Detection of Intrusions and Malware, and Vulnerability Assessment

Wild Wild Web.- Wild Extensions: Discovering and Analyzing Unlisted Chrome Extensions.- New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild.- Morellian Analysis for Browsers: Making Web Authentication Stronger With Canvas Fingerprinting.- On the Perils of Leaking Referrers in Online Collaboration Services.- Cyber-Physical Systems.- Detecting, Fingerprinting and Tracking Reconnaissance Campaigns Targeting Industrial Control Systems.- Overshadow PLC to Detect Remote Control-Logic Injection Attacks.- A Security Evaluation of Industrial Radio Remote Controllers.- Understanding the Security of Traffic Signal Infrastructure.- Malware.- Practical Enclave Malware with Intel SGX.- How does Malware Use RDTSC? A Study on Operations Executed by Malware for CPU Cycle Measurement.- On Deception-Based Protection Against Cryptographic Ransomware.- PowerDrive: Accurate De-Obfuscation and Analysis of PowerShell Malware.- Software Security and Binary Analysis.- Memory Categorization: Separating Attacker-Controlled Data.- TypeMiner: Recovering Types in Binary Programs using Machine Learning.- SAFE: Self-Attentive Function Embeddings for Binary Similarity.- Triggerflow: Regression Testing by Advanced Execution Path Inspection.- Network Security.- Large-scale Analysis of Infrastructure-leaking DNS Servers.- Security In Plain TXT: Observing the Use of DNS TXT Records in the Wild.- No Need to Marry to Change Your Name!
Attacking Profinet IO Automation Networks Using DCP.- DPX: Data-Plane eXtensions for SDN Security Service Instantiation.- Attack Mitigation.- Practical Password Hardening based on TLS.- Role Inference + Anomaly Detection = Situational Awareness in BACnet Networks.- BinTrimmer: Towards Static Binary Debloating through Abstract Interpretation.