-
Jäger: Automated Telephone Call Traceback
Proceedings of the ACM Conference on Computer and Communications Security
and -
Fixing Insecure Cellular System Information Broadcasts For Good
International Symposium on Research in Attacks, Intrusions and Defenses
and -
Pairing Security Advisories with Vulnerable Functions Using Open-Source LLMs
Conference on Detection of Intrusions and Malware and Vulnerability Assessment
and -
VFCFinder: Pairing Security Advisories and Patches
ACM ASIA Conference on Computer and Communications Security
and -
On SMS Phishing Tactics and Infrastructure
Proceedings of the IEEE Symposium on Security and Privacy
and -
A Comparative Study of Software Secrets Reporting by Secret Detection Tools
ACM/IEEE International Symposium on Empirical Software Engineering and Measurement
and -
Diving into Robocall Content with SNORCall
Proceedings of the USENIX Security Symposium
andWe characterize content from over 232,0000 robocalls collected over two years with efficient, accurate techniques.
-
ARGUS: A Framework for Staged Static Taint Analysis of GitHub Workflows and Actions
Proceedings of the USENIX Security Symposium
and -
Diving into Robocall Content with SNORCall
Proceedings of the USENIX Security Symposium
and -
Who Comes Up with this Stuff? Interviewing Authors to Understand How They Produce Security Advice
Symposium on Usable Privacy and Security
and -
Diving into Robocall Content with SnorCall
USENIX Login
and -
Finding Fixed Vulnerabilities with Off-the-Shelf Static Analysis
IEEE European Symposium on Security and Privacy
and -
MSNetViews: Geographically Distributed Management of Enterprise Network Security Policy
Proceedings of the ACM Symposium on Access Control Models and Technologies
and -
SecretBench: A Dataset of Software Secrets
Mining Software Repositories Data and Showcase Track
and -
Towards Simultaneous Attacks on Multiple Cellular Networks
Proceedings of the Workshop on Offensive Technologies
and -
What Challenges Do Developers Face About Checked-in Secrets in Software Artifacts?
Proceedings of the IEEE/ACM International Conference on Software Engineering
and -
What are the practices for secret management in software artifacts?
Proceedings of the IEEE Secure Development Conference
and -
Characterizing the Security of GitHub CI Workflows
Proceedings of the USENIX Security Symposium
and -
A Study of Application Sandbox Policies in Linux
Proceedings of the ACM Symposium on Access Control Models and Technologies
and -
Removing the Reliance on Perimeters for Security Using Network Views
Proceedings of the ACM Symposium on Access Control Models and Technologies
and -
Investigating Web Service Account Remediation Advice
Symposium on Usable Privacy and Security
and -
Anonymous device authorization for cellular networks
Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks
and -
Characterizing the Security of Endogenous and Exogenous Desktop Application Network Flows
Proceedings of the Passive and Active Measurement Conference
and -
A First Look at Scams on YouTube
Proceedings of the Workshop on Measurements, Attacks, and Defenses for the Web
and -
Does ignoring robocalls make them stop? Here's what we learned from getting 1.5 million calls on 66,000 phone lines
The Conversation
and -
Actions Speak Louder than Words: Entity-Sensitive Privacy Policy and Dataflow Analysis with PoliCheck
Proceedings of the USENIX Security Symposium
and -
Cardpliance: PCI-DSS Compliance of Android Applications
Proceedings of the USENIX Security Symposium
and -
Who's Calling? Characterizing Robocalls through Audio and Metadata Analysis
Proceedings of the USENIX Security Symposium
and -
Thou Shalt Discuss Security: Quantifying the Impacts of Instructions to RFC Authors
Proceedings of the Security Standardisation Research Conference
and -
PolicyLint: Investigating Internal Privacy Policy Contradictions on Google Play
Proceedings of the USENIX Security Symposium
and -
Blinded and Confused: Uncovering Systemic Flaws in Device Telemetry for Smart-home Internet of Things
Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks
and -
Hestia: Simple Least Privilege Network Policies for Smart Homes
Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks
and -
HomeSnitch: Behavior Transparency and Control for Smart Home IoT Devices
Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks
and -
How Bad Can It Git? Characterizing Secret Leakage in Public GitHub Repositories
Proceedings of the Network and Distributed System Security Symposium
and -
A Large Scale Investigation of Obfuscation Use in Google Play
Proceedings of the Annual Computer Security Applications Conference
and -
Characterizing the Security of the SMS Ecosystem with Public Gateways
ACM Transactions on Privacy and Security
and -
Sonar: Detecting SS7 Redirection Attacks Via Call Audio-Based Distance Bounding
Proceedings of the IEEE Symposium on Security and Privacy
and -
AuthentiCall: Efficient identity and content authentication for phone calls
Proceedings of the USENIX Security Symposium
and -
Regulators, Mount Up? Analysis of Privacy Policies for Mobile Money Applications
Symposium on Usable Privacy and Security
and -
Transparent Web Service Auditing via Network Provenance Functions
Proceedings of the International World Wide Web Conference
and -
FinTechSec: Addressing the Security Challenges of Digital Financial Services
IEEE Security & Privacy Magazine
and -
Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking Applications in the Developing World
ACM Transactions on Privacy and Security
and -
Phonion: Practical protection of metadata in telephony networks
Proceedings on Privacy Enhancing Technologies
and -
*droid: Assessment and evaluation of Android application analysis tools
ACM Computing Surveys
and -
Authloop: Practical end-to-end cryptographic authentication for telephony over voice channels
Proceedings of the USENIX Security Symposium
and -
Detecting SMS spam in the age of legitimate bulk messaging
Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks
and -
Sending Out an SMS: Characterizing the Security of the SMS Ecosystem with Public Gateways
Proceedings of the IEEE Symposium on Security and Privacy
and -
Boxed Out: Blocking Cellular Interconnect Bypass Fraud at the Network Edge
Proceedings of the USENIX Security Symposium
and -
Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking Applications in the Developing World
Proceedings of the USENIX Security Symposium
and -
Uncovering Use-After-Free Conditions In Compiled Code
Proceedings of the International Conference on Availability, Reliability, and Security
and -
MAST: Triage for Market-scale Mobile Malware Analysis
Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks
and -
The Core of the Matter: Analyzing Malicious Traffic in Cellular Carriers
Proceedings of the Network and Distributed System Security Symposium
and -
An open virtual testbed for industrial control system security research
International Journal of Information Security
and -
Analysis and mitigation of vulnerabilities in short-range wireless communications for industrial control systems
International Journal of Critical Infrastructure Protection
and -
A Control System Testbed to Validate Critical Infrastructure Protection Concepts
International Journal of Critical Infrastructure Protection
and -
On SCADA Control System Command and Response Injection and Intrusion Detection
IEEE eCrime Researchers Summit
and -
Discovery, Infiltration, and Denial of Service in a Process Control System Wireless Network
IEEE eCrime Researchers Summit
and -
Engineering Future cyber-physical Energy Systems: Challenges, Research Needs, and Roadmap
IEEE North American Power Symposium
and