Seminar

“The paper burns, but the words fly free.”

― Akiba Ben Joseph

• [2023.05.06] [NDSS 2023] DARWIN: Survival of the Fittest Fuzzing Mutators
• [2023.04.28] [ISCA 2023] ISA-grid: Architecture of Fine-grained Privilege Control for Instructions and Registers
• [2023.04.07] [Security 2023] Guarding Serverless Applications with Kalium
• [2023.03.03][NDSS2023] Assessing the Impact of Interface Vulnerabilities in Compartmentalized Software
• [2023.02.10] [NDSS 2021] JMPscare: Introspection for Binary-Only
• [2022.12.30] [CCS 2022] CETIS: Retrofitting Intel CET for Generic and Efficient Intra-process Memory Isolation
• [2022.12.09] [OSDI 2022] CAP-VMs: Capability-Based Isolation and Sharing in the Cloud
• [2022.11.25] [S&P 2021] Android Custom Permissions Demystified From Privilege Escalation to Design Shortcomings
• [2022.11.18] [CCS 2022] SymLM: Predicting Function Names in Stripped Binaries via Context-Sensitive Execution-Aware Code Embeddings
• [2022.10.21] [S&P 2022] BEACON: Directed Grey-Box Fuzzing with Provable Path Pruning
• [2022.10.14] [ISCA 2020]Nested Enclave: Supporting Fine-grained Hierarchical Isolation with SGX
• [2022.09.30] [USENIX Security 2022] A Hardware-Software Co-design for Efficient IntraEnclave Isolation
• [2022.09.23] [S&P 2022] A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP
• [2022.09.16] [TSE 2021] Research on Third-Party Libraries in Android Apps: A Taxonomy and Systematic Literature Review
• [2022.07.20][S&P 2022] Augury: Using Data Memory-Dependent Prefetchers to Leak Data at Rest
• [2022.06.24] [USENIX Security 2022] MORPHUZZ: Bending (Input) Space to Fuzz VirtualDevices
• [2022.06.15] [S&P 2022] vSGX: Virtualizing SGX Enclaves on AMD SEV
• [2022.06.08] [ESEC/FSE 2020] Object Detection for Graphical User Interface: Old Fashioned or Deep Learning or a Combination?
• [2022.05.25] [USENIX Security 2021] Understanding Malicious Cross-library Data Harvesting on Android
• [2022.05.11][PLDI 2020] BlankIt Library Debloating: Getting What You Want Instead of Cutting What You Don't
• [2022.04.27] [NDSS 2020] HFL: Hybrid Fuzzing on the Linux Kernel
• [2022.04.13] [CCS 2017] Directed Greybox Fuzzing
• [2022.03.30] [USENIX Security 2018] Debloating Software through Piece-Wise Compilation and Loading
• [2022.03.26] [CCS 2021] A Formally Verified Configuration for Hardware Security Modules in the Cloud
• [2022.03.03] [ICSE 2022] PROMAL: Precise Window Transition Graphs for Android Synergy of Program Analysis and Machine Learning
• [2022.02.23] [ESEC/FSE 2021] Vet: Identifying and Avoiding UI Exploration Tarpits
• [2022.02.16] [ISSTA 2021] Semantic Matching of GUI Events for Test Reuse Are We There Yet？
• [2021.12.1] [USENIX Security 2022] MAGE: Mutual Attestation for a Group of Enclaves without Trusted Third Parties
• [2021.11.24] [CCS 2021] SmashEx: Smashing SGX Enclaves Using Exceptions
• [2021.11.17] [USENIX Security 2021] Sharing More and Checking Less: Leveraging Common Input Keywords to Detect Bugs in Embedded Systems
• [2021.11.10] [Security and Communication Networks 2021] Blockchain as a CA: A Provably Secure Signcryption Scheme Leveraging Blockchains
• [2021.10.20] [NDSS 2021] Preventing and Detecting State Inference Attacks on Android
• [2021.09.29] [EuroSys 2019] ShieldStore: Shielded In-memory Key-value Storage with SGX
• [2021.09.18] [USENIX Security 2021] Breaking Through Binaries: Compiler-quality Instrumentation for Better Binary-only Fuzzing
• [2021.09.14] [CCS 2019] OPERA: Open Remote Attestation for Intel’s Secure Enclaves
• [2021.09.01] [MIDDLEWARE 2019]AccTEE: A WebAssembly-based Two-way Sandbox for Trusted Resource Accounting
• [2021.08.25] [S&P 2021] DIANE: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices
• [2021.08.16] [ISSTA 2021] An Infrastructure Approach to Improving Effectiveness of Android UI Testing Tools
• [2021.08.09] [ASPLOS 2020] COIN Attacks: On Insecurity of Enclave Untrusted Interfaces in SGX
• [2021.07.27] [ASPLOS 2020] Occlum: Secure and Efficient Multitasking Inside a Single Enclave of Intel SGX
• [2021.07.19] [Security 2020] TeeRex: Discovery and Exploitation of Memory Corruption Vulnerabilities in SGX Enclaves
• [2021.07.12] [PLDI 2021] Alive2 Bounded Translation Validation for LLVM
• [2021.07.02] [NDSS 2021] CHANCEL: Efficient Multi-client Isolation Under Adversarial Programs
• [2021.05.25] [NDSS 2021] The Abuser Inside Apps: Finding the Culprit Committing Mobile Ad Fraud
• [2021.05.18] [NDSS 2021] Emilia: Catching IAGO in Legacy Code
• [2021.05.11] [PLDI 2021] Automated Conformance Testing for JavaScript Engines via Deep Compiler Fuzzing
• [2021.04.27] [Security 2021] Swivel: Hardening WebAssembly against Spectre
• [2021.04.13] [IEEE S&P 2015] VC3: Trustworthy Data Analytics in the Cloud using SGX
• [2021.04.06] [Security 2019] Understanding iOS-based Crowdturfing Through Hidden UI Analysis