Under the Shadow of Sunshine: Understanding and Detecting BulletProof Hosting on Legitimate Service Provider Networks
Dark Hazard: Learning-based, Large-scale Discovery of Hidden Sensitive Operations in Android Apps
Catching Predators at Watering Holes: Finding and Understanding Strategically Compromised Websites
Lurking Malice in the Cloud: Understanding and Detecting Cloud Repository as a Malicious Service
Acing the IOC Game: Toward Automatic Discovery and Analysis of Open-Source Cyber Threat Intelligence
Staying Secure and Unprepared: Understanding and Mitigating the Security Risks of Apple ZeroConf
Seeking Nonsense, Looking for Trouble: Efficient Promotional-Infection Detection through Semantic Inconsistency Search
Following Devil's Footprints: Cross-Platform Analysis of Potentially Harmful Libraries on Android and iOS
Practicing oblivious access on cloud storage: the gap, the fallacy, and the new way forward
Perplexed messengers from the cloud: Automated security analysis of push-messaging integrations
Hare hunting in the wild android: A study on the threat of hanging attribute references
Efficient genome-wide, privacy-preserving similar patient query based on private edit distance
Cracking App Isolation on Apple: Unauthorized Cross-App Resource Access on MAC OS
Uipicker: User-input privacy identification in mobile applications
Finding unknown malice in 10 seconds: Mass vetting for new threats at the google-play scale
Leave me alone: App-level protection against runtime information gathering on Android
What's in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources.
Mayhem in the push clouds: Understanding and mitigating security hazards in mobile push-messaging services
Controlled functional encryption
Understanding the dark side of domain parking
Upgrading your android, elevating my malware: Privilege escalation through mobile os updating
The peril of fragmentation: Security hazards in android device driver customizations
Hunting the red fox online: Understanding and detection of mass redirect-script injections
The Tangled Web of Password Reuse.
Screenmilker: How to Milk Your Android Screen for Secrets.
Inside Job: Understanding and Mitigating the Threat of External Device Mis-Binding on Android.
Privacy Risk in Anonymized Heterogeneous Information Networks.
Choosing blindly but wisely: differentially private solicitation of DNA datasets for disease marker discovery
Unauthorized origin crossing on mobile platforms: Threats and mitigation
Identity, location, disease and more: Inferring your secrets from android public resources
Finding the linchpins of the dark web: a study on topologically dedicated hosts on malicious web infrastructures
InteGuard: Toward Automatic Protection of Third-Party Web Service Integrations.
Knowing your enemy: understanding and detecting malicious web advertising
Signing me onto your accounts through facebook and google: A traffic-guided security study of commercially deployed single-sign-on web services
Large-Scale Privacy-Preserving Mapping of Human Genomic Sequences on Hybrid Clouds.
Sedic: privacy-aware data intensive computing on hybrid clouds
To release or not to release: evaluating information leaks in aggregate human-genome data
How to Shop for Free Online--Security Analysis of Cashier-as-a-Service Based Web Stores
Soundcomber: A Stealthy and Context-Aware Sound Trojan for Smartphones.
FIRM: Capability-based inline mediation of Flash behaviors
Sidebuster: automated detection and quantification of side-channel leaks in web application development
Mash-if: Practical information-flow control within client-side mashups
Side-channel leaks in web applications: A reality today, a challenge tomorrow
Privacy-preserving genomic computation through program specialization
Learning your identity and disease from research papers: information leaks in genome wide association study
Effective and Efficient Malware Detection at the End Host.
Mitigating inadvertent insider threats with incentives
Peeping Tom in the Neighborhood: Keystroke Eavesdropping on Multi-User Systems
Denial of service attacks and defenses in decentralized trust management
Towards automatic reverse engineering of software security configurations
Panalyst: Privacy-Aware Remote Error Analysis on Commodity Software.
Agis: Towards automatic generation of infection signatures
PRECIP: Towards Practical and Retrofittable Confidential Information Protection.
Making captchas clickable
A multi-layer framework for puzzle-based denial-of-service defense
Spyshield: Preserving privacy from spy add-ons
Wraps: Denial-of-service defense through web referrals
Packet vaccine: Black-box exploit detection and signature generation
Deterring voluntary trace disclosure in re-encryption mix networks
Building reliable mix networks with fair exchange
Mitigating bandwidth-exhaustion attacks using congestion puzzles
Stealth Attacks on Vehicular Wireless Networks
Defending against denial-of-service attacks with puzzle auctions
Learning near-Pareto-optimal conventions in polynomial time
Reinforcement learning to play an optimal Nash equilibrium in team Markov games
(Im) possibility of safe exchange mechanism design