IEEE Symposium on Security and Privacy

The program will include presentations of the 26 accepted papers listed below. In addition to the research presentations, there will be two co-located workshops and two co-located tutorials.

More details on the full program will be available soon.

Plaintext Recovery Attacks Against SSH
Martin R. Albrecht, Kenneth G. Paterson, Gaven J. Watson (Royal Holloway, University of London)
Tempest in a Teapot: Compromising Reflections Revisited
Michael Backes (Saarland University and Max Planck Institute for Software Systems), Tongbo Chen (Max Planck Institue for Informatics), Markus Duermuth (Saarland University), Hendrik P. A. Lensch (Max Planck Institute for Informatics), Martin Welk (Saarland University)
Automatic Discovery and Quantification of Information Leaks
Michael Backes (Saarland University and Max Planck Institute for Software Systems), Boris Köpf (Max Planck Institute for Software Systems), Andrey Rybalchenko (Max Planck Institute for Software Systems)
Secure Content Sniffing for Web Browsers or How to Stop Papers from Reviewing Themselves
Adam Barth (University of California, Berkeley), Juan Caballero (Carnegie Mellon University and University of California, Berkeley), Dawn Song (University of California, Berkeley)
Quantifying Information Leaks in Outbound Web Traffic
Kevin Borders (Web Tap Security, Inc.), Atul Prakash (University of Michigan)
Exploiting Unix File-System Races via Algorithmic Complexity Attacks
Xiang Cai, Yuwei Gui, Rob Johnson (Stony Brook University)
Pretty-Bad-Proxy: An Overlooked Adversary in Browsers' HTTPS Deployments
Shuo Chen (Microsoft Research), Ziqing Mao (Purdue University), Yi-Min Wang (Microsoft Research), Ming Zhang (Microsoft Research)
Fingerprinting Blank Paper Using Commodity Scanners
William Clarkson (Princeton University), Tim Weyrich (University College London), Adam Finkelstein (Princeton University), Nadia Heninger (Princeton University), Alex Halderman (Princeton University), Ed Felten (Princeton University)
Prospex: Protocol Specification Extraction
Paolo Milani Comparetti (Technical University Vienna), Gilbert Wondracek (Technical University Vienna), Christopher Kruegel (University of California, Santa Barbara), Engin Kirda (Institute Eurecom)
Practical Mitigations for Timing-Based Side-Channel Attacks on Modern x86 Processors
Bart Coppens (Ghent University), Ingrid Verbauwhede (Katholieke Universiteit Leuven), Bjorn De Sutter (Ghent University), Koen De Bosschere (Ghent University)
Sphinx: A Compact and Provably Secure Mix Format
George Danezis (Microsoft Research) and Ian Goldberg (University of Waterloo)
A Logic of Secure Systems and its Application to Trusted Computing
Anupam Datta, Jason Franklin, Deepak Garg, Dilsun Kaynar (Carnegie Mellon University)
Wirelessly Pickpocketing a Mifare Classic Card
Flavio D. Garcia, Peter van Rossum, Roel Verdult, Ronny Wichers Schreur (Radboud University Nijmegen)
The Mastermind Attack on Genomic Data
Michael T. Goodrich (University of California, Irvine)
Non-Interference for a Practical DIFC-Based Operating System
Maxwell Krohn (Carnegie Mellon University), Eran Tromer (Massachusetts Institute of Technology)
An Epistemic Approach to Coercion-Resistance for Electronic Voting Protocols
Ralf Kuesters, Tomasz Truderung (University of Trier)
Blueprint: Precise Browser-Neutral Prevention of Cross-site Scripting Attacks
Mike Ter Louw, V.N. Venkatakrishnan (University of Illinois at Chicago)
De-anonymizing Social Networks
Arvind Narayanan, Vitaly Shmatikov (University of Texas, Austin)
CLAMP: Practical Prevention of Large-Scale Data Leaks
Bryan Parno, Jonathan M. McCune, Dan Wendlandt, David G. Andersen, Adrian Perrig (Carnegie Mellon University)
It's no secret. Measuring the security and reliability of authentication via `secret' questions
Stuart Schechter (Microsoft Research), A. J. Bernheim Brush (Microsoft Research), Serge Egelman (Carnegie Mellon University)
Automatic Reverse Engineering of Malware Emulators
Monirul Sharif, Andrea Lanzi, Jonathon Giffin, Wenke Lee (Georgia Institute of Technology)
Privacy Weaknesses in Biometric Sketches
Koen Simoens (Katholieke Universiteit Leuven), Pim Tuyls (Intrinsic-ID), Bart Preneel (Katholieke Universiteit Leuven)
Password Cracking Using Probabilistic Context-Free Grammars
Matt Weir, Sudhir Aggarwal, Bill Glodek, Breno de Medeiros (Florida State Univerisy)
Native Client: A Sandbox for Portable, Untrusted x86 Native Code
Bennet Yee, David Sehr, Gregory Dardyk, Brad Chen, Robert Muth, Tavis Ormandy, Shiki Okasaka, Neha Narula, Nicholas Fullagar (Google)
DSybil: Optimal Sybil-Resistance for Recommendation Systems
Haifeng Yu (National University of Singapore), Chenwei Shi (National University of Singapore), Michael Kaminsky (Intel Research Pittsburgh), Phillip B. Gibbons (Intel Research Pittsburgh), Feng Xiao (National University of Singapore)
Formally Certifying the Security of Digital Signature Schemes
Santiago Zanella-Béguelin (INRIA Sophia Antipolis Méditerranée and INRIA-Microsoft Research Joint Centre), Gilles Barthe (IMDEA Software), Benjamin Grégoire (INRIA Sophia Antipolis Méditerranée and INRIA-Microsoft Research Joint Centre), Federico Olmedo (Universidad Nacional de Rosario, Argentina)