Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
reading:by-topic [2024/01/21 06:15] – romangol | reading:by-topic [2024/03/03 10:49] (current) – romangol | ||
---|---|---|---|
Line 1: | Line 1: | ||
=== 二进制代码分析 === | === 二进制代码分析 === | ||
+ | |||
+ | === 安全防护 === | ||
+ | * [G.O.S.S.I.P 阅读推荐 2024-01-29 TEESLICE](https:// | ||
+ | * No Privacy Left Outside: On the (In-)Security of TEE-Shielded DNN Partition for On-Device ML @ IEEE S&P 2024 | ||
+ | * [G.O.S.S.I.P 阅读推荐 2024-01-26](https:// | ||
+ | * DOPE: DOmain Protection Enforcement with PKS @ ACSAC 2023 | ||
+ | |||
=== Network Security === | === Network Security === | ||
+ | * [G.O.S.S.I.P 阅读推荐 2024-02-23 5G-Spector](https:// | ||
+ | * 5G-SPECTOR: An O-RAN Compliant Layer-3 Cellular Attack Detection Service @ NDSS 2024 | ||
=== Web Security === | === Web Security === | ||
+ | * [G.O.S.S.I.P 阅读推荐 2024-02-26 寻觅文件劫持漏洞](https:// | ||
+ | * File Hijacking Vulnerability: | ||
+ | *[G.O.S.S.I.P 阅读推荐 2024-02-05 WebRR](https:// | ||
+ | * WEBRR: A Forensic System for Replaying and Investigating Web-Based Attacks in The Modern Web @ USENIX Security 2024 | ||
* [[https:// | * [[https:// | ||
* Chrowned by an Extension: Abusing the Chrome DevTools Protocol through the Debugger API @ Euro S&P 2023 | * Chrowned by an Extension: Abusing the Chrome DevTools Protocol through the Debugger API @ Euro S&P 2023 | ||
+ | * [G.O.S.S.I.P 阅读推荐 2024-02-02 来自浏览器的勒索警告!](https:// | ||
+ | * RøB: Ransomware over Modern Web Browsers @ USENIX Security 2023 | ||
+ | |||
+ | === Mobile Security === | ||
+ | * [G.O.S.S.I.P 阅读推荐 2024-03-01 马奇诺防线总在龙年被攻破](https:// | ||
+ | * Maginot Line: Assessing a New Cross-app Threat to PII-as-Factor Authentication in Chinese Mobile Apps @ NDSS 2024 | ||
=== 物联网安全 === | === 物联网安全 === | ||
* [[https:// | * [[https:// | ||
+ | * SoK: The Long Journey of Exploiting and Defending the Legacy of King Harald Bluetooth @ IEEE S&P 2024 | ||
* [[https:// | * [[https:// | ||
* Your Firmware Has Arrived: A Study of Firmware Update Vulnerabilities @ USENIX Security 2024 | * Your Firmware Has Arrived: A Study of Firmware Update Vulnerabilities @ USENIX Security 2024 | ||
+ | * [[https:// | ||
+ | * Optical Cryptanalysis: | ||
=== 现实世界的密码学安全问题 === | === 现实世界的密码学安全问题 === | ||
+ | * [G.O.S.S.I.P 阅读推荐 2024-02-19 密码学误用检测工具的误用?](https:// | ||
+ | * Towards Precise Reporting of Cryptographic Misuses @ NDSS 2024 | ||
* [[https:// | * [[https:// | ||
+ | * Injection Attacks Against End-to-End Encrypted Applications @ IEEE S&P 2024 | ||
+ | * [[https:// | ||
+ | * Passive SSH Key Compromise via Lattices @ CCS 2023 | ||
+ | * [G.O.S.S.I.P 阅读推荐 2024-01-15 大破量子危机](https:// | ||
+ | * ReSolveD: Shorter Signatures from Regular Syndrome Decoding and VOLE-in-the-Head @ PKC 2024 | ||
+ | * Revisiting the Constant-sum Winternitz One-time Signature with Applications to SPHINCS+ and XMSS @ CRYPTO 2023 | ||
+ | |||
+ | === 供应链安全 === | ||
+ | * [G.O.S.S.I.P 阅读推荐 2024-02-21 危险的VS Code插件](https:// | ||
+ | * UntrustIDE: Exploiting Weaknesses in VS Code Extensions @ NDSS 2024 | ||
=== AI安全 === | === AI安全 === | ||
+ | * [G.O.S.S.I.P 阅读推荐 2024-01-29 TEESLICE](https:// | ||
+ | * No Privacy Left Outside: On the (In-)Security of TEE-Shielded DNN Partition for On-Device ML @ IEEE S&P 2024 | ||
+ | * [G.O.S.S.I.P 阅读推荐 2024-01-24 除你防护,夺你模型!](https:// | ||
+ | * DeMistify: Identifying On-device Machine Learning Models Stealing and Reuse Vulnerabilities in Mobile Apps @ ICSE 2024 | ||
+ | * [G.O.S.S.I.P 阅读推荐 2024-01-22 The Janus Interface](https:// | ||
+ | * The Janus Interface: How Fine-Tuning in Large Language Models Amplifies the Privacy Risks | ||
+ | * [G.O.S.S.I.P 阅读推荐 2024-01-17 Crafter](https:// | ||
+ | * Crafter: Facial Feature Crafting against Inversion-based Identity Theft on Deep Models @ NDSS 2024 | ||
+ | |||