Detection of Intrusions and Malware, and Vulnerability Assessment 18th International Conference, DIMVA 2021, Virtual Event, July 14-16, 2021, Proceedings / [electronic resource] :
edited by Leyla Bilge, Lorenzo Cavallaro, Giancarlo Pellegrino, Nuno Neves.
- 1st ed. 2021.
- XII, 391 p. 114 illus., 78 illus. in color. online resource.
- Security and Cryptology, 12756 2946-1863 ; .
- Security and Cryptology, 12756 .
You've Got (a Reset) Mail: A Security Analysis of Email-Based Password Reset Procedures -- The Full Gamut of an Attack: An Empirical Analysis of OAuth CSRF in the Wild -- Detecting and Measuring In-The-Wild DRDoS Attacks at IXPs -- Digging Deeper: An Analysis of Domain Impersonation in the Lower DNS Hierarchy -- Help, my Signal has bad Device! - Breaking the Signal Messenger's Post-Compromise Security through a Malicious Device -- Refined Grey-Box Fuzzing with Sivo -- SCRUTINIZER: Detecting Code Reuse in Malware via Decompilation and Machine Learning -- SPECULARIZER: Uncovering Speculative Execution Attacks via Performance Tracing in Commodity Hardware -- Aion Attacks: Exposing Software Timer Problem in Trusted Execution Environment -- Third-Eye: Practical and Context-Aware Inference of Causal Relationship Violations in Commodity Kernels -- Find My Sloths: Automated Comparative Analysis of How Real Enterprise Computers Keep Up with the Software Update Races -- FP-Redemption: Studying Browser Fingerprinting Adoption for the Sake of Web Security -- Introspect Virtual Machines Like It Is the Linux Kernel! -- Calibration Done Right: Noiseless Flush+Flush Attacks -- Zero Footprint Opaque Predicates: Synthesizing Opaque Predicates From Naturally Occurring Invariants -- PetaDroid: Adaptive Android Malware Detection using Deep Learning -- Spotlight on Phishing: A Longitudinal Study on Phishing Awareness Trainings -- Extended Abstract: A First Large-scale Analysis on Usage of MTA-STS -- Centy: Scalable Server-side Web Integrity Verification System Based on Fuzzy Hashes.
Chapter "SPECULARIZER: Detecting Speculative Execution Attacks via Performance Tracing" is available open access under a Creative Commons Attribution 4.0 International License via link.springer.com.
9783030808259
10.1007/978-3-030-80825-9 doi
Data protection.
Computer engineering.
Computer networks .
Computers.
Computer crimes.
Data and Information Security.
Computer Engineering and Networks.
Computer Engineering and Networks.
Computing Milieux.
Computer Crime.
QA76.9.A25
005.8
You've Got (a Reset) Mail: A Security Analysis of Email-Based Password Reset Procedures -- The Full Gamut of an Attack: An Empirical Analysis of OAuth CSRF in the Wild -- Detecting and Measuring In-The-Wild DRDoS Attacks at IXPs -- Digging Deeper: An Analysis of Domain Impersonation in the Lower DNS Hierarchy -- Help, my Signal has bad Device! - Breaking the Signal Messenger's Post-Compromise Security through a Malicious Device -- Refined Grey-Box Fuzzing with Sivo -- SCRUTINIZER: Detecting Code Reuse in Malware via Decompilation and Machine Learning -- SPECULARIZER: Uncovering Speculative Execution Attacks via Performance Tracing in Commodity Hardware -- Aion Attacks: Exposing Software Timer Problem in Trusted Execution Environment -- Third-Eye: Practical and Context-Aware Inference of Causal Relationship Violations in Commodity Kernels -- Find My Sloths: Automated Comparative Analysis of How Real Enterprise Computers Keep Up with the Software Update Races -- FP-Redemption: Studying Browser Fingerprinting Adoption for the Sake of Web Security -- Introspect Virtual Machines Like It Is the Linux Kernel! -- Calibration Done Right: Noiseless Flush+Flush Attacks -- Zero Footprint Opaque Predicates: Synthesizing Opaque Predicates From Naturally Occurring Invariants -- PetaDroid: Adaptive Android Malware Detection using Deep Learning -- Spotlight on Phishing: A Longitudinal Study on Phishing Awareness Trainings -- Extended Abstract: A First Large-scale Analysis on Usage of MTA-STS -- Centy: Scalable Server-side Web Integrity Verification System Based on Fuzzy Hashes.
Chapter "SPECULARIZER: Detecting Speculative Execution Attacks via Performance Tracing" is available open access under a Creative Commons Attribution 4.0 International License via link.springer.com.
9783030808259
10.1007/978-3-030-80825-9 doi
Data protection.
Computer engineering.
Computer networks .
Computers.
Computer crimes.
Data and Information Security.
Computer Engineering and Networks.
Computer Engineering and Networks.
Computing Milieux.
Computer Crime.
QA76.9.A25
005.8