NDSS 2022 接收的列表

✅作者简介：大家好我是王大梨,是一名虽然菜但是爱分享的程序员、架构师、信息安全爱好者🏆 📃个人主页：王大梨🍐的csdn博客 🔥 碎碎念：程序员中的杂学家，涉猎的范围很多，信息安全、大数据等等。 💖如果觉得博主的文章还不错的话，请👍三连支持一下博主哦🤞

针对 GAN 的属性推断攻击 Junhao Zhou, Yufei Chen, and Chao Shen (西安交通大学); 张扬(CISPA 亥姆霍兹信息安全中心)

SpiralSpy：探索隐蔽且实用的隐蔽通道，通过毫米波传感攻击气隙计算设备 Zhengxiong Li (University at Buffalo, SUNY); Baicheng Chen and Xingyu Chen (University at Buffalo); Huining Li (SUNY University at Buffalo); Chenhan Xu (University at Buffalo, SUNY); Feng Lin (Zhejiang University); Chris Xiaoxuan Lu (University of Edinburgh); Kui Ren (Zhejiang University); Wenyao Xu (SUNY Buffalo)

Subverting Stateful Firewalls with Protocol States Amit Klein (Bar Ilan University)

Local and Central Differential Privacy for Robustness and Privacy in Federated Learning Mohammad Naseri (University College London); Jamie Hayes (DeepMind); Emiliano De Cristofaro (University College London & Alan Turing Institute)

Droid 在细节中：Android 沙盒的环境感知规避 The Droid is in the Details: Environment-aware Evasion of Android Sandboxes Brian Kondracki, Babak Amin Azad, Najmeh Miramirkhani, and Nick Nikiforakis (Stony Brook University)

基于配置的攻击的取证分析 Forensic Analysis of Configuration-based Attacks Muhammad Adil Inam and Wajih Ul Hassan (University of Illinois at Urbana-Champaign); Ali Ahad (University of Virginia); Adam Bates (University of Illinois at Urbana-Champaign); Rashid Tahir (University of Prince Mugrin); Tianyin Xu (University of Illinois at Urbana-Champaign); Fareed Zaffar (LUMS)

堆栈的驯服：将堆栈数据与内存错误隔离开来 The Taming of the Stack: Isolating Stack Data from Memory Errors Kaiming Huang and Yongzhe Huang (Penn State University); Mathias Payer (EPFL); Zhiyun Qian (UC Riverside); Jack Sampson, Gang Tan, and Trent Jaeger (Penn State University)

HARPO：学习颠覆在线行为广告 HARPO: Learning to Subvert Online Behavioral Advertising Jiang Zhang and Konstantinos Psounis (University of Southern California); Muhammad Haroon and Zubair Shafiq (University of California, Davis)

获取模型！ 针对机器学习模型的模型劫持攻击 Get a Model! Model Hijacking Attack Against Machine Learning Models Ahmed Salem, Michael Backes, and Yang Zhang (CISPA Helmholtz Center for Information Security)

Sumparfi：Uvas 的反欺骗 GPS 接收器 SemperFi: Anti-spoofing GPS Receiver for UAVs Harshad Sathaye, Gerald LaMountain, Pau Closas, and Aanjhan Ranganathan (Northeastern University)

PoF：车辆排的跟随证明 PoF: Proof-of-Following for Vehicle Platoons Ziqi Xu, Jingcheng Li, and Yanjun Pan (University of Arizona); Loukas Lazos and Ming Li (University of Arizona, Tucson); Nirnimesh Ghose (University of Nebraska–Lincoln)

远程内存重复数据删除攻击 Remote Memory-Deduplication Attacks Martin Schwarzl, Erik Kraft, Moritz Lipp, and Daniel Gruss (Graz University of Technology)

用于云威胁取证的可解释联合 Transformer 日志学习 Interpretable Federated Transformer Log Learning for Cloud Threat Forensics Gonzalo De La Torre Parra (University of the Incarnate Word, TX, USA); Luis Selvera (Secure AI and Autonomy Lab, The University of Texas at San Antonio, TX, USA); Joseph Khoury (The Cyber Center For Security and Analytics, University of Texas at San Antonio, TX, USA); Hector Irizarry (Raytheon, USA); Elias Bou-Harb (The Cyber Center For Security and Analytics, University of Texas at San Antonio, TX, USA); Paul Rad (Secure AI and Autonomy Lab, The University of Texas at San Antonio, TX, USA)

ProvTalk：在网络功能虚拟化 (NFV) 中实现可解释的多级来源分析 ProvTalk: Towards Interpretable Multi-level Provenance Analysis in Networking Functions Virtualization (NFV) Azadeh Tabiban and Heyang Zhao (CIISE, Concordia University, Montreal, QC, Canada); Yosr Jarraya and Makan Pourzandi (Ericsson Security Research, Ericsson Canada, Montreal, QC, Canada); Mengyuan Zhang (Department of Computing, The Hong Kong Polytechnic University, China); Lingyu Wang (CIISE, Concordia University, Montreal, QC, Canada)

安全计算中的二分搜索 Binary Search in Secure Computation Marina Blanton and Chen Yuan (University at Buffalo (SUNY))

超越：补充美国数字安全合规要求的组织努力 Above and Beyond: Organizational Efforts to Complement U.S. Digital Security Compliance Mandates Rock Stevens (University of Maryland); Faris Bugra Kokulu and Adam Doupé (Arizona State University); Michelle L. Mazurek (University of Maryland)

使用模糊匿名投诉计数系统 (FACTS) 在加密消息中打击假新闻 Fighting Fake News in Encrypted Messaging with the Fuzzy Anonymous Complaint Tally System (FACTS) Linsheng Liu (George Washington University); Daniel S. Roche (United States Naval Academy); Austin Theriault and Arkady Yerukhimovich (George Washington University)

块缓存：安全架构的按需和可扩展缓存隔离 Chunked-Cache: On-Demand and Scalable Cache Isolation for Security Architectures Ghada Dessouky, Emmanuel Stapf, Pouya Mahmoody, Alexander Gruler, and Ahmad-Reza Sadeghi (Technical University of Darmstadt)

hbACSS：如何稳健地分享许多秘密 hbACSS: How to Robustly Share Many Secrets Thomas Yurek and Licheng Luo (University of Illinois at Urbana-Champaign); Jaiden Fairoze (University of California, Berkeley); Aniket Kate (Purdue University); Andrew Miller (University of Illinois at Urbana-Champaign)

使用仪表化车队进行城市传感中的隐私，将空气污染监测用作用例 Privacy in Urban Sensing with Instrumented Fleets, Using Air Pollution Monitoring As A Usecase Ismi Abidi (IIT Delhi); Ishan Nangia (MPI-SWS); Paarijaat Aditya (Nokia Bell Labs); Rijurekha Sen (IIT Delhi)

固件：蜂窝基带固件的透明动态分析 FirmWire: Transparent Dynamic Analysis for Cellular Baseband Firmware Grant Hernandez (University of Florida); Marius Muench (Vrije Universiteit Amsterdam); Dominik Maier (TU Berlin); Alyssa Milburn (Vrije Universiteit Amsterdam); Shinjo Park (TU Berlin); Tobias Scharnowski (Ruhr-University Bochum); Tyler Tucker, Patrick Traynor, and Kevin Butler (University of Florida)

具有正确操作的简洁证明的透明字典 Transparency Dictionaries with Succinct Proofs of Correct Operation Ioanna Tzialla (New York University); Abhiram Kothapalli and Bryan Parno (Carnegie Mellon University); Srinath Setty (Microsoft Research)

Repttack：利用云调度程序来引导协同定位攻击 Repttack: Exploiting Cloud Schedulers to Guide Co-Location Attacks Chongzhou Fang, Han Wang, and Najmeh Nazari (University of California, Davis); Behnam Omidi (George Mason University); Avesta Sasan (University of California, Davis); Khaled N. Khasawneh (George Mason University); Setareh Rafatirad and Houman Homayoun (University of California, Davis)

V-Range：在 5G 无线网络中实现安全测距 V-Range: Enabling Secure Ranging in 5G Wireless Networks Mridula Singh (CISPA – Helmholtz Center for Information Security); Marc Roeschlin (ETH Zurich); Aanjhan Ranganathan (Northeastern University); Srdjan Capkun (ETH Zurich)

FedCRI：联合移动网络风险情报 FedCRI: Federated Mobile Cyber-Risk Intelligence Hossein Fereidooni (Technical University of Darmstadt); Alexandra Dmitrienko (University of Wuerzburg); Phillip Rieger, Markus Miettinen, and Ahmad-Reza Sadeghi (Technical University of Darmstadt); Felix Madlener (KOBIL)

EqualNet：长期网络拓扑混淆的安全实用防御 EqualNet: A Secure and Practical Defense for Long-term Network Topology Obfuscation Jinwoo Kim (KAIST); Eduard Marin (Telefonica Research (Spain)); Mauro Conti (University of Padua); Seungwon Shin (KAIST)

DeepSight：通过深度模型检查减轻联邦学习中的后门攻击 DeepSight: Mitigating Backdoor Attacks in Federated Learning Through Deep Model Inspection Phillip Rieger, Thien Duc Nguyen, Markus Miettinen, and Ahmad-Reza Sadeghi (Technical University of Darmstadt)

EMS：基于覆盖的模糊测试的历史驱动突变 EMS: History-Driven Mutation for Coverage-based Fuzzing Chenyang Lyu and Shouling Ji (Zhejiang University); Xuhong Zhang (Zhejiang University & Zhejiang University NGICS Platform); Hong Liang (Zhejiang University); Binbin Zhao (Georgia Institute of Technology); Kangjie Lu (University of Minnesota); Raheem Beyah (Georgia Institute of Technology)

CFInsight：CFI 政策的综合指标 CFInsight: A Comprehensive Metric for CFI Policies Tommaso Frassetto, Patrick Jauernig, David Koisser, and Ahmad-Reza Sadeghi (Technical University of Darmstadt)

揭示 Android 中跨上下文不一致的访问控制执行 Uncovering Cross-Context Inconsistent Access Control Enforcement in Android Hao Zhou (The Hong Kong Polytechnic University); Haoyu Wang (Beijing University of Posts and Telecommunications); Xiapu Luo (The Hong Kong Polytechnic University); Ting Chen (University of Electronic Science and Technology of China); Yajin Zhou (Zhejiang University); Ting Wang (Pennsylvania State University)

你看到的不是网络推断的：基于语义矛盾检测对抗样本 What You See is Not What the Network Infers: Detecting Adversarial Examples Based on Semantic Contradiction Yijun YANG, RuiYuan Gao, YU LI, Qiuxia Lai, and Qiang Xu (The Chinese University of Hong Kong)

NAME-NN：基于注意力的 QoE 感知规避后门攻击 ATTEQ-NN: Attention-based QoE-aware Evasive Backdoor Attacks Xueluan Gong (Wuhan University); Yanjiao Chen (Zhejiang University); Jianshuo Dong and Qian Wang (Wuhan University)

针对商业代码虚拟化混淆器的选择程序集攻击 Chosen-Assembly Attack Against Commercial Code Virtualization Obfuscators Shijia Li, Chunfu Jia, Pengda Qiu, and Qiyuan Chen (College of Computer Science, NanKai University and the Tianjin Key Laboratory of Network and Data Security Technology); Jiang Ming (University of Texas at Arlington); Debin Gao (Singapore Management University)

使用 HAKCs 防止内核黑客攻击 Preventing Kernel Hacks with HAKCs Derrick McKee (Purdue University); Yianni Giannaris, Carolina Ortega, and Howard Shrobe (MIT CSAIL); Mathias Payer (EPFL); Hamed Okhravi and Nathan Burow (MIT Lincoln Laboratory)

像 1996 年一样构建嵌入式系统 Building Embedded Systems Like It’s 1996 Ruotong Yu (Stevens Institute of Technology); Francesca Del Nin (University of Padua); Yuchen Zhang and Shan Huang (Stevens Institute of Technology); Pallavi Kaliyar (University of Padua); Sarah Zakto (Cyber Independent Testing Lab); Mauro Conti (University of Padua); Georgios Portokalidis and Jun Xu (Stevens Institute of Technology)

使用对抗性测试评估 VPN 实施对 DoS 攻击的敏感性 Evaluating Susceptibility of VPN Implementations to DoS Attacks Using Adversarial Testing Fabio Streun, Joel Wanner, and Adrian Perrig (ETH Zurich)

D-Box：为嵌入式应用程序启用 DMA 的划分 D-Box: DMA-enabled compartmentalization for embedded applications Alejandro Mera, Yi Hui Chen, Ruimin Sun, Engin Kirda, and Long Lu (Northeastern University)

同上：以线路速率进行 WAN 流量混淆 ditto: WAN Traffic Obfuscation at Line Rate Roland Meier (ETH Zürich); Vincent Lenders (armasuisse); Laurent Vanbever (ETH Zürich)

Tetrad：主动保护 4PC 以进行安全训练和推理 Tetrad: Actively Secure 4PC for Secure Training and Inference Nishat Koti and Arpita Patra (IISc Bangalore); Rahul Rachuri (Aarhus University, Denmark); Ajith Suresh (IISc, Bangalore)

跨语言攻击 Cross-Language Attacks Samuel Mergendahl, Nathan Burow, and Hamed Okhravi (MIT Lincoln Laboratory)

FakeGuard：探索触觉响应以减轻商业指纹反欺骗中的漏洞 FakeGuard: Exploring haptic response to mitigate the vulnerability in commercial fingerprint anti-spoofing Aditya Singh Rathore (University at Buffalo, SUNY); Yijie Shen (Zhejiang University); Chenhan Xu and Jacob Snyderman (University at Buffalo, SUNY); Jinsong Han and Fan Zhang (Zhejiang University); Zhengxiong Li (University at Buffalo, SUNY); Feng Lin (Zhejiang University); Wenyao Xu (University at Buffalo, SUNY); Kui Ren (Zhejiang University)

关于合成基因组数据的效用和隐私 On Utility and Privacy in Synthetic Genomic Data Bristena Oprisanu (UCL); Georgi Ganev (UCL & Hazy); Emiliano De Cristofaro (UCL)

DRAWN APART：一种基于远程 GPU 指纹的设备识别技术 DRAWN APART: A Device Identification Technique based on Remote GPU Fingerprinting Tomer Laor (Ben-Gurion Univ. of the Negev); Naif Mehanna and Antonin Durey (Univ. Lille / Inria); Vitaly Dyadyuk (Ben-Gurion Univ. of the Negev); Pierre Laperdrix (CNRS, Univ. Lille, Inria Lille); Clémentine Maurice (CNRS); Yossi Oren (Ben-Gurion Univ. of the Negev); Romain Rouvoy (Univ. Lille / Inria / IUF); Walter Rudametkin (Univ. Lille / Inria); Yuval Yarom (University of Adelaide)

PHYjacking：针对Android零权限授权攻击的物理输入劫持 PHYjacking: Physical Input Hijacking for Zero-Permission Authorization Attacks on Android Xianbo Wang, Shangcheng Shi, Yikang Chen, and Wing Cheong Lau (The Chinese University of Hong Kong)

Euler：通过可扩展的时间图链接预测检测网络横向运动 Euler: Detecting Network Lateral Movement via Scalable Temporal Graph Link Prediction Isaiah J. King and H. Howie Huang (The George Washington University)

愚弄自动驾驶汽车的眼睛：针对交通标志识别系统的强大物理对抗示例 Fooling the Eyes of Autonomous Vehicles: Robust Physical Adversarial Examples Against Traffic Sign Recognition Systems Wei Jia (School of Cyber Science and Engineering, Huazhong University of Science and Technology); Haichun Zhang (Huazhong University of Science and Technology); Zhaojun Lu (School of Cyber Science and Engineering, Huazhong University of Science and Technology); Jie Wang (Shenzhen Kaiyuan Internet Security Co., Ltd); Zhenglin Liu (Huazhong University of Science and Technology); Gang Qu (University of Maryland)

真相会让你自由：在智能环境中启用实用的取证能力 The Truth Shall Set Thee Free: Enabling Practical Forensic Capabilities in Smart Environments Leonardo Babun, Amit Kumar Sikder, Abbas Acar, and Selcuk Uluagac (Florida International University)

Clarion：来自多方洗牌协议的匿名通信 Clarion: Anonymous Communication from Multiparty Shuffling Protocols Saba Eskandarian (University of North Carolina at Chapel Hill); Dan Boneh (Stanford University)

可测试性 Tarpits：代码模式对 Web 应用程序安全测试的影响 Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications Feras Al-Kassar, Giulia Clerici, and Luca Compagna (SAP Security Research); Davide Balzarotti (EURECOM); Fabian Yamaguchi (ShiftLeft Inc)

针对经过时间证明的多证书攻击及其对策 Multi-Certificate Attacks against Proof-of-Elapsed-Time and Their Countermeasures Huibo Wang (Baidu Security); Guoxing Chen (Shanghai Jiao Tong University); Yinqian Zhang (Southern University of Science and Technology); Zhiqiang Lin (Ohio State University)

对重复的 Linux 内核错误报告的深入分析 An In-depth Analysis of Duplicated Linux Kernel Bug Reports Dongliang Mu (Huazhong University of Science and Technology); Yuhang Wu, Yueqi Chen, and Zhenpeng Lin (Pennsylvania State University); Chensheng Yu (George Washington University); Xinyu Xing (Pennsylvania State University); Gang Wang (University of Illinois at Urbana-Champaign)

具有恶意安全性的元数据隐藏文件共享系统 A Metadata-Hiding File-Sharing System with Malicious Security Weikeng Chen (UC Berkeley); Thang Hoang (Virginia Tech); Jorge Guajardo (Robert Bosch Research and Technology Center); Attila A. Yavuz (University of South Florida)

信任或不信任：具有可信执行环境的混合多方计算 To Trust or Not to Trust: Hybrid Multi-party Computation with Trusted Execution Environment Pengfei Wu and Ee-Chien Chang (School of Computing, National University of Singapore); Jianting Ning (Fujian Normal University); Hongbin Wang and Jiamin Shen (School of Computing, National University of Singapore)

物理世界攻击下自动驾驶规划中拒绝服务漏洞的系统发现 Systematic Discovery of Denial-of-Service Vulnerability in Autonomous Driving Planning under Physical-World Attacks Ziwen Wan, Junjie Shen, and Jalen Chuang (University of California, Irvine); Xin Xia (The University of California, Los Angeles); Joshua Garcia (University of California, Irvine); Jiaqi Ma (The University of California, Los Angeles); Qi Alfred Chen (University of California, Irvine)

RamBoAttack：一种强大且查询效率高的深度神经网络决策利用 RamBoAttack: A Robust and Query Efficient Deep Neural Network Decision Exploit viet vo (The University of Adelaide); Damith C. Ranasinghe (University of Adelaide); Ehsan Abbasnejad (The University of Adelaide)

Shaduf：非周期支付渠道再平衡 Shaduf: Non-Cycle Payment Channel Rebalancing Zhonghui Ge, Yi Zhang, Yu Long, and Dawu Gu (Shanghai Jiao Tong University)

异构智能家居网络中的轻量级 IoT Cryptojacking 检测机制 A Lightweight IoT Cryptojacking Detection Mechanism in Heterogeneous Smart Home Networks Ege Tekiner, Abbas Acar, and Selcuk Uluagac (Florida International University)

无线流量上的数据包级开放世界应用程序指纹 Packet-Level Open-World App Fingerprinting on Wireless Traffic Jianfeng Li, Shuohan Wu, Hao Zhou, and Xiapu Luo (The Hong Kong Polytechnic University); Ting Wang (Penn State); Yangyang Liu (The Hong Kong Polytechnic University); Xiaobo Ma (Xi’an Jiaotong University)

ROV-MI：大规模、准确和高效的 ROV 部署测量 ROV-MI: Large-Scale, Accurate and Efficient Measurement of ROV Deployment Wenqi Chen (Tsinghua University); Zhiliang Wang ([email protected]); Dongqi Han (Institute for Network Sciences and Cyberspace, Tsinghua University); Chenxin Duan, Xia Yin, Jiahai Yang, and Xingang Shi (Tsinghua University)

SynthCT：迈向便携式恒定时间代码 SynthCT: Towards Portable Constant-Time Code Sushant Dinesh, Grant Garrett-Grossman, and Christopher W. Fletcher (University of Illinois at Urbana Champaign)

KASPER：在 Linux 中扫描通用瞬态执行小工具 KASPER: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel Brian Johannesmeyer, Jakob Koschel, and Cristiano Giuffrida (Vrije Universiteit Amsterdam); Kaveh Razavi (ETH Zurich); Herbert Bos (Vrije Universiteit Amsterdam)

HeadStart：大规模有效验证和低延迟的参与式随机生成 HeadStart: Efficiently Verifiable and Low-Latency Participatory Randomness Generation at Scale Hsun Lee, Yuming Hsu, Jing-Jie Wang, Hao Cheng Yang, and Yu-Heng Chen (National Taiwan University); Yih-Chun Hu (University of Illinois at Urbana-Champaign); Hsu-Chun Hsiao (National Taiwan University)

F-PKI：在 HTTPS 公钥基础设施中实现创新和信任灵活性 F-PKI: Enabling Innovation and Trust Flexibility in the HTTPS Public-Key Infrastructure Laurent Chuat (ETH Zurich); Cyrill Krähenbühl (ETH Zürich); Prateek Mittal (Princeton University); Adrian Perrig (ETH Zurich)

RVPLAYER：通过假设推理重播的机器人车辆取证 RVPLAYER: Robotic Vehicle Forensics by Replay with What-if Reasoning Hongjun Choi, Zhiyuan Cheng, and Xiangyu Zhang (Purdue University)

GhostTalk：通过电力线侧信道对智能手机语音助手的交互式攻击 GhostTalk: Interactive Attack on Smartphone Voice Assistant Through Power Line Side-Channel Yuanda Wang, Hanqing Guo, and Qiben Yan (Michigan State University)

让我们进行身份验证：用于用户身份验证的自动证书 Let’s Authenticate: Automated Certificates for User Authentication James Conners, Stephen Derbidge, Natalie Farnsworth, Kyler Gates, Stephen Lambert, Christopher McClain, and Daniel Zappala (Brigham Young University)

揭开非法药物促销的本地商业搜索中毒的神秘面纱 Demystifying Local Business Search Poisoning for Illicit Drug Promotion Peng Wang, Zilong Lin, Xiaojing Liao, and XiaoFeng Wang (Indiana University Bloomington)

VPNInspector：VPN 生态系统的系统调查 VPNInspector: Systematic Investigation of the VPN Ecosystem Reethika Ramesh (University of Michigan); Leonid Evdokimov (Independent); Diwen Xue and Roya Ensafi (University of Michigan)

用于数据竞争检测的上下文敏感和定向并发模糊测试 Context-Sensitive and Directional Concurrency Fuzzing for Data-Race Detection Zu-Ming Jiang and Jia-Ju Bai (Tsinghua University); Kangjie Lu (University of Minnesota); Shi-Min Hu (Tsinghua University)

隐藏真实的自我！ 保护 3D 打印机知识产权免受光学侧通道攻击 Hiding My Real Self! Protecting 3D Printer Intellectual Property Against Optical Side-Channel Attacks Sizhuang Liang (Georgia Institute of Technology); Saman Zonouz (Rutgers University); Raheem Beyah (Georgia Institute of Technology)

探索原型：测量一百万个真实世界网站的客户端原型污染漏洞 Probe the Proto: Measuring Client-Side Prototype Pollution Vulnerabilities of One Million Real-world Websites Zifeng Kang, Song Li, and Yinzhi Cao (Johns Hopkins University)

MobFuzz：灰盒模糊测试中的自适应多目标优化 MobFuzz: Adaptive Multi-objective Optimization in Gray-box Fuzzing Gen Zhang, Pengfei Wang, Tai Yue, Xiangdong Kong, Shan Huang, Xu Zhou, and Kai Lu (National University of Defense Technology)

LogicMEM：通过逻辑推理为纯二进制内存取证自动生成配置文件 LogicMEM: Automatic Profile Generation for Binary-Only Memory Forensics via Logic Inference Zhenxiao Qi, Yu Qu, and Heng Yin (UC Riverside)

MIRROR：具有高保真度的深度学习网络的模型反演 MIRROR: Model Inversion for Deep LearningNetwork with High Fidelity Shengwei An, Guanhong Tao, Qiuling Xu, Yingqi Liu, and Guangyu Shen (Purdue University); Yuan Yao and Jingwei Xu (Nanjing University); Xiangyu Zhang (Purdue University)

无需硬件设备和仿真器的语义通知驱动程序模糊测试 Semantic-Informed Driver Fuzzing Without Both the Hardware Devices and the Emulators Wenjia Zhao (Xi’an Jiaotong University and University of Minnesota); Kangjie Lu and Qiushi Wu (University of Minnesota); Yong Qi (Xi’an Jiaotong University)

FANDEMIC：电源管理IC的固件攻击构建和部署以及对物联网应用的影响 FANDEMIC: Firmware Attack Construction and Deployment on Power Management IC and Impacts on IoT Applications Ryan Tsang, Doreen Joseph, Asmita Jha, and Soheil Salehi (University of California, Davis); Nadir Carreon (University of Arizona); Prasant Mohapatra and Houman Homayoun (University of California, Davis)

COOPER：使用协同变异测试脚本语言的绑定代码 COOPER: Testing the Binding Code of Scripting Languages with Cooperative Mutation Peng Xu (Institute of Software/CAS China; University of Chinese Academy of Sciences); Wang Yanhao (QI-ANXIN Technology Research Institute); Hong Hu (Penn State University); Purui Su (Institute of Software/CAS China)

NC-Max：打破中本聪共识中的安全性能权衡 NC-Max: Breaking the Security-Performance Tradeoff in Nakamoto Consensus Ren Zhang, Dingwei Zhang, and Quake Wang (Nervos); Shichen Wu (Shandong University); Jan Xie (Nervos); Bart Preneel (imec-COSIC, KU Leuven)

渐进式审查：Linux 中 UBI 错误的增量检测 Progressive Scrutiny: Incremental Detection of UBI bugs in the Linux Kernel Yizhuo Zhai, Yu Hao, Zheng Zhang, Weiteng Chen, Guoren Li, Zhiyun Qian, Chengyu Song, Manu Sridharan, and Srikanth V. Krishnamurthy (University of California, Riverside); Trent Jaeger (The Pennsylvania State University); Paul Yu (U.S. Army Research Laboratory)

PMTUD 不是灵丹妙药：重新审视针对 TCP 的 IP 分片攻击 PMTUD is not Panacea: Revisiting IP Fragmentation Attacks against TCP Xuewei Feng and Qi Li (Tsinghua University); Kun Sun (George Mason University); Ke Xu and Baojun Liu (Tsinghua University); Xiaofeng Zheng (Institute for Network Sciences and Cyberspace, Tsinghua University; QiAnXin Technology Research Institute & Legendsec Information Technology (Beijing) Inc.); Qiushi Yang (QiAnXin Technology Research Institute & Legendsec Information Technology (Beijing) Inc.); Haixin Duan (Institute for Network Science and Cyberspace, Tsinghua University; Qi An Xin Group Corp.); Zhiyun Qian (UC Riverside)

ScriptChecker：使用任务功能驯服第三方脚本执行 ScriptChecker: To Tame Third-party Script Execution With Task Capabilities Wu Luo (Peking University); Xuhua Ding (Singapore Management University); Pengfei Wu (School of Computing, National University of Singapore); Xiaolei Zhang, Qingni Shen, and Zhonghai Wu (Peking University)

Speeding Dumbo：推动异步 BFT 实践 Speeding Dumbo: Pushing Asynchronous BFT to Practice Bingyong Guo (Institute of Software, Chinese Academy of Sciences); Yuan Lu (Institute of Software Chinese Academy of Sciences); Zhenliang Lu and Qiang Tang (The University of Sydney); jing xu (Institute of Software, Chinese Academy of Sciences); Zhenfeng Zhang (TCA of State Key Laboratory of Computer Science, Institute of Software, Chinese Academy of Sciences)

危险集成：了解团队聊天系统的应用程序扩展中的安全风险 Hazard Integrated: Understanding Security Risks in App Extensions to Team Chat Systems Mingming Zha (Indiana University Bloomington); Jice Wang (UCAS); Yuhong Nan (Sun Yat-sen University); Xiaofeng Wang (Indiana Unversity Bloomington); Yuqing Zhang and Zelin Yang (National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences)

简单翻译了一下论文题目，之后我会挑出自己感兴趣的论文阅读并将阅读笔记分享给大家。