • 2021-03-18: Undo Workarounds for Kernel Bugs @ USENIX Security 2021
  • 2021-03-19: Defense Mechanisms Against DDoS Attacks in a Cloud Computing Environment: State-of-the-Art and Research Challenges @ IEEE Communications Surveys & Tutorials 2019
  • 2021-03-22: KUBO: Precise and Scalable Detection of User-triggerable Undefined Behavior Bugs in OS Kernel @ NDSS 2021
  • 2021-03-23: An Investigation of the Android Kernel Patch Ecosystem @ USENIX Security 2021
  • 2021-03-24: NETPLIER: Probabilistic Network Protocol Reverse Engineering from Message Traces @ NDSS 2021
  • 2021-03-25: Cali: Compiler-Assisted Library Isolation @ AsiaCCS 2021
  • 2021-03-29: SinkFinder: Harvesting Hundreds of Unknown Interesting Function Pairs with Just One Seed @ FSE 2020
  • 2021-03-30: Looking from the Mirror: Evaluating IoT Device Security through Mobile Companion Apps @ USENIX Security 2019
  • 2021-03-31: On the Insecurity of SMS One-Time Password Messages against Local Attackers in Modern Mobile Devices @ NDSS 2021
  • 2021-04-01: Careful Who You Trust: Studying the Pitfalls of Cross-Origin Communication @ AsiaCCS 2021
  • 2021-04-02: Unleashing the Hidden Power of Compiler Optimization on Binary Code Difference: An Empirical Study @ PLDI 2021
  • 2021-04-06: JAW: Studying Client-side CSRF with Hybrid Property Graphs and Declarative Traversals @ USENIX Security 2021
  • 2021-04-07: What’s in a Name? Exploring CA Certificate Control @ USENIX Security 2021
  • 2021-04-08: TxSpector: Uncovering Attacks in Ethereum from Transactions @ USENIX Security 2020
  • 2021-04-09: Android SmartTVs Vulnerability Discovery via Log-Guided Fuzzing @ USENIX Security 2021
  • 2021-04-12: On the Feasibility of Automated Built-in Function Modeling for PHP Symbolic Execution @ WWW 2021
  • 2021-04-13: EVMPatch: Timely and Automated Patching of Ethereum Smart Contracts @ USENIX Security 2021
  • 2021-04-14: You Are Who You Appear to Be @ CCS 2019
  • 2021-04-15: FIRestarter: Practical Software Crash Recovery with Targeted Library-level Fault Injection @ DSN 2021
  • 2021-04-16: Hiding in the Particles: When Return-Oriented Programming Meets Program Obfuscation @ DSN 2021
  • 2021-04-19: TLS 1.3 in Practice: How TLS 1.3 Contributes to the Internet @ WWW 2021
  • 2021-04-20: SoK: The Faults in our ASRs: An Overview of Attacks against Automatic Speech Recognition and Speaker Identification Systems @ IEEE S&P 2021
  • 2021-04-21: Disrupting Continuity of Apple’s Wireless Ecosystem Security: New Tracking, DoS, and MitM Attacks on iOS and macOS Through Bluetooth Low Energy, AWDL, and Wi-Fi @ USENIX Security 2021
  • 2021-04-22: RELOAD+REFRESH: Abusing Cache Replacement Policies to Perform Stealthy Cache Attacks @ USENIX Security 2020
  • 2021-04-23: Obfuscation-Resilient Executable Payload Extraction From Packed Malware @ USENIX Security 2021
  • 2021-04-26: Sharing More and Checking Less: Leveraging Common Input Keywords to Detect Bugs in Embedded Systems @ USENIX Security 2021
  • 2021-04-27: Home, SafeHome: Smart Home Reliability with Visibility and Atomicity @ EuroSys 2021
  • 2021-04-28: IMGDroid: Detecting Image Loading Defects in Android Applications @ ICSE 2021
  • 2021-04-29: Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer @ USENIX Security 2020
  • 2021-04-30: Understanding and Detecting Disordered Error Handling with Precise Function Pairing @ USENIX Security 2021
  • 2021-05-06: Industrial Experience of Finding Cryptographic Vulnerabilities in Large-scale Codebases @ arXiv
  • 2021-05-07: Experiences Deploying Multi-Vantage-Point Domain Validation at Let’s Encrypt @ USENIX Security 2020
  • 2021-05-08: ConDySTA: Context-Aware Dynamic Supplement toStatic Taint Analysis @ IEEE S&P 2021
  • 2021-05-10: Understanding Android VoIP Security: A System-Level Vulnerability Assessment @ DIMVA 2020
  • 2021-05-11: ARCUS: Symbolic Root Cause Analysis of Exploits in Production Systems @ USENIX Security 2021
  • 2021-05-12: Assessing Browser-level Defense against IDN-based Phishing @ USENIX Security 2021
  • 2021-05-13: Unikraft: Fast, Specialized Unikernels the Easy Way @ EuroSys 2021
  • 2021-05-14: REVEALER: Detecting and Exploiting Regular Expression Denial-of-Service Vulnerabilities @ IEEE S&P 2021
  • 2021-05-17: Abusing Hidden Properties to Attack the Node.js Ecosystem @ USENIX Security 2021
  • 2021-05-18: Detecting and Understanding JavaScript Global Identifier Conflicts on the Web @ FSE 2020
  • 2021-05-19: HyDiff: Hybrid Differential Software Analysis @ ICSE 2020
  • 2021-05-20: CubicleOS: A Library OS with Software Componentisation for Practical Isolation @ ASPLOS 2021
  • 2021-05-21: Runtime Recovery of Web Applications under Zero-Day ReDoS Attacks @ IEEE S&P 2021
  • 2021-05-24 ~ 2021-05-27: IEEE S&P 2021 参会小记
  • 2021-05-28: DPIFuzz: A Differential Fuzzing Framework to Detect DPI Elusion Strategies for QUIC @ ACSAC 2020
  • 2021-05-31: Smart Contract Vulnerabilities: Vulnerable Does Not Imply Exploited @ USENIX Security 2021
  • 2021-06-01: PyCG: Practical Call Graph Generation in Python @ ICSE 2021
  • 2021-06-02: One Engine to Fuzz ’em All: Generic Language Processor Testing with Semantic Validation @ IEEE S&P 2021
  • 2021-06-03: Scalable Memory Protection in the PENGLAI Enclave @ OSDI 2021
  • 2021-06-04: Towards a Lightweight, Hybrid Approach for Detecting DOM XSS Vulnerabilities with Machine Learning @ WWW 2021
  • 2021-06-07: Linking Bluetooth LE & Classic and Implications for Privacy-Preserving Bluetooth-Based Protocols @ IEEE S&P 2021
  • 2021-06-08: Slimium: Debloating the Chromium Browser with Feature Subsetting @ CCS 2020
  • 2021-06-09: Looking Back! Using Early Versions of Android Apps as Attack Vectors @ TDSC 2021
  • 2021-06-10: Parema: An Unpacking Framework for Demystifying VM-Based Android Packers @ ISSTA 2021
  • 2021-06-11: JShrink: In-Depth Investigation into Debloating Modern Java Applications @ FSE 2020
  • 2021-06-15: Security Analysis of Mobile Device-to-Device Network Applications @ IEEE Internet of Things Journal 2018
  • 2021-06-16: If It’s Not Secure, It Should Not Compile: Preventing DOM-Based XSS in Large-Scale Web Development with API Hardening @ ICSE 2021
  • 2021-06-17: Cryptanalysis of the GPRS Encryption Algorithms GEA-1 and GEA-2 @ Eurocrypt 2021
  • 2021-06-18: Android Custom Permissions Demystified: From Privilege Escalation to Design Shortcomings @ IEEE S&P 2021

About

每日论文推荐

Resources

Readme
Activity

Stars

291 stars

Watchers

34 watching

Forks

18 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages