Reading paper list

* Applied crypto

– Practical Detection of Entropy Loss in Pseudo-Random Number Generators, CCS 2016
– A Comprehensive Formal Security Analysis of OAuth 2.0, CCS 2016
– Cryptographic Function Detection in Obfuscated Binaries via Bit-precise Symbolic Loop Mapping, Security and Privacy 2017
– Speeding up detection of SHA-1 collision attacks using unavoidable attack conditions, USENIX Security 2017
– Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2, CCS 2017


* Network security

– DELTA: A Security Assessment Framework for Software-Defined Networks, NDSS 2017
– Dissecting Tor Bridges: A Security Evaluation of their Private and Public Infrastructures, NDSS 2017


* Software security

– Statistical Deobfuscation of Android Applications, CCS 2016
– Scalable Graph-based Bug Search for Firmware Images, CCS 2016
– VUzzer: Application-aware Evolutionary Fuzzing, NDSS 2017
– PayBreak: Defense Against Cryptographic Ransomware, ASIACCS 2017
– IMF: Inferred Model-based Fuzzer, CCS 2017


* Mobile security

– TaintART: A Practical Multi-level Information-Flow Tracking System for Android RunTime, CCS 2016
– Drammer: Deterministic Rowhammer Attacks on Mobile Platforms, CCS 2016
– Cloak and Dagger: From Two Permissions to Complete Control of the UI Feedback Loop, Security and Privacy 2017


* System security

– AUDACIOUS: User-Driven Access Control with Unmodified Operating Systems, CCS 2016
– Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud, NDSS 2017
– Iron: Functional Encryption using Intel SGX, CCS 2017


* Web security

– Enabling Reconstruction of Attacks on Users via Efficient Browsing Snapshots, NDSS 2017
– (Cross-)Browser Fingerprinting via OS and Hardware Level Features, NDSS 2017


* Authentication

– The Sounds of the Phones: Dangers of Zero-Effort Second Factor Login based on Ambient Audio, CCS 2016
– KEH-Gait: Towards a Mobile Healthcare User Authentication System by Kinetic Energy Harvesting, NDSS 2017
– The Password Reset MitM Attack, Security and Privacy 2017
– SysPal:System-guided Pattern Locks for Android, Security and Privacy 2017
– Hearing Your Voice Is Not Enough: An Articulatory Gesture Based Liveness Detection for Voice Authentication, CCS 2017


* AI security

– Virtual U: Defeating Face Liveness Detection by Building Virtual Models From Your Public Photos, USENIX Security 2016
– FeatureSmith: Automatically Engineering Features for Malware Detection by Mining the Security Literature, CCS 2016
– Accessorize to a Crime: Real and Stealthy Attacks on State-of-the-Art Face Recognition, CCS 2016
– DolphinAttack: Inaudible Voice Commands, CCS 2017


* New applications

– On the Security and Performance of Proof of Work Blockchains, CCS 2016
– Making Smart Contracts Smarter, CCS 2016
– Hijacking Bitcoin: Routing Attacks on Cryptocurrencies, Security and Privacy 2017
– Detecting Credential Spearphishing in Enterprise Settings, USENIX Security 2017
– Understanding the Mirai Botnet, USENIX Security 2017