You are here

  • [Editor’s Note: A limited number of student grants are available to help pay for travel, accommodations, and NDSS Symposium registration fees for full-time students attending the 24th annual Network and Distributed System Security (NDSS) Symposium. Watch the NDSS website at https://www.internetsociety.org/events/ndss-symposium for information and deadlines as the process opens for NDSS 2018 in February of next year. The following post is a guest contribution from one 2017 grantee.] My name is Muhammad Talha Paracha, and I am an undergraduate Software Engineering student from National...
    Date published 04 April 2017
  • A number of seminal papers appeared towards the end of the 20th century calling for more attention to be paid to the human in the security loop. For example, Anne Adams and Angela Sasse’s “Users are not the Enemy” and Mark Ackerman and Lorrie Cranor’s "Privacy critics: UI components to safeguard users' privacy." The research field of Usable Security was thereby launched, and quickly garnered interest amongst academics and in industry. Almost two decades later this field has achieved independent status with a number of conferences and workshops being dedicated to this research field. USEC is a...
    Date published 17 February 2017
  • Video Authors: Kristen Dorey, Nicholas Chang-Fong, Aleksander Essex Abstract: Software implementations of discrete logarithm based cryptosystems over finite fields typically make the assumption that any domain parameters they encounter define cyclic groups for which the discrete logarithm problem is assumed to be hard. In this paper we explore this trust assumption and examine situations where it may not be justified. In particular we focus on groups for which the order is unknown and not easily determined, and explore the scenario in which the modulus is...
  • Video Authors: Zhenhua Li, Weiwei Wang, Christo Wilson, Jian Chen, Chen Qian, Taeho Jung, Lan Zhang, Kebin Liu, Xiangyang Li, Yunhao Liu Abstract: Base stations constitute the basic infrastructure of today   s cellular networks. Unfortunately, vulnerabilities in the GSM (2G) network protocol enable the creation of fake base stations (FBSes) that are not authorized by network operators. Criminal gangs are using FBSes to directly attack users by sending spam and fraud SMS messages, even if the users have access to 3G/4G networks. In this paper, we present...
  • Weitao Xu, Guohao Lan, Qi Lin, Sara Khalifa, Neil Bergmann, Mahbub Hassan, Wen Hu
  • Video Authors: Aaron Johnson, Rob Jansen, Aaron D. Jaggard, Joan Feigenbaum, Paul Syverson Abstract: Tor users are vulnerable to deanonymization by an adversary that can observe some Tor relays or some parts of the network. We demonstrate that previous network-aware path-selection algorithms that propose to solve this problem are vulnerable to attacks across multiple Tor connections. We suggest that users use trust to choose the paths through Tor that are less likely to be observed, where trust is flexibly modeled as a probability distribution on the...
  • Hana Habib, Jessica Colnago, William Melicher, Blase Ur, Sean Segreti, Lujo Bauer, Nicolas Christin, Lorrie Cranor
  • Tianlong Yu, Seyed K. Fayaz, Michael Collins, Vyas Sekar, Srinivasan Seshan
  • Video Authors: Andre Pawlowski, Moritz Contag, Victor van der Veen, Chris Ouwehand, Thorsten Holz, Herbert Bos, Elias Athanasopoulos, Cristiano Giuffrida Abstract: Reverse engineering of binary executables is a difficult task which gets more involved by the way compilers translate high-level concepts used in paradigms such as objectoriented programming into native code, as it is the case for C++. Such code is harder to grasp than, e. g., traditional procedural code, since it is generally more verbose and adds complexity through features such as polymorphism or...
  • Video Authors: Ghada Dessouky, Farinaz Koushanfar, Ahmad-Reza Sadeghi, Thomas Schneider, Shaza Zeitouni, Michael Zohner Abstract: Secure two-party computation (S2PC) allows two parties to compute a function on their joint inputs while leaking only the output of the function. At TCC 2009 Orlandi and Nielsen proposed the LEGO protocol for maliciously secure 2PC based on cut-and-choose of Yao   s garbled circuits at the gate level and showed that this is Secure two-party computation has witnessed significant efficiency improvements in the recent years....