DIMVA 2021 - 18th Conference on Detection of Intrusions and Malware & Vulnerability Assessment

The 18th Conference on Detection of Intrusions and Malware & Vulnerability Assessment

14-16 July 2021 - Online Streaming

List of accepted papers

Detecting and Measuring In-The-Wild DRDoS Attacks at IXPs
Karthika Subramani, Roberto Perdisci (University of Georgia), Maria Konte (Georgia Tech College of Computing)

Digging Deeper: An Analysis of Domain Impersonation in the Lower DNS Hierarchy
Florian Quinkert, Dennis Tatang, Thorsten Holz (Ruhr-University Bochum)

A First Large-scale Analysis on Usage of MTA-STS
Dennis Tatang, Robin Flume, Thorsten Holz (Ruhr-University Bochum)

FP-Redemption: Studying Browser Fingerprinting Adoption for the Sake of Web Security
Antonin Durey (Univ. Lille / Inria), Pierre Laperdrix (CNRS, Univ Lille, Inria Lille), Walter Rudametkin (Univ. Lille / Inria), Romain Rouvoy (Univ. Lille / Inria / IUF)

The Full Gamut of an Attack: An Empirical Analysis of OAuth CSRF in the Wild
Michele Benolli, Seyed Ali Mirheidari, Elham Arshad, Bruno Crispo (University of Trento)

Find My Sloths: Automated Comparative Analysis of How Real Enterprise Computers Keep Up with the Software Update Races
Omid Setayeshfar (University of Georgia), John Junghwan Rhee (University of Central Oklahoma), Chung Hwan Kim (University of Texas at Dallas), Kyu Hyung Lee (University of Georgia)

Spotlight on Phishing: A Longitudinal Study on Phishing Awareness Trainings
Florian Quinkert (Ruhr-University Bochum), Martin Degeling (Ruhr-University Bochum; Horst Görtz Institute for IT Security), Thorsten Holz (Ruhr-University Bochum)

Help, my Signal has bad Device! - Breaking the Signal Messenger's Post-Compromise Security through a Malicious Device
Jan Wichelmann, Sebastian Berndt, Claudius Pott, Thomas Eisenbarth (University of Lübeck)

Refined Grey-Box Fuzzing with Sivo
Ivica Nikolic (National University of Singapore), Radu Mantu (University Politehnica of Bucharest), Shiqi Shen, Prateek Saxena (National University of Singapore)

Third-Eye: Practical and Context-Aware Inference of Causal Relationship Violations in Commodity Kernels
Chuhong Yuan, Dong Du, Haibo Chen (Shanghai Jiao Tong University)

Centy: Scalable Server-side Web Integrity Verification System Based on Fuzzy Hashes
Lizzy Tengana, Jesús Solano, Alejandra Castelblanco (AppGate Inc.), Esteban Rivera, Christian Lopez (Appgate Inc.), Martin Ochoa (AppGate Inc.)

You’ve Got (a Reset) Mail: A Security Analysis of Email-Based Password Reset Procedures
Tommaso Innocenti (Northeastern University), Seyed Ali Mirheidari (University of Trento), Amin Kharraz (Florida International University), Bruno Crispo (University of Trento), Engin Kirda (Northeastern University)

SCRUTINIZER: Detecting Code Reuse in Malware via Decompilation and Machine Learning
Omid Mirzaei (Northeastern University), Roman Vasilenko (VMware), Engin Kirda, Long Lu (Northeastern University), Amin Kharraz (Florida International University)

Introspect Virtual Machines Like It Is the Linux Kernel!
Ahmed Abdrlraoof, Hans P. Reiser, Benjamin Taubmann (University of Passau)

Zero Footprint Opaque Predicates: Synthesizing Opaque Predicates From Naturally Occurring Invariants
Yu-Jye Tung, Ian G. Harris (University of California, Irvine)

PetaDroid: Adaptive Android Malware Detection using Deep Learning
ElMouatez Billah Karbab, Mourad Debbabi (Concordia University)

SPECULARIZER: Uncovering Speculative Execution Attacks via Performance Tracing in Commodity Hardware
Wubing Wang, Guoxing Chen (The Ohio State University), Yueqiang Cheng (Baidu Security), Yinqian Zhang (Southern University of Science and Technology), Zhiqiang Lin (The Ohio State University)

Aion Attacks: Exposing Software Timer Problem in Trusted Execution Environment
Wei Huang, Shengjie Xu, David Lie (University of Toronto), Yueqiang Cheng (NIO)

Calibration Done Right: Noiseless Flush+Flush Attacks
Guillaume Didier (DGA / ENS / Univ Rennes), Clémentine Maurice (Univ. Lille, CNRS, Inria)