"Spectre Attacks: Exploiting Speculative Execution," by Paul Kocher, et al., reviews how speculative execution and caches can be exploited, presents specific exploits...Mark D. Hill From Communications of the ACM | July 2020
This paper describes practical attacks that combine methodology from side-channel attacks, fault attacks, and return-oriented programming that can read arbitrary...Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom From Communications of the ACM | July 2020
"Measuring and Mitigating OAuth Access Token Abuse by Collusion Networks," by Shehroze Farooqi et al., explores a social-networking reputation manipulation ecosystem...Geoffrey M. Voelker From Communications of the ACM | May 2020
We carried out a comprehensive measurement study to understand how collusion networks exploited popular third-party Facebook applications with weak security settings...Shehroze Farooqi, Fareed Zaffar, Nektarios Leontiadis, Zubair Shafiq From Communications of the ACM | May 2020
Instead of handing trace records off to a collector for long-term storage and future processing, the system described in "Pivot Tracing: Dynamic Causal Monitoring...Rebecca Isaacs From Communications of the ACM | March 2020
This paper presents Pivot Tracing, a monitoring framework for distributed systems, which addresses the limitations of today's monitoring and diagnosis tools by...Jonathan Mace, Ryan Roelke, Rodrigo Fonseca From Communications of the ACM | March 2020
"Automating Visual Privacy Protection Using a Smart LED," presents a new technique to address the issue of cameras capturing proprietary or private information—it...Marco Gruteser From Communications of the ACM | February 2020
We introduce LiShield, which automatically protects a physical scene against photographing, by illuminating it with smart LEDs flickering in specialized waveforms...Shilin Zhu, Chi Zhang, Xinyu Zhang From Communications of the ACM | February 2020
"Evidence that Computer Science Grades Are Not Bimodal" uses empirical methods to determine if belief in innate differences may explain why CS teachers see a bimodality...Mark Guzdial From Communications of the ACM | January 2020
There is a common belief that grades in computer science courses are bimodal. We devised a psychology experiment to understand why CS educators hold this belief...Elizabeth Patitsas, Jesse Berlin, Michelle Craig, Steve Easterbrook From Communications of the ACM | January 2020
The authors of "Building Certified Concurrent OS Kernels" illustrate that formal verification can scale up to a moderate-size program (6,500 lines of C) that has...Andrew W. Appel From Communications of the ACM | October 2019
In this work, we present CertiKOS, a novel compositional framework for building verified concurrent OS kernels.
Ronghui Gu, Zhong Shao, Hao Chen, Jieung Kim, Jérémie Koenig, Xiongnan (Newman) Wu, Vilhelm Sjöberg, David Costanzo From Communications of the ACM | October 2019
There is a need for alternative techniques for understanding and evaluating QUIC when compared with previous transport-layer protocols.
Arash Molavi Kakhki, Samuel Jero, David Choffnes, Cristina Nita-Rotaru, Alan Mislove From Communications of the ACM | July 2019
This work studies the potential of a paradigm of heterogeneous execution models by developing a specialization engine for explicit-dataflow (SEED) and integrating...Tony Nowatzki, Vinay Gangadhar, Karthikeyan Sankaralingam From Communications of the ACM | June 2019
The authors of "Distributed Strategies for Computational Sprints" bring the rich theory of allocating scarce resources to the challenge of managing computational...Thomas F. Wenisch From Communications of the ACM | February 2019
We describe a computational sprinting architecture in which many, independent chip multiprocessors share a power supply and sprints are constrained by the chips'...Songchun Fan, Seyed Majid Zahedi, Benjamin C. Lee From Communications of the ACM | February 2019
"Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice," by David Adrian et al., illustrates the importance of taking preprocessing attacks into account...Dan Boneh From Communications of the ACM | January 2019
We investigate the security of Diffie-Hellman key exchange as used in popular Internet protocols and find it to be less secure than widely believed.
David Adrian, Karthikeyan Bhargavan, Zakir Durumeric, Pierrick Gaudry, Matthew Green, J. Alex Halderman, Nadia Heninger, Drew Springall, Emmanuel Thomé, Luke Valenta, Benjamin VanderSloot, Eric Wustrow, Santiago Zanella-Béguelin, Paul Zimmermann From Communications of the ACM | January 2019