• Publications
  • Influence
The Tangled Web of Password Reuse
TLDR
This paper investigates for the first time how an attacker can leverage a known password from one site to more easily guess that user's password at other sites and develops the first cross-site password-guessing algorithm, able to guess 30% of transformed passwords within 100 attempts.
Side-Channel Leaks in Web Applications: A Reality Today, a Challenge Tomorrow
TLDR
It is found that surprisingly detailed sensitive information is being leaked out from a number of high-profile, top-of-the-line web applications in healthcare, taxation, investment and web search, suggesting the scope of the problem seems industry-wide.
Effective and Efficient Malware Detection at the End Host
TLDR
A novel malware detection approach is proposed that is both effective and efficient, and thus, can be used to replace or complement traditional antivirus software at the end host.
Soundcomber: A Stealthy and Context-Aware Sound Trojan for Smartphones
TLDR
This work presents Soundcomber, a Trojan with few and innocuous permissions, that can extract a small amount of targeted private information from the audio sensor of the phone, and performs efficient, stealthy local extraction, thereby greatly reducing the communication cost for delivering stolen data.
CommanderSong: A Systematic Approach for Practical Adversarial Voice Recognition
TLDR
Novel techniques are developed that address a key technical challenge: integrating the commands into a song in a way that can be effectively recognized by ASR through the air, in the presence of background noise, while not being detected by a human listener.
Finding Unknown Malice in 10 Seconds: Mass Vetting for New Threats at the Google-Play Scale
TLDR
This study shows that the technique can vet an app within 10 seconds at a low false detection rate and outperformed all 54 scanners in VirusTotal in terms of detection coverage, capturing over a hundred thousand malicious apps, including over 20 likely zero-day malware and those installed millions of times.
Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX
TLDR
The research identifies 8 potential attack vectors of Intel SGX, and highlights the common misunderstandings about SGX memory side channels, demonstrating that high frequent AEXs can be avoided when recovering EdDSA secret key through a new page channel and fine-grained monitoring of enclave programs can be done through combining both cache and cross-enclave DRAM channels.
Signing Me onto Your Accounts through Facebook and Google: A Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services
TLDR
This study shows that the overall security quality of SSO deployments seems worrisome, and hopes that the SSO community conducts a study similar to the authors', but in a larger scale, to better understand to what extent SSO is insecurely deployed and how to respond to the situation.
Knowing your enemy: understanding and detecting malicious web advertising
TLDR
A large-scale study through analyzing ad-related Web traces crawled over a three-month period reveals the rampancy of malvertising: hundreds of top ranking Web sites fell victims and leading ad networks such as DoubleClick were infiltrated.
SmartAuth: User-Centered Authorization for the Internet of Things
TLDR
The technique, called SmartAuth, automatically collects security-relevant information from an IoT app’s description, code and annotations, and generates an authorization user interface to bridge the gap between the functionalities explained to the user and the operations the app actually performs.
...
1
2
3
4
5
...