Detection of Intrusions and Malware, and Vulnerability Assessment

1. Front Matter

   Pages i-xii

   PDF

2. You’ve Got (a Reset) Mail: A Security Analysis of Email-Based Password Reset Procedures

   • Tommaso Innocenti, Seyed Ali Mirheidari, Amin Kharraz, Bruno Crispo, Engin Kirda

   Pages 1-20

3. The Full Gamut of an Attack: An Empirical Analysis of OAuth CSRF in the Wild

   • Michele Benolli, Seyed Ali Mirheidari, Elham Arshad, Bruno Crispo

   Pages 21-41

4. Detecting and Measuring In-The-Wild DRDoS Attacks at IXPs

   • Karthika Subramani, Roberto Perdisci, Maria Konte

   Pages 42-67

5. Digging Deeper: An Analysis of Domain Impersonation in the Lower DNS Hierarchy

   • Florian Quinkert, Dennis Tatang, Thorsten Holz

   Pages 68-87

6. Help, My Signal has Bad Device!

   • Jan Wichelmann, Sebastian Berndt, Claudius Pott, Thomas Eisenbarth

   Pages 88-105

7. Refined Grey-Box Fuzzing with Sivo

   • Ivica Nikolić, Radu Mantu, Shiqi Shen, Prateek Saxena

   Pages 106-129

8. SCRUTINIZER: Detecting Code Reuse in Malware via Decompilation and Machine Learning

   • Omid Mirzaei, Roman Vasilenko, Engin Kirda, Long Lu, Amin Kharraz

   Pages 130-150

9. Specularizer : Detecting Speculative Execution Attacks via Performance Tracing

   • Wubing Wang, Guoxing Chen, Yueqiang Cheng, Yinqian Zhang, Zhiqiang Lin

   Pages 151-172Open Access

10. Aion Attacks: Manipulating Software Timers in Trusted Execution Environment

    • Wei Huang, Shengjie Xu, Yueqiang Cheng, David Lie

    Pages 173-193

11. Third-Eye: Practical and Context-Aware Inference of Causal Relationship Violations in Commodity Kernels

    • Chuhong Yuan, Dong Du, Haibo Chen

    Pages 194-214

12. Find My Sloths: Automated Comparative Analysis of How Real Enterprise Computers Keep Up with the Software Update Races

    • Omid Setayeshfar, Junghwan “John” Rhee, Chung Hwan Kim, Kyu Hyung Lee

    Pages 215-236

13. FP-Redemption: Studying Browser Fingerprinting Adoption for the Sake of Web Security

    • Antonin Durey, Pierre Laperdrix, Walter Rudametkin, Romain Rouvoy

    Pages 237-257

14. Introspect Virtual Machines Like It Is the Linux Kernel!

    • Ahmed Abdelraoof, Benjamin Taubmann, Thomas Dangl, Hans P. Reiser

    Pages 258-277

15. Calibration Done Right: Noiseless Flush+Flush Attacks

    • Guillaume Didier, Clémentine Maurice

    Pages 278-298

16. Zero Footprint Opaque Predicates: Synthesizing Opaque Predicates from Naturally Occurring Invariants

    • Yu-Jye Tung, Ian G. Harris

    Pages 299-318

17. PetaDroid: Adaptive Android Malware Detection Using Deep Learning

    • ElMouatez Billah Karbab, Mourad Debbabi

    Pages 319-340

18. Spotlight on Phishing: A Longitudinal Study on Phishing Awareness Trainings

    • Florian Quinkert, Martin Degeling, Thorsten Holz

    Pages 341-360

19. Extended Abstract: A First Large-Scale Analysis on Usage of MTA-STS

    • Dennis Tatang, Robin Flume, Thorsten Holz

    Pages 361-370

20. Centy: Scalable Server-Side Web Integrity Verification System Based on Fuzzy Hashes

    • Lizzy Tengana, Jesus Solano, Alejandra Castelblanco, Esteban Rivera, Christian Lopez, Martin Ochoa

    Pages 371-390

This book constitutes the proceedings of the 18th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2021, held virtually in July 2021.

The 18 full papers and 1 short paper presented in this volume were carefully reviewed and selected from 65 submissions. DIMVA serves as a premier forum for advancing the state of the art in intrusion detection, malware detection, and vulnerability assessment. Each year, DIMVA brings together international experts from academia, industry, and government to present and discuss novel research in these areas.

Chapter “SPECULARIZER: Detecting Speculative Execution Attacks via Performance Tracing” is available open access under a Creative Commons Attribution 4.0 International License via link.springer.com.

• artificial intelligence
• authentication
• computer crime
• computer networks
• computer security
• cryptography
• data communication systems
• data security
• distributed computer systems
• internet
• intrusion detection
• malware
• network protocols
• network security
• operating systems
• signal processing
• software engineering
• telecommunication networks

• NortonLifeLock Research Group, Biot, France

  Leyla Bilge

• King's College London, London, UK

  Lorenzo Cavallaro

• CISPA Helmholtz Center for Information Security, Saarbrücken, Germany

  Giancarlo Pellegrino

• University of Lisbon, Lisbon, Portugal

  Nuno Neves