G.O.S.S.I.P 学术论文推荐 2021

https://github.com/GoSSIP-SJTU/dailyPaper/

• 2021-01-04: HideNoSeek: Camouflaging Malicious JavaScript in Benign ASTs @ CCS 2019
• 2021-01-05: Examining Mirai's Battle over the Internet of Things @ CCS 2020
• 2021-01-06: CogniCryptGEN: generating code for the secure usage of crypto APIs @ CGO 2020
• 2021-01-07: "It's the Company, the Government, You and I": User Perceptions of Responsibility for Smart Home Privacy and Security @ Usenix Security 2021
• 2021-01-08: Finding Bugs Using Your Own Code: Detecting Functionally-similar yet Inconsistent Code @ Usenix Security 2021
• 2021-01-12: Detecting Kernel Memory Leaks in Specialized Modules with Ownership Reasoning @ NDSS 2021
• 2021-01-13: Zipper Stack: Shadow Stacks Without Shadow @ ESORICS 2020
• 2021-01-14: AndroEvolve: Automated Update for Android Deprecated-API Usages
• 2021-01-15: TEEREX: Discovery and Exploitation of Memory Corruption Vulnerabilities in SGX Enclaves @ USENIX Security 2020
• 2021-01-18: Agamotto: Accelerating Kernel Driver Fuzzing with Lightweight Virtual Machine Checkpoints @ Usenix Security 2020
• 2021-01-19: Peek-a-Boo: I see your smart home activities, even encrypted! @ Wisec 2020
• 2021-01-20: To Err.Is Human: Characterizing the Threat of Unintended URLs in Social Media @ NDSS 2021
• 2021-01-21: RusTEE: Developing Memory-Safe ARM TrustZone Applications @ ACSAC 2020
• 2021-01-22: Reining in the Web’s Inconsistencies with Site Policy @ NDSS 2021
• 2021-01-25: Devil is Virtual: Reversing Virtual Inheritance in C++ Binaries @ CCS 2020
• 2021-01-26: IOTSAFE: Enforcing Safety and Security Policy with Real IoT Physical Interaction Discovery @ NDSS 2021
• 2021-01-27: The Boon and Bane of Cross-Signing: Shedding Light on a Common Practice in Public Key Infrastructures @ CCS 2020
• 2021-01-28: The Eye of Horus: Spotting and Analyzing Attacks on Ethereum Smart Contracts
• 2021-01-29: Favocado: Fuzzing the Binding Code of JavaScript Engines Using Semantically Correct TestCases @ NDSS 2021
• 2021-02-01: RetroWrite: Statically Instrumenting COTS Binaries for Fuzzing and Sanitization @ IEEE S&P 2020
• 2021-02-02: DIANE: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices @ IEEE S&P 2021
• 2021-02-03: Tales of FAVICONS and Caches: Persistent Tracking in Modern Browsers @ NDSS 2021
• 2021-02-04: Preventing and Detecting State Inference Attacks on Android @ NDSS 2021
• 2021-02-05: Who’s Hosting the Block Party? Studying Third-Party Blockage of CSP and SRI @ NDSS 2021
• 2021-02-18: OSPREY: Recovery of Variable and Data Structure via Probabilistic Analysis for Stripped Binary @ IEEE S&P 2021
• 2021-02-19: The Tangled Genealogy of IoT Malware @ ACSAC 2020
• 2021-02-22: POP and PUSH: Demystifying and Defending against (Mach) Port-Oriented Programming @ NDSS 2021
• 2021-02-23 ~ 2021-02-25: NDSS 2021 参会小记
• 2021-02-26: Who’s Debugging the Debuggers? Exposing Debug Information Bugs in Optimized Binaries @ ASPLOS 2021
• 2021-03-01: SerialDetector: Principled and Practical Exploration of Object Injection Vulnerabilities for the Web @ NDSS 2021
• 2021-03-02: What’s in an Exploit? An Empirical Analysis of Reflected Server XSS Exploitation Techniques @ RAID 2020
• 2021-03-03: Guide Me to Exploit: Assisted ROP Exploit Generation for ActionScript Virtual Machine @ ACSAC 2020
• 2021-03-04: Mitigating Data Leakage by Protecting Memory-resident Sensitive Data @ ACSAC 2019
• 2021-03-05: Demystifying Diehard Android Apps @ ASE 2020
• 2021-03-08: Security Study of Service Worker Cross-Site Scripting @ ACSAC 2020
• 2021-03-09: Assessing the Impact of Script Gadgets on CSP at Scale @ ASIA CCS 2020
• 2021-03-10: ATVHUNTER: Reliable Version Detection of Third-Party Libraries for Vulnerability Identification in Android Applications @ ICSE 2021
• 2021-03-11: Too Quiet in the Library: An Empirical Study of Security Updates in Android Apps’ Native Code @ ICSE 2021
• 2021-03-12: You Are What You Broadcast: Identification of Mobile and IoT Devices from (Public) WiFi @ Usenix Security 2020