The Community for Technology Leaders
2019 IEEE Symposium on Security and Privacy (SP) (2019)
San Fransisco, CA, US
May 20, 2019 to May 22, 2019
ISSN: CFP19020-ART
ISBN: 978-1-5386-6660-9
TABLE OF CONTENTS

Towards Practical Differentially Private Convex Optimization (PDF)

Roger Iyengar , Carnegie Mellon University
Joseph P. Near , University of California, Berkeley
Dawn Song , University of California, Berkeley
Om Thakkar , Boston University
Abhradeep Thakurta , University of California, Santa Cruz
Lun Wang , Peking University
pp. 1-18

Spectre Attacks: Exploiting Speculative Execution (PDF)

Paul Kocher , Independent (www.paulkocher.com)
Jann Horn , Google Project Zero
Anders Fogh , G DATA Advanced Analytics
Daniel Genkin , University of Pennsylvania and University of Maryland
Daniel Gruss , Graz University of Technology
Werner Haas , Cyberus Technology
Mike Hamburg , Rambus, Cryptography Research Division
Moritz Lipp , Graz University of Technology
Stefan Mangard , Graz University of Technology
Thomas Prescher , Cyberus Technology
Michael Schwarz , Graz University of Technology
Yuval Yarom , University of Adelaide and Data61
pp. 19-37

Attack Directories, Not Caches: Side Channel Attacks in a Non-Inclusive World (PDF)

Mengjia Yan , University of Illinois at Urbana Champaign
Read Sprabery , University of Illinois at Urbana Champaign
Bhargava Gopireddy , University of Illinois at Urbana Champaign
Christopher Fletcher , University of Illinois at Urbana Champaign
Roy Campbell , University of Illinois at Urbana Champaign
Josep Torrellas , University of Illinois at Urbana Champaign
pp. 56-72

Simple High-Level Code for Cryptographic Arithmetic - With Proofs, Without Compromises (PDF)

Andres Erbsen , Massachusetts Institute of Technology
Jade Philipoom , Massachusetts Institute of Technology
Jason Gross , Massachusetts Institute of Technology
Robert Sloan , Massachusetts Institute of Technology
Adam Chlipala , Massachusetts Institute of Technology
pp. 73-90

Breaking LTE on Layer Two (PDF)

David Rupprecht , Ruhr-University Bochum
Katharina Kohls , Ruhr-University Bochum
Thorsten Holz , Ruhr-University Bochum
Christina Pöpper , New York University Abu Dhabi
pp. 91-106

Blind Certificate Authorities (PDF)

Liang Wang , UW Madison
Gilad Asharov , Cornell Tech
Rafael Pass , Cornell Tech
Thomas Ristenpart , Cornell Tech
Abhi Shelat , Northeastern University
pp. 107-124

Hard Drive of Hearing: Disks that Eavesdrop with a Synthesized Microphone (PDF)

Andrew Kwong , University of Michigan
Wenyuan Xu , Zhejiang University
Kevin Fu , University of Michigan
pp. 125-139

Why Does Your Data Leak? Uncovering the Data Leakage in Cloud from Mobile Apps (PDF)

Chaoshun Zuo , The Ohio State University
Zhiqiang Lin , The Ohio State University
Yinqian Zhang , The Ohio State University
pp. 140-154

Short Text, Large Effect: Measuring the Impact of User Reviews on Android App Security & Privacy (PDF)

Duc Cuong Nguyen , CISPA, Saarland University
Erik Derr , CISPA, Saarland University
Michael Backes , CISPA Helmholtz Center i.G.
Sven Bugiel , CISPA Helmholtz Center i.G.
pp. 155-169

Resident Evil: Understanding Residential IP Proxy as a Dark Service (PDF)

Xianghang Mi , Indiana University Bloomington
Xuan Feng , Indiana University Bloomington
Xiaojing Liao , Indiana University Bloomington
Baojun Liu , Tsinghua University
XiaoFeng Wang , Indiana University Bloomington
Feng Qian , Indiana University Bloomington
Zhou Li , IEEE member
Sumayah Alrwais , King Saud University
Limin Sun , Institute of Information Engineering, CAS
Ying Liu , Tsinghua University
pp. 170-186

SoK: Sanitizing for Security (PDF)

Dokyung Song , University of California, Irvine
Julian Lettner , University of California, Irvine
Prabhu Rajasekaran , University of California, Irvine
Yeoul Na , University of California, Irvine
Stijn Volckaert , University of California, Irvine
Per Larsen , University of California, Irvine
Michael Franz , University of California, Irvine
pp. 187-207

SoK: Security Evaluation of Home-Based IoT Deployments (PDF)

Omar Alrawi , Georgia Institute of Technology
Chaz Lever , Georgia Institute of Technology
Manos Antonakakis , Georgia Institute of Technology
Fabian Monrose , University of North Carolina at Chapel Hill
pp. 208-226

Dangerous Skills: Understanding and Mitigating Security Risks of Voice-Controlled Third-Party Functions on Virtual Personal Assistant Systems (PDF)

Nan Zhang , Indiana University, Bloomington
Xianghang Mi , Indiana University, Bloomington
Xuan Feng , Indiana University, Bloomington; Beijing Key Laboratory of IOT Information Security Technology, Institute of Information Engineering, CAS, China
XiaoFeng Wang , Indiana University, Bloomington
Yuan Tian , University of Virginia
Feng Qian , Indiana University, Bloomington
pp. 263-278

Razzer: Finding Kernel Race Bugs through Fuzzing (PDF)

Dae R. Jeong , KAIST
Kyungtae Kim , Purdue University
Basavesh Shivakumar , Purdue University
Byoungyoung Lee , Seoul National University, Purdue University
Insik Shin , KAIST
pp. 279-293

PrivKV: Key-Value Data Collection with Local Differential Privacy (PDF)

Qingqing Ye , Renmin University of China
Haibo Hu , Hong Kong Polytechnic University
Xiaofeng Meng , Renmin University of China
Huadi Zheng , Hong Kong Polytechnic University
pp. 294-308

Differentially Private Model Publishing for Deep Learning (PDF)

Lei Yu , Georgia Institute of Technology
Ling Liu , Georgia Institute of Technology
Calton Pu , Georgia Institute of Technology
Mehmet Emre Gursoy , Georgia Institute of Technology
Stacey Truex , Georgia Institute of Technology
pp. 309-326

Perun: Virtual Payment Hubs over Cryptocurrencies (PDF)

Stefan Dziembowski , University of Warsaw
Lisa Eckey , TU Darmstadt
Sebastian Faust , TU Darmstadt
Daniel Malinowski , University of Warsaw
pp. 327-344

SoK: The Challenges, Pitfalls, and Perils of Using Hardware Performance Counters for Security (PDF)

Sanjeev Das , University of North Carolina at Chapel Hill
Jan Werner , University of North Carolina at Chapel Hill
Manos Antonakakis , Georgia Institute of Technology
Michalis Polychronakis , Stony Brook University
Fabian Monrose , University of North Carolina at Chapel Hill
pp. 345-363

CaSym: Cache Aware Symbolic Execution for Side Channel Detection and Mitigation (PDF)

Robert Brotzman , Pennsylvania State University
Shen Liu , Pennsylvania State University
Danfeng Zhang , Pennsylvania State University
Gang Tan , Pennsylvania State University
Mahmut Kandemir , Pennsylvania State University
pp. 364-380

DEEPSEC: A Uniform Platform for Security Analysis of Deep Learning Model (PDF)

Xiang Ling , Zhejiang University
Shouling Ji , Zhejiang University, Alibaba-Zhejiang University Joint Research Institute of Frontier Technologies
Jiaxu Zou , Zhejiang University
Jiannan Wang , Zhejiang University
Chunming Wu , Zhejiang University
Bo Li , UIUC
Ting Wang , Lehigh University
pp. 381-398

Threshold ECDSA from ECDSA Assumptions: The Multiparty Case (PDF)

Jack Doerner , Northeastern University
Yashvanth Kondi , Northeastern University
Eysa Lee , Northeastern University
Abhi Shelat , Northeastern University
pp. 399-414

Measuring and Analyzing Search Engine Poisoning of Linguistic Collisions (PDF)

Matthew Joslin , University of Texas at Dallas
Neng Li , Shanghai Jiao Tong University
Shuang Hao , University of Texas at Dallas
Minhui Xue , Macquarie University
Haojin Zhu , Shanghai Jiao Tong University
pp. 415-429

HOLMES: Real-Time APT Detection through Correlation of Suspicious Information Flows (PDF)

Sadegh Momeni Milajerdi , University of Illinois at Chicago
Rigel Gjomemo , University of Illinois at Chicago
Birhanu Eshete , University of Michigan-Dearborn
R. Sekar , Stony Brook University
V.N. Venkatakrishnan , University of Illinois at Chicago
pp. 430-445

SoK: General Purpose Compilers for Secure Multi-Party Computation (PDF)

Marcella Hastings , University of Pennsylvania
Brett Hemenway , University of Pennsylvania
Daniel Noble , University of Pennsylvania
Steve Zdancewic , University of Pennsylvania
pp. 462-479

Exploiting Unintended Feature Leakage in Collaborative Learning (PDF)

Luca Melis , University College London
Congzheng Song , Cornell University
Emiliano De Cristofaro , University College London
Vitaly Shmatikov , Cornell Tech
pp. 480-495

Learning to Reconstruct: Statistical Learning Theory and Encrypted Database Attacks (PDF)

Paul Grubbs , Cornell University
Marie-Sarah Lacharité , Royal Holloway, University of London
Brice Minaud , Ecole Normale Supérieure, CNRS, PSL University and Inria
Kenneth G. Paterson , Royal Holloway, University of London
pp. 496-512

Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks (PDF)

Bolun Wang , UC Santa Barbara
Yuanshun Yao , University of Chicago
Shawn Shan , University of Chicago
Huiying Li , University of Chicago
Bimal Viswanath , Virginia Tech
Haitao Zheng , University of Chicago
Ben Y. Zhao , University of Chicago
pp. 513-529

Stealthy Porn: Understanding Real-World Adversarial Images for Illicit Online Promotion (PDF)

Kan Yuan , Indiana University Bloomington
Di Tang , Chinese University of Hong Kong
Xiaojing Liao , Indiana University Bloomington
XiaoFeng Wang , Indiana University Bloomington
Xuan Feng , Indiana University Bloomington/Chinese Academy of Sciences
Yi Chen , Indiana University Bloomington/Chinese Academy of Sciences
Menghan Sun , Chinese University of Hong Kong
Haoran Lu , Indiana University Bloomington
Kehuan Zhang , Chinese University of Hong Kong
pp. 530-544

Towards Automated Safety Vetting of PLC Code in Real-World Plants (PDF)

Mu Zhang , Cornell University
Chien-Ying Chen , University of Illinois at Urbana-Champaign
Bin-Chou Kao , University of Illinois at Urbana-Champaign
Yassine Qamsane , University of Michigan
Yuru Shao , University of Michigan
Yikai Lin , University of Michigan
Elaine Shi , Cornell University
Sibin Mohan , University of Illinois at Urbana-Champaign
Kira Barton , University of Michigan
James Moyne , University of Michigan
Z. Morley Mao , University of Michigan
pp. 560-576

Fuzzing File Systems via Two-Dimensional Input Space Exploration (PDF)

Wen Xu , Georgia Institute of Technology
Hyungon Moon , Ulsan National Institute of Science and Technology
Sanidhya Kashyap , Georgia Institute of Technology
Po-Ning Tseng , Georgia Institute of Technology
Taesoo Kim , Georgia Institute of Technology
pp. 577-593

Fidelius: Protecting User Secrets from Compromised Browsers (PDF)

Saba Eskandarian , Stanford University
Jonathan Cogan , Stanford University
Sawyer Birnbaum , Stanford University
Peh Chang Wei Brandon , Stanford University
Dillon Franke , Stanford University
Forest Fraser , Stanford University
Gaspar Garcia , Stanford University
Eric Gong , Stanford University
Hung T. Nguyen , Stanford University
Taresh K. Sethi , Stanford University
Vishal Subbiah , Stanford University
Michael Backes , CISPA Helmholtz Center for Information Security
Giancarlo Pellegrino , Stanford University/CISPA Helmholtz Center for Information Security
Dan Boneh , Stanford University
pp. 594-610

Tap 'n Ghost: A Compilation of Novel Attack Techniques against Smartphone Touchscreens (PDF)

Seita Maruyama , Waseda University
Satohiro Wakabayashi , Waseda University
Tatsuya Mori , Waseda University / RIKEN AIP
pp. 611-628

Touching the Untouchables: Dynamic Security Analysis of the LTE Control Plane (PDF)

Hongil Kim , Korea Institute of Science and Technology (KAIST)
Jiho Lee , Korea Institute of Science and Technology (KAIST)
Eunkyu Lee , Korea Institute of Science and Technology (KAIST)
Yongdae Kim , Korea Institute of Science and Technology (KAIST)
pp. 629-644

Redactable Blockchain in the Permissionless Setting (PDF)

Dominic Deuber , Friedrich-Alexander-University Erlangen-Nurnberg
Bernardo Magri , Aarhus University
Sri Aravinda Krishnan Thyagarajan , Friedrich-Alexander-University Erlangen-Nurnberg
pp. 645-659

Proof-of-Stake Sidechains (PDF)

Peter Ga?i , IOHK
Aggelos Kiayias , University of Edinburgh, IOHK
Dionysis Zindros , University of Athens, IOHK
pp. 660-677

LBM: A Security Framework for Peripherals within the Linux Kernel (PDF)

Dave Jing Tian , University of Florida
Grant Hernandez , University of Florida
Joseph I. Choi , University of Florida
Vanessa Frost , University of Florida
Peter C. Johnson , Middlebury College
Kevin R. B. Butler , University of Florida
pp. 678-695

Theory and Practice of Finding Eviction Sets (PDF)

Pepe Vila , IMDEA Software Institute/Technical University of Madrid (UPM)
Boris Köpf , Microsoft Research
José F. Morales , IMDEA Software Institute
pp. 696-711

Iodine: Fast Dynamic Taint Tracking Using Rollback-free Optimistic Hybrid Analysis (PDF)

Subarno Banerjee , University of Michigan
David Devecsery , Georgia Institute of Technology
Peter M. Chen , University of Michigan
Satish Narayanasamy , University of Michigan
pp. 712-726

Certified Robustness to Adversarial Examples with Differential Privacy (PDF)

Mathias Lecuyer , Columbia University
Vaggelis Atlidakis , Columbia University
Roxana Geambasu , Columbia University
Daniel Hsu , Columbia University
Suman Jana , Columbia University
pp. 727-743

True2F: Backdoor-Resistant Authentication Tokens (PDF)

Emma Dauterman , Stanford and Google
David Mazières , Stanford
Dan Boneh , Stanford
Dominic Rizzo , Google
pp. 744-762

PhishFarm: A Scalable Framework for Measuring the Effectiveness of Evasion Techniques against Browser Phishing Blacklists (PDF)

Adam Oest , Arizona State University
Yeganeh Safaei , Arizona State University
Adam Doupé , Arizona State University
Gail-Joon Ahn , Arizona State University, Samsung Research
Brad Wardman , PayPal, Inc.
Kevin Tyers , PayPal, Inc.
pp. 763-780

On the Security of Two-Round Multi-Signatures (PDF)

Manu Drijvers , DFINITY, ETH Zurich
Bryan Ford , EPFL
Eike Kiltz , Ruhr-Universität Bochum
Julian Loss , Ruhr-Universität Bochum
Gregory Neven , DFINITY
pp. 781-798

On the Feasibility of Rerouting-Based DDoS Defenses (PDF)

Muoi Tran , National University of Singapore
Min Suk Kang , National University of Singapore
Hsu-Chun Hsiao , National Taiwan University
Wei-Hsuan Chiang , National Taiwan University
Shu-Po Tung , National Taiwan University
Yu-Su Wang , National Taiwan University
pp. 799-814

Drones' Cryptanalysis - Smashing Cryptography with a Flicker (PDF)

Ben Nassi , Ben-Gurion University of the Negev
Raz Ben-Netanel , Ben-Gurion University of the Negev
Adi Shamir , Weizmann Institute of Science
Yuval Elovici , Ben-Gurion University of the Negev
pp. 833-850

Demystifying Hidden Privacy Settings in Mobile Apps (PDF)

Yi Chen , Indiana University Bloomington, University of Chinese Academy of Sciences
Mingming Zha , Institute of Information Engineering, Chinese Academy of Sciences
Nan Zhang , Indiana University Bloomington
Dandan Xu , Institute of Information Engineering, Chinese Academy of Sciences
Qianqian Zhao , Institute of Information Engineering, Chinese Academy of Sciences
Feng Xuan , Institute of Information Engineering, Chinese Academy of Sciences
Kan Yuan , Indiana University Bloomington
Fnu Suya , The University of Virginia
Yuan Tian , The University of Virginia
Kai Chen , Institute of Information Engineering, Chinese Academy of Sciences
XiaoFeng Wang , Indiana University Bloomington
Wei Zou , Institute of Information Engineering, Chinese Academy of Sciences
pp. 851-867

ProFuzzer: On-the-fly Input Type Probing for Better Zero-Day Vulnerability Discovery (PDF)

Wei You , Purdue University
Xueqiang Wang , Indiana University Bloomington
Shiqing Ma , Purdue University
Jianjun Huang , Renmin University of China
Xiangyu Zhang , Purdue University
XiaoFeng Wang , Indiana University Bloomington
Bin Liang , Renmin University of China
pp. 883-900

NEUZZ: Efficient Fuzzing with Neural Program Smoothing (PDF)

Dongdong She , Columbia University
Kexin Pei , Columbia University
Dave Epstein , Columbia University
Junfeng Yang , Columbia University
Baishakhi Ray , Columbia University
Suman Jana , Columbia University
pp. 901-915

The Code That Never Ran: Modeling Attacks on Speculative Evaluation (PDF)

Craig Disselkoen , University of California San Diego, Mozilla Research Internship
Radha Jagadeesan , DePaul University
Alan Jeffrey , Mozilla Research
James Riely , DePaul University
pp. 931-948

Postcards from the Post-HTTP World: Amplification of HTTPS Vulnerabilities in the Web Ecosystem (PDF)

Stefano Calzavara , Università Ca' Foscari
Riccardo Focardi , Università Ca' Foscari, Cryptosense
Matus Nemec , Università Ca' Foscari, Masaryk University
Alvise Rabitti , Università Ca' Foscari
Marco Squarcina , TU Wien
pp. 949-966

The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations (PDF)

Eyal Ronen , Tel Aviv University
Robert Gillham , University of Adelaide
Daniel Genkin , University of Michigan
Adi Shamir , Weizmann Institute
David Wong , NCC Group
Yuval Yarom , University of Adelaide / Data61
pp. 967-984

Ouroboros Crypsinous: Privacy-Preserving Proof-of-Stake (PDF)

Thomas Kerber , The University of Edinburgh & IOHK
Aggelos Kiayias , The University of Edinburgh & IOHK
Markulf Kohlweiss , The University of Edinburgh & IOHK
Vassilis Zikas , The University of Edinburgh & IOHK
pp. 985-1002

Comprehensive Privacy Analysis of Deep Learning: Passive and Active White-box Inference Attacks against Centralized and Federated Learning (PDF)

Milad Nasr , University of Massachusetts Amherst
Reza Shokri , National University of Singapore
Amir Houmansadr , University of Massachusetts Amherst
pp. 1022-1036

Port Contention for Fun and Profit (PDF)

Alejandro Cabrera Aldaya , Universidad Tecnológica de la Habana (CUJAE), Habana, Cuba
Billy Bob Brumley , Tampere University, Tampere, Finland
Sohaib ul Hassan , Tampere University, Tampere, Finland
Cesar Pereida García , Tampere University, Tampere, Finland
Nicola Tuveri , Tampere University, Tampere, Finland
pp. 1037-1054

An Extensive Formal Security Analysis of the OpenID Financial-Grade API (PDF)

Daniel Fett , yes.com AG
Pedram Hosseyni , University of Stuttgart
Ralf Küsters , University of Stuttgart
pp. 1055-1073

EmPoWeb: Empowering Web Applications with Browser Extensions (PDF)

Dolière Francis Somé , Université Côte d'Azur/Inria, France
pp. 1074-1092

Security of GPS/INS Based On-road Location Tracking Systems (PDF)

Sashank Narain , Northeastern University
Aanjhan Ranganathan , Northeastern University
Guevara Noubir , Northeastern University
pp. 1093-1107

"If HTTPS Were Secure, I Wouldn't Need 2FA" - End User and Administrator Mental Models of HTTPS (PDF)

Katharina Krombholz , CISPA Helmholtz Center for Information Security
Karoline Busse , Bonn University
Katharina Pfeffer , SBA Research
Matthew Smith , Bonn University / FhG FKIE
Emanuel von Zezschwitz , Bonn University / FhG FKIE
pp. 1139-1156

Understanding the Security of ARM Debugging Features (PDF)

Zhenyu Ning , Wayne State University
Fengwei Zhang , Wayne State University
pp. 1157-1174
77 ms
(Ver 3.3 (11022016))