www17

• Peizhe Cheng, Shuaiqiang Wang, Jun Ma, Jiankai Sun and Hui Xiong. Learning to Recommend Accurate and Diverse Items. The 26th International World Wide Web Conference (WWW)
• Dimitrios Serbos, Shuyao Qi, Nikos Mamoulis, Evaggelia Pitoura and Panayiotis Tsaparas. Fairness in Package-to-Group Recommendations
• Exploring Rated Datasets with Rating Maps

NDSS17

A Large-scale Analysis of the Mnemonic Password Advice

Show Me the Money! Finding Flawed Implementations of Third-party In-app Payment in Android Apps

A Call to ARMs: Understanding the Costs and Benefits of JIT Spraying Mitigations

Ramblr: Making Reassembly Great Again

DELTA: A Security Assessment Framework for Software-Defined Networks

USENIX2016 

You are Who You Know and How You Behave: Attribute Inference Attacks via Users’ Social Friends and Behaviors 

Stealing Machine Learning Models via Prediction APIs

FlowFence: Practical Data Protection for Emerging IoT Application Frameworks

Towards Measuring and Mitigating Social Engineering Malware Download Attacks

Specification Mining for Intrusion Detection in Networked Control Systems

APISan: Sanitizing API Usages through Semantic Cross-checking

Undermining Entropy-based Information Hiding (And What to do About it)

zxcvbn: Low-Budget Password Strength Estimation

Mirror: Enabling Proofs of Data Replication and Retrievability in the Cloud

ARMageddon: Cache Attacks on Mobile Devices 

Hidden Voice Commands

OblivP2P: An Oblivious Peer-to-Peer Content Sharing System

AuthLoop: End-to-End Cryptographic Authentication for Telephony over Voice Channels

Trusted Browsers for Uncertain Times

Virtual U: Defeating Face Liveness Detection by Building Virtual Models From Your Public Photos

One Bit Flips, One Cloud Flops: Cross-VM Row Hammer Attacks and Privilege Escalation

All Your Queries Are Belong to Us:The Power of File-Injection Attacks on Searchable Encryption

Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks

SGX-Enabled Oblivious Machine Learning

Poking Holes into Information Hiding

Off-Path TCP Exploits: Global Rate Limit Considered Dangerous

Request and Conquer: Exposing Cross-Origin Resource Size



Sigcomm

WebPerf: Evaluating What-If Scenarios for Cloud-hosted Web Applications

AsiaCCS

StormDroid: A Streaminglized Machine Learning-based System for Detecting Android Malware

Bilateral-secure Signature by Key Evolving

Efficient Authenticated Multi-Pattern Matching

Attestation Transparency: Building secure Internet services for legacy clients

Congesting the Internet with Coordinated And Decentralized Pulsating Attacks

Privacy and Utility of Inference Control Mechanisms for Social Computing Applications

StemJail: Dynamic Role Compartmentalization

Your Credentials Are Compromised, Do Not Panic: You Can Be Well Protected


DSN
Power-aware Checkpointing: Toward the Optimal Checkpointing Interval under Power Capping

A Sharper Sense of Self: Probabilistic Reasoning of Program Behaviors for Anomaly Detection with Context Sensitivity

Characterizing the Consistency of Online Services

Balancing Security and Performance for Agility in Dynamic Threat Environments
Specification Mining for Intrusion Detection in Networked Control Systems



CCS 2016
SmartWalk: Enhancing Social Network Security via Adaptive Random Walks

Acing the IOC Game: Toward Automatic Discovery and Analysis of Open-Source Cyber Threat Intelligence

Content Security Problems? Evaluating the Effectiveness of Content Security Policy in the Wild

CSP is Dead, Long Live CSP: On the Insecurity of Whitelists and the Future of the Content Security Policy

CSPAutoGen: Black-box Enforcement of Content Security Policy upon Real-World Websites

A EpicRec: Towards Practical Differentially Private Framework for Personalized Recommendation

Generic Attacks on Secure Outsourced Databases

Identifying the Scanners and Attack Infrastructure behind Amplification DDoS attacks

Lurking Malice in the Cloud: Understanding and Detecting Cloud Repository as a Malicious Service