Association for Computing Machinery (ACM) Courses

Safely Measuring Tor

Explore Tor network measurement techniques, challenges, and privacy-preserving solutions using PrivCount. Learn about exit policies and user statistics in this cybersecurity research presentation.

• YouTube
• 33 minutes
• On-Demand
• Conference Talk

MiddlePolice - Toward Enforcing Destination-Defined Policies in the Middle of the Internet

Explore innovative DDoS defense strategies with MiddlePolice, a novel approach to enforcing destination-defined policies in the internet's core, addressing challenges and evaluating its effectiveness.

• YouTube
• 28 minutes
• On-Demand
• Conference Talk

Automated Evasion Attacks and Fingerprinting Using Blackbox Differential Automata Learning

Automated evasion attacks and fingerprinting techniques using blackbox differential automata learning for evaluating web security products and analyzing TCP/IP implementations.

• YouTube
• 29 minutes
• On-Demand
• Conference Talk

Android ION Hazard - The Curse of Customizable Memory Management System

Explore Android ION's memory management vulnerabilities, including DoS attacks and information leaks, with insights on discovery, defense, and industry impact.

• YouTube
• 29 minutes
• On-Demand
• Conference Talk

Host of Troubles - Multiple Host Ambiguities in HTTP Implementations

Explores HTTP host ambiguities in implementations, revealing vulnerabilities in caching, firewalls, and WAFs. Presents attacks exploiting these issues and discusses prevalence and mitigation strategies.

• YouTube
• 21 minutes
• On-Demand
• Conference Talk

Online Tracking - A 1-Million-Site Measurement and Analysis

Comprehensive analysis of online tracking techniques, revealing vulnerabilities and proposing solutions for enhanced web privacy and security.

• YouTube
• 21 minutes
• On-Demand
• Conference Talk

Lurking Malice in the Cloud - Understanding and Detecting Cloud Repository as a Malicious Service

Explore techniques for detecting malicious cloud repositories, analyzing their characteristics, and understanding their impact on cybersecurity. Learn about innovative approaches to identify and mitigate cloud-based threats.

• YouTube
• 23 minutes
• On-Demand
• Conference Talk

Accessorize to a Crime - Real and Stealthy Attacks on State-Of-The-Art Face Recognition

Explores stealthy attacks on face recognition systems using adversarial machine learning techniques, demonstrating vulnerabilities in state-of-the-art facial recognition technology through impersonation experiments.

• YouTube
• 25 minutes
• On-Demand
• Conference Talk

CSP is Dead, Long Live CSP! - On the Insecurity of Whitelists and the Future of the Content Security Policy

Explore the evolution and challenges of Content Security Policy, analyzing its effectiveness, vulnerabilities, and future directions in web security.

• YouTube
• 21 minutes
• On-Demand
• Conference Talk

On the Security of Cracking-Resistant Password Vaults

Explore security vulnerabilities in password vaults, analyzing cracking techniques, experimental results, and potential mitigations for improved password protection strategies.

• YouTube
• 22 minutes
• On-Demand
• Conference Talk

Evaluating the Effectiveness of Content Security Policy in the Wild

Evaluación de la efectividad de la Política de Seguridad de Contenido en la práctica, analizando su adopción, configuración y debilidades frente a ataques XSS.

• YouTube
• 21 minutes
• On-Demand
• Conference Talk

Targeted Online Password Guessing - An Underestimated Threat

Explore targeted online password guessing, its underestimated threat, and innovative approaches to enhance cybersecurity through advanced attack modeling and defense strategies.

• YouTube
• 21 minutes
• On-Demand
• Conference Talk

An Empirical Study of Mnemonic Sentence-based Password Generation Strategies

Empirical analysis of mnemonic sentence-based password generation strategies, examining effectiveness, weaknesses, and user behavior in creating memorable yet secure passwords.

• YouTube
• 27 minutes
• On-Demand
• Conference Talk

Breaking Web Applications Built On Top of Encrypted Data

Explores vulnerabilities in web applications using encrypted data, focusing on multi-key searchable encryption. Analyzes attacks against Mylar, discussing metadata risks and active threat models.

• YouTube
• 29 minutes
• On-Demand
• Conference Talk

ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels

Explore physical side-channel attacks on ECDSA key extraction from mobile devices, covering analysis methods, results, equipment, and potential countermeasures.

• YouTube
• 31 minutes
• On-Demand
• Conference Talk