Main Page

ASIACCS 2017

ASIACCS 2017 Workshops

CCS 2016

CCS 2016
Workshops

CODASPY 2017

CODASPY 2017 Workshops

SACMAT 2017

WiSec 2016

Compilation Author Index

ACM SIGSAC Membership Application

(Return to Top)

(Return to Top)

CCS'17 Table of Contents

CCS 2016 General Chair's Welcome
Stefan Katzenbeisser (TU Darmstadt)
Edgar Weippl (SBA Research)

CCS 2016 Program Chairs' Welcome
Shai Halevi (IBM Research)
Christopher Kruegel (University of California, Santa Barbara)
Andrew Myers (Cornell University)

CCS 2016 Conference Organization

CCS 2016 Sponsors & Supporters

Keynote

Cybersecurity, Nuclear Security, Alan Turing, and Illogical Logic (Page 1)
Martin E. Hellman (Stanford University)

Paper Session 1A: Blockchain I

On the Security and Performance of Proof of Work Blockchains (Page 3)
Arthur Gervais (ETH Zurich)
Ghassan O. Karame (NEC Laboratories)
Karl Wüst (ETH Zurich)
Vasileios Glykantzis (ETH Zurich)
Hubert Ritzdorf (ETH Zurich)
Srdjan Čapkun (ETH Zurich)

A Secure Sharding Protocol for Open Blockchains (Page 17)
Loi Luu (National University of Singapore)
Viswesh Narayanan (National University of Singapore)
Chaodong Zheng (National University of Singapore)
Kunal Baweja (National University of Singapore)
Seth Gilbert (National University of Singapore)
Prateek Saxena (National University of Singapore)

The Honey Badger of BFT Protocols (Page 31)
Andrew Miller (University of Illinois at Urbana-Champaign)
Yu Xia (Massachusetts Institute of Technology)
Kyle Croman (Cornell University)
Elaine Shi (Cornell University)
Dawn Song (University of California, Berkeley)

Paper Session 1B: Differential Privacy

Differential Privacy as a Mutual Information Constraint (Page 43)
Paul Cuff (Princeton University)
Lanqing Yu (Princeton University)

Advanced Probabilistic Couplings for Differential Privacy (Page 55)
Gilles Barthe (IMDEA Software Institute)
Noémie Fong (Ecole Normale Superieure)
Marco Gaboardi (University at Buffalo, SUNY)
Benjamin Grégoire (INRIA)
Justin Hsu (University of Pennsylvania)
Pierre-Yves Strub (IMDEA Software Institute)

Differentially Private Bayesian Programming (Page 68)
Gilles Barthe (IMDEA Software)
Gian Pietro Farina (University at Buffalo, SUNY)
Marco Gaboardi (University a Buffalo, SUNY)
Emilio Jesús Gallego Arias (CRI Mines-ParisTech)
Andy Gordon (Microsoft Research)
Justin Hsu (University of Pennsylvania)
Pierre-Yves Strub (IMDEA Software)

Paper Session 1C: Android Security

The Misuse of Android Unix Domain Sockets and Security Implications (Page 80)
Yuru Shao (University of Michigan)
Jason Ott (University of California, Riverside)
Yunhan Jack Jia (University of Michigan)
Zhiyun Qian (University of California, Riverside)
Z. Morley Mao (University of Michigan)

Call Me Back! Attacks on System Server and System Apps in Android through Synchronous Callback (Page 92)
Kai Wang (University of Chinese Academy of Sciences)
Yuqing Zhang (University of Chinese Academy of Sciences)
Peng Liu (The Pennsylvania State University)

Draco: A System for Uniform and Fine-grained Access Control for Web Code on Android (Page 104)
Guliz Seray Tuncay (University of Illinois at Urbana-Champaign)
Soteris Demetriou (University of Illinois at Urbana-Champaign)
Carl A. Gunter (University of Illinois at Urbana-Champaign)

Paper Session 1D: Hardware Protection

Strong Non-Interference and Type-Directed Higher-Order Masking (Page 116)
Gilles Barthe (IMDEA Software Institute)
Sonia Belaïd (Thales Communications & Security)
François Dupressoir (IMDEA Software Institute)
Pierre-Alain Fouque (Université de Rennes 1)
Benjamin Grégoire (Inria Sophia-Antipolis - Méditerranée)
Pierre-Yves Strub (IMDEA Software Institute)
Rébecca Zucchini (Inria Sophia-Antipolis - Méditerranée & École Normale Supérieure de Cachan)

MERS: Statistical Test Generation for Side-Channel Analysis based Trojan Detection (Page 130)
Yuanwen Huang (University of Florida)
Swarup Bhunia (University of Florida)
Prabhat Mishra (University of Florida)

Private Circuits III: Hardware Trojan-Resilience via Testing Amplification (Page 142)
Stefan Dziembowski (University of Warsaw)
Sebastian Faust (Ruhr-University Bochum)
François-Xavier Standaert (Universite catholique de Louvain)

Paper Session 2A: Blockchain II

On the Instability of Bitcoin without the Block Reward (Page 154)
Miles Carlsten (Princeton University)
Harry Kalodner (Princeton University)
S. Matthew Weinberg (Princeton University)
Arvind Narayanan (Princeton University)

Transparency Overlays and Applications (Page 168)
Melissa Chase (Microsoft Research)
Sarah Meiklejohn (University College London)

Paper Session 2B: Differentially Private Systems I

EpicRec: Towards Practical Differentially Private Framework for Personalized Recommendation (Page 180)
Yilin Shen (Samsung Research America)
Hongxia Jin (Samsung Research America)

Heavy Hitter Estimation over Set-Valued Data with Local Differential Privacy (Page 192)
Zhan Qin (Hamad Bin Khalifa University & State University of New York at Buffalo)
Yin Yang (Hamad Bin Khalifa University)
Ting Yu (Hamad Bin Khalifa University)
Issa Khalil (Hamad Bin Khalifa University)
Xiaokui Xiao (Nanyang Technological University)
Kui Ren (State University of New York at Buffalo)

Paper Session 2C: Access Control

AUDACIOUS: User-Driven Access Control with Unmodified Operating Systems (Page 204)
Talia Ringer (University of Washington)
Dan Grossman (University of Washington)
Franziska Roesner (University of Washington)

Mix&Slice: Efficient Access Revocation in the Cloud (Page 217)
Enrico Bacis (Università di Bergamo)
Sabrina De Capitani di Vimercati (Università degli Studi di Milano)
Sara Foresti (Università degli Studi di Milano)
Stefano Paraboschi (Università di Bergamo)
Marco Rosa (Università di Bergamo)
Pierangela Samarati (Università degli Studi di Milano)

Paper Session 2D: Security and Persistence

Safe Serializable Secure Scheduling: Transactions and the Trade-Off Between Security and Consistency (Page 229)
Isaac Sheff (Cornell University)
Tom Magrino (Cornell University)
Jed Liu (Cornell University)
Andrew C. Myers (Cornell University)
Robbert van Renesse (Cornell University)

ProvUSB: Block-level Provenance-Based Data Protection for USB Storage Devices (Page 242)
Dave (Jing) Tian (University of Florida)
Adam Bates (University of Illinois at Urbana-Champaign)
Kevin R.B. Butler (University of Florida)
Raju Rangaswami (Florida International University)

Paper Session 3A: Smart Contracts

Making Smart Contracts Smarter (Page 254)
Loi Luu (National University of Singapore)
Duc-Hiep Chu (National University of Singapore)
Hrishi Olickel (Yale-NUS College)
Prateek Saxena (National University of Singapore)
Aquinas Hobor (Yale-NUS College & National University of Singapore)

Town Crier: An Authenticated Data Feed for Smart Contracts (Page 270)
Fan Zhang (Cornell University)
Ethan Cecchetti (Cornell University)
Kyle Croman (Cornell University)
Ari Juels (Cornell Tech, Jacobs Institute)
Elaine Shi (Cornell University)

The Ring of Gyges: Investigating the Future of Criminal Smart Contracts (Page 283)
Ari Juels (Cornell Tech, Jacobs Institute)
Ahmed Kosba (University of Maryland)
Elaine Shi (Cornell University)

Paper Session 3B: Differentially Private Systems II

DPSense: Differentially Private Crowdsourced Spectrum Sensing (Page 296)
Xiaocong Jin (Arizona State University)
Rui Zhang (University of Delaware)
Yimin Chen (Arizona State University)
Tao Li (Arizona State University)
Yanchao Zhang (Arizona State University)

Deep Learning with Differential Privacy (Page 308)
Martín Abadi (Google)
Andy Chu (Google)
Ian Goodfellow (Open AI)
H. Brendan McMahan (Google)
Ilya Mironov (Google)
Kunal Talwar (Google)
Li Zhang (Google)

Membership Privacy in MicroRNA-based Studies (Page 319)
Michael Backes (Saarland University & MPI-SWS)
Pascal Berrang (Saarland University)
Mathias Humbert (Saarland University)
Praveen Manoharan (Saarland University)

Paper Session 3C: Mobile Software Analysis

TaintART: A Practical Multi-level Information-Flow Tracking System for Android RunTime (Page 331)
Mingshen Sun (The Chinese University of Hong Kong)
Tao Wei (Baidu, Inc.)
John C. S. Lui (The Chinese University of Hong Kong)

Statistical Deobfuscation of Android Applications (Page 343)
Benjamin Bichsel (ETH Zurich)
Veselin Raychev (ETH Zurich)
Petar Tsankov (ETH Zurich)
Martin Vechev (ETH Zurich)

Reliable Third-Party Library Detection in Android and its Security Applications (Page 356)
Michael Backes (Saarland University & MPI-SWS)
Sven Bugiel (Saarland University)
Erik Derr (Saarland University)

Paper Session 3D: Kernel Memory Security

Prefetch Side-Channel Attacks: Bypassing SMAP and Kernel ASLR (Page 368)
Daniel Gruss (Graz University of Technology)
Clémentine Maurice (Graz University of Technology)
Anders Fogh (G DATA Advanced Analytics)
Moritz Lipp (Graz University of Technology)
Stefan Mangard (Graz University of Technology)

Breaking Kernel Address Space Layout Randomization with Intel TSX (Page 380)
Yeongjin Jang (Georgia Institute of Technology)
Sangho Lee (Georgia Institute of Technology)
Taesoo Kim (Georgia Institute of Technology)

Enforcing Least Privilege Memory Views for Multithreaded Applications (Page 393)
Terry Ching-Hsiang Hsu (Purdue University)
Kevin Hoffman (eFolder Inc.)
Patrick Eugster (Purdue University & TU Darmstadt)
Mathias Payer (Purdue University)

Paper Session 4A: Secure MPC I

Improvements to Secure Computation with Penalties (Page 406)
Ranjit Kumaresan (Massachusetts Institute of Technology)
Vinod Vaikuntanathan (Massachusetts Institute of)
Prashant Nalini Vasudevan (Massachusetts Institute of Technology)

Amortizing Secure Computation with Penalties (Page 418)
Ranjit Kumaresan (Massachusetts Institute of Technology)
Iddo Bentov (Cornell University)

MPC-Friendly Symmetric Key Primitives (Page 430)
Lorenzo Grassi (Graz University of Technology)
Christian Rechberger (Graz University of Technology)
Dragos Rotaru (University of Bristol)
Peter Scholl (University of Bristol)
Nigel P. Smart (University of Bristol)

Paper Session 4B: Attacks on Ciphers

Message-Recovery Attacks on Feistel-Based Format Preserving Encryption (Page 444)
Mihir Bellare (University of California, San Diego)
Viet Tung Hoang (Florida State University)
Stefano Tessaro (University of California, Santa Barbara)

On the Practical (In-)Security of 64-bit Block Ciphers: Collision Attacks on HTTP over TLS and OpenVPN (Page 456)
Karthikeyan Bhargavan (Inria)
Gaëtan Leurent (Inria)

A Systematic Analysis of the Juniper Dual EC Incident (Page 468)
Stephen Checkoway (University of Illinois at Chicago)
Jacob Maskiewicz (University of California, San Diego)
Christina Garman (Johns Hopkins University)
Joshua Fried (University of Pennsylvania)
Shaanan Cohney (University of Pennsylvania)
Matthew Green (Johns Hopkins University)
Nadia Heninger (University of Pennsylvania)
Ralf-Philipp Weinmann (Comsecuris)
Eric Rescorla (University of California, San Diego)
Hovav Shacham (University of California, San Diego)

Paper Session 4C: Big Data Meets Security

Scalable Graph-based Bug Search for Firmware Images (Page 480)
Qian Feng (Syracuse University)
Rundong Zhou (Syracuse University)
Chengcheng Xu (Syracuse University)
Yao Cheng (Syracuse University)
Brian Testa (Syracuse University & Air Force Research Lab)
Heng Yin (Syracuse University & University of California, Riverside)

SmartWalk: Enhancing Social Network Security via Adaptive Random Walks (Page 492)
Yushan Liu (Princeton University)
Shouling Ji (Zhejiang University & Georgia Tech)
Prateek Mittal (Princeton University)

High Fidelity Data Reduction for Big Data Security Dependency Analyses (Page 504)
Zhang Xu (NofutzNetworks Inc.)
Zhenyu Wu (NEC Labs America, Inc.)
Zhichun Li (NEC Laboratories America Inc.)
Kangkook Jee (NEC Laboratories America Inc.)
Junghwan Rhee (NEC Laboratories America Inc.)
Xusheng Xiao (NEC Laboratories America Inc.)
Fengyuan Xu (Nanjing University)
Haining Wang (University of Delaware)
Guofei Jiang (NEC Laboratories America Inc.)

Paper Session 4D: Types and Memory Safety

TypeSan: Practical Type Confusion Detection (Page 517)
Istvan Haller (Vrije Universiteit Amsterdam)
Yuseok Jeon (Purdue University)
Hui Peng (Purdue University)
Mathias Payer (Purdue University)
Cristiano Giuffrida (Vrije Universiteit Amsterdam)
Herbert Bos (Vrije Universiteit Amsterdam)
Erik van der Kouwe (Vrije Universiteit Amsterdam)

CREDAL: Towards Locating a Memory Corruption Vulnerability with Your Core Dump (Page 529)
Jun Xu (The Pennsylvania State University)
Dongliang Mu (Nanjing University & The Pennsylvania State University)
Ping Chen (The Pennsylvania State University)
Xinyu Xing (The Pennsylvania State University)
Pei Wang (The Pennsylvania State University)
Peng Liu (The Pennsylvania State University)

Twice the Bits, Twice the Trouble: Vulnerabilities Induced by Migrating to 64-Bit Platforms (Page 541)
Christian Wressnegger (TU Braunschweig)
Fabian Yamaguchi (TU Braunschweig)
Alwin Maier (TU Braunschweig)
Konrad Rieck (TU Braunschweig)

Paper Session 5A: Secure MPC II

Alternative Implementations of Secure Real Numbers (Page 553)
Vassil Dimitrov (University of Calgary)
Liisi Kerik (Cybernetica)
Toomas Krips (STACC)
Jaak Randmets (Cybernetica)
Jan Willemson (Cybernetica & STACC)

Garbling Gadgets for Boolean and Arithmetic Circuits (Page 565)
Marshall Ball (Columbia University)
Tal Malkin (Columbia University)
Mike Rosulek (Oregon State University)

Optimizing Semi-Honest Secure Multiparty Computation for the Internet (Page 578)
Aner Ben-Efraim (Ben-Gurion University)
Yehuda Lindell (Bar-Ilan University)
Eran Omri (Ariel University)

Paper Session 5B: Physically Based Authentication

MEMS Gyroscopes as Physical Unclonable Functions (Page 591)
Oliver Willers (Robert Bosch GmbH)
Christopher Huth (Robert Bosch GmbH)
Jorge Guajardo (Robert Bosch LLC)
Helmut Seidel (Saarland University)

On the Security and Usability of Segment-based Visual Cryptographic Authentication Protocols (Page 603)
Tianhao Wang (Purdue University)
Huangyi Ge (Purdue University)
Omar Chowdhury (Purdue University)
Hemanta K. Maji (Purdue University)
Ninghui Li (Purdue University)

Instant and Robust Authentication and Key Agreement among Mobile Devices (Page 616)
Wei Xi (Xi'an Jiaotong University)
Chen Qian (University of California Santa Cruz)
Jinsong Han (Xi'an Jiaotong University)
Kun Zhao (Xi'an Jiaotong University)
Sheng Zhong (Nanjing University)
Xiang-Yang Li (University of Science and Technology of China)
Jizhong Zhao (Xi'an Jiaotong University)

Paper Session 5C: Web Security

Measurement and Analysis of Private Key Sharing in the HTTPS Ecosystem (Page 628)
Frank Cangialosi (University of Maryland)
Taejoong Chung (Northeastern University)
David Choffnes (Northeastern University)
Dave Levin (University of Maryland)
Bruce M. Maggs (Duke University & Akamai Technologies)
Alan Mislove (Northeastern University)
Christo Wilson (Northeastern University)

Chainsaw: Chained Automated Workflow-based Exploit Generation (Page 641)
Abeer Alhuzali (University of Illinois at Chicago)
Birhanu Eshete (University of Illinois at Chicago)
Rigel Gjomemo (University of Illinois at Chicago)
V.N. Venkatakrishnan (University of Illinois at Chicago)

CSPAutoGen: Black-box Enforcement of Content Security Policy upon Real-world Websites (Page 653)
Xiang Pan (Northwestern University)
Yinzhi Cao (Lehigh University)
Shuangping Liu (Northwestern University)
Yu Zhou (Northwestern University)
Yan Chen (Zhejiang University & Northwestern University)
Tingzhe Zhou (Lehigh University)

Paper Session 5D: Security Bug Finding

How I Learned to be Secure: A Census-Representative Survey of Security Advice Sources and Behavior (Page 666)
Elissa M. Redmiles (University of Maryland)
Sean Kross (Johns Hopkins University)
Michelle L. Mazurek (University of Maryland)

Practical Detection of Entropy Loss in Pseudo-Random Number Generators (Page 678)
Felix Dörre (Karlsruhe Institute of Technology)
Vladimir Klebanov (Karlsruhe Institute of Technology)

Build It, Break It, Fix It: Contesting Secure Development (Page 690)
Andrew Ruef (University of Maryland)
Michael Hicks (University of Maryland)
James Parker (University of Maryland)
Dave Levin (University of Maryland)
Michelle L. Mazurek (University of Maryland)
Piotr Mardziel (Carnegie Mellon University)

Paper Session 6A: Phone Security using Formal Methods

SandScout: Automatic Detection of Flaws in iOS Sandbox Profiles (Page 704)
Luke Deshotels (North Carolina State University)
Razvan Deaconescu (University Politehnica of Bucharest)
Mihai Chiroiu (University Politehnica of Bucharest)
Lucas Davi (Technische Universitat Darmstadt)
William Enck (North Carolina State University)
Ahmad-Reza Sadeghi (Technische Universitat Darmstadt)

Computational Soundness for Dalvik Bytecode (Page 717)
Michael Backes (Saarland University & MPI-SWS)
Robert Künnemann (Saarland University & MPI-SWS)
Esfandiar Mohammadi (ETH Zurich)

Paper Session 6B: Attestation

SANA: Secure and Scalable Aggregate Network Attestation (Page 731)
Moreno Ambrosin (University of Padua)
Mauro Conti (University of Padua)
Ahmad Ibrahim (Technische Universität Darmstadt)
Gregory Neven (IBM Research - Zurich)
Ahmad-Reza Sadeghi (Technische Universität Darmstadt)
Matthias Schunter (Intel Labs - Darmstadt)

C-FLAT: Control-Flow Attestation for Embedded Systems Software (Page 743)
Tigist Abera (Technische Universität Darmstadt)
N. Asokan (Aalto University)
Lucas Davi (Technische Universität Darmstadt)
Jan-Erik Ekberg (Trustonic)
Thomas Nyman (Aalto University & Trustonic)
Andrew Paverd (Aalto University)
Ahmad-Reza Sadeghi (Technische Universität Darmstadt)
Gene Tsudik (University of California, Irvine)

Paper Session 6C: Mine your Literature

Acing the IOC Game: Toward Automatic Discovery and Analysis of Open-Source Cyber Threat Intelligence (Page 755)
Xiaojing Liao (Georgia Institute of Technology)
Kan Yuan (Indiana University Bloomington)
XiaoFeng Wang (Indiana University Bloomington)
Zhou Li (ACM Member)
Luyi Xing (Indiana University Bloomington)
Raheem Beyah (Georgia Institute of Technology)

FeatureSmith: Automatically Engineering Features for Malware Detection by Mining the Security Literature (Page 767)
Ziyun Zhu (University of Maryland, College Park)
Tudor Dumitras (University of Maryland, College Park)

Paper Session 6D: Security Studies

An In-Depth Study of More Than Ten Years of Java Exploitation (Page 779)
Philipp Holzinger (Fraunhofer SIT)
Stefan Triller (Fraunhofer SIT)
Alexandre Bartel (Technische Universität Darmstadt)
Eric Bodden (Paderborn University & Fraunhofer IEM)

"The Web/Local" Boundary Is Fuzzy: A Security Study of Chrome's Process-based Sandboxing (Page 791)
Yaoqi Jia (National University of Singapore)
Zheng Leong Chua (National University of Singapore)
Hong Hu (National University of Singapore)
Shuo Chen (Microsoft Research)
Prateek Saxena (National University of Singapore)
Zhenkai Liang (National University of Singapore)

Paper Session 7A: Secure MPC III

High-Throughput Semi-Honest Secure Three-Party Computation with an Honest Majority (Page 805)
Toshinori Araki (NEC Corporation)
Jun Furukawa (NEC Corporation)
Yehuda Lindell (Bar-Ilan University)
Ariel Nof (Bar-Ilan University)
Kazuma Ohara (NEC Corporation)

Efficient Batched Oblivious PRF with Applications to Private Set Intersection (Page 818)
Vladimir Kolesnikov (Bell Labs)
Ranjit Kumaresan (Massachusetts Institute of Technology)
Mike Rosulek (Oregon State University)
Ni Trieu (Oregon State University)

MASCOT: Faster Malicious Arithmetic Secure Computation with Oblivious Transfer (Page 830)
Marcel Keller (University of Bristol)
Emmanuela Orsini (University of Bristol)
Peter Scholl (University of Bristol)

Paper Session 7B: Side-Channel Attacks

Covert Channels through Random Number Generator: Mechanisms, Capacity Estimation and Mitigations (Page 843)
Dmitry Evtyushkin (SUNY Binghamton)
Dmitry Ponomarev (SUNY Binghamton)

Return-Oriented Flush-Reload Side Channels on ARM and Their Implications for Android Devices (Page 858)
Xiaokuan Zhang (The Ohio State University)
Yuan Xiao (The Ohio State University)
Yinqian Zhang (The Ohio State University)

A Software Approach to Defeating Side Channels in Last-Level Caches (Page 871)
Ziqiao Zhou (University of North Carolina)
Michael K. Reiter (University of North Carolina)
Yinqian Zhang (The Ohio State University)

Paper Session 7C: Acoustic Attacks

Leave Your Phone at the Door:Side Channels that Reveal Factory Floor Secrets (Page 883)
Avesta Hojjati (University of Illinois at Urbana-Champaign)
Anku Adhikari (University of Illinois at Urbana-Champaign & Advanced Digital Sciences Center)
Katarina Struckmann (University of Illinois at Urbana-Champaign)
Edward Chou (University of Illinois at Urbana-Champaign)
Thi Ngoc Tho Nguyen (Advanced Digital Sciences Center)
Kushagra Madan (University of Illinois at Urbana-Champaign)
Marianne S. Winslett (University of Illinois at Urbana-Champaign & Advanced Digital Sciences Center)
Carl A. Gunter (University of Illinois at Urbana-Champaign)
William P. King (University of Illinois at Urbana-Champaign)

My Smartphone Knows What You Print: Exploring Smartphone-based Side-channel Attacks Against 3D Printers (Page 895)
Chen Song (University at Buffalo, SUNY)
Feng Lin (University at Buffalo, SUNY)
Zhongjie Ba (University at Buffalo, SUNY)
Kui Ren (University at Buffalo, SUNY)
Chi Zhou (University at Buffalo, SUNY)
Wenyao Xu (University at Buffalo, SUNY)

The Sounds of the Phones: Dangers of Zero-Effort Second Factor Login based on Ambient Audio (Page 908)
Babins Shrestha (University of Alabama at Birmingham)
Maliheh Shirvanian (University of Alabama at Birmingham)
Prakash Shrestha (University of Alabama at Birmingham)
Nitesh Saxena (University of Alabama at Birmingham)

Paper Session 7D: Protection Across Executions

UniSan: Proactive Kernel Memory Initialization to Eliminate Data Leakages (Page 920)
Kangjie Lu (Georgia Institute of Technology)
Chengyu Song (Georgia Institute of Technology)
Taesoo Kim (Georgia Institute of Technology)
Wenke Lee (Georgia Institute of Technology)

iLock: Immediate and Automatic Locking of Mobile Devices against Data Theft (Page 933)
Tao Li (Arizona State University)
Yimin Chen (Arizona State University)
Jingchao Sun (Arizona State University)
Xiaocong Jin (Arizona State University)
Yanchao Zhang (Arizona State University)

Hypnoguard: Protecting Secrets across Sleep-wake Cycles (Page 945)
Lianying Zhao (Concordia University)
Mohammad Mannan (Concordia University)

Paper Session 8A: Lattices and Obfuscation

5Gen: A Framework for Prototyping Applications Using Multilinear Maps and Matrix Branching Programs (Page 981)
Kevin Lewi (Stanford University)
Alex J. Malozemoff (Galois)
Daniel Apon (University of Maryland)
Brent Carmer (Oregon State University)
Adam Foltzer (Galois)
Daniel Wagner (Galois)
David W. Archer (Galois)
Dan Boneh (Stanford University)
Jonathan Katz (University of Maryland)
Mariana Raykova (Yale University)

Λολ: Functional Lattice Cryptography (Page 993)
Eric Crockett (University of Michigan)
Chris Peikert (University of Michigan)

Frodo: Take off the Ring! Practical, Quantum-Secure Key Exchange from LWE (Page 1006)
Joppe Bos (NXP Semiconductors)
Craig Costello (Microsoft Research)
Leo Ducas (CWI)
Ilya Mironov (Google, Inc.)
Michael Naehrig (Microsoft Research)
Valeria Nikolaenko (Stanford University)
Ananth Raghunathan (Google, Inc.)
Douglas Stebila (McMaster University)

Paper Session 8B: Attacks and Defenses

On Code Execution Tracking via Power Side-Channel (Page 1019)
Yannan Liu (The Chinese University of Hong Kong)
Lingxiao Wei (The Chinese University of Hong Kong)
Zhe Zhou (The Chinese University of Hong Kong)
Kehuan Zhang (The Chinese University of Hong Kong)
Wenyuan Xu (Zhejiang University)
Qiang Xu (The Chinese University of Hong Kong)

Coverage-based Greybox Fuzzing as Markov Chain (Page 1032)
Marcel Böhme (National University of Singapore)
Van-Thuan Pham (National University of Singapore)
Abhik Roychoudhury (National University of Singapore)

Error Handling of In-vehicle Networks Makes Them Vulnerable (Page 1044)
Kyong-Tak Cho (The University of Michigan)
Kang G. Shin (The University of Michigan)

Paper Session 8C: Phone Security

Using Reflexive Eye Movements for Fast Challenge-Response Authentication (Page 1056)
Ivo Sluganovic (University of Oxford)
Marc Roeschlin (University of Oxford)
Kasper B. Rasmussen (University of Oxford)
Ivan Martinovic (University of Oxford)

When CSI Meets Public WiFi: Inferring Your Mobile Phone Password via WiFi Signals (Page 1068)
Mengyuan Li (Shanghai Jiao Tong University)
Yan Meng (Shanghai Jiao Tong University)
Junyi Liu (Shanghai Jiao Tong University)
Haojin Zhu (Shanghai Jiao Tong University)
Xiaohui Liang (University of Massachusetts at Boston)
Yao Liu (University of South Florida)
Na Ruan (Shanghai Jiao Tong University)

VoiceLive: A Phoneme Localization based Liveness Detection for Voice Authentication on Smartphones (Page 1080)
Linghan Zhang (Florida State University)
Sheng Tan (Florida State University)
Jie Yang (Florida State University)
Yingying Chen (Stevens Institute of Technology)

Paper Session 8D: Infrastructure Attacks

Limiting the Impact of Stealthy Attacks on Industrial Control Systems (Page 1092)
David I. Urbina (University of Texas at Dallas)
Jairo Giraldo (University of Texas at Dallas)
Alvaro A. Cardenas (University of Texas at Dallas)
Nils Ole Tippenhauer (Singapore University of Technology and Design)
Junia Valente (University of Texas at Dallas)
Mustafa Faisal (University of Texas at Dallas)
Justin Ruths (University of Texas at Dallas)
Richard Candell (National Institute of Standards and Technology)
Henrik Sandberg (KTH Royal Institute of Technology)

Over-The-Top Bypass: Study of a Recent Telephony Fraud (Page 1106)
Merve Sahin (Eurecom & Monaco Digital Security Agency)
Aurélien Francillon (Eurecom)

New Security Threats Caused by IMS-based SMS Service in 4G LTE Networks (Page 1118)
Guan-Hua Tu (Michigan State University)
Chi-Yu Li (National Chiao Tung University)
Chunyi Peng (Ohio State University)
Yuanjie Li (University of California, Los Angeles)
Songwu Lu (University of California, Los Angeles)

Paper Session 9A: Order-Revealing and Searchable Encryption

POPE: Partial Order Preserving Encoding (Page 1131)
Daniel S. Roche (United States Naval Academy)
Daniel Apon (University of Maryland)
Seung Geol Choi (United States Naval Academy)
Arkady Yerukhimovich (MIT Lincoln Laboratory)

Εοφος - Forward Secure Searchable Encryption (Page 1143)
Raphael Bost (Université de Rennes 1)

What Else is Revealed by Order-Revealing Encryption? (Page 1155)
F. Betül Durak (Rutgers University)
Thomas M. DuBuisson (Galois, Inc.)
David Cash (Rutgers University)

Order-Revealing Encryption: New Constructions, Applications, and Lower Bounds (Page 1167)
Kevin Lewi (Stanford University)
David J. Wu (Stanford University)

Paper Session 9B: Authentication

Practical Anonymous Password Authentication and TLS with Anonymous Client Authentication (Page 1179)
Zhenfeng Zhang (Chinese Academy of Sciences)
Kang Yang (Chinese Academy of Sciences)
Xuexian Hu (Chinese Academy of Sciences)
Yuchen Wang (Chinese Academy of Sciences)

Efficient Cryptographic Password Hardening Services from Partially Oblivious Commitments (Page 1192)
Jonas Schneider (Saarland University)
Nils Fleischhacker (Saarland University)
Dominique Schröder (Friedrich-Alexander-University)
Michael Backes (Saarland University)

A Comprehensive Formal Security Analysis of OAuth 2.0 (Page 1204)
Daniel Fett (University of Trier)
Ralf Küsters (University of Trier)
Guido Schmitz (University of Trier)

Paper Session 9C: Passwords

An Empirical Study of Mnemonic Sentence-based Password Generation Strategies (Page 1216)
Weining Yang (Purdue University)
Ninghui Li (Purdue University)
Omar Chowdhury (Purdue University)
Aiping Xiong (Purdue University)
Robert W. Proctor (Purdue University)

On the Security of Cracking-Resistant Password Vaults (Page 1230)
Maximilian Golla (Ruhr-University Bochum)
Benedict Beuscher (Ruhr-University Bochum)
Markus Dürmuth (Ruhr-University Bochum)

Targeted Online Password Guessing: An Underestimated Threat (Page 1242)
Ding Wang (Peking University)
Zijian Zhang (Peking University)
Ping Wang (Peking University)
Jeff Yan (Lancaster University)
Xinyi Huang (Fujian Normal University)

Paper Session 9D: Internet Security

PIPSEA: A Practical IPsec Gateway on Embedded APUs (Page 1255)
Jungho Park (Seoul National University & ManyCoreSoft Co., Ltd.)
Wooken Jung (Seoul National University)
Gangwon Jo (Seoul National University & ManyCoreSoft Co., Ltd.)
Ilkoo Lee (Seoul National University)
Jaejin Lee (Seoul National University)

MiddlePolice: Toward Enforcing Destination-Defined Policies in the Middle of the Internet (Page 1268)
Zhuotao Liu (University of Illinois at Urbana-Champaign)
Hao Jin (Nanjing University)
Yih-Chun Hu (University of Illinois at Urbana-Champaign)
Michael Bailey (University of Illinois at Urbana-Champaign)

Protecting Insecure Communications with Topology-aware Network Tunnels (Page 1280)
Georgios Kontaxis (Columbia University)
Angelos D. Keromytis (Columbia University)

Paper Session 10A: Specialized Crypto Tools

Function Secret Sharing: Improvements and Extensions (Page 1292)
Elette Boyle (IDC Herzliya)
Niv Gilboa (Ben Gurion University)
Yuval Ishai (Technion and University of California, Los Angeles)

Hash First, Argue Later: Adaptive Verifiable Computations on Outsourced Data (Page 1304)
Dario Fiore (IMDEA Software Institute)
Cédric Fournet (Microsoft Research)
Esha Ghosh (Brown University)
Markulf Kohlweiss (Microsoft Research)
Olga Ohrimenko (Microsoft Research)
Bryan Parno (Microsoft Research)

Practical Non-Malleable Codes from l-more Extractable Hash Functions (Page 1317)
Aggelos Kiayias (University of Edinburgh)
Feng-Hao Liu (Florida Atlantic University)
Yiannis Tselekounis (University of Edinburgh)

Paper Session 10B: Attacks using a Little Leakage

Generic Attacks on Secure Outsourced Databases (Page 1329)
Georgios Kellaris (Boston University & Harvard University)
George Kollios (Boston University)
Kobbi Nissim (Ben-Gurion University & Harvard University)
Adam O'Neill (Georgetown University)

The Shadow Nemesis: Inference Attacks on Efficiently Deployable, Efficiently Searchable Encryption (Page 1341)
David Pouliot (Portland State University)
Charles V. Wright (Portland State University)

Breaking Web Applications Built On Top of Encrypted Data (Page 1353)
Paul Grubbs (Cornell University)
Richard McPherson (University of Texas at Austin)
Muhammad Naveed (University of Southern California)
Thomas Ristenpart (Cornell Tech)
Vitaly Shmatikov (Cornell Tech)

Paper Session 10C: Measuring Security in the Wild

Content Security Problems? Evaluating the Effectiveness of Content Security Policy in the Wild (Page 1365)
Stefano Calzavara (Università Ca' Foscari)
Alvise Rabitti (Università Ca' Foscari)
Michele Bugliesi (Università Ca' Foscari)

CSP Is Dead, Long Live CSP! On the Insecurity of Whitelists and the Future of Content Security Policy (Page 1376)
Lukas Weichselbaum (Google, Inc.)
Michele Spagnuolo (Google, Inc.)
Sebastian Lekies (Google, Inc.)
Artur Janc (Google, Inc.)

Online Tracking: A 1-million-site Measurement and Analysis (Page 1388)
Steven Englehardt (Princeton University)
Arvind Narayanan (Princeton University)

Paper Session 10D: Network Security I

PhishEye: Live Monitoring of Sandboxed Phishing Kits (Page 1402)
Xiao Han (Orange Labs & Eurecom)
Nizar Kheir (Orange Labs)
Davide Balzarotti (Eurecom)

All Your DNS Records Point to Us: Understanding the Security Threats of Dangling DNS Records (Page 1414)
Daiping Liu (University of Delaware)
Shuai Hao (College of William and Mary)
Haining Wang (University of Delaware)

Identifying the Scan and Attack Infrastructures Behind Amplification DDoS Attacks (Page 1426)
Johannes Krupp (Saarland University)
Michael Backes (Saarland University & MPI-SWS)
Christian Rossow (Saarland University)

Paper Session 11A: Key Exchange

A Unilateral-to-Mutual Authentication Compiler for Key Exchange (with Applications to Client Authentication in TLS 1.3) (Page 1438)
Hugo Krawczyk (IBM Research)

Attribute-based Key Exchange with General Policies (Page 1451)
Vladimir Kolesnikov (Bell Labs)
Hugo Krawczyk (IBM Research)
Yehuda Lindell (Bar-Ilan University)
Alex Malozemoff (Galois)
Tal Rabin (IBM Research)

Identity-Concealed Authenticated Encryption and Key Exchange (Page 1464)
Yunlei Zhao (Fudan University)

Paper Session 11B: Crypto Implementations

A Surfeit of SSH Cipher Suites (Page 1480)
Martin R. Albrecht (Royal Holloway, University of London)
Jean Paul Degabriele (Royal Holloway, University of London)
Torben Brandt Hansen (Royal Holloway, University of London)
Kenneth G. Paterson (Royal Holloway, University of London)

Systematic Fuzzing and Testing of TLS Libraries (Page 1492)
Juraj Somorovsky (Ruhr University Bochum)

Attacking OpenSSL Implementation of ECDSA with a Few Signatures (Page 1505)
Shuqin Fan (State Key Laboratory of Cryptology)
Wenbo Wang (Luoyang University of Foreign Languages)
Qingfeng Cheng (Xidian University)

Paper Session 11C: More Attacks

Host of Troubles: Multiple Host Ambiguities in HTTP Implementations (Page 1516)
Jianjun Chen (Tsinghua University & Tsingua National Laboratory for Information Science and Technology)
Jian Jiang (University of California, Berkeley)
Haixin Duan (Tsinghua University & Tsingua National Laboratory for Information Science and Technology)
Nicholas Weaver (University of California, Berkeley & ICSI)
Tao Wan (Huawei Canada)
Vern Paxson (University of California, Berkeley & ICSI)

Accessorize to a Crime: Real and Stealthy Attacks on State-of-the-Art Face Recognition (Page 1528)
Mahmood Sharif (Carnegie Mellon University)
Sruti Bhagavatula (Carnegie Mellon University)
Lujo Bauer (Carnegie Mellon University)
Michael K. Reiter (University of North Carolina)

Lurking Malice in the Cloud: Understanding and Detecting Cloud Repository as a Malicious Service (Page 1541)
Xiaojing Liao (Georgia Institute of Technology)
Sumayah Alrwais (Indiana University Bloomington)
Kan Yuan (Indiana University Bloomington)
Luyi Xing (Indiana University Bloomington)
XiaoFeng Wang (Indiana University Bloomington)
Shuang Hao (University of California Santa Barbara)
Raheem Beyah (Georgia Institute of Technology)

Paper Session 11D: Network Security II

Safely Measuring Tor (Page 1553)
Rob Jansen (US Naval Research Laboratory)
Aaron Johnson (US Naval Research Laboratory)

PREDATOR: Proactive Recognition and Elimination of Domain Abuse at Time-of-Registration (Page 1568)
Shuang Hao (University of California, Santa Barbara)
Alex Kantchelian (University of California, Berkeley)
Brad Miller (Google, Inc.)
Vern Paxson (University of California, Berkeley & International Computer Science Institute)
Nick Feamster (Princeton University)

Stemming Downlink Leakage from Training Sequences in Multi-User MIMO Networks (Page 1580)
Yunlong Mao (Nanjing University)
Yuan Zhang (Nanjing University)
Sheng Zhong (Nanjing University)

Paper Session 12A: Secure Protocols

A Protocol for Privately Reporting Ad Impressions at Scale (Page 1591)
Matthew Green (Johns Hopkins University)
Watson Ladd (University of California, Berkeley)
Ian Miers (Johns Hopkins University)

Secure Stable Matching at Scale (Page 1602)
Jack Doerner (University of Virginia)
David Evans (University of Virginia)
abhi shelat (Northeastern University)

BeleniosRF: A Non-interactive Receipt-Free Electronic Voting Scheme (Page 1614)
Pyrros Chaidos (University College London)
Véronique Cortier (LORIA, CNRS & INRIA & Université de Lorraine)
Georg Fuchsbauer (Inria, ENS, CNRS, PSL Research University)
David Galindo (University of Birmingham)

Paper Session 12B: DSA/ECDSA

ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels (Page 1626)
Daniel Genkin (Technion and Tel Aviv University)
Lev Pachmanov (Tel Aviv University)
Itamar Pipman (Tel Aviv University)
Eran Tromer (Tel Aviv University)
Yuval Yarom (The University of Adelaide & Data61, CSIRO)

"Make Sure DSA Signing Exponentiations Really are Constant-Time" (Page 1639)
Cesar Pereida García (Aalto University)
Billy Bob Brumley (Tampere University of Technology)
Yuval Yarom (The University of Adelaide & Data61)

On the Provable Security of (EC)DSA Signatures (Page 1651)
Manuel Fersch (Ruhr University Bochum)
Eike Kiltz (Ruhr University Bochum)
Bertram Poettering (Ruhr University Bochum)

Paper Session 12C: Even more Attacks

Android ION Hazard: The Curse of Customizable Memory Management System (Page 1663)
Hang Zhang (University of California, Riverside)
Dongdong She (University of California, Riverside)
Zhiyun Qian (University of California, Riverside)

Drammer: Deterministic Rowhammer Attacks on Mobile Platforms (Page 1675)
Victor van der Veen (Vrije Universiteit Amsterdam)
Yanick Fratantonio (University of California, Santa Barbara)
Martina Lindorfer (University of California, Santa Barbara)
Daniel Gruss (Graz University of Technology)
Clémentine Maurice (Graz University of Technology)
Giovanni Vigna (University of California, Santa Barbara)
Herbert Bos (Vrije Universiteit Amsterdam)
Kaveh Razavi (Vrije Universiteit Amsterdam)
Cristiano Giuffrida (Vrije Universiteit Amsterdam)

SFADiff: Automated Evasion Attacks and Fingerprinting Using Black-box Differential Automata Learning (Page 1690)
George Argyros (Columbia University)
Ioannis Stais (University of Athens)
Suman Jana (Columbia University)
Angelos D. Keromytis (Columbia University)
Aggelos Kiayias (University of Edinburgh)

Paper Session 12D: Anonymous Communication

Slitheen: Perfectly Imitated Decoy Routing through Traffic Replacement (Page 1702)
Cecylia Bocovich (University of Waterloo)
Ian Goldberg (University of Waterloo)

Practical Censorship Evasion Leveraging Content Delivery Networks (Page 1715)
Hadi Zolfaghari (University of Massachusetts, Amherst)
Amir Houmansadr (University of Massachusetts, Amherst)

GAME OF DECOYS: Optimal Decoy Routing Through Game Theory (Page 1727)
Milad Nasr (University of Massachusetts, Amherst)
Amir Houmansadr (University of Massachusetts, Amherst)

Posters

POSTER: An Educational Network Protocol for Covert Channel Analysis Using Patterns (Page 1739)
Steffen Wendzel (Worms University of Applied Sciences)
Wojciech Mazurczyk (Warsaw University of Technology)

POSTER: A Behavioural Authentication System for Mobile Users (Page 1742)
Md Morshedul Islam (University of Calgary)
Reihaneh Safavi-Naini (University of Calgary)

POSTER: A Keyless Efficient Algorithm for Data Protection by Means of Fragmentation (Page 1745)
Katarzyna Kapusta (Telecom ParisTech Universite Paris-Saclay)
Gerard Memmi (Telecom ParisTech Universite Paris-Saclay)
Hassan Noura (Telecom ParisTech Universite Paris-Saclay)

POSTER: Accuracy vs. Time Cost: Detecting Android Malware through Pareto Ensemble Pruning (Page 1748)
Lingling Fan (East China Normal University)
Minhui Xue (East China Normal University & NYU Shanghai)
Sen Chen (East China Normal University)
Lihua Xu (East China Normal University)
Haojin Zhu (Shanghai Jiao Tong University)

POSTER: Attack on Non-Linear Physical Unclonable Function (Page 1751)
Jing Ye (Chinese Academy of Sciences)
Yu Hu (Chinese Academy of Sciences)
Xiaowei Li (Chinese Academy of Sciences)

POSTER: ConcurORAM: High-Throughput Parallel Multi-Client ORAM (Page 1754)
Anrin Chakraborti (Stony Brook University)
Radu Sion (Stony Brook University)

POSTER: DataLair - A Storage Block Device with Plausible Deniability (Page 1757)
Anrin Chakraborti (Stony Brook University)
Chen Chen (Stony Brook University)
Radu Sion (Stony Brook University)

POSTER: DroidShield: Protecting User Applications from Normal World Access (Page 1760)
Darius Suciu (Stony Brook University)
Radu Sion (Stony Brook University)

POSTER: Efficient Cross-User Chunk-Level Client-Side Data Deduplication with Symmetrically Encrypted Two-Party Interactions (Page 1763)
Chia-Mu Yu (National Chung Hsing University)

POSTER: Fingerprinting Tor Hidden Services (Page 1766)
Asya Mitseva (University of Luxembourg)
Andriy Panchenko (University of Luxembourg)
Fabian Lanze (Huf Secure Mobile GmbH)
Martin Henze (RWTH Aachen University)
Klaus Wehrle (RWTH Aachen University)
Thomas Engel (University of Luxembourg)

POSTER: I Don't Want That Content! On the Risks of Exploiting Bitcoin's Blockchain as a Content Store (Page 1769)
Roman Matzutt (RWTH Aachen University)
Oliver Hohlfeld (RWTH Aachen University)
Martin Henze (RWTH Aachen University)
Robin Rawiel (RWTH Aachen University)
Jan Henrik Ziegeldorf (RWTH Aachen University)
Klaus Wehrle (RWTH Aachen University)

POSTER: Identifying Dynamic Data Structures in Malware (Page 1772)
Thomas Rupprecht (University of Bamberg)
Xi Chen (Vrije Universiteit Amsterdam)
David H. White (University of Bamberg)
Jan Tobias Mühlberg (KU Leuven)
Herbert Bos (Vrije Universiteit Amsterdam)
Gerald Lüttgen (University of Bamberg)

POSTER: Improved Markov Strength Meters for Passwords (Page 1775)
Harshal Tupsamudre (TCS Research)
Vijayanand Banahatti (TCS Research)
Sachin Lodha (TCS Research)

POSTER: Insights of Antivirus Relationships when Detecting Android Malware: A Data Analytics Approach (Page 1778)
Ignacio Martín (Universidad Carlos III)
José Alberto Hernández (Universidad Carlos II)
Sergio de los Santos (Telefónica Digital Identity & Privacy)
Antonio Guzmán (Telefónica Digital Identity & Privacy)

POSTER: KXRay: Introspecting the Kernel for Rootkit Timing Footprints (Page 1781)
Chen Chen (Stony Brook University)
Darius Suciu (Stony Brook University)
Radu Sion (Stony Brook University)

POSTER: Locally Virtualized Environment for Mitigating Ransomware Threat (Page 1784)
Manish Shukla (TCS Research)
Sutapa Mondal (TCS Research)
Sachin Lodha (TCS Research)

POSTER: Mapping the Landscape of Large-Scale Vulnerability Notifications (Page 1787)
Ben Stock (Saarland University)
Giancarlo Pellegrino (Saarland University)
Christian Rossow (Saarland University)
Martin Johns (SAP SE)
Michael Backes (Saarland University & MPI-SWS)

POSTER: Phishing Website Detection with a Multiphase Framework to Find Visual Similarity (Page 1790)
Omid Asudeh (University of Texas at Arlington)
Mathew Wright (Rochester Institute of Technology)

POSTER: Privacy Enhanced Secure Location Verification (Page 1793)
Md Mamunur Rashid Akand (University of Calgary)
Reihaneh Safavi-Naini (University of Calgary)

POSTER: Re-Thinking Risks and Rewards for Trusted Third Parties (Page 1796)
Jan-Ole Malchow (Freie Universität Berlin)
Benjamin Güldenring (Freie Universität Berlin)
Volker Roth (Freie Universität Berlin)

POSTER: RIA - An Audition-based Method to Protect the Runtime Integrity of MapReduce Applications (Page 1799)
Yongzhi Wang (Xidian University)
Yulong Shen (Xidian University)

POSTER: Security Enhanced Administrative Role Based Access Control Models (Page 1802)
Rajkumar P.V. (Texas Southern University)
Ravi Sandhu (University of Texas San Antonio)

POSTER: (Semi)-Supervised Machine Learning Approaches for Network Security in High-Dimensional Network Data (Page 1805)
Pedro Casas (AIT Austrian Institute of Technology)
Alessandro D'Alconzo (AIT Austrian Institute of Technology)
Giuseppe Settanni (AIT Austrian Institute of Technology)
Pierdomenico Fiadino (Eurecat Technology Centre of Catalonia)
Florian Skopik (AIT Austrian Institute of Technology)

POSTER: Static ROP Chain Detection Based on Hidden Markov Model Considering ROP Chain Integrity (Page 1808)
Toshinori Usui (NTT Secure Platform Laboratories)
Tomonori Ikuse (NTT Security (Japan) KK)
Makoto Iwamura (NTT Secure Platform Laboratories)
Takeshi Yada (NTT Secure Platform Laboratories)

POSTER: The ART of App Compartmentalization (Page 1811)
Michael Backes (Saarland University & MPI-SWS)
Sven Bugiel (Saarland University)
Jie Huang (Saarland University)
Oliver Schranz (Saarland University)

Poster: Toward Automating the Generation of Malware Analysis Reports Using the Sandbox Logs (Page 1814)
Bo Sun (Waseda University)
Akinori Fujino (Waseda University)
Tatsuya Mori (Waseda University)

POSTER: Towards Collaboratively Supporting Decision Makers in Choosing Suitable Authentication Schemes (Page 1817)
Peter Mayer (Technische Universität Darmstadt)
Stephan Neumann (Technische Universität Darmstadt)
Melanie Volkamer (Technische Universität Darmstadt)

POSTER: Towards Exposing Internet of Things: A Roadmap (Page 1820)
Vinay Sachidananda (Singapore University of Technology and Design)
Jinghui Toh (Singapore University of Technology and Design)
Shachar Siboni (Ben-Gurion University of the Negev)
Asaf Shabtai (Ben-Gurion University of the Negev)
Yuval Elovici (Singapore University of Technology and Design)

POSTER: Towards Highly Interactive Honeypots for Industrial Control Systems (Page 1823)
Stephan Lau (Freie Universität Berlin)
Johannes Klick (Freie Universität Berlin)
Stephan Arndt (Freie Universität Berlin)
Volker Roth (Freie Universität Berlin)

POSTER: Towards Privacy-Preserving Biometric Identification in Cloud Computing (Page 1826)
Changhee Hahn (Korea University)
Junbeom Hur (Korea University)

POSTER: VUDEC - A Framework for Vulnerability Management in Decentralized Communication Networks (Page 1829)
Michael Steinke (Universität der Bundeswehr München)
Stefan Metzger (Leibniz Supercomputing Center)
Wolfgang Hommel (Universität der Bundeswehr München)

POSTER: Weighing in eHealth Security: A Security and Privacy Study of Smart Scales (Page 1832)
Martin Krämer (University of Edinburgh)
David Aspinall (University of Edinburgh)
Maria Wolters (University of Edinburgh)

POSTER: WiPING: Wi-Fi signal-based PIN Guessing attack (Page 1835)
Seunghun Cha (Sungkyunkwan University)
Jaewoo Park (Sungkyunkwan University)
Geumhwan Cho (Sungkyunkwan University)
Jun Ho Huh (Honeywell ACS Labs)
Hyoungshick Kim (Sungkyunkwan University)

Demonstrations

DEMO: Easy Deployment of a Secure Internet Architecture for the 21st Century: How Hard Can It Be to Build a Secure Internet? (Page 1838)
Ercan Ucan (ETH Zurich)
Raphael M. Reischuk (ETH Zurich)
Adrian Perrig (ETH Zurich)

Demo: High-Throughput Secure Three-Party Computation of Kerberos Ticket Generation (Page 1841)
Toshinori Araki (NEC Corporation)
Assaf Barak (Bar-Ilan University)
Jun Furukawa (NEC Corporation)
Yehuda Lindell (Bar-Ilan University)
Ariel Nof (Bar-Ilan University)
Kazuma Ohara (NEC Corporation)

DEMO: Integrating MPC in Big Data Workflows (Page 1844)
Nikolaj Volgushev (Boston University)
Malte Schwarzkopf (Massachusetts Institute of Technology)
Andrei Lapets (Boston University)
Mayank Varia (Boston University)
Azer Bestavros (Boston University)

DEMO: OffPAD - Offline Personal Authenticating Device with Applications in Hospitals and e-Banking (Page 1847)
Denis Migdal (Ecole Nationale Supérieure d'Ingénieurs de Caen)
Christian Johansen (University of Oslo)
Audun Jøsang (University of Oslo)

DEMO: Starving Permission-Hungry Android Apps Using SecuRank (Page 1850)
Vincent F. Taylor (University of Oxford)
Ivan Martinovic (University of Oxford)

Tutorials

Program Anomaly Detection: Methodology and Practices (Page 1853)
Xiaokui Shu (IBM Research)
Danfeng Yao (Virginia Tech)

Security on Wheels: Security and Privacy for Vehicular Communication Systems (Page 1855)
Panos Papadimitratos (KTH Royal Institute of Technology)

Condensed Cryptographic Currencies Crash Course (C5) (Page 1857)
Aljosha Judmayer (SBA Research)
Edgar Weippl (SBA Research)

Introduction to Credit Networks: Security, Privacy, and Applications (Page 1859)
Aniket Kate (Purdue University)

On the Security and Scalability of Bitcoin's Blockchain (Page 1861)
Ghassan Karame (NEC Laboratories Europe)

Privacy and Security in the Genomic Era (Page 1863)
Erman Ayday (Bilkent University)
Jean-Pierre Hubaux (École Polytechnique Fédérale de Lausanne)

Adversarial Data Mining: Big Data Meets Cyber Security (Page 1866)
Murat Kantarcioglu (University of Texas at Dallas)
Bowei Xi (Purdue University)

Pre-Conference Workshops co-located with CCS 2016

MTD 2016: Third ACM Workshop on Moving Target Defense (Page 1868)
Peng Liu (Penn State University)
Cliff Wang (U.S. Army Research Office)

PLAS'16 - ACM SIGPLAN 11th Workshop on Programming Languages and Analysis for Security (Page 1870)
Toby Murray (University of Melbourne & Data61)
Deian Stefan (University of California, San Diego & Intrinsic)

SafeConfig'16 - Testing and Evaluation for Active and Resilient Cyber Systems (Page 1871)
Nicholas J. Multari (Pacific Northwest National Lab)
Anoop Singhal (National Institute of Standards and Technology)
David O. Manz (Pacific Northwest National Lab)

Sixth Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM 2016) (Page 1873)
Long Lu (Stony Brook University)
Mohammad Mannan (Concordia University)

Theory of Implementation Security Workshop (TIs 2016) (Page 1875)
Begul Bilgin (KU Leuven)
Svetla Nikova (KU Leuven)
Vincent Rijmen (KU Leuven)

WISCS'16: The 3rd ACM Workshop on Information Sharing and Collaborative Security (Page 1877)
Florian Kerschbaum (SAP)
Erik-Oliver Blass (Airbus Group Innovations)
Tomas Sander (Hewlett Packard Labs)

15th Workshop on Privacy in the Electronic Society (WPES 2016) (Page 1879)
Sabrina De Capitani di Vimercati (Universita' degli Studi di Milano)

Post-Conference Workshops co-located with CCS 2016

9th International Workshop on Artificial Intelligence and Security: AISec 2016 (Page 1881)
David Mandell Freeman (LinkedIn Corporation)
Katerina Mitrokotsa (Chalmers University of Technology)
Arunesh Sinha (University of Michigan)

8th ACM Cloud Computing Security Workshop (Page 1882)
Elli Androulaki (IBM Research)
Michael K. Reiter (University of North Carolina at Chapel Hill)

Second Workshop on Cyber-Physical Systems Security and PrivaCy (CPS-SPC'16) (Page 1884)
Alvaro A. Cárdenas (University of Texas, Dallas)
Rakesh B. Bobba (Oregon State University)

2nd International Workshop on Software Protection: SPRO 2016 (Page 1886)
Brecht Wyseur (Nagravision S.A.)
Bjorn De Sutter (Ghent University)

Sixth International Workshop on Trustworthy Embedded Devices (TrustED 2016) (Page 1888)
Xinxin Fan (Robert Bosch LLC)
Tim Güneysu (University of Bremen & DFKI)