CODASPY '18- Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy

Full Citation in the ACM Digital Library

SESSION: Keynote Address I

Managing the Crossroads of Academia and Industry

SESSION: Cloud Security

Minimizing Privilege Assignment Errors in Cloud Services

Secure Storage with Replication and Transparent Deduplication

Server-Based Manipulation Attacks Against Machine Learning Models

SmartProvenance: A Distributed, Blockchain Based DataProvenance System

SESSION: Privacy

Cross-App Tracking via Nearby Bluetooth Low Energy Devices

Privacy-Preserving Certification of Sustainability Metrics

Capacity: an Abstract Model of Control over Personal Data

An Empirical Study on Online Price Differentiation

SESSION: IoT Security

Remote Attestation for Low-End Prover Devices with Post-Quantum Capabilities

IoTVerif: An Automated Tool to Verify SSL/TLS Certificate Validation in Android MQTT Client Applications

Keyboard Emanations in Remote Voice Calls: Password Leakage and Noise(less) Masking Defenses

SPEED: Secure Provable Erasure for Class-1 IoT Devices

SESSION: Attacks I (Vulnerability Analysis/Malware)

Identifying Relevant Information Cues for Vulnerability Assessment Using CVSS

Malware Analysis of Imaged Binary Samples by Convolutional Neural Network with Attention Mechanism

Automated Generation of Attack Graphs Using NVD

SESSION: Reception and Posters

Effectiveness of Android Obfuscation on Evading Anti-malware

AEON: Android Encryption based Obfuscation

An Empirical Study of Differentially-Private Analytics for High-Speed Network Data

A Low Energy Profile: Analysing Characteristic Security on BLE Peripherals

Secure Display for FIDO Transaction Confirmation

Misusing Sensory Channel to Attack Industrial Control Systems

SeCore: Continuous Extrospection with High Visibility on Multi-core ARM Platforms

Model Checking of Security Properties in Industrial Control Systems (ICS)

Privacy-aware Data Assessment of Online Social Network Registration Processes

CSP & Co. Can Save Us from a Rogue Cross-Origin Storage Browser Network! But for How Long?

SESSION: Keynote Address II

Code Obfuscation: Why is This Still a Thing?

SESSION: Access Control and Authentication

Access Control Model for Virtual Objects (Shadows) Communication for AWS Internet of Things

Security Analysis of Relationship-Based Access Control Policies

The Next Domino to Fall: Empirical Analysis of User Passwords across Online Services

Efficient Authorization of Graph Database Queries in an Attribute-Supporting ReBAC Model

SESSION: Virtualization/System Security

Hyperagents: Migrating Host Agents to the Hypervisor

CacheShield: Detecting Cache Attacks through Self-Observation

Secure, Consistent, and High-Performance Memory Snapshotting

Fidelius Charm: Isolating Unsafe Rust Code

SESSION: Mobile Security

A Multi-Enterprise Containerization Approach with an Interoperable Position-Based System

DIALERAUTH: A Motion-assisted Touch-based Smartphone User Authentication Scheme

Authorship Attribution of Android Apps

Securing Wireless Neurostimulators

SCLib: A Practical and Lightweight Defense against Component Hijacking in Android Applications

SESSION: Attacks II (Networks)

SecuPAN: A Security Scheme to Mitigate Fragmentation-Based Network Attacks in 6LoWPAN

Denial of Engineering Operations Attacks in Industrial Control Systems

SESSION: Web Security

A Domain is only as Good as its Buddies: Detecting Stealthy Malicious Domains via Graph Inference

Forgetting with Puzzles: Using Cryptographic Puzzles to support Digital Forgetting

SESSION: Code Analysis

Beyond Precision and Recall: Understanding Uses (and Misuses) of Similarity Hashes in Binary Analysis

From Debugging-Information Based Binary-Level Type Inference to CFG Generation

MASCAT: Preventing Microarchitectural Attacks Before Distribution