The Community for Technology Leaders
2019 2019 IEEE Symposium on Security and Privacy (SP) (2019)
San Fransisco, CA, US
May 20, 2019 to May 22, 2019
ISSN: CFP19020-ART
ISBN: 978-1-5386-6660-9
TABLE OF CONTENTS

Towards Practical Differentially Private Convex Optimization (PDF)

Roger Iyengar , Carnegie Mellon University
Joseph P. Near , University of California, Berkeley
Dawn Song , University of California, Berkeley
Om Thakkar , Boston University
Abhradeep Thakurta , University of California, Santa Cruz
Lun Wang , Peking University
pp. 1-18

Spectre Attacks: Exploiting Speculative Execution (PDF)

Paul Kocher , Independent (www.paulkocher.com)
Jann Horn , Google Project Zero
Anders Fogh , G DATA Advanced Analytics
Daniel Genkin , University of Pennsylvania and University of Maryland
Daniel Gruss , Graz University of Technology
Werner Haas , Cyberus Technology
Mike Hamburg , Rambus, Cryptography Research Division
Moritz Lipp , Graz University of Technology
Stefan Mangard , Graz University of Technology
Thomas Prescher , Cyberus Technology
Michael Schwarz , Graz University of Technology
Yuval Yarom , University of Adelaide and Data61
pp. 19-37

Attack Directories, Not Caches: Side Channel Attacks in a Non-Inclusive World (PDF)

Mengjia Yan , University of Illinois at Urbana Champaign
Read Sprabery , University of Illinois at Urbana Champaign
Bhargava Gopireddy , University of Illinois at Urbana Champaign
Christopher Fletcher , University of Illinois at Urbana Champaign
Roy Campbell , University of Illinois at Urbana Champaign
Josep Torrellas , University of Illinois at Urbana Champaign
pp. 56-72

Simple High-Level Code for Cryptographic Arithmetic - With Proofs, Without Compromises (PDF)

Andres Erbsen , Massachusetts Institute of Technology
Jade Philipoom , Massachusetts Institute of Technology
Jason Gross , Massachusetts Institute of Technology
Robert Sloan , Massachusetts Institute of Technology
Adam Chlipala , Massachusetts Institute of Technology
pp. 73-90

Breaking LTE on Layer Two (PDF)

David Rupprecht , Ruhr-University Bochum
Katharina Kohls , Ruhr-University Bochum
Thorsten Holz , Ruhr-University Bochum
Christina Pöpper , New York University Abu Dhabi
pp. 91-106

Blind Certificate Authorities (PDF)

Liang Wang , UW Madison
Gilad Asharov , Cornell Tech
Rafael Pass , Cornell Tech
Thomas Ristenpart , Cornell Tech
Abhi Shelat , Northeastern University
pp. 107-124

Hard Drive of Hearing: Disks that Eavesdrop with a Synthesized Microphone (PDF)

Andrew Kwong , University of Michigan
Wenyuan Xu , Zhejiang University
Kevin Fu , University of Michigan
pp. 125-139

Why Does Your Data Leak? Uncovering the Data Leakage in Cloud from Mobile Apps (PDF)

Chaoshun Zuo , The Ohio State University
Zhiqiang Lin , The Ohio State University
Yinqian Zhang , The Ohio State University
pp. 140-154

Short Text, Large Effect: Measuring the Impact of User Reviews on Android App Security & Privacy (PDF)

Duc Cuong Nguyen , CISPA, Saarland University
Erik Derr , CISPA, Saarland University
Michael Backes , CISPA Helmholtz Center i.G.
Sven Bugiel , CISPA Helmholtz Center i.G.
pp. 155-169

Resident Evil: Understanding Residential IP Proxy as a Dark Service (PDF)

Xianghang Mi , Indiana University Bloomington
Xuan Feng , Indiana University Bloomington
Xiaojing Liao , Indiana University Bloomington
Baojun Liu , Tsinghua University
XiaoFeng Wang , Indiana University Bloomington
Feng Qian , Indiana University Bloomington
Zhou Li , IEEE member
Sumayah Alrwais , King Saud University
Limin Sun , Institute of Information Engineering, CAS
Ying Liu , Tsinghua University
pp. 170-186

SoK: Sanitizing for Security (PDF)

Dokyung Song , University of California, Irvine
Julian Lettner , University of California, Irvine
Prabhu Rajasekaran , University of California, Irvine
Yeoul Na , University of California, Irvine
Stijn Volckaert , University of California, Irvine
Per Larsen , University of California, Irvine
Michael Franz , University of California, Irvine
pp. 187-207

SoK: Security Evaluation of Home-Based IoT Deployments (PDF)

Omar Alrawi , Georgia Institute of Technology
Chaz Lever , Georgia Institute of Technology
Manos Antonakakis , Georgia Institute of Technology
Fabian Monrose , University of North Carolina at Chapel Hill
pp. 208-226

Dangerous Skills: Understanding and Mitigating Security Risks of Voice-Controlled Third-Party Functions on Virtual Personal Assistant Systems (PDF)

Nan Zhang , Indiana University, Bloomington
Xianghang Mi , Indiana University, Bloomington
Xuan Feng , Indiana University, Bloomington; Beijing Key Laboratory of IOT Information Security Technology, Institute of Information Engineering, CAS, China
XiaoFeng Wang , Indiana University, Bloomington
Yuan Tian , University of Virginia
Feng Qian , Indiana University, Bloomington
pp. 263-278

Razzer: Finding Kernel Race Bugs through Fuzzing (PDF)

Dae R. Jeong , KAIST
Kyungtae Kim , Purdue University
Basavesh Shivakumar , Purdue University
Byoungyoung Lee , Seoul National University, Purdue University
Insik Shin , KAIST
pp. 279-293

PrivKV: Key-Value Data Collection with Local Differential Privacy (PDF)

Qingqing Ye , Renmin University of China
Haibo Hu , Hong Kong Polytechnic University
Xiaofeng Meng , Renmin University of China
Huadi Zheng , Hong Kong Polytechnic University
pp. 294-308

Differentially Private Model Publishing for Deep Learning (PDF)

Lei Yu , Georgia Institute of Technology
Ling Liu , Georgia Institute of Technology
Calton Pu , Georgia Institute of Technology
Mehmet Emre Gursoy , Georgia Institute of Technology
Stacey Truex , Georgia Institute of Technology
pp. 309-326

Perun: Virtual Payment Hubs over Cryptocurrencies (PDF)

Stefan Dziembowski , University of Warsaw
Lisa Eckey , TU Darmstadt
Sebastian Faust , TU Darmstadt
Daniel Malinowski , University of Warsaw
pp. 327-344

SoK: The Challenges, Pitfalls, and Perils of Using Hardware Performance Counters for Security (PDF)

Sanjeev Das , University of North Carolina at Chapel Hill
Jan Werner , University of North Carolina at Chapel Hill
Manos Antonakakis , Georgia Institute of Technology
Michalis Polychronakis , Stony Brook University
Fabian Monrose , University of North Carolina at Chapel Hill
pp. 345-363
95 ms
(Ver 3.3 (11022016))