Systematizing Systematization of Knowledge

Oakland Horse



Since 2010, the IEEE Symposium on Security and Privacy ("Oakland" conference) has included papers on Systematization of Knowledge (SoK). This paper track grew out of discussions at the NSF/IARPA/NSA Workshop on the Science of Security held at the Claremont Resort in November 2008. This site collects all the Oakland SoK papers, as well as SoK papers in IEEE European Symposium on Security and Privacy (EuroS&P, since 2017), Privacy Enhancing Technologies Symposium (PETS, since 2019), and IEEE Conference on Secure and Trustworthy Machine Learning (SatML, since 2023).

SoK Authors · Frequently Asked Questions · Other Conferences with SoK

Filter by Venue: IEEE S&P (Oakland) · Euro S&P · PETS · SaTML

Also see Shunjun Li’s Online Bibliography of SoK Papers

2024
SoK: A Review of Differentially Private Linear Models For High Dimensional Data (SaTML)Amol Khanna, Edward Raff, Nathan Inkawhich
SoK: AI Auditing: The Broken Bus on the Road to AI Accountability (SaTML)Abeba Birhane, Ryan Steed, Victor Ojewale, Briana Vecchione, Inioluwa Deborah Raji
SoK: Can Trajectory Generation Combine Privacy and Utility? (PETS)Erik Buchholz, Sharif Abuadbba, Shuo Wang, Surya Nepal, Salil S. Kanhere
SoK: Collusion-resistant Multi-party Private Set Intersections in the Semi-honest Model (S&P)Jelle Vos, Mauro Conti, Zekeriya Erkin
SoK: Data Privacy in Virtual Reality (PETS)Gonzalo Munilla Garrido, Vivek Nair, Dawn Song
SoK: Efficient Design and Implementation of Polynomial Hash Functions over Prime Fields (S&P)Jean Paul Degabriele, Jan Gilcher, Jérôme Govinden, Kenneth G. Paterson
SoK: Explainable Machine Learning in Adversarial Environments (S&P)Maximilian Noppel, Christian Wressnegger
SoK: Metadata-Protecting Communication Systems (PETS)Sajin Sasy, Ian Goldberg
SoK: Pitfalls in Evaluating Black-Box Attacks (SaTML)Fnu Suya, Anshuman Suri, Tingwei Zhang, Jingtao Hong, Yuan Tian, David Evans
SoK: Privacy-Preserving Data Synthesis (S&P)Yuzheng Hu, Fan Wu, Qinbin Li, Yunhui Long, Gonzalo Garrido, Chang Ge, Bolin Ding, David Forsyth, Bo Li, Dawn Song
SoK: Provably Secure Onion Routing against a Global Adversary (PETS)Philip Scherer, Christiane Weis, Thorsten Strufe
SoK: Prudent Evaluation Practices for Fuzzing (S&P)Moritz Schloegel, Nils Bars, Nico Schiller, Lukas Bernhard, Tobias Scharnowski, Addison Crump, Arash Ale-Ebrahim, Nicolai Bissantz, Marius Muench, Thorsten Holz
SoK: Safer Digital-Safety Research Involving At-Risk Users (S&P)Rosanna Bellini, Emily Tseng, Noel Warford, Alaa Daffalla, Tara Matthews, Sunny Consolvo, Jill Palzkill Woelfer, Patrick Gage Kelley, Michelle L. Mazurek, Dana Cuomo, Nicola Dell, Thomas Ristenpart
SoK: Secure Human-centered Wireless Sensing (PETS)Wei Sun, Tingjun Chen, Neil Gong
SoK: The Long Journey of Exploiting and Defending the Legacy of King Harald Bluetooth (S&P)Jianliang Wu, Ruoyu Wu, Dongyan Xu, Dave Tian, Antonio Bianchi
SoK: Trusting Self-Sovereign Identity (PETS)Evan Krul, Hye-young Paik, Sushmita Ruj, Salil S. Kanhere
SoK: Unifying Corroborative and Contributive Attributions in Large Language Models (SaTML)Theodora Worledge, Judy Hanwen Shen, Nicole Meister, Caleb Winston, Carlos Guestrin
SoK: Wildest Dreams: Reproducible Research in Privacy-preserving Neural Network Training (PETS)Tanveer Khan, Mindaugas Budzys, Khoa Nguyen, Antonis Michalas
2023
SoK: A Critical Evaluation of Efficient Website Fingerprinting Defenses (S&P)Nate Mathews, James K Holland, Se Eun Oh, Mohammad Saidur Rahman, Nicholas Hopper, Matthew Wright
SoK: A Data-driven View on Methods to Detect Reflective Amplification DDoS Attacks Using Honeypots (EuroS&P)Marcin Nawrocki, John Kristoff, Chris Kanich, Raphael Hiesgen, Thomas C. Schmidt, Matthias Wählisch
SoK: A Validity Perspective on Evaluating the Justified Use of Data-driven Decision-making Algorithms (SaTML)Amanda Coston, Anna Kawakami, Haiyi Zhu, Ken Holstein, Hoda Heidari
SoK: Analysis of Root Causes and Defense Strategies for Attacks on Microarchitectural Optimizations (EuroS&P)Nadja Ramhöj Holtryd, Madhavan Manivannan, Per Stenström
SoK: Anti-Facial Recognition Technology (S&P)Emily Wenger, Shawn Shan, Haitao Zheng, Ben Y. Zhao
SoK: Certified Robustness for Deep Neural Networks (S&P)Linyi Li, Tao Xie, Bo Li
SoK: Content Moderation for End-to-End Encryption (PETS)Sarah Scheffler, Jonathan Mayer
SoK: Content Moderation in Social Media, from Guidelines to Enforcement, and Research to Practice (EuroS&P)Mohit Singhal, Chen Ling, Pujan Paudel, Poojitha Thota, Nihal Kumarswamy, Gianluca Stringhini, Shirin Nilizadeh
SoK: Cryptographic Neural-Network Computation (S&P)Lucien K. L Ng, Sherman S. M. Chow
SoK: Data Sovereignty (EuroS&P)Jens Ernstberger, Jan Lauinger, Fatima Elsheimy, Liyi Zhou, Sebastian Steinhorst, Ran Canetti, Andrew Miller, Arthur Gervais, Dawn Song
SoK: Decentralized Finance (DeFi) Attacks (S&P)Liyi Zhou, Xihan Xiong, Jens Ernstberger, Stefanos Chaliasos, Zhipeng Wang, Ye Wang, Kaihua Qin, Roger Wattenhofer, Dawn Song, Arthur Gervais
SoK: Differentially Private Publication of Trajectory Data (PETS)Àlex Miranda-Pascual, Patricia Guerra-Balboa, Javier Parra-Arnau, Jordi Forné, Thorsten Strufe
SoK: Distributed Randomness Beacons (S&P)Kevin Choi, Aathira Manoj, Joseph Bonneau
SoK: Explainable Machine Learning for Computer Security Applications (EuroS&P)Azqa Nadeem, Daniël Vos, Clinton Cao, Luca Pajola, Simon Dieck, Robert Baumgartner, Sicco Verwer
SoK: Harnessing Prior Knowledge for Explainable Machine Learning: An Overview (SaTML)Katharina Beckh, Sebastian Müller, Matthias Jakobs, Vanessa Toborek, Hanxiao Tan, Raphael Fischer, Pascal Welke, Sebastian Houben, Laura von Rueden
SoK: History is a Vast Early Warning System: Auditing the Provenance of System Intrusions (S&P)Muhammad Adil Inam, Yinfang Chen, Akul Goyal, Jason Liu, Jaron Mink, Noor Michael, Sneha Gaur, Adam Bates, Wajih Ul Hassan
SoK: Let the Privacy Games Begin! A Unified Treatment of Data Inference Privacy in Machine Learning (S&P)Ahmed Salem, Giovanni Cherubin, David Evans, Boris Köpf, Andrew Paverd, Anshuman Suri, Shruti Tople, Santiago Zanella-Beguelin
SoK: Managing risks of linkage attacks on data privacy (PETS)Jovan Powar, Alastair R. Beresford
SoK: Pragmatic Assessment of Machine Learning for Network Intrusion Detection (EuroS&P)Giovanni Apruzzese, Pavel Laskov, Johannes Schneider
SoK: Rethinking Sensor Spoofing Attacks against Robotic Vehicles from a Systematic View (EuroS&P)Yuan Xu, Xingshuo Han, Gelei Deng, Jiwei Li, Yang Liu, Tianwei Zhang
SoK: Secure Aggregation based on cryptographic schemes for Federated Learning (PETS)Mohamad Mansouri, Melek Önen, Wafa Ben Jaballah, Mauro Conti
SoK: Secure E-Voting with Everlasting Privacy (PETS)Thomas Haines, Rafieh Mosaheb, Johannes Mueller, Ivan Pryvalov
SoK: Side Channel Monitoring for Additive Manufacturing - Bridging Cybersecurity and Quality Assurance Communities (EuroS&P)Muhammad Ahsan, Muhammad Haris Rais, Irfan Ahmed
SoK: Taxonomy of Attacks on Open-Source Software Supply Chains (S&P)Piergiorgio Ladisa, Henrik Plate, Matias Martinez, Olivier Barais
SoK: Toward Transparent AI: A Survey on Interpreting the Inner Structures of Deep Neural Networks (SaTML)Tilman Rauker, Anson Ho, Stephen Casper, Dylan Hadfield-Menell
2022
SoK: A Framework for Unifying At-Risk User Research  (S&P)Noel Warford, Tara Matthews, Kaitlyn Yang, Omer Akgul, Sunny Consolvo, Patrick Gage Kelley, Nathan Malkin, Michelle L. Mazurek, Manya Sleeper, Kurt Thomas
SoK: All or Nothing - A Postmortem of Solutions to the Third-Party Script Inclusion Permission Model and a Path Forward (EuroS&P)Steven Sprecher, Christoph Kerschbaumer, Engin Kirda
SoK: Assumptions underlying Cryptocurrency Deanonymizations - A Taxonomy for Scientific Experts and Legal Practitioners (PETS)Dominic Deuber, Viktoria Ronge, Christian Rückert
SoK: Authentication in Augmented and Virtual Reality  (S&P)Sophie Stephenson, Bijeeta Pal, Stephen Fan, Earlence Fernandes, Yuhang Zhao, Rahul Chatterjee
SoK: Cryptanalysis of Encrypted Search with LEAKER - A framework for LEakage AttacK Evaluation on Real-world data (EuroS&P)Seny Kamara, Abdelkarim Kati, Tarik Moataz, Thomas Schneider, Amos Treiber, Michael Yonli
SoK: Cryptographic Confidentiality of Data on Mobile Devices (PETS)Maximilian Zinkus, Tushar M. Jois, Matthew Green
SoK: Demystifying Binary Lifters Through the Lens of Downstream Applications (S&P)Zhibo Liu, Yuanyuan Yuan, Shuai Wang, Yuyan Bao
SoK: How Robust is Image Classification Deep Neural Network Watermarking? (S&P)Nils Lukas, Edward Jiang, Xinda Li, Florian Kerschbaum
SoK: Oblivious Pseudorandom Functions (EuroS&P)Sílvia Casacuberta, Julia Hesse, Anja Lehmann
SoK: Plausibly Deniable Storage (PETS)Chen Chen, Xiao Liang, Bogdan Carbunar, Radu Sion
SoK: Practical Foundations for Software Spectre Defenses  (S&P)Sunjay Cauligi, Craig Disselkoen, Daniel Moghimi, Gilles Barthe, Deian Stefan
SoK: Privacy-Preserving Computing in the Blockchain Era (EuroS&P)Ghada Almashaqbeh, Ravital Solomon
SoK: Privacy-enhancing Smart Home Hubs (PETS)Igor Zavalyshyn, Axel Legay, Annanda Rath, Etienne Riviere
SoK: SCT Auditing in Certificate Transparency (PETS)Sarah Meiklejohn, Joe DeBlasio, Devon O'Brien, Chris Thompson, Kevin Yeo, Emily Stark
SoK: Social Cybersecurity  (S&P)Yuxi Wu, W. Keith Edwards, Sauvik Das
SoK: TEE-assisted Confidential Smart Contract (PETS)Rujia Li, Qin Wang, Qi Wang, David Galindo, Mark Ryan
SoK: The Dual Nature of Technology in Sexual Assault  (S&P)Borke Obada-Obieh, Yue Huang, Lucrezia Spagnolo, Konstantin
SoK: The Impact of Unlabelled Data in Cyberthreat Detection (EuroS&P)Giovanni Apruzzese, Pavel Laskov, Aliya Tastemirova
SoK: Workerounds - Categorizing Service Worker Attacks and Mitigations (EuroS&P)Karthika Subramani, Jordan Jueckstock, Alexandros Kapravelos, Roberto Perdisci
2021
SoK: A Framework for Asset Discovery: Systematizing Advances in Network Measurements for Protecting Organizations (EuroS&P)Mathew Vermeer, Jonathan West, Alejandro Cuevas, Shuonan Niu, Nicolas Christin, Michel van Eeten, Tobias Fiebig, Carlos Gañán, Tyler Moore
SoK: All You Ever Wanted to Know About x86/x64 Binary Disassembly but Were Afraid to Ask (S&P)Chengbin Pang, Ruotong Yu, Yaohui Chen, Eric Koskinen, Georgios Portokalidis, Bing Mao, Jun Xu
SoK: An Overview of FHE Compilers and Tools (S&P)Alexander Viand, Patrick Jattke, Anwar Hithnawi
SoK: Attacks on Industrial Control Logic and Formal Verification-Based Defenses (EuroS&P)Ruimin Sun, Alejandro Mera, Long Lu, David Choffnes
SoK: Computer-Aided Cryptography (S&P)Manuel Barbosa, Gilles Barthe, Karthik Bhargavan, Bruno Blanchet, Cas Cremers, Kevin Liao, Bryan Parno
SoK: Context Sensing for Access Control in the Adversarial Home IoT (EuroS&P)Weijia He, Valerie Zhao, Olivia Morkved, Sabeeka Siddiqui, Earlence Fernandes, Josiah Hester, Blase Ur
SoK: Cryptojacking Malware (EuroS&P)Ege Tekiner, Abbas Acar, A. Selcuk Uluagac, Engin Kirda, Ali Aydin Selcuk
SoK: Efficient Privacy-preserving Clustering (PETS)Aditya Hegde, Helen Möllering, Thomas Schneider, Hossein Yalame
SoK: Hate, Harassment, and the Changing Landscape of Online Abuse (S&P)Kurt Thomas, Devdatta Akhawe, Michael Bailey, Dan Boneh, Elie Bursztein, Sunny Consolvo, Nicola Dell, Zakir Durumeric, Patrick Gage Kelley, Deepak Kumar, Damon McCoy, Sarah Meiklejohn, Thomas Ristenpart, Gianluca Stringhini
SoK: In Search of Lost Time: A Review of JavaScript Timers in Browsers (EuroS&P)Thomas Rokicki, Clémentine Maurice, Pierre Laperdrix
SoK: Managing Longitudinal Privacy of Publicly Shared Personal Online Data (PETS)Theodor Schnitzler, Shujaat Mirza, Markus Dürmuth, Christina Pöpper
SoK: Privacy-Preserving Collaborative Tree-based Model Learning (PETS)Sylvain Chatel, Apostolos Pyrgelis, Juan Ramón Troncoso-Pastoriza, Jean-Pierre Hubaux
SoK: Privacy-Preserving Computation Techniques for Deep Learning (PETS)José Cabrero-Holgueras, Sergio Pastrana
SoK: Privacy-Preserving Reputation Systems (PETS)Stan Gurtler, Ian Goldberg
SoK: Quantifying Cyber Risk (S&P)Daniel W. Woods, Rainer Böhme
SoK: Secure FPGA Multi-Tenancy in the Cloud: Challenges and Opportunities (EuroS&P)Shaza Zeitouni, Ghada Dessouky, Ahmad-Reza Sadeghi
SoK: Security and Privacy in the Age of Commercial Drones (S&P)Ben Nassi, Ron Bitton, Ryusuke Masuoka, Asaf Shabtai, Yuval Elovici
SoK: The Faults in our ASRs: An Overview of Attacks against Automatic Speech Recognition and Speaker Identification Systems (S&P)Hadi Abdullah, Kevin Warren, Vincent Bindschaedler, Nicolas Papernot, Patrick Traynor
2020
SoK: A Minimalist Approach to Formalizing Analog Sensor Security (S&P)Chen Yan, Hocheol Shin, Connor Bolton, Wenyuan Xu, Yongdae Kim, Kevin Fu
SoK: Anatomy of Data Breaches (PETS)Hamza Saleem, Muhammad Naveed
SoK: Cyber Insurance - Technical Challenges and a System Security Roadmap (S&P)Savino Dambra, Leyla Bilge, Davide Balzarotti
SoK: Delegation and Revocation, the Missing Links in the Web's Chain of Trust (EuroS&P)Laurent Chuat, AbdelRahman Abdou, Ralf Sasse, Christoph Sprenger, David Basin, Adrian Perrig
SoK: Differential Privacy as a Causal Property (S&P)Michael C. Tschantz, Shayak Sen, Anupam Datta
SoK: Differential privacies (PETS)Damien Desfontaines, Balázs Pejó
SoK: Understanding the Prevailing Security Vulnerabilities in TrustZone-Assisted TEE Systems (S&P)David Cerdeira, Nuno Santos, Pedro Fonseca, Sandro Pinto
2019
SoK: Benchmarking Flaws in Systems Security (EuroS&P)Erik van der Kouwe, Gernot Heiser, Dennis Andriesse, Herbert Bos, Cristiano Giuffrida
SoK: General Purpose Compilers for Secure Multi-Party Computation (S&P)Marcella Hastings, Brett Hemenway, Daniel Noble, Steve Zdancewic
SoK: Modular and Efficient Private Decision Tree Evaluation (PETS)Ágnes Kiss, Masoud Naderpour, Jian Liu, N. Asokan, Thomas Schneider
SoK: Sanitizing for Security (S&P)Dokyung Song, Julian Lettner, Prabhu Rajasekaran, Yeoul Na, Stijn Volckaert, Per Larsen, Michael Franz
SoK: Security Evaluation of Home-Based IoT Deployments (S&P)Omar Alrawi, Chaz Lever, Manos Antonakakis, Fabian Monrose
SoK: Shining Light on Shadow Stacks  (S&P)Nathan Burow, Xinping Zhang, Mathias Payer
SoK: The Challenges, Pitfalls, and Perils of Using Hardware Performance Counters for Security (S&P)Sanjeev Das, Jan Werner, Manos Antonakakis, Michalis Polychronakis, Fabian Monrose
2018
SoK: "Plug & Pray" Today - Understanding USB Insecurity in Versions 1 through C (S&P)Jing Tian, Nolen Scaife, Deepak Kumar, Michael Bailey, Adam Bates, Kevin Butler
SoK: Keylogging Side Channels (S&P)John V. Monaco
SoK: Security and Privacy in Machine Learning (EuroS&P)Nicolas Papernot, Patrick McDaniel, Arunesh Sinha, Michael P. Wellman
2017
SoK: Cryptographically Protected Database Search (S&P)Benjamin Fuller, Mayank Varia, Arkady Yerukhimovich, Emily Shen, Ariel Hamlin, Vijay Gadepally, Richard Shay, John Darby Mitchell, Robert K. Cunningham
SoK: Exploiting Network Printers (S&P)Jens Müller, Vladislav Mladenov, Juraj Somorovsky, Jörg Schwenk
SoK: Fraud in Telephony Networks (EuroS&P)Merve Sahin, Aurélien Francillon, Payas Gupta, Mustaque Ahamad
SoK: Science, Security, and the Elusive Goal of Security as a Scientific Pursuit (S&P)Cormac Herley, Paul C. van Oorschot
SoK: Single Sign-On Security — An Evaluation of OpenID Connect (EuroS&P)Christian Mainka, Vladislav Mladenov, Jörg Schwenk, Tobias Wich
2016
SoK: (State of) The Art of War: Offensive Techniques in Binary Analysis (S&P)Yan Shoshitaishvili, Ruoyu Wang, Christopher Salls, Nick Stephens, Mario Polino, Andrew Dutcher, John Grosen, Siji Feng, Christophe Hauser, Christopher Kruegel, Giovanni Vigna
SoK: Everyone Hates Robocalls: A Survey of Techniques against Telephone Spam (S&P)Huahong Tu, Adam Doupé, Ziming Zhao, Gail-Joon Ahn
SoK: Lessons Learned From Android Security Research For Appified Software Platforms (S&P)Yasemin Acar, Michael Backes, Sven Bugiel, Sascha Fahl, Patrick McDaniel, Matthew Smith
SoK: Towards Grounding Censorship Circumvention in Empiricism (S&P)Michael C. Tschantz, Sadia Afroz, Anonymous, Vern Paxson
SoK: Verifiability Notions for E-Voting Protocols (S&P)Véronique Cortier, David Galindo, Ralf Kuesters, Johannes Mueller, Tomasz Truderung
2015
SoK: A comprehensive analysis of game-based ballot privacy definitions (S&P)David Bernhard, Véronique Cortier, David Galindo, Olivier Pereira, Bogdan Warinschi
SoK: Deep Packer Inspection: A Longitudinal Study of the Complexity of Run-Time Packers (S&P)Xabier Ugarte-Pedrero, Davide Balzarotti, Igor Santos Grueiro, Pablo Garcia Bringas
SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies (S&P)Joseph Bonneau, Andrew Miller, Jeremy Clark, Arvind Narayanan, Joshua A. Kroll, Edward W. Felten
SoK: Secure Messaging (S&P)Nik Unger, Sergej Dechand, Joseph Bonneau, Sascha Fahl, Henning Perl, Ian Goldberg, Matthew Smith
2014
SoK: Automated Software Diversity (S&P)Per Larsen, Andrei Homescu, Stefan Brunthaler, Michael Franz
SoK: Introspections on Trust and the Semantic Gap (S&P)Bhushan Jain, Mirza Basim Baig, Dongli Zhang, Donald E. Porter, Radu Sion
SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks (S&P)Michael Rushanan, Colleen Swanson, Denis Foo Kune, Aviel D. Rubin
2013
SoK: Eternal War in Memory (S&P)Laszlo Szekeres, Mathias Payer, Tao Wei, Dawn Song
SoK: P2PWNED — Modeling and Evaluating the Resilience of Peer-to-Peer Botnets (S&P)Christian Rossow, Dennis Andriesse, Tillmann Werner, Brett Stone-Gross, Daniel Plohmann, Christian J. Dietrich, Herbert Bos
SoK: SSL and HTTPS: Revisiting Past Challenges and Evaluating Certificate Trust Model Enhancements (S&P)Jeremy Clark, Paul C. van Oorschot
SoK: Secure Data Deletion (S&P)Joel Reardon, David Basin, Srdjan Capkun
SoK: The Evolution of Sybil Defense via Social Networks (S&P)Lorenzo Alvisi, Allen Clement, Alessandro Epasto, Silvio Lattanzi, Alessandro Panconesi
2012
Dissecting Android Malware: Characterization and Evolution (S&P)Yajin Zhou, Xuxian Jiang
OB-PWS: Obfuscation-Based Private Web Search (S&P)Ero Balsa, Carmela Troncoso, Claudia Diaz
Peek-a-Boo, I Still See you: Why Efficient Traffic Analysis Countermeasures Fail (S&P)Kevin P. Dyer, Scott E. Coull, Thomas Ristenpart, Thomas Shrimpton
Prudent Practices for Designing Malware Experiments: Status Quo and Outlook (S&P)Christian Rossow, Christian J. Dietrich, Chris Grier, Christian Kreibich, Vern Paxson, Norbert Pohlmann, Herbert Bos, Maarten van Steen
The Psychology of Security for the Home Computer User (S&P)Adele Howe, Indrajit Ray, Mark Roberts, Malgorzata Urbanska, Zinta Byrne
The quest to replace passwords: A framework for comparative evaluation of web authentication schemes (S&P)Joseph Bonneau, Cormac Herley, Paul C. van Oorschot, Frank Stajano
Third-Party Web Tracking Policy and Technology (S&P)Jonathan R. Mayer, John C. Mitchell
2011
A Formal Foundation for the Security Features of Physical Functions (S&P)Frederik Armknecht, Roel Maes, Ahmad-Reza Sadeghi, Francois-Xavier Standaert, Christian Wachsmann
Formalizing Anonymous Blacklisting Systems (S&P)Ryan Henry, Ian Goldberg
Mobile Security Catching Up? - Revealing the nuts and bolts of the security of mobile devices (S&P)Michael Becher, Felix C. Freiling, Johannes Hoffmann, Thorsten Holz, Sebastian Uellenbeck, Christopher Wolf
Timing- and Termination-Sensitive Secure Information Flow: Exploring a New Approach (S&P)Vineeth Kashyap, Ben Wiedermann, Ben Hardekopf
2010
All You Ever Wanted to Know about Dynamic Taint Analysis and Forward Symbolic Execution (but might have been afraid to ask) (S&P)Thanassis Avgerinos, Edward Schwartz, David Brumley
Bootstrapping Trust in Commodity Computers (S&P)Bryan Parno, Jonathan M. McCune, Adrian Perrig
How Good are Humans at Solving CAPTCHAs? A Large Scale Evaluation (S&P)Elie Bursztein, Steven Bethard, John C. Mitchell, Dan Jurafsky, Céline Fabry
Outside the Closed World: On Using Machine Learning For Network Intrusion Detection (S&P)Robin Sommer, Vern Paxson
State of the Art: Automated Black-Box Web Application Vulnerability Testing (S&P)Jason Bau, Elie Bursztein, Divij Gupta, John Mitchell