CSAW'18 Applied Research Finalists

Europe | Israel | India | US-Canada

CSAW Europe finalists

FuturesMEX: Secure Distributed Futures Market Exchange

Access the paper here

Fabio Massacci (University of Trento), Chan Nam Ngo (University of Trento), Jing Nie (University of International Business and Economics Beijing, CN), Daniele Venturi (University of Rome “La Sapienza”) and Julian Williams (University of Durham, UK)

A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components

Access the paper here

Andrea Cerulli (University College London), Dan Cvrcek (EnigmaBridge), George Danezis (University College London), Dusan Klinec (EnigmaBridge), Vasilios Mavroudis (University College London) and Petr Svenda (Masaryk University)

Grand Pwning Unit: Accelerating Microarchitectural Attacks with the GPU

Access the paper here

Herbert Bos (Vrije Universiteit Amsterdam), Pietro Frigo (Vrije Universiteit Amsterdam), Cristiano Giuffrida (Vrije Universiteit Amsterdam), and Kaveh Razavi (Vrije Universiteit Amsterdam)

The Return of Coppersmith's Attack: Practical Factorization of Widely Used RSA Moduli

Access the paper here

Dusan Klinec (Masaryk University), Vashek Matyas (Masaryk University), Matus Nemec (Masaryk University, Ca’ Foscari University of Venice ), Petr Svenda (Masaryk University) and Marek Sys (Masaryk University)

ClickShield: Are You Hiding Something? Towards Eradicating Clickjacking on Android

Yanick Fratantonio (EURECOM), Andrea Lanzi (University of Milan), Wenke Lee (Georgia Institute of Technology), Simon Pak Ho Chung (Georgia Institute of Technology) and Andrea Possemato (EURECOM)

Screaming Channels: When Electromagnetic Side Channels Meet Radio Transceivers

Access the paper here

Giovanni Camurati (EURECOM), Aurélien Francillon (EURECOM), Tom Hayes (EURECOM), Marius Muench (EURECOM) and Sebastian Poeplau (EURECOM)

FPGAhammer: Remote Voltage Fault Attacks on Shared FPGAs, suitable for DFA on AES

Access the paper here

Dennis Gnad (Karlsruhe Institute of Technology), Jonas Krautter (Karlsruhe Institute of Technology) and Mehdi Tahoori (Karlsruhe Institute of Technology)

Tiresias: Predicting Security Events Through Deep Learning

Access the paper here

Enrico Mariconti (University College London), Yun Shen (Symantec Research Labs), Gianluca Stringhini (University College London) and Pierre-Antoine Vervier (Symantec Research Lab)

The Guard's Dilemma: Efficient Code-Reuse Attacks Against Intel SGX

Access the paper here

Andrea Biondo (University of Padua), Mauro Conti (University of Padua), Lucas Davi (University of Duisburg-Essen), Tommaso Frassetto (TU Darmstadt) and Ahmad-Reza Sadeghi (TU Darmstadt)

Meltdown: Reading Kernel Memory from User Space

Access the paper here

Anders Fogh (G-Data Advanced Analytics), Daniel Gruss (Graz University of Technology), Daniel Genkin (University of Michigan), Werner Haas (Cyberus Technology GmbH), Mike Hamburg (Rambus, Cryptographic Research Division), Jann Horn (Google), Paul Kocher (Independent), Moritz Lipp (Graz University of Technology), Stefan Mangard (Graz University of Technology),Thomas Prescher (Cyberus Technology GmbH), Michael Schwarz (Graz University of Technology) and Yuval Yarom (The University of Adelaide and Data61, CSIRO)

Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting

Access the paper here

Rainer Bohme (Innsbruck University), Michel van Eeten (Delft University of Technology), Tom Van Goethem (Katholieke Universiteit Leuven), Wouter Joosen (Katholieke Universiteit Leuven), Maciej Korczynski (University of Grenoble Alpes), Tyler Moore (The University of Tulsa), Arman Noroozian (Delft University of Technology) and Samaneh Tajalizadehkhoob (Delft University of Technology)

DigesTor: Comparing Passive Traffic Analysis Attacks on Tor

Katharina Kohls (Ruhr-University Bochum) and Christina Pöpper (New York University)

CSAW India finalists

Results pending

CSAW Israel Finalists

Trusted system-calls analysis methodology aimed at detection of compromised virtual machines using sequential mining

Nir Nissim (Ben Gurion University), Yuval Lapidot (Ben Gurion University), Yuval Elovici (Ben Gurion University) and Aviad Cohen (Ben Gurion University)

Efficient Maliciously Secure Multiparty Computation for RAM (Random Access Machine)

Avishay Yanai (Bar-Ilan University) and Marcel Keller (University of Bristol)

Power to peep-all: Inference Attacks by Malicious Batteries on Mobile Devices

Pavel Lifshits (Technion – Israel Institute of Technology), Roni Forte (Technion – Israel Institute of Technology), Yedid Hoshen (The Hebrew University of Jerusalem), Matt Halpern (The University of Texas at Austin), Manuel Philipose (The University of Texas at Austin), Mohit Tiwari (The University of Texas at Austin) and Mark Silberstein (Technion – Israel Institute of Technology)

A New Burst-DFA model for SCADA Anomaly Detection

Chen Markman (TAU), Avishai Wool (Tel Aviv University) and Alvaro Cardenas (The University of Texas at Dallas)

FORESHADOW: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution

Jo Van Bulck (Katholieke Universiteit Leuven), Marina Minkin (Technion), Ofir Weisse (University of Michigan), Daniel Genkin (University of Michigan), Baris Baris Kasikci (University of Michigan), Frank Piessens (Katholieke Universiteit Leuven), Mark Silberstein (Technion), Thomas F Wenisch (University of Michigan), Yuval Yarom (The University of Adelaide) and Raoul Strackx (Katholieke Universiteit Leuven)

Pseudo Constant Time Implementations of TLS Are Only Pseudo Secure

Eyal Ronen (Weizmann), Kenneth Paterson (Royal Holloway, University of London) and Adi Shamir (The Weizmann Institute)

CSAW US-Canada Finalists 

Compiler-assisted Code Randomization

Access the paper here

Hyungjoon Koo (Stony Brook University), Yaohui Chen (Northeastern University), Long Lu (Northeastern University), Vasileios P. Kemerlis (Brown University), and Michalis Polychronakis (Stony Brook University)

DeepXplore: Automated Whitebox Testing of Deep Learning Systems

Access the paper here

Kexin Pei (Columbia University), Yinzhi Cao (Johns Hopkins University), Junfeng Yang (Columbia University), and Suman Jana (Columbia University)

MoonShine: Optimizing OS Fuzzer Seed Selection with Trace Distillation

Access the paper here

Shankara Pailoor (The University of Texas at Austin), Andrew Aday (Columbia University), and Suman Janan (Columbia University)

NAVEX: Precise and Scalable Exploit Generation for Dynamic Web Applications

Access the paper here

Abeer Alhuzali, Rigel Gjomemo, Birhanu Eshete and V.N. Venkatakrishnan (University of Illinois at Chicago)

Off-Path TCP Exploit: How Wireless Routers Can Jeopardize Your Secrets

Access the paper here

Weiteng Chen and Zhiyun Qian (University of California, Riverside)

OS-level Side Channels without Procfs: Exploring Cross-App Information Leakage on iOS

Access the paper here

Xiaokuan Zhang (The Ohio State University), Xueqiang Wang (Indiana University at Bloomington), Xiaolong Bai (Tsinghua University), Yinqian Zhang (The Ohio State University), and Xiaofeng Wang (Indiana University at Bloomington)

Resolving the Predicament of Android Custom Permissions

Access the paper here

Guliz Seray Tuncay, Soteris Demetriou, Karan Ganju and Carl Gunter (University of Illinois at Urbana-Champaign)

Routing Around Congestion: Defeating DDoS Attacks and Adverse Network Conditions via Reactive BGP Routing

Access the paper here

Jared Smith and Max Schuchard (University of Tennessee, Knoxville)

SAQL: A Stream-based Query System for Real-Time Abnormal System Behavior Detection

Access the paper here

Peng Gao (Princeton University), Xusheng Xiao (Case Western Reserve University), Ding Li (NEC Laboratories America, Inc.), Zhichun Li (NEC Laboratories America, Inc.), Kangkook Jee (NEC Laboratories America, Inc.), Zhenyu Wu (NEC Laboratories America, Inc.), Chung Hwan Kim (NEC Laboratories America, Inc.), Sanjeev R. Kulkarni (Princeton University), and Prateek Mittal (Princeton University)

When Does Machine Learning FAIL? Generalized Transferability for Evasion and Poisoning Attacks

Access the paper here

Octavian Suciu, Radu Marginean, Yigitcan Kaya, Hal Daume Iii and Tudor Dumitras (University of Maryland)