reading-list

G.O.S.S.I.P 阅读推荐 2022-05-20
- copy's home
G.O.S.S.I.P 阅读推荐 2022-05-19
- Invoke-Deobfuscation: AST-Based and Semantics-Preserving Deobfuscation for PowerShell Scripts @ DSN 2022
G.O.S.S.I.P 阅读推荐 2022-05-18
- “Flawed, but like democracy we don’t have a better system”: The Experts’ Insights on the Peer Review Process of Evaluating Security Papers @ IEEE S&P 2022
G.O.S.S.I.P 阅读推荐 2022-05-17
- Exposed Infrastructures: Discovery, Attacks and Remediation of Insecure ICS Remote Management Devices @ IEEE S&P 2022
G.O.S.S.I.P 阅读推荐 2022-05-16
- Evil Never Sleeps: When Wireless Malware Stays On After Turning Off iPhones @ WiSec 2022
G.O.S.S.I.P 阅读推荐 2022-05-12
- Probe the Proto: Measuring Client-Side Prototype Pollution Vulnerabilities of One Million Real-world Websites @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-05-11
- Cross-Language Attacks @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-05-10
- Game of Hide-and-Seek: Exposing Hidden Interfaces in Embedded Web Applications of IoT Devices @ WWW 2022
G.O.S.S.I.P 阅读推荐 2022-05-09
- Lie to Me: Abusing the Mobile Content Sharing Service for Fun and Profit @ WWW 2022
G.O.S.S.I.P 阅读推荐 2022-05-06
- FRED: Identifying File Re-Delegation in Android System Services @ USENIX Security 2022
G.O.S.S.I.P 阅读推荐 2022-05-05
- Robbery on DevOps: Understanding and Mitigating Illicit Cryptomining on Continuous Integration Service Platforms @ IEEE S&P 2022
G.O.S.S.I.P 阅读推荐 2022-05-04
- Hazard Integrated: Understanding Security Risks in App Extensions to Team Chat Systems @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-04-29
- VPNalyzer: Systematic Investigation of the VPN Ecosystem @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-04-28
- Too Afraid to Drive: Systematic Discovery of Semantic DoS Vulnerability in Autonomous Driving Planning under Physical-World Attacks @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-04-27
- PHYjacking: Physical Input Hijacking for Zero-Permission Authorization Attacks on Android @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-04-26
- WideLeak: How Over-the-Top Platforms Fail in Android @ DSN 2022
G.O.S.S.I.P 阅读推荐 2022-04-25
- CFINSIGHT: A Comprehensive Metric for CFI Policies @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-04-22
- Aper: Evolution-Aware Runtime Permission Misuse Detection for Android Apps @ ICSE 2022
G.O.S.S.I.P 阅读推荐 2022-04-21
- CVE-2022-21449: Psychic Signatures in Java @ Neil Madden's Blog
G.O.S.S.I.P 阅读推荐 2022-04-20
- Effective Seed Scheduling for Fuzzing with Graph Centrality Analysis @ IEEE S&P 2022
G.O.S.S.I.P 阅读推荐 2022-04-19
- JuCify: A Step Towards Android Code Unification for Enhanced Static Analysis @ ICSE 2022
G.O.S.S.I.P 阅读推荐 2022-04-18
- How Machine Learning Is Solving the Binary Function Similarity Problem @ USENIX Security 2022
G.O.S.S.I.P 阅读推荐 2022-04-15
- Learning Probabilistic Models for Static Analysis Alarms @ ICSE 2022
G.O.S.S.I.P 阅读推荐 2022-04-14
- Large-scale Security Measurements on the Android Firmware Ecosystem @ ICSE 2022
G.O.S.S.I.P 阅读推荐 2022-04-13 LOGICMEM
- LOGICMEM: Automatic Profile Generation for Binary-Only Memory Forensics via Logic Inference @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-04-12 OPEC
- OPEC: Operation-based Security Isolation for Bare-metal Embedded Systems @ EuroSys 2022
G.O.S.S.I.P 阅读推荐 2022-04-11
- SAUSAGE: Security Analysis of Unix domain Socket usAGE in Android @ EuroS&P 2022
G.O.S.S.I.P 阅读推荐 2022-04-09
- An In-depth Analysis of Duplicated Linux Kernel Bug Reports @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-04-08
- Sharing is Caring: Secure and Efficient Shared Memory Support for MVEEs @ EuroSys 2022
G.O.S.S.I.P 阅读推荐 2022-04-07
- 编写一个最小的 64 位 Hello World | 用 C 实现一个 CHIP-8 模拟器 | CS107e: 树莓派，ARM 和操作系统 @ CJ Ting's Blog
G.O.S.S.I.P 阅读推荐 2022-04-06
- Semantic-Informed Driver Fuzzing Without Both the Hardware Devices and the Emulators @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-04-02
- Hardening Binaries against More Memory Errors @ EuroSys 2022
G.O.S.S.I.P 阅读推荐 2022-04-01
- Producing Wrong Data Without Doing Anything Obviously Wrong @ Sigplan Notices 2009
G.O.S.S.I.P 阅读推荐 2022-03-31
- PKRU-Safe: Automatically Locking Down the Heap Between Safe and Unsafe Languages @ EuroSys 2022
G.O.S.S.I.P 阅读推荐 2022-03-30
- Property Inference Attacks Against GANs @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-03-29
- Automated Attack Synthesis by Extracting Finite State Machines from Protocol Specification Documents @ IEEE S&P 2022
G.O.S.S.I.P 阅读推荐 2022-03-28
- You Shall Not (by)Pass! Practical, Secure, and Fast PKU-based Sandboxing @ 2022 EuroSys
G.O.S.S.I.P 阅读推荐 2022-03-25
- GhostTalk: Interactive Attack on Smartphone Voice Assistant Through Power Line Side-Channel @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-03-24
- 金枪鱼之夜：高频交易与计算机科学 @ 清华大学 TUNA 协会 2022
G.O.S.S.I.P 阅读推荐 2022-03-23
- MeshUp: Stateless Cache Side-channel Attack on CPU Mesh @ IEEE S&P 2022
G.O.S.S.I.P 阅读推荐 2022-03-22
- Building Embedded Systems Like It’s 1996 @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-03-21
- The Convergence of Source Code and Binary Vulnerability Discovery – A Case Study @ AsiaCCS 2022
G.O.S.S.I.P 阅读推荐 2022-03-18
- An In-depth Analysis of Duplicated Linux Kernel Bug Reports @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-03-17
- ET-BERT: A Contextualized Datagram Representation with Pre-training Transformers for Encrypted Traffic Classification @ WWW 2022
G.O.S.S.I.P 阅读推荐 2022-03-16
- Cheetah: Lean and Fast Secure Two-Party Deep Neural Network Inference @ USENIX Security 2022
G.O.S.S.I.P 阅读推荐 2022-03-15
- KingFisher: Unveiling Insecurely Used Credentials in IoT-to-Mobile Communications @ DSN 2022
G.O.S.S.I.P 阅读推荐 2022-03-14
- Arbiter: Bridging the Static and Dynamic Divide in Vulnerability Discovery on Binary Programs @ USENIX security 2022
G.O.S.S.I.P 阅读推荐 2022-03-11
- Revizor: Testing Black-Box CPUs against Speculation Contracts @ ASPLOS 2022
G.O.S.S.I.P 阅读推荐 2022-03-10
- Does OpenBSD and Firefox’s Security Improve with Time @ TDSC 2022
G.O.S.S.I.P 阅读推荐 2022-03-09
- GREBE: Unveiling Exploitation Potential for Linux Kernel Bugs @ IEEE S&P 2022
G.O.S.S.I.P 阅读推荐 2022-03-08
- ProFactory: Improving IoT Security via Formalized Protocol Customization @ USENIX Security 2022
G.O.S.S.I.P 阅读推荐 2022-03-07
- Goshawk: Hunting Memory Corruptions via Structure-Aware and Object-Centric Memory Operation Synopsis @ IEEE S&P 2022
G.O.S.S.I.P 阅读推荐 2022-03-04
- MineSweeper: A "Clean Sweep" for Drop-In Use-after-Free Prevention @ ASPLOS 2022
G.O.S.S.I.P 阅读推荐 2022-03-03
- Eavesdropping user credentials via GPU side channels on smartphones @ ASPLOS 2022
G.O.S.S.I.P 阅读推荐 2022-03-02
- PMTUD is not Panacea: Revisiting IP Fragmentation Attacks against TCP @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-03-01
- LTRACK: Stealthy Tracking of Mobile Phones in LTE @ USENIX Security 2022
G.O.S.S.I.P 阅读推荐 2022-02-28
- Fuzzing: A Survey for Roadmap @ CSUR 2022
G.O.S.S.I.P 阅读推荐 2022-02-25
- Detecting False Alarms from Automatic Static Analysis Tools: How Far are We? @ ICSE 2022
G.O.S.S.I.P 阅读推荐 2022-02-24
- The Taming of the Stack: Isolating Stack Data from Memory Errors @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-02-23
- Model Stealing Attacks Against Inductive Graph Neural Networks @ IEEE S&P 2022
G.O.S.S.I.P 阅读推荐 2022-02-22
- EMS: History-Driven Mutation for Coverage-based Fuzzing @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-02-21
- Towards Automatically Repairing Compatibility Issues in Published Android Apps @ ICSE 2022
G.O.S.S.I.P 阅读推荐 2022-02-18
- Remote Memory-Deduplication Attacks @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-02-17
- Where We Stand (or Fall): An Analysis of CSRF Defenses in Web Frameworks @ RAID 2021
G.O.S.S.I.P 阅读推荐 2022-02-16
- TLB Poisoning Attacks on AMD Secure Encrypted Virtualization @ ACSAC 2021
G.O.S.S.I.P 阅读推荐 2022-02-15
- Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices @ IEEE S&P 2022
G.O.S.S.I.P 阅读推荐 2022-02-14
- A Measurement Study of Wechat Mini-Apps @ SIGMETRICS 2021
G.O.S.S.I.P 阅读推荐 2022-02-11
- Exploit the Last Straw That Breaks Android Systems @ IEEE S&P 2022
G.O.S.S.I.P 阅读推荐 2022-02-10
- "Hello, It’s Me": Deep Learning-based Speech Synthesis Attacks in the Real World @ CCS 2021
G.O.S.S.I.P 阅读推荐 2022-02-09
- Label Inference Attacks Against Vertical Federated Learning @ USENIX Security 2022
G.O.S.S.I.P 阅读推荐 2022-02-07
- KASPER: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-02-05
- Automated Side Channel Analysis of Media Software with Manifold Learning @ USENIX Security 2022
G.O.S.S.I.P 阅读推荐 2022-02-02
- The Droid is in the Details: Environment-aware Evasion of Android Sandboxes @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-01-27
- AHEAD: Adaptive Hierarchical Decomposition for Range Query under Local Differential Privacy @ CCS 2021
G.O.S.S.I.P 阅读推荐 2022-01-25
- DRAWNAPART: A Device Identification Technique based on Remote GPU Fingerprinting @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-01-21
- Analyzing Ground-Truth Data of Mobile Gambling Scams @ IEEE S&P 2022
G.O.S.S.I.P 阅读推荐 2022-01-20
- D-Box: DMA-enabled Compartmentalization for Embedded Applications @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-01-19
- Automatic Firmware Emulation through Invalidity-guided Knowledge Inference @ USENIX Security 2021
G.O.S.S.I.P 阅读推荐 2022-01-18
- This Sneaky Piggy Went to the Android Ad Market: Misusing Mobile Sensors for Stealthy Data Exfiltration @ CCS 2021
G.O.S.S.I.P 阅读推荐 2022-01-17
- LaserShark: Establishing Fast, Bidirectional Communication into Air-Gapped Systems @ ACSAC 2021
G.O.S.S.I.P 阅读推荐 2022-01-14
- BEACON: Directed Grey-Box Fuzzing with Provable Path Pruning @ IEEE S&P 2022
G.O.S.S.I.P 阅读推荐 2022-01-13
- FIRMWIRE: Transparent Dynamic Analysis for Cellular Baseband Firmware @ NDSS 2022
G.O.S.S.I.P 阅读推荐 2022-01-12
- EnBinDiff: Identifying Data-only Patches for Binaries @ TDSC 2021
G.O.S.S.I.P 阅读推荐 2022-01-11
- Ghost in the Binder: Binder Transaction Redirection Attacks in Android System Services @ CCS 2021
G.O.S.S.I.P 阅读推荐 2022-01-10
- SoK: On the Analysis of Web Browser Security @ arXiv preprint 2021
G.O.S.S.I.P 阅读推荐 2022-01-07
- SAILFISH: Vetting Smart Contract State-Inconsistency Bugs in Seconds @ IEEE S&P 2022
G.O.S.S.I.P 阅读推荐 2022-01-06
- IRQDebloat: Reducing Driver Attack Surface in Embedded Devices @ IEEE S&P 2022
G.O.S.S.I.P 阅读推荐 2022-01-05
- Back-Propagating System Dependency Impact for Attack Investigation @ USENIX Security 2022
G.O.S.S.I.P 阅读推荐 2022-01-04
- App's Auto-Login Function Security Testing via Android OS-Level Virtualization @ ICSE 2021