Volume 2017

Issue 1

• Editors’ Introduction
  Claudia Diaz (KU Leuven), Rachel Greenstadt (Drexel University), Damon McCoy (New York University)
• Generic Adaptively Secure Searchable Phrase Encryption [PDF]
  Zachary A. Kissel (Merrimack College Department of Computer Science), Jie Wang (University of Massachusetts Lowell Department of Computer Science)
• The Onion Name System [PDF]
  Jesse Victors (Cigital, Inc.), Ming Li (Department of Electrical and Computer Engineering, University of Arizona, Tucson, AZ), Xinwen Fu (Department of Computer Science, University of Massachusetts Lowell, Lowell, MA)
• Topics of Controversy: An Empirical Analysis of Web Censorship Lists [PDF]
  Zachary Weinberg (Carnegie Mellon University), Mahmood Sharif (Carnegie Mellon University), Janos Szurdi (Carnegie Mellon University), Nicolas Christin (Carnegie Mellon University)
• Toward Practical Secure Stable Matching [PDF]
  M. Sadegh Riazi (University of California, San Diego), Ebrahim M. Songhori (Rice University), Ahmad-Reza Sadeghi (TU Darmstadt), Thomas Schneider (TU Darmstadt), Farinaz Koushanfar (University of California, San Diego)
• Towards Seamless Tracking-Free Web: Improved Detection of Trackers via One-class Learning [PDF]
  Muhammad Ikram (Data61, CSIRO and UNSW, Sydney, Australia), Hassan Jameel Asghar (Data61, CSIRO, Sydney, Australia), Mohamed Ali Kaafar (Data61, CSIRO, Sydney, Australia), Anirban Mahanti (Data61, CSIRO, Sydney, Australia), Balachandar Krishnamurthy (ATT Research Lab, New York, USA)
• PHI: Path-Hidden Lightweight Anonymity Protocol at Network Layer [PDF]
  Chen Chen (Carnegie Mellon University / ETH Zurich), Adrian Perrig (ETH Zurich)
• Analyzing Remote Server Locations for Personal Data Transfers in Mobile Apps [PDF]
  Mojtaba Eskandari (DISI, University of Trento, Italy and Fondazione Bruno Kessler, Trento, Italy), Maqsood Ahmad (DISI, University of Trento, Italy), Anderson Santana de Oliveira (SAP Labs, France), Bruno Crispo (DISI, University of Trento, Italy and DistriNet, KULeuven, Belgium)
• ErasuCrypto: A Light-weight Secure Data Deletion Scheme for Solid State Drives [PDF]
  Chen Liu (University of Delaware), Hoda Aghaei Khouzani (University of Delaware), Chengmo Yang (University of Delaware)
• Are you The One to Share? Secret Transfer with Access Structure [PDF]
  Yongjun Zhao (The Chinese University of Hong Kong), Sherman S. M. Chow (The Chinese University of Hong Kong)
• Phonion: Practical Protection of Metadata in Telephony Networks [PDF]
  Stephan Heuser (Intel CRI-SC and TU Darmstadt), Bradley Reaves (University of Florida), Praveen Kumar Pendyala (TU Darmstadt), Henry Carter (Villanova University), Alexandra Dmitrienko (ETH Zurich), William Enck (North Carolina State University), Negar Kiyavash (University of Illinois), Ahmad-Reza Sadeghi (Intel CRI-SC and TU Darmstadt), Patrick Traynor (University of Florida)

Issue 2

• Editors’ Introduction
  Claudia Diaz (KU Leuven), Rachel Greenstadt (Drexel University), Damon McCoy (New York University)
• Waterfilling: Balancing the Tor network with maximum diversity [PDF]
  Florentin Rochet (Université catholique de Louvain - ICTEAM - Crypto Group), Olivier Pereira (Université catholique de Louvain - ICTEAM - Crypto Group)
• Look Before You Authorize: Using Eye-Tracking To Enforce User Attention Towards Application Permissions [PDF]
  Yousra Javed (University of North Carolina Charlotte), Mohamed Shehab (University of North Carolina Charlotte)
• PrivateRide: A Privacy-Enhanced Ride-Hailing Service [PDF]
  Anh Pham (EPFL, Lausanne, Switzerland), Italo Dacosta (EPFL, Lausanne, Switzerland), Bastien Jacot-Guillarmod (Google), Kévin Huguenin (University of Lausanne, Lausanne, Switzerland), Taha Hajar (EPFL, Lausanne, Switzerland), Florian Tramèr (Stanford University, Stanford, USA), Virgil Gligor (CMU, Pittsburgh, USA), Jean-Pierre Hubaux (EPFL, Lausanne, Switzerland)
• Vulnerable GPU Memory Management: Towards Recovering Raw Data from GPU [PDF]
  Zhe Zhou (Chinese University of Hong Kong), Wenrui Diao (Chinese University of Hong Kong), Xiangyu Liu (Chinese University of Hong Kong), Zhou Li (ACM Member), Kehuan Zhang (Chinese University of Hong Kong), Rui Liu (Chinese University of Hong Kong)
• PeerFlow: Secure Load Balancing in Tor [PDF]
  Aaron Johnson (U.S. Naval Research Laboratory), Rob Jansen (U.S. Naval Research Laboratory), Nicholas Hopper (University of Minnesota), Aaron Segal (Yale University), Paul Syverson (U.S. Naval Research Laboratory)
• On the Privacy and Security of the Ultrasound Ecosystem [PDF]
  Vasilios Mavroudis (University College London), Shuang Hao (UC Santa Barbara), Yanick Fratantonio (UC Santa Barbara), Federico Maggi (Politecnico di Milano), Christopher Kruegel (UC Santa Barbara), Giovanni Vigna (UC Santa Barbara)
• Cross-Cultural Privacy Prediction [PDF]
  Yao Li (University of California, Irvine), Alfred Kobsa (University of California, Irvine), Bart P. Knijnenburg (Clemson University), M-H. Carolyn Nguyen (Microsoft Corporation)
• Cross-Device Tracking: Measurement and Disclosures [PDF]
  Justin Brookman (Federal Trade Commission, Office of Technology Research and Investigation), Phoebe Rouge (Federal Trade Commission, Office of Technology Research and Investigation), Aaron Alva (Federal Trade Commission, Office of Technology Research and Investigation), Christina Yeung (Federal Trade Commission, Office of Technology Research and Investigation)
• Externally Verifiable Oblivious RAM [PDF]
  Joshua Gancher (Cornell University, work done partly while at Reed College), Adam Groce (Reed College), Alex Ledger (MIT Lincoln Laboratory, work done while at Reed College)
• Social Engineering Attacks on Government Opponents: Target Perspectives [PDF]
  William R. Marczak (UC Berkeley, Citizen Lab), Vern Paxson (UC Berkeley, ICSI)
• Website Fingerprinting Defenses at the Application Layer [PDF]
  Giovanni Cherubin (Royal Holloway University of London, Egham, UK), Jamie Hayes (University College London, London, UK), Marc Juarez (KU Leuven, ESAT/COSIC and imec, Leuven, Belgium)

Issue 3

• Editors’ Introduction
  Claudia Diaz (KU Leuven), Rachel Greenstadt (Drexel University), Damon McCoy (New York University)
• Wiretapping End-to-End Encrypted VoIP Calls: Real-World Attacks on ZRTP [PDF]
  Dominik Schürmann (TU Braunschweig), Fabian Kabus (TU Braunschweig), Gregor Hildermeier (TU Braunschweig), Lars Wolf (TU Braunschweig)
• Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute [PDF]
  Hung Dang (National University of Singapore), Tien Tuan Anh Dinh (National University of Singapore), Ee-Chien Chang (National University of Singapore), Beng Chin Ooi (National University of Singapore)
• SeaGlass: Enabling City-Wide IMSI-Catcher Detection [PDF]
  Peter Ney (University of Washington), Ian Smith (University of Washington), Gabriel Cadamuro (University of Washington), Tadayoshi Kohno (University of Washington)
• Hardening Stratum, the Bitcoin Pool Mining Protocol [PDF]
  Ruben Recabarren (Florida Int’l University, Miami, FL 33199), Bogdan Carbunar (Florida Int’l University, Miami, FL 33199)
• Why can’t users choose their identity providers on the web? [PDF]
  Kevin Corre (Orange Labs/IRISA), Olivier Barais (IRISA/INRIA), Gerson Sunyé (INRIA), Vincent Frey (Orange Labs), Jean-Michel Crom (Orange Labs)
• A Usability Evaluation of Tor Launcher [PDF]
  Linda Lee (University of California, Berkeley), David Fifield (University of California, Berkeley), Nathan Malkin (University of California, Berkeley), Ganesh Iyer (University of California, Berkeley), Serge Egelman (University of California, Berkeley and International Computer Science Institute), David Wagner (University of California, Berkeley)
• PathShuffle: Credit Mixing and Anonymous Payments for Ripple [PDF]
  Pedro Moreno-Sanchez (Purdue University), Tim Ruffing (Saarland University), Aniket Kate (Purdue University)
• Detecting Anti Ad-blockers in the Wild [PDF]
  Muhammad Haris Mughees (University of Illinois UrbanaChampaign), Zhiyun Qian (University of California-Riverside), Zubair Shafiq (The University of Iowa)
• Privacy-Preserving Interdomain Routing at Internet Scale [PDF]
  Gilad Asharov (Cornell Tech), Daniel Demmler (TU Darmstadt), Michael Schapira (Hebrew University of Jerusalem), Thomas Schneider (TU Darmstadt), Gil Segev (Hebrew University of Jerusalem), Scott Shenker (University of California, Berkley), Michael Zohner (TU Darmstadt)
• A Leakage-Abuse Attack Against Multi-User Searchable Encryption [PDF]
  Cédric Van Rompay (EURECOM), Refik Molva (EURECOM), Melek Önen (EURECOM)
• DataLair: Efficient Block Storage with Plausible Deniability against Multi-Snapshot Adversaries [PDF]
  Anrin Chakraborti (Stony Brook University), Chen Chen (Stony Brook University), Radu Sion (Stony Brook University)

Issue 4

• Editors’ Introduction
  Claudia Diaz (KU Leuven), Rachel Greenstadt (Drexel University), Damon McCoy (New York University)
• DeltaShaper: Enabling Unobservable Censorship-resistant TCP Tunneling over Videoconferencing Streams [PDF]
  Diogo Barradas (INESC-ID, Instituto Superior Técnico, Universidade de Lisboa), Nuno Santos (INESC-ID, Instituto Superior Técnico, Universidade de Lisboa), Luís Rodrigues (INESC-ID, Instituto Superior Técnico, Universidade de Lisboa)
• Preprocessing Based Verification of Multiparty Protocols with Honest Majority [PDF]
  Peeter Laud (Cybernetica AS), Alisa Pankova (Cybernetica AS, University of Tartu, STACC), Roman Jagomägis (Cybernetica AS)
• Location Privacy for Rank-based Geo-Query Systems [PDF]
  Wisam Eltarjaman (University of Denver), Rinku Dewri (University of Denver), Ramakrishna Thurimella (University of Denver)
• Why Privacy Is All But Forgotten [PDF]
  Kovila P.L. Coopamootoo (Newcastle University), Thomas Groß (Newcastle University)
• To Permit or Not to Permit, That is the Usability Question: Crowdsourcing Mobile Apps’ Privacy Permission Settings [PDF]
  Qatrunnada Ismail (Indiana University Bloomington, King Saud University, Riyadh, Saudi Arabia), Tousif Ahmed (Indiana University Bloomington), Kelly Caine (Clemson University), Apu Kapadia (Indiana University Bloomington), Michael Reiter (University of North Carolina at Chapel Hill)
• Expectation-Maximization Tensor Factorization for Practical Location Privacy Attacks [PDF]
  Takao Murakami (National Institute of Advanced Industrial Science and Technology (AIST))
• What Does The Crowd Say About You? Evaluating Aggregation-based Location Privacy [PDF]
  Apostolos Pyrgelis (University College London), Carmela Troncoso (IMDEA Software Institute), Emiliano De Cristofaro (University College London)
• Private Set Intersection for Unequal Set Sizes with Mobile Applications [PDF]
  Ágnes Kiss (TU Darmstadt), Jian Liu (Aalto University), Thomas Schneider (TU Darmstadt), N. Asokan (Aalto University and University of Helsinki), Benny Pinkas (Bar Ilan University)
• Two Is Not Enough: Privacy Assessment of Aggregation Schemes in Smart Metering [PDF]
  Niklas Buescher (Technische Universität Darmstadt), Spyros Boukoros (Technische Universität Darmstadt), Stefan Bauregger (Technische Universität Darmstadt), Stefan Katzenbeisser (Technische Universität Darmstadt)
• Bayes, not Naïve: Security Bounds on Website Fingerprinting Defenses [PDF]
  Giovanni Cherubin (Royal Holloway University of London, UK)
• UnLynx: A Decentralized System for Privacy-Conscious Data Sharing [PDF]
  David Froelicher (EPFL), Patricia Egger (EPFL), João Sá Sousa (EPFL), Jean Louis Raisaro (EPFL), Zhicong Huang (EPFL), Christian Mouchet (EPFL), Bryan Ford (EPFL), Jean-Pierre Hubaux (EPFL)
• Fingerprinting Keywords in Search Queries over Tor [PDF]
  Se Eun Oh (University of Minnesota), Shuai Li (University of Minnesota), Nicholas Hopper (University of Minnesota)
• Personalized Pseudonyms for Servers in the Cloud [PDF]
  Qiuyu Xiao (University of North Carolina at Chapel Hill), Michael K. Reiter (University of North Carolina at Chapel Hill), Yinqian Zhang (The Ohio State University)
• TagIt: Tagging Network Flows using Blind Fingerprints [PDF]
  Fatemeh Rezaei (University of Massachusetts Amherst), Amir Houmansadr (University of Massachusetts Amherst)
• Efficient Utility Improvement for Location Privacy [PDF]
  Konstantinos Chatzikokolakis (CNRS, Inria and LIX, École Polytechnique, France), Ehab ElSalamouny (Inria, France and Faculty of Computers and Informatics, Suez Canal University, Egypt), Catuscia Palamidessi (Inria and LIX, École Polytechnique, France)
• Certificate Transparency with Privacy [PDF]
  Saba Eskandarian (Stanford University), Eran Messeri, Joseph Bonneau, Dan Boneh
• Privacy-Preserving Distributed Linear Regression on High-Dimensional Data [PDF]
  Adrià Gascón (The Alan Turing Institute and University of Warwick), Phillipp Schoppmann (Humboldt University of Berlin), Borja Balle (Amazon), Mariana Raykova (Yale University), Jack Doerner (Northeastern University), Samee Zahur (Google), David Evans (University of Virginia)
• A Study of MAC Address Randomization in Mobile Devices and When it Fails [PDF]
  Jeremy Martin (The MITRE Corporation, work done partly while at the US Naval Academy (USNA)), Travis Mayberry (USNA), Collin Donahue (USNA), Lucas Foppe (USNA), Lamont Brown (USNA), Chadwick Riggins (USNA), Erik C. Rye (USNA), Dane Brown (USNA)
• Provably Secure Anonymous-yet-Accountable Crowdsensing with Scalable Sublinear Revocation [PDF]
  Sazzadur Rahaman (Department of Computer Science, Virginia Tech), Long Cheng (Department of Computer Science, Virginia Tech), Danfeng (Daphne) Yao, He Li (Department of Electrical and Computer Engineering, Virginia Tech), Jung-Min (Jerry) Park (Department of Electrical and Computer Engineering, Virginia Tech)
• Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments [PDF]
  Carmela Troncoso (IMDEA Software Institute), Marios Isaakidis (University College London), George Danezis (University College London), Harry Halpin (INRIA)