Sciweavers

CCS
2015
ACM
7 years 11 months ago
Hybrid User-level Sandboxing of Third-party Android Apps
Users of Android phones increasingly entrust personal information to third-party apps. However, recent studies reveal that many apps, even benign ones, could leak sensitive inform...
Yajin Zhou, Kunal Patel, Lei Wu, Zhi Wang, Xuxian ...
CCS
2015
ACM
7 years 11 months ago
The Fairy-Ring Dance: Password Authenticated Key Exchange in a Group
In this paper, we study Password Authenticated Key Exchange (PAKE) in a group. First, we present a generic “fairy-ring dance” construction that transforms any secure two-party...
Feng Hao, Xun Yi, Liqun Chen, Siamak Fayyaz Shahan...
CCS
2015
ACM
7 years 11 months ago
Adaptive Just-In-Time Code Diversification
We present a method to regenerate diversified code dynamically in a Java bytecode JIT compiler, and to update the diversification frequently during the execution of the program. T...
Abhinav Jangda, Mohit Mishra, Bjorn De Sutter
CCS
2015
ACM
7 years 11 months ago
Constant Communication ORAM with Small Blocksize
There have been several attempts recently at using homomorphic encryption to increase the efficiency of Oblivious RAM protocols. One of the most successful has been Onion ORAM, w...
Tarik Moataz, Travis Mayberry, Erik-Oliver Blass
CCS
2015
ACM
7 years 11 months ago
POSTER: Computations on Encrypted Data in the Internet of Things Applications
We identify and address two primary challenges for computing on encrypted data in Internet of Things applications: synchronizing encrypted data across devices and selecting an app...
Laurynas Riliskis, Hossein Shafagh, Philip Levis
CCS
2015
ACM
7 years 11 months ago
AutoPPG: Towards Automatic Generation of Privacy Policy for Android Applications
A privacy policy is a statement informing users how their information will be collected, used, and disclosed. Failing to provide a correct privacy policy may result in a fine. Ho...
Le Yu, Tao Zhang, Xiapu Luo, Lei Xue
CCS
2015
ACM
7 years 11 months ago
CARONTE: Detecting Location Leaks for Deanonymizing Tor Hidden Services
Anonymity networks such as Tor are a critical privacy-enabling technology. Tor’s hidden services provide both client and server anonymity. They protect the location of the serve...
Srdjan Matic, Platon Kotzias, Juan Caballero
CCS
2015
ACM
7 years 11 months ago
ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks
A general prerequisite for a code reuse attack is that the attacker needs to locate code gadgets that perform the desired operations and then direct the control flow of a vulnerab...
Kangjie Lu, Chengyu Song, Byoungyoung Lee, Simon P...
CCS
2015
ACM
7 years 11 months ago
(Un)linkable Pseudonyms for Governmental Databases
When data maintained in a decentralized fashion needs to be synchronized or exchanged between different databases, related data sets usually get associated with a unique identi...
Jan Camenisch, Anja Lehmann
CCS
2015
ACM
7 years 11 months ago
A Practical Attack Against the Use of RC4 in the HIVE Hidden Volume Encryption System
The HIVE hidden volume encryption system was proposed by Blass et al. at ACM-CCS 2014. Even though HIVE has a security proof, this paper demonstrates an attack on its implementatio...
Kenneth G. Paterson, Mario Strefler