Must-Read Security and Privacy Papers

This is a list of important papers in the field of privacy and security, grouped by topic. We welcome any feedback.

This list was inspired by 100 NLP Papers.

List of topics:

• Smart Homes & IoT
  • Spying with Wifi
  • Access control
  • Skills squatting
• Collaborative Learning
  • Federated learning
  • Homomorphic Encryption
  • Secret Sharing
• Trusted Computing
• Differential Privacy
• Membership Inference
• Computer Vision
  • General
  • Connected and Autonomous Vehicles
• ASR
  • General
  • Hidden voice commands
  • Privacy-preserving speech processing
• Android and IOS security
• Fakes on Online Social Networks
• Other

---

Smart Homes and IoT

Spying with Wifi

• Demetriou, Soteris, et al. "HanGuard: SDN-driven protection of smart home WiFi devices from malicious mobile apps." Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks. 2017.
• Adib, Fadel, and Dina Katabi. "See through walls with WiFi!." Proceedings of the ACM SIGCOMM 2013 Conference on SIGCOMM. 2013.

Access control

• He, Weijia, et al. "Rethinking access control and authentication for the home internet of things (iot)." 27th {USENIX} Security Symposium ({USENIX} Security 18). 2018.
• Fernandes, Earlence, Jaeyeon Jung, and Atul Prakash. "Security analysis of emerging smart home applications." 2016 IEEE symposium on security and privacy (SP). IEEE, 2016.

Skills squatting

• Zhang, Nan, et al. "Dangerous Skills: Understanding and Mitigating Security Risks of Voice-Controlled Third-Party Functions on Virtual Personal Assistant Systems." IEEE Symposium on Security and Privacy 2019.
• Kumar, Deepak, et al. "Skill squatting attacks on amazon alexa." 27th {USENIX} Security Symposium ({USENIX} Security 18). 2018.

Collaborative Learning

Federated learning

• Kairouz, Peter, et al. "Advances and open problems in federated learning." arXiv preprint arXiv:1912.04977 (2019).
• Bonawitz, Keith, et al. "Practical secure aggregation for privacy-preserving machine learning." proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. 2017.

Homomorphic Encryption

• Acar, Abbas, et al. "A survey on homomorphic encryption schemes: Theory and implementation." ACM Computing Surveys (CSUR) 51.4 (2018): 1-35.

Differential Privacy

• Abadi, Martin, et al. "Deep learning with differential privacy." Proceedings of the 2016 ACM SIGSAC conference on computer and communications security. 2016.
• Dwork, Cynthia, and Aaron Roth. "The algorithmic foundations of differential privacy." Foundations and Trends in Theoretical Computer Science 9.3-4 (2014): 211-407.
• Chatzikokolakis, Konstantinos, et al. "Broadening the scope of differential privacy using metrics." International Symposium on Privacy Enhancing Technologies Symposium. Springer, Berlin, Heidelberg, 2013.

Membership Inference

• Shokri, Reza, et al. "Membership inference attacks against machine learning models." 2017 IEEE Symposium on Security and Privacy (SP). IEEE, 2017.

Computer Vision

General

• Athalye, Anish, et al. "Synthesizing robust adversarial examples." International conference on machine learning. PMLR, 2018.
• Cao, Xiaoyu, and Neil Zhenqiang Gong. "Mitigating evasion attacks to deep neural networks via region-based classification." Proceedings of the 33rd Annual Computer Security Applications Conference. 2017.
• Carlini, Nicholas, and David Wagner. "Towards evaluating the robustness of neural networks." 2017 IEE symposium on security and privacy (sp). IEEE, 2017.
• Alexey Kurakin, Ian J. Goodfellow, and Samy Bengio. Adversarial machine learning at scale. In International Conference on Learning Representations (ICLR), 2017.

Connected and Autonomous Vehicles

• Yulong Cao, Jiaxiang Ma, Kevin Fu, Rampazzi Sara, and Morley Mao. 2021. Automated Tracking System For LiDAR Spoofing Attacks On Moving Targets. (2021)
• Hallyburton, R. Spencer, Yupei Liu, and Miroslav Pajic. "Security Analysis of Camera-LiDAR Semantic-Level Fusion Against Black-Box Attacks on Autonomous Vehicles." arXiv preprint arXiv:2106.07098 (2021).
• Liu, Jinshan, and Jerry Park. "" Seeing is not Always Believing": Detecting Perception Error Attacks Against Autonomous Vehicles." IEEE Transactions on Dependable and Secure Computing (2021).
• Sun, Jiachen, et al. "Towards robust lidar-based perception in autonomous driving: General black-box adversarial sensor attack and countermeasures." 29th {USENIX} Security Symposium ({USENIX} Security 20). 2020.
• Cao, Yulong, et al. "Adversarial sensor attack on lidar-based perception in autonomous driving." Proceedings of the 2019 ACM SIGSAC conference on computer and communications security. 2019.
• Hocheol Shin, Dohyun Kim, Yujin Kwon, and Yongdae Kim. 2017. Illusion and dazzle: Adversarial optical channel exploits against lidars for automotive applications. In International Conference on Cryptographic Hardware and Embedded Systems. Springer, 445–467.
• Eykholt, Kevin, et al. "Robust physical-world attacks on deep learning visual classification." Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. 2018.
• Chaman, Anadi, et al. "Ghostbuster: Detecting the presence of hidden eavesdroppers." Proceedings of the 24th Annual International Conference on Mobile Computing and Networking. 2018.
• Chaowei Xiao, Ruizhi Deng, Bo Li, Taesung Lee, Benjamin Edwards, Jinfeng Yi, Dawn Song, Mingyan Liu, and Ian Molloy. 2019. Advit: Adversarial frames identifier based on temporal consistency in videos. In Proceedings of the IEEE/CVF International Conference on Computer Vision. 3968–3977.

3D Motion Predictors

• Pengxiang Wu, Siheng Chen, and Dimitris N Metaxas. 2020. MotionNet: Joint Perception and Motion Prediction for Autonomous Driving Based on Bird’s Eye View Maps. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition. 11385–11395.
• Gu, Xiuye, et al. "Hplflownet: Hierarchical permutohedral lattice flownet for scene flow estimation on large-scale point clouds." Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition. 2019.
• Djuric, Nemanja, et al. "MultiNet: Multiclass multistage multimodal motion prediction." arXiv preprint arXiv:2006.02000 (2020).
• Behl, Aseem, et al. "Pointflownet: Learning representations for rigid motion estimation from point clouds." Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition. 2019.
• Liu, Xingyu, Charles R. Qi, and Leonidas J. Guibas. "Flownet3d: Learning scene flow in 3d point clouds." Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition. 2019.

3D Object Detectors

BEV-based Detectors

• Ming Liang, Bin Yang, Shenlong Wang, and Raquel Urtasun. Deep continuous fusion formulti-sensor 3d object detection. InProceedings of the European Conference on ComputerVision (ECCV), pages 641–656, 2018.
• Gregory P Meyer, Ankit Laddha, Eric Kee, Carlos Vallespi-Gonzalez, and Carl K Welling-ton. Lasernet: An efficient probabilistic 3d object detector for autonomous driving. InProceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pages12677–12686, 2019.
• Bin Yang, Wenjie Luo, and Raquel Urtasun. Pixor: Real-time 3d object detection frompoint clouds. InProceedings of the IEEE conference on Computer Vision and PatternRecognition, pages 7652–7660, 2018.

Voxel-based Detectors

• Alex H Lang, Sourabh Vora, Holger Caesar, Lubing Zhou, Jiong Yang, and Oscar Beijbom.Pointpillars: Fast encoders for object detection from point clouds. InProceedings of theIEEE Conference on Computer Vision and Pattern Recognition, pages 12697–12705, 2019.
• Johannes Lehner, Andreas Mitterecker, Thomas Adler, Markus Hofmarcher, BernhardNessler, and Sepp Hochreiter. Patch refinement–localized 3d object detection.arXivpreprint arXiv:1910.04093, 2019.
• Bei Wang, Jianping An, and Jiayan Cao. Voxel-fpn: multi-scale voxel feature aggregationin 3d object detection from point clouds.arXiv preprint arXiv:1907.05286, 2019.
• Yan Yan, Yuxing Mao, and Bo Li. Second: Sparsely embedded convolutional detection.Sensors, 18(10):3337, 2018.

3D-point Cloud Based Detectors

• Zetong Yang, Yanan Sun, Shu Liu, Xiaoyong Shen, and Jiaya Jia. Std: Sparse-to-dense3d object detector for point cloud. InProceedings of the IEEE International Conferenceon Computer Vision, pages 1951–1960, 2019.
• Yilun Chen, Shu Liu, Xiaoyong Shen, and Jiaya Jia. Fast point r-cnn. InProceedings ofthe IEEE International Conference on Computer Vision, pages 9775–9784, 2019.
• Shaoshuai Shi, Xiaogang Wang, and Hongsheng Li. Pointrcnn: 3d object proposal genera-tion and detection from point cloud. InProceedings of the IEEE Conference on ComputerVision and Pattern Recognition, pages 770–779, 2019.
• Shaoshuai Shi, Zhe Wang, Jianping Shi, Xiaogang Wang, and Hongsheng Li. From points toparts: 3d object detection from point cloud with part-aware and part-aggregation network.arXiv preprint arXiv:1907.03670, 2019.

ASR

General

• Abdullah, Hadi, et al. "The Faults in our ASRs: An Overview of Attacks against Automatic Speech Recognition and Speaker Identification Systems." arXiv preprint arXiv:2007.06622 (2020).

Hidden voice commands

• Carlini, Nicholas, et al. "Hidden Voice Commands." USENIX Security Symposium. 2016
• Yuan, Xuejing, et al. "Commandersong: A systematic approach for practical adversarial voice recognition." 27th {USENIX} Security Symposium ({USENIX} Security 18). 2018.
• Sugawara, Takeshi, et al. "Light commands: laser-based audio injection attacks on voice-controllable systems." 29th {USENIX} Security Symposium ({USENIX} Security 20). 2020.
• Zhang, Guoming, et al. "Dolphinattack: Inaudible voice commands." Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. 2017.

Privacy-preserving speech processing

• Aloufi, Ranya, Hamed Haddadi, and David Boyle. "Emotionless: privacy-preserving speech analysis for voice assistants." arXiv preprint arXiv:1908.03632 (2019).

Android and IOS security

• Demetriou, Soteris, et al. "Free for All! Assessing User Data Exposure to Advertising Libraries on Android." NDSS. 2016.
• Jang, Yeongjin, et al. "A11y attacks: Exploiting accessibility in operating systems." Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. 2014.
• Zhou, Xiaoyong, et al. "Identity, location, disease and more: Inferring your secrets from android public resources." Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. 2013.
• Pandita, R., Xiao, X., Yang, W., Enck, W., & Xie, T. (2013). {WHYPER}: Towards automating risk assessment of mobile applications. In 22nd {USENIX} Security Symposium ({USENIX} Security 13) (pp. 527-542).
• Grace, Michael C., et al. "Unsafe exposure analysis of mobile in-app advertisements." Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks. 2012.

Fakes

Fakes on Online Social Networks

• Zarei, Koosha & Farahbakhsh, Reza & Crespi, Noel & Tyson, Gareth. (2020). Impersonation on Social Media: A Deep Neural Approach to Identify Ingenuine Content. 10.1109/ASONAM49781.2020.9381437.
• Mariconti, Enrico & Onaolapo, Jeremiah & Ahmad, Syed & Nikiforou, Nicolas & Egele, Manuel & Nikiforakis, Nick & Stringhini, Gianluca. (2017). What's in a Name?: Understanding Profile Name Reuse on Twitter. 1161-1170. 10.1145/3038912.3052589.
• Mariconti, Enrico & Onaolapo, Jeremiah & Ahmad, Syed & Nikiforou, Nicolas & Egele, Manuel & Nikiforakis, Nick & Stringhini, Gianluca. (2016). Why allowing profile name reuse is a bad idea. 1-6. 10.1145/2905760.2905762.
• Goga, Oana & Venkatadri, Giridhari & Gummadi, Krishna P.. (2015). The Doppelgänger Bot Attack. 141-153. 10.1145/2815675.2815699.

Other

Awesome Attacks on Machine Learning Privacy