Sciweavers

NDSS
2015
IEEE
8 years 8 months ago
VTint: Protecting Virtual Function Tables' Integrity
—In the recent past, a number of approaches have been proposed to protect certain types of control data in a program, such as return addresses saved on the stack, rendering most ...
Chao Zhang, Chengyu Song, Kevin Zhijie Chen, Zhaof...
NDSS
2015
IEEE
8 years 8 months ago
The Devil is in the Constants: Bypassing Defenses in Browser JIT Engines
—Return-oriented programming (ROP) has become the dominant form of vulnerability exploitation in both user and kernel space. Many defenses against ROP exploits exist, which can s...
Michalis Athanasakis, Elias Athanasopoulos, Michal...
NDSS
2015
IEEE
8 years 8 months ago
Privacy Preserving Payments in Credit Networks: Enabling trust with privacy in online marketplaces
—A credit network models trust between agents in a distributed environment and enables payments between arbitrary pairs of agents. With their flexible design and robustness agai...
Pedro Moreno-Sanchez, Aniket Kate, Matteo Maffei, ...
NDSS
2015
IEEE
8 years 8 months ago
Mind Your Blocks: On the Stealthiness of Malicious BGP Hijacks
—Some recent research presented evidence of blocks of IP addresses being stolen by BGP hijackers to launch spam campaigns [35]. This was the first time BGP hijacks were seen in ...
Pierre-Antoine Vervier, Olivier Thonnard, Marc Dac...
NDSS
2015
IEEE
8 years 8 months ago
Spaced Repetition and Mnemonics Enable Recall of Multiple Strong Passwords
—We report on a user study that provides evidence that spaced repetition and a specific mnemonic technique enable users to successfully recall multiple strong passwords over tim...
Jeremiah Blocki, Saranga Komanduri, Lorrie Faith C...
NDSS
2015
IEEE
8 years 8 months ago
Bloom Cookies: Web Search Personalization without User Tracking
—We propose Bloom cookies that encode a user’s profile in a compact and privacy-preserving way, without preventing online services from using it for personalization purposes. ...
Nitesh Mor, Oriana Riva, Suman Nath, John Kubiatow...
NDSS
2015
IEEE
8 years 8 months ago
Too LeJIT to Quit: Extending JIT Spraying to ARM
Abstract—In the face of widespread DEP and ASLR deployment, JIT spraying brings together the best of code injection and code reuse attacks to defeat both defenses. However, to da...
Wilson Lian, Hovav Shacham, Stefan Savage
NDSS
2015
IEEE
8 years 8 months ago
Thwarting Cache Side-Channel Attacks Through Dynamic Software Diversity
—We explore software diversity as a defense against side-channel attacks by dynamically and systematically randomizing the control flow of programs. Existing software diversity ...
Stephen Crane, Andrei Homescu, Stefan Brunthaler, ...
NDSS
2015
IEEE
8 years 8 months ago
Phoneypot: Data-driven Understanding of Telephony Threats
—Cyber criminals are increasingly using robocalling, voice phishing and caller ID spoofing to craft attacks that are being used to scam unsuspecting users who have traditionally...
Payas Gupta, Bharath Srinivasan, Vijay Balasubrama...
NDSS
2015
IEEE
8 years 8 months ago
Opaque Control-Flow Integrity
Abstract—A new binary software randomization and ControlFlow Integrity (CFI) enforcement system is presented, which is the first to efficiently resist code-reuse attacks launch...
Vishwath Mohan, Per Larsen, Stefan Brunthaler, Kev...