Valid HTML 4.0! Valid CSS!
%%% -*-BibTeX-*-
%%% ====================================================================
%%%  BibTeX-file{
%%%     author          = "Nelson H. F. Beebe",
%%%     version         = "1.23",
%%%     date            = "10 October 2024",
%%%     time            = "08:31:58 MDT",
%%%     filename        = "tops.bib",
%%%     address         = "University of Utah
%%%                        Department of Mathematics, 110 LCB
%%%                        155 S 1400 E RM 233
%%%                        Salt Lake City, UT 84112-0090
%%%                        USA",
%%%     telephone       = "+1 801 581 5254",
%%%     FAX             = "+1 801 581 4148",
%%%     URL             = "https://www.math.utah.edu/~beebe",
%%%     checksum        = "06704 9209 47804 451514",
%%%     email           = "beebe at math.utah.edu, beebe at acm.org,
%%%                       beebe at computer.org (Internet)",
%%%     codetable       = "ISO/ASCII",
%%%     keywords        = "bibliography, BibTeX, ACM Transactions
%%%                        on Privacy and Security (TOPS)",
%%%     license         = "public domain",
%%%     supported       = "yes",
%%%     docstring       = "This is a COMPLETE BibTeX bibliography for
%%%                        the journal ACM Transactions on Privacy and
%%%                        Security (TOPS) (CODEN none, ISSN 2471-2566
%%%                        (print), 2471-2574 (electronic)).  covering
%%%                        all journal issues from 2017--date.
%%%
%%%                        Publication began with volume 19, number 1,
%%%                        in 2016, as a continuation of the predecessor
%%%                        journal, ACM Transactions on Information and
%%%                        System Security.  The older journal is
%%%                        covered in a separate bibliography,
%%%                        tissec.bib.
%%%
%%%                        The journal has a Web site at
%%%
%%%                            http://dl.acm.org/citation.cfm?id=J1547
%%%
%%%                        At version 1.23, the COMPLETE journal
%%%                        coverage looked like this:
%%%
%%%                             2016 (   9)    2019 (  17)    2022 (  34)
%%%                             2017 (  17)    2020 (  22)    2023 (  51)
%%%                             2018 (  27)    2021 (  29)    2024 (  32)
%%%
%%%                             Article:        237
%%%
%%%                             Total entries:  237
%%%
%%%                        The initial draft was extracted from the
%%%                        journal Web site.
%%%
%%%                        ACM copyrights explicitly permit abstracting
%%%                        with credit, so article abstracts, keywords,
%%%                        and subject classifications have been
%%%                        included in this bibliography wherever
%%%                        available.  Article reviews have been
%%%                        omitted, until their copyright status has
%%%                        been clarified.
%%%
%%%                        URL keys in the bibliography point to
%%%                        World Wide Web locations of additional
%%%                        information about the entry.
%%%
%%%                        Numerous errors in the sources noted above
%%%                        have been corrected.   Spelling has been
%%%                        verified with the UNIX spell and GNU ispell
%%%                        programs using the exception dictionary
%%%                        stored in the companion file with extension
%%%                        .sok.
%%%
%%%                        BibTeX citation tags are uniformly chosen
%%%                        as name:year:abbrev, where name is the
%%%                        family name of the first author or editor,
%%%                        year is a 4-digit number, and abbrev is a
%%%                        3-letter condensation of important title
%%%                        words. Citation tags were automatically
%%%                        generated by software developed for the
%%%                        BibNet Project.
%%%
%%%                        In this bibliography, entries are sorted in
%%%                        publication order, using ``bibsort -byvolume.''
%%%
%%%                        The checksum field above contains a CRC-16
%%%                        checksum as the first value, followed by the
%%%                        equivalent of the standard UNIX wc (word
%%%                        count) utility output of lines, words, and
%%%                        characters.  This is produced by Robert
%%%                        Solovay's checksum utility.",
%%%  }
%%% ====================================================================
@Preamble{"\input bibnames.sty"}

%%% ====================================================================
%%% Acknowledgement abbreviations:
@String{ack-nhfb = "Nelson H. F. Beebe,
                    University of Utah,
                    Department of Mathematics, 110 LCB,
                    155 S 1400 E RM 233,
                    Salt Lake City, UT 84112-0090, USA,
                    Tel: +1 801 581 5254,
                    FAX: +1 801 581 4148,
                    e-mail: \path|beebe@math.utah.edu|,
                            \path|beebe@acm.org|,
                            \path|beebe@computer.org| (Internet),
                    URL: \path|https://www.math.utah.edu/~beebe/|"}

%%% ====================================================================
%%% Journal abbreviations:
@String{j-TOPS                  = "ACM Transactions on Privacy and Security
                                  (TOPS)"}

%%% ====================================================================
%%% Bibliography entries:
@Article{Eberz:2016:LLE,
  author =       "Simon Eberz and Kasper B. Rasmussen and Vincent
                 Lenders and Ivan Martinovic",
  title =        "Looks Like {Eve}: Exposing Insider Threats Using Eye
                 Movement Biometrics",
  journal =      j-TOPS,
  volume =       "19",
  number =       "1",
  pages =        "1:1--1:??",
  month =        aug,
  year =         "2016",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/2904018",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 3 09:09:38 MDT 2017",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "We introduce a novel biometric based on distinctive
                 eye movement patterns. The biometric consists of 20
                 features that allow us to reliably distinguish users
                 based on differences in these patterns. We leverage
                 this distinguishing power along with the ability to
                 gauge the users' task familiarity, that is, level of
                 knowledge, to address insider threats. In a controlled
                 experiment, we test how both time and task familiarity
                 influence eye movements and feature stability, and how
                 different subsets of features affect the classifier
                 performance. These feature subsets can be used to
                 tailor the eye movement biometric to different
                 authentication methods and threat models. Our results
                 show that eye movement biometrics support reliable and
                 stable continuous authentication of users. We
                 investigate different approaches in which an attacker
                 could attempt to use inside knowledge to mimic the
                 legitimate user. Our results show that while this
                 advance knowledge is measurable, it does not increase
                 the likelihood of successful impersonation. In order to
                 determine the time stability of our features, we repeat
                 the experiment twice within 2 weeks. The results
                 indicate that we can reliably authenticate users over
                 the entire period. We show that lower sampling rates
                 provided by low-cost hardware pose a challenge, but
                 that reliable authentication is possible even at the
                 rate of 50Hz commonly available with consumer-level
                 devices. In a second set of experiments, we evaluate
                 how our authentication system performs across a variety
                 of real-world tasks, including reading, writing, and
                 web browsing. We discuss the advantages and limitations
                 of our approach in detail and give practical insights
                 on the use of this biometric in a real-world
                 environment.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "1",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Mitropoulos:2016:HTY,
  author =       "Dimitris Mitropoulos and Konstantinos Stroggylos and
                 Diomidis Spinellis and Angelos D. Keromytis",
  title =        "How to Train Your Browser: Preventing {XSS} Attacks
                 Using Contextual Script Fingerprints",
  journal =      j-TOPS,
  volume =       "19",
  number =       "1",
  pages =        "2:1--2:??",
  month =        aug,
  year =         "2016",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/2939374",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 3 09:09:38 MDT 2017",
  bibsource =    "http://portal.acm.org/;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "Cross-Site Scripting (XSS) is one of the most common
                 web application vulnerabilities. It is therefore
                 sometimes referred to as the ``buffer overflow of the
                 web.'' Drawing a parallel from the current state of
                 practice in preventing unauthorized native code
                 execution (the typical goal in a code injection), we
                 propose a script whitelisting approach to tame
                 JavaScript-driven XSS attacks. Our scheme involves a
                 transparent script interception layer placed in the
                 browser's JavaScript engine. This layer is designed to
                 detect every script that reaches the browser, from
                 every possible route, and compare it to a list of valid
                 scripts for the site or page being accessed; scripts
                 not on the list are prevented from executing. To avoid
                 the false positives caused by minor syntactic changes
                 (e.g., due to dynamic code generation), our layer uses
                 the concept of contextual fingerprints when comparing
                 scripts. Contextual fingerprints are identifiers that
                 represent specific elements of a script and its
                 execution context. Fingerprints can be easily enriched
                 with new elements, if needed, to enhance the proposed
                 method's robustness. The list can be populated by the
                 website's administrators or a trusted third party. To
                 verify our approach, we have developed a prototype and
                 tested it successfully against an extensive array of
                 attacks that were performed on more than 50 real-world
                 vulnerable web applications. We measured the browsing
                 performance overhead of the proposed solution on eight
                 websites that make heavy use of JavaScript. Our
                 mechanism imposed an average overhead of 11.1\% on the
                 execution time of the JavaScript engine. When measured
                 as part of a full browsing session, and for all tested
                 websites, the overhead introduced by our layer was less
                 than 0.05\%. When script elements are altered or new
                 scripts are added on the server side, a new fingerprint
                 generation phase is required. To examine the temporal
                 aspect of contextual fingerprints, we performed a
                 short-term and a long-term experiment based on the same
                 websites. The former, showed that in a short period of
                 time (10 days), for seven of eight websites, the
                 majority of valid fingerprints stay the same (more than
                 92\% on average). The latter, though, indicated that,
                 in the long run, the number of fingerprints that do not
                 change is reduced. Both experiments can be seen as one
                 of the first attempts to study the feasibility of a
                 whitelisting approach for the web.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "2",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Aonghusa:2016:DLG,
  author =       "P{\'o}l Mac Aonghusa and Douglas J. Leith",
  title =        "Don't Let {Google} Know {I}'m Lonely",
  journal =      j-TOPS,
  volume =       "19",
  number =       "1",
  pages =        "3:1--3:??",
  month =        aug,
  year =         "2016",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/2937754",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 3 09:09:38 MDT 2017",
  bibsource =    "http://portal.acm.org/;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "From buying books to finding the perfect partner, we
                 share our most intimate wants and needs with our
                 favourite online systems. But how far should we accept
                 promises of privacy in the face of personalized
                 profiling? In particular, we ask how we can improve
                 detection of sensitive topic profiling by online
                 systems. We propose a definition of privacy disclosure
                 that we call $ \epsilon $-indistinguishability, from
                 which we construct scalable, practical tools to assess
                 the learning potential from personalized content. We
                 demonstrate our results using openly available
                 resources, detecting a learning rate in excess of 98\%
                 for a range of sensitive topics during our
                 experiments.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "3",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Rahbarinia:2016:EAB,
  author =       "Babak Rahbarinia and Roberto Perdisci and Manos
                 Antonakakis",
  title =        "Efficient and Accurate Behavior-Based Tracking of
                 Malware-Control Domains in Large {ISP} Networks",
  journal =      j-TOPS,
  volume =       "19",
  number =       "2",
  pages =        "4:1--4:??",
  month =        sep,
  year =         "2016",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/2960409",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 3 09:09:39 MDT 2017",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "In this article, we propose Segugio, a novel defense
                 system that allows for efficiently tracking the
                 occurrence of new malware-control domain names in very
                 large ISP networks. Segugio passively monitors the DNS
                 traffic to build a machine-domain bipartite graph
                 representing who is querying what. After labeling nodes
                 in this query behavior graph that are known to be
                 either benign or malware-related, we propose a novel
                 approach to accurately detect previously unknown
                 malware-control domains. We implemented a
                 proof-of-concept version of Segugio and deployed it in
                 large ISP networks that serve millions of users. Our
                 experimental results show that Segugio can track the
                 occurrence of new malware-control domains with up to
                 94\% true positives (TPs) at less than 0.1\% false
                 positives (FPs). In addition, we provide the following
                 results: (1) we show that Segugio can also detect
                 control domains related to new, previously unseen
                 malware families, with 85\% TPs at 0.1\% FPs; (2)
                 Segugio's detection models learned on traffic from a
                 given ISP network can be deployed into a different ISP
                 network and still achieve very high detection accuracy;
                 (3) new malware-control domains can be detected days or
                 even weeks before they appear in a large commercial
                 domain-name blacklist; (4) Segugio can be used to
                 detect previously unknown malware-infected machines in
                 ISP networks; and (5) we show that Segugio clearly
                 outperforms domain-reputation systems based on Belief
                 Propagation.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "4",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Dong:2016:DRC,
  author =       "Zheng Dong and Kevin Kane and L. Jean Camp",
  title =        "Detection of Rogue Certificates from Trusted
                 Certificate Authorities Using Deep Neural Networks",
  journal =      j-TOPS,
  volume =       "19",
  number =       "2",
  pages =        "5:1--5:??",
  month =        sep,
  year =         "2016",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/2975591",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 3 09:09:39 MDT 2017",
  bibsource =    "http://portal.acm.org/;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "Rogue certificates are valid certificates issued by a
                 legitimate certificate authority (CA) that are
                 nonetheless untrustworthy; yet trusted by web browsers
                 and users. With the current public key infrastructure,
                 there exists a window of vulnerability between the time
                 a rogue certificate is issued and when it is detected.
                 Rogue certificates from recent compromises have been
                 trusted for as long as weeks before detection and
                 revocation. Previous proposals to close this window of
                 vulnerability require changes in the infrastructure,
                 Internet protocols, or end user experience. We present
                 a method for detecting rogue certificates from trusted
                 CAs developed from a large and timely collection of
                 certificates. This method automates classification by
                 building machine-learning models with Deep Neural
                 Networks (DNN). Despite the scarcity of rogue instances
                 in the dataset, DNN produced a classification method
                 that is proven both in simulation and in the July 2014
                 compromise of the India CCA. We report the details of
                 the classification method and illustrate that it is
                 repeatable, such as with datasets obtained from
                 crawling. We describe the classification performance
                 under our current research deployment.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "5",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Garay:2016:MPA,
  author =       "Juan A. Garay and Vladimir Kolesnikov and Rae
                 Mclellan",
  title =        "{MAC} Precomputation with Applications to Secure
                 Memory",
  journal =      j-TOPS,
  volume =       "19",
  number =       "2",
  pages =        "6:1--6:??",
  month =        sep,
  year =         "2016",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/2943780",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 3 09:09:39 MDT 2017",
  bibsource =    "http://portal.acm.org/;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "We present Shallow MAC (ShMAC), a fixed-input-length
                 message authentication code that performs most of the
                 computation prior to the availability of the message.
                 Specifically, ShMAC's message-dependent computation is
                 much faster and smaller in hardware than the evaluation
                 of a pseudorandom permutation (PRP) and can be
                 implemented by a small shallow circuit, while its
                 precomputation consists of one PRP evaluation. A main
                 building block for ShMAC is the notion of strong
                 differential uniformity (SDU), which we introduce and
                 which may be of independent interest. We show an
                 efficient SDU construction built from previously
                 considered differentially uniform functions. Our main
                 motivating application is a system architecture where a
                 hardware-secured processor uses memory controlled by an
                 adversary. We also present in technical detail a novel,
                 efficient approach to encrypting and authenticating
                 memory and discuss the associated tradeoffs, while
                 paying special attention to minimizing hardware costs
                 and the reduction of Dynamic Random Access Memory
                 latency.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "6",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Ozalp:2016:PPP,
  author =       "Ismet Ozalp and Mehmet Emre Gursoy and Mehmet Ercan
                 Nergiz and Yucel Saygin",
  title =        "Privacy-Preserving Publishing of Hierarchical Data",
  journal =      j-TOPS,
  volume =       "19",
  number =       "3",
  pages =        "7:1--7:??",
  month =        dec,
  year =         "2016",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/2976738",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 3 09:09:39 MDT 2017",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "Many applications today rely on storage and management
                 of semi-structured information, for example, XML
                 databases and document-oriented databases. These data
                 often have to be shared with untrusted third parties,
                 which makes individuals' privacy a fundamental problem.
                 In this article, we propose anonymization techniques
                 for privacy-preserving publishing of hierarchical data.
                 We show that the problem of anonymizing hierarchical
                 data poses unique challenges that cannot be readily
                 solved by existing mechanisms. We extend two standards
                 for privacy protection in tabular data ( k -anonymity
                 and l-diversity) and apply them to hierarchical data.
                 We present utility-aware algorithms that enforce these
                 definitions of privacy using generalizations and
                 suppressions of data values. To evaluate our algorithms
                 and their heuristics, we experiment on synthetic and
                 real datasets obtained from two universities. Our
                 experiments show that we significantly outperform
                 related methods that provide comparable privacy
                 guarantees.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "7",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Crampton:2016:WSP,
  author =       "Jason Crampton and Andrei Gagarin and Gregory Gutin
                 and Mark Jones and Magnus Wahlstr{\"o}m",
  title =        "On the Workflow Satisfiability Problem with
                 Class-Independent Constraints for Hierarchical
                 Organizations",
  journal =      j-TOPS,
  volume =       "19",
  number =       "3",
  pages =        "8:1--8:??",
  month =        dec,
  year =         "2016",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/2988239",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 3 09:09:39 MDT 2017",
  bibsource =    "http://portal.acm.org/;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "A workflow specification defines a set of steps, a set
                 of users, and an access control policy. The policy
                 determines which steps a user is authorized to perform
                 and imposes constraints on which sets of users can
                 perform which sets of steps. The workflow
                 satisfiability problem (WSP) is the problem of
                 determining whether there exists an assignment of users
                 to workflow steps that satisfies the policy. Given the
                 computational hardness of WSP and its importance in the
                 context of workflow management systems, it is important
                 to develop algorithms that are as efficient as possible
                 to solve WSP. In this article, we study the
                 fixed-parameter tractability of WSP in the presence of
                 class-independent constraints, which enable us to (1)
                 model security requirements based on the groups to
                 which users belong and (2) generalize the notion of a
                 user-independent constraint. Class-independent
                 constraints are defined in terms of equivalence
                 relations over the set of users. We consider sets of
                 nested equivalence relations because this enables us to
                 model security requirements in hierarchical
                 organizations. We prove that WSP is fixed-parameter
                 tractable (FPT) for class-independent constraints
                 defined over nested equivalence relations and develop
                 an FPT algorithm to solve WSP instances incorporating
                 such constraints. We perform experiments to evaluate
                 the performance of our algorithm and compare it with
                 that of SAT4J, an off-the-shelf pseudo-Boolean SAT
                 solver. The results of these experiments demonstrate
                 that our algorithm significantly outperforms SAT4J for
                 many instances of WSP.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "8",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Gutierrez:2016:IDO,
  author =       "Christopher N. Gutierrez and Mohammed H. Almeshekah
                 and Eugene H. Spafford and Mikhail J. Atallah and Jeff
                 Avery",
  title =        "Inhibiting and Detecting Offline Password Cracking
                 Using {ErsatzPasswords}",
  journal =      j-TOPS,
  volume =       "19",
  number =       "3",
  pages =        "9:1--9:??",
  month =        dec,
  year =         "2016",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/2996457",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 3 09:09:39 MDT 2017",
  bibsource =    "http://portal.acm.org/;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "In this work, we present a simple, yet effective and
                 practical scheme to improve the security of stored
                 password hashes, increasing the difficulty to crack
                 passwords and exposing cracking attempts. We utilize a
                 hardware-dependent function (HDF), such as a physically
                 unclonable function (PUF) or a hardware security module
                 (HSM), at the authentication server to inhibit offline
                 password discovery. Additionally, a deception mechanism
                 is incorporated to alert administrators of cracking
                 attempts. Using an HDF to generate password hashes
                 hinders attackers from recovering the true passwords
                 without constant access to the HDF. Our scheme can
                 integrate with legacy systems without needing
                 additional servers, changing the structure of the
                 hashed password file, nor modifying client machines.
                 When using our scheme, the structure of the hashed
                 passwords file, e.g., etc/shadow or etc/master.passwd,
                 will appear no different than traditional hashed
                 password files.$^1$ However, when attackers exfiltrate
                 the hashed password file and attempt to crack it, the
                 passwords they will receive are ErsatzPasswords-``fake
                 passwords.'' The ErsatzPasswords scheme is flexible by
                 design, enabling it to be integrated into existing
                 authentication systems without changes to user
                 experience. The proposed scheme is integrated into the
                 pam\_unix module as well as two client/server
                 authentication schemes: Lightweight Directory Access
                 Protocol (LDAP) authentication and the Pythia
                 pseudorandom function (PRF) Service [Everspaugh et al.
                 2015]. The core library to support ErsatzPasswords
                 written in C and Python consists of 255 and 103 lines
                 of code, respectively. The integration of
                 ErsatzPasswords into each explored authentication
                 system required less than 100 lines of additional code.
                 Experimental evaluation of ErsatzPasswords shows an
                 increase in authentication latency on the order of
                 100ms, which maybe acceptable for real world systems.
                 We also describe a framework for implementing
                 ErsatzPasswords using a Trusted Platform Module
                 (TPM).",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "9",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Meutzner:2017:TIA,
  author =       "Hendrik Meutzner and Santosh Gupta and Viet-Hung
                 Nguyen and Thorsten Holz and Dorothea Kolossa",
  title =        "Toward Improved Audio {CAPTCHAs} Based on Auditory
                 Perception and Language Understanding",
  journal =      j-TOPS,
  volume =       "19",
  number =       "4",
  pages =        "10:1--10:??",
  month =        feb,
  year =         "2017",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/2856820",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 3 09:09:39 MDT 2017",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "A so-called completely automated public Turing test to
                 tell computers and humans apart (CAPTCHA) represents a
                 challenge-response test that is widely used on the
                 Internet to distinguish human users from fraudulent
                 computer programs, often referred to as bots. To enable
                 access for visually impaired users, most Web sites
                 utilize audio CAPTCHAs in addition to a conventional
                 image-based scheme. Recent research has shown that most
                 currently available audio CAPTCHAs are insecure, as
                 they can be broken by means of machine learning at
                 relatively low costs. Moreover, most audio CAPTCHAs
                 suffer from low human success rates that arise from
                 severe signal distortions. This article proposes two
                 different audio CAPTCHA schemes that systematically
                 exploit differences between humans and computers in
                 terms of auditory perception and language
                 understanding, yielding a better trade-off between
                 usability and security as compared to currently
                 available schemes. Furthermore, we provide an elaborate
                 analysis of Google's prominent reCAPTCHA that serves as
                 a baseline setting when evaluating our proposed CAPTCHA
                 designs.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "10",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Shokri:2017:PGA,
  author =       "Reza Shokri and George Theodorakopoulos and Carmela
                 Troncoso",
  title =        "Privacy Games Along Location Traces: a Game-Theoretic
                 Framework for Optimizing Location Privacy",
  journal =      j-TOPS,
  volume =       "19",
  number =       "4",
  pages =        "11:1--11:??",
  month =        feb,
  year =         "2017",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3009908",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 3 09:09:39 MDT 2017",
  bibsource =    "http://portal.acm.org/;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "The mainstream approach to protecting the privacy of
                 mobile users in location-based services (LBSs) is to
                 alter (e.g., perturb, hide, and so on) the users'
                 actual locations in order to reduce exposed sensitive
                 information. In order to be effective, a
                 location-privacy preserving mechanism must consider
                 both the privacy and utility requirements of each user,
                 as well as the user's overall exposed locations (which
                 contribute to the adversary's background knowledge). In
                 this article, we propose a methodology that enables the
                 design of optimal user-centric location obfuscation
                 mechanisms respecting each individual user's service
                 quality requirements, while maximizing the expected
                 error that the optimal adversary incurs in
                 reconstructing the user's actual trace. A key advantage
                 of a user-centric mechanism is that it does not depend
                 on third-party proxies or anonymizers; thus, it can be
                 directly integrated in the mobile devices that users
                 employ to access LBSs. Our methodology is based on the
                 mutual optimization of user/adversary objectives
                 (maximizing location privacy versus minimizing
                 localization error) formalized as a Stackelberg
                 Bayesian game. This formalization makes our solution
                 robust against any location inference attack, that is,
                 the adversary cannot decrease the user's privacy by
                 designing a better inference algorithm as long as the
                 obfuscation mechanism is designed according to our
                 privacy games. We develop two linear programs that
                 solve the location privacy game and output the optimal
                 obfuscation strategy and its corresponding optimal
                 inference attack. These linear programs are used to
                 design location privacy--preserving mechanisms that
                 consider the correlation between past, current, and
                 future locations of the user, thus can be tuned to
                 protect different privacy objectives along the user's
                 location trace. We illustrate the efficacy of the
                 optimal location privacy--preserving mechanisms
                 obtained with our approach against real location
                 traces, showing their performance in protecting users'
                 different location privacy objectives.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "11",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Argyros:2017:EPG,
  author =       "George Argyros and Theofilos Petsios and Suphannee
                 Sivakorn and Angelos D. Keromytis and Jason Polakis",
  title =        "Evaluating the Privacy Guarantees of Location
                 Proximity Services",
  journal =      j-TOPS,
  volume =       "19",
  number =       "4",
  pages =        "12:1--12:??",
  month =        feb,
  year =         "2017",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3007209",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 3 09:09:39 MDT 2017",
  bibsource =    "http://portal.acm.org/;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "Location-based services have become an integral part
                 of everyday life. To address the privacy issues that
                 emerge from the use and sharing of location
                 information, social networks and smartphone
                 applications have adopted location proximity schemes as
                 a means of balancing user privacy with utility.
                 Unfortunately, despite the extensive academic
                 literature on this topic, the schemes that large
                 service providers have adopted are not always designed
                 or implemented correctly, rendering users vulnerable to
                 location-disclosure attacks. Such attacks have recently
                 received major publicity as, in some cases, they even
                 exposed citizens of oppressive regimes to
                 life-threatening risks. In this article, we
                 systematically assess the defenses that popular
                 location-based services and mobile applications deploy
                 to guard against adversaries seeking to identify a
                 user's location. We provide the theoretical foundations
                 for formalizing the privacy guarantees of currently
                 adopted proximity models, design practical attacks for
                 each case, and prove tight bounds on the number of
                 queries required for carrying out successful attacks in
                 practice. To evaluate the completeness of our approach,
                 we conduct extensive experiments against popular
                 services including Facebook, Foursquare, and Grindr.
                 Our results demonstrate that, even though the
                 aforementioned services implement various
                 privacy-preserving techniques to protect their users,
                 they are still vulnerable to attacks. In particular, we
                 are able to pinpoint Facebook users within 5m of their
                 exact location. For Foursquare and Grindr, users are
                 pinpointed within 15m of their location in 90\% of the
                 cases, even with the strictest privacy settings
                 enabled. Our attacks are highly efficient and complete
                 within a few seconds. The severity of our findings was
                 acknowledged by Facebook and Foursquare, both of which
                 have followed our recommendations and adopted our
                 design of a safe proximity scheme in their production
                 systems. As the number of mobile applications offering
                 location functionality will continue to increase,
                 service providers and software developers must be able
                 to assess the privacy guarantees that their services
                 offer. To that end, we discuss viable defenses that can
                 be currently adopted by all major services, and provide
                 an open-source testing framework to be used by
                 researchers and service providers who wish to evaluate
                 the privacy-preserving properties of applications
                 offering proximity functionality.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "12",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Matsumoto:2017:ACG,
  author =       "Stephanos Matsumoto and Raphael M. Reischuk and Pawel
                 Szalachowski and Tiffany Hyun-Jin Kim and Adrian
                 Perrig",
  title =        "Authentication Challenges in a Global Environment",
  journal =      j-TOPS,
  volume =       "20",
  number =       "1",
  pages =        "1:1--1:??",
  month =        feb,
  year =         "2017",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3007208",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 3 09:09:40 MDT 2017",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "In this article, we address the problem of scaling
                 authentication for naming, routing, and end-entity (EE)
                 certification to a global environment in which
                 authentication policies and users' sets of trust roots
                 vary widely. The current mechanisms for authenticating
                 names (DNSSEC), routes (BGPSEC), and EE certificates
                 (TLS) do not support a coexistence of authentication
                 policies, affect the entire Internet when compromised,
                 cannot update trust root information efficiently, and
                 do not provide users with the ability to make flexible
                 trust decisions. We propose the Scalable Authentication
                 Infrastructure for Next-generation Trust (SAINT), which
                 partitions the Internet into groups with common, local
                 trust roots and isolates the effects of a compromised
                 trust root. SAINT requires groups with direct routing
                 connections to cross-sign each other for authentication
                 purposes, allowing diverse authentication policies
                 while keeping all entities' authentication information
                 globally discoverable. SAINT makes trust root
                 management a central part of the network architecture,
                 enabling trust root updates within seconds and allowing
                 users to make flexible trust decisions. SAINT operates
                 without a significant performance penalty and can be
                 deployed alongside existing infrastructures.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "1",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Wagner:2017:ESG,
  author =       "Isabel Wagner",
  title =        "Evaluating the Strength of Genomic Privacy Metrics",
  journal =      j-TOPS,
  volume =       "20",
  number =       "1",
  pages =        "2:1--2:??",
  month =        feb,
  year =         "2017",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3020003",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 3 09:09:40 MDT 2017",
  bibsource =    "http://portal.acm.org/;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "The genome is a unique identifier for human
                 individuals. The genome also contains highly sensitive
                 information, creating a high potential for misuse of
                 genomic data (for example, genetic discrimination). In
                 this article, we investigate how genomic privacy can be
                 measured in scenarios where an adversary aims to infer
                 a person's genomic markers by constructing probability
                 distributions on the values of genetic variations. We
                 measured the strength of privacy metrics by requiring
                 that metrics are monotonic with increasing adversary
                 strength and uncovered serious problems with several
                 existing metrics currently used to measure genomic
                 privacy. We provide suggestions on metric selection,
                 interpretation, and visualization and illustrate the
                 work flow using case studies for three real-world
                 diseases.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "2",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Humbert:2017:QIR,
  author =       "Mathias Humbert and Erman Ayday and Jean-Pierre Hubaux
                 and Amalio Telenti",
  title =        "Quantifying Interdependent Risks in Genomic Privacy",
  journal =      j-TOPS,
  volume =       "20",
  number =       "1",
  pages =        "3:1--3:??",
  month =        feb,
  year =         "2017",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3035538",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 3 09:09:40 MDT 2017",
  bibsource =    "http://portal.acm.org/;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "The rapid progress in human-genome sequencing is
                 leading to a high availability of genomic data. These
                 data is notoriously very sensitive and stable in time,
                 and highly correlated among relatives. In this article,
                 we study the implications of these familial
                 correlations on kin genomic privacy. We formalize the
                 problem and detail efficient reconstruction attacks
                 based on graphical models and belief propagation. With
                 our approach, an attacker can infer the genomes of the
                 relatives of an individual whose genome or phenotype
                 are observed by notably relying on Mendel's Laws,
                 statistical relationships between the genomic variants,
                 and between the genome and the phenotype. We evaluate
                 the effect of these dependencies on privacy with
                 respect to the amount of observed variants and the
                 relatives sharing them. We also study how the
                 algorithmic performance evolves when we take these
                 various relationships into account. Furthermore, to
                 quantify the level of genomic privacy as a result of
                 the proposed inference attack, we discuss possible
                 definitions of genomic privacy metrics, and compare
                 their values and evolution. Genomic data reveals
                 Mendelian disorders and the likelihood of developing
                 severe diseases, such as Alzheimer's. We also introduce
                 the quantification of health privacy, specifically, the
                 measure of how well the predisposition to a disease is
                 concealed from an attacker. We evaluate our approach on
                 actual genomic data from a pedigree and show the threat
                 extent by combining data gathered from a genome-sharing
                 website as well as an online social network.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "3",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Osterweil:2017:IAI,
  author =       "Leon J. Osterweil and Matt Bishop and Heather M.
                 Conboy and Huong Phan and Borislava I. Simidchieva and
                 George S. Avrunin and Lori A. Clarke and Sean Peisert",
  title =        "Iterative Analysis to Improve Key Properties of
                 Critical Human-Intensive Processes: an Election
                 Security Example",
  journal =      j-TOPS,
  volume =       "20",
  number =       "2",
  pages =        "5:1--5:??",
  month =        mar,
  year =         "2017",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3041041",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 3 09:09:40 MDT 2017",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "In this article, we present an approach for
                 systematically improving complex processes, especially
                 those involving human agents, hardware devices, and
                 software systems. We illustrate the utility of this
                 approach by applying it to part of an election process
                 and show how it can improve the security and
                 correctness of that subprocess. We use the Little-JIL
                 process definition language to create a precise and
                 detailed definition of the process. Given this process
                 definition, we use two forms of automated analysis to
                 explore whether specified key properties, such as
                 security and safety policies, can be undermined. First,
                 we use model checking to identify process execution
                 sequences that fail to conform to event-sequence
                 properties. After these are addressed, we apply fault
                 tree analysis to identify when the misperformance of
                 steps might allow undesirable outcomes, such as
                 security breaches. The results of these analyses can
                 provide assurance about the process; suggest areas for
                 improvement; and, when applied to a modified process
                 definition, evaluate proposed changes.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "5",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Noorman:2017:SLC,
  author =       "Job Noorman and Jo {Van Bulck} and Jan Tobias
                 M{\"u}hlberg and Frank Piessens and Pieter Maene and
                 Bart Preneel and Ingrid Verbauwhede and Johannes
                 G{\"o}tzfried and Tilo M{\"u}ller and Felix Freiling",
  title =        "{Sancus 2.0}: a Low-Cost Security Architecture for
                 {IoT} Devices",
  journal =      j-TOPS,
  volume =       "20",
  number =       "3",
  pages =        "7:1--7:??",
  month =        aug,
  year =         "2017",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3079763",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Dec 23 09:59:06 MST 2017",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "The Sancus security architecture for networked
                 embedded devices was proposed in 2013 at the USENIX
                 Security conference. It supports remote (even
                 third-party) software installation on devices while
                 maintaining strong security guarantees. More
                 specifically, Sancus can remotely attest to a software
                 provider that a specific software module is running
                 uncompromised and can provide a secure communication
                 channel between software modules and software
                 providers. Software modules can securely maintain local
                 state and can securely interact with other software
                 modules that they choose to trust. Over the past three
                 years, significant experience has been gained with
                 applications of Sancus, and several extensions of the
                 architecture have been investigated-both by the
                 original designers as well as by independent
                 researchers. Informed by these additional research
                 results, this journal version of the Sancus paper
                 describes an improved design and implementation,
                 supporting additional security guarantees (such as
                 confidential deployment) and a more efficient
                 cryptographic core. We describe the design of Sancus
                 2.0 (without relying on any prior knowledge of Sancus)
                 and develop and evaluate a prototype FPGA
                 implementation. The prototype extends an MSP430
                 processor with hardware support for the memory access
                 control and cryptographic functionality required to run
                 Sancus. We report on our experience using Sancus in a
                 variety of application scenarios and discuss some
                 important avenues of ongoing and future work.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "7",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Brandenburger:2017:DTC,
  author =       "Marcus Brandenburger and Christian Cachin and Nikola
                 Knezevi{\'c}",
  title =        "Don't Trust the Cloud, Verify: Integrity and
                 Consistency for Cloud Object Stores",
  journal =      j-TOPS,
  volume =       "20",
  number =       "3",
  pages =        "8:1--8:??",
  month =        aug,
  year =         "2017",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3079762",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Dec 23 09:59:06 MST 2017",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "Cloud services have turned remote computation into a
                 commodity and enable convenient online collaboration.
                 However, they require that clients fully trust the
                 service provider in terms of confidentiality,
                 integrity, and availability. Toward reducing this
                 dependency, this article introduces VICOS, a protocol
                 for verification of integrity and consistency for cloud
                 object storage that enables a group of mutually
                 trusting clients to detect data integrity and
                 consistency violations for a cloud object storage
                 service. It aims at services where multiple clients
                 cooperate on data stored remotely on a potentially
                 misbehaving service. VICOS enforces the consistency
                 notion of fork-linearizability, supports wait-free
                 client semantics for most operations, and reduces the
                 computation and communication overhead compared to
                 previous protocols. VICOS is based on a generic
                 authenticated data structure. Moreover, its operations
                 cover the hierarchical name space of a cloud object
                 store, supporting a real-world interface and not only a
                 simplistic abstraction. A prototype of VICOS that works
                 with the key-value store interface of commodity cloud
                 storage services has been implemented, and an
                 evaluation demonstrates its advantage compared to
                 existing systems.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "8",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Toreini:2017:TRP,
  author =       "Ehsan Toreini and Siamak F. Shahandashti and Feng
                 Hao",
  title =        "Texture to the Rescue: Practical Paper Fingerprinting
                 Based on Texture Patterns",
  journal =      j-TOPS,
  volume =       "20",
  number =       "3",
  pages =        "9:1--9:??",
  month =        aug,
  year =         "2017",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3092816",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Dec 23 09:59:06 MST 2017",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "In this article, we propose a novel paper
                 fingerprinting technique based on analyzing the
                 translucent patterns revealed when a light source
                 shines through the paper. These patterns represent the
                 inherent texture of paper, formed by the random
                 interleaving of wooden particles during the
                 manufacturing process. We show that these patterns can
                 be easily captured by a commodity camera and condensed
                 into a compact 2,048-bit fingerprint code. Prominent
                 works in this area (Nature 2005, IEEE S8P 2009, CCS
                 2011) have all focused on fingerprinting paper based on
                 the paper ``surface.'' We are motivated by the
                 observation that capturing the surface alone misses
                 important distinctive features such as the noneven
                 thickness, random distribution of impurities, and
                 different materials in the paper with varying
                 opacities. Through experiments, we demonstrate that the
                 embedded paper texture provides a more reliable source
                 for fingerprinting than features on the surface. Based
                 on the collected datasets, we achieve 0\% false
                 rejection and 0\% false acceptance rates. We further
                 report that our extracted fingerprints contain 807
                 degrees of freedom (DoF), which is much higher than the
                 249 DoF with iris codes (that have the same size of
                 2,048 bits). The high amount of DoF for texture-based
                 fingerprints makes our method extremely scalable for
                 recognition among very large databases; it also allows
                 secure usage of the extracted fingerprint in
                 privacy-preserving authentication schemes based on
                 error correction techniques.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "9",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Munoz-Gonzalez:2017:EAG,
  author =       "Luis Mu{\~n}oz-Gonz{\'a}lez and Daniele Sgandurra and
                 Andrea Paudice and Emil C. Lupu",
  title =        "Efficient Attack Graph Analysis through Approximate
                 Inference",
  journal =      j-TOPS,
  volume =       "20",
  number =       "3",
  pages =        "10:1--10:??",
  month =        aug,
  year =         "2017",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3105760",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Dec 23 09:59:06 MST 2017",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "Attack graphs provide compact representations of the
                 attack paths an attacker can follow to compromise
                 network resources from the analysis of network
                 vulnerabilities and topology. These representations are
                 a powerful tool for security risk assessment. Bayesian
                 inference on attack graphs enables the estimation of
                 the risk of compromise to the system's components given
                 their vulnerabilities and interconnections and accounts
                 for multi-step attacks spreading through the system.
                 While static analysis considers the risk posture at
                 rest, dynamic analysis also accounts for evidence of
                 compromise, for example, from Security Information and
                 Event Management software or forensic investigation.
                 However, in this context, exact Bayesian inference
                 techniques do not scale well. In this article, we show
                 how Loopy Belief Propagation-an approximate inference
                 technique-can be applied to attack graphs and that it
                 scales linearly in the number of nodes for both static
                 and dynamic analysis, making such analyses viable for
                 larger networks. We experiment with different
                 topologies and network clustering on synthetic Bayesian
                 attack graphs with thousands of nodes to show that the
                 algorithm's accuracy is acceptable and that it
                 converges to a stable solution. We compare sequential
                 and parallel versions of Loopy Belief Propagation with
                 exact inference techniques for both static and dynamic
                 analysis, showing the advantages and gains of
                 approximate inference techniques when scaling to larger
                 attack graphs.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "10",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Reaves:2017:MBM,
  author =       "Bradley Reaves and Jasmine Bowers and Nolen Scaife and
                 Adam Bates and Arnav Bhartiya and Patrick Traynor and
                 Kevin R. B. Butler",
  title =        "Mo(bile) Money, Mo(bile) Problems: Analysis of
                 Branchless Banking Applications",
  journal =      j-TOPS,
  volume =       "20",
  number =       "3",
  pages =        "11:1--11:??",
  month =        aug,
  year =         "2017",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3092368",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Dec 23 09:59:06 MST 2017",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "Mobile money, also known as branchless banking,
                 leverages ubiquitous cellular networks to bring
                 much-needed financial services to the unbanked in the
                 developing world. These services are often deployed as
                 smartphone apps, and although marketed as secure, these
                 applications are often not regulated as strictly as
                 traditional banks, leaving doubt about the truth of
                 such claims. In this article, we evaluate these claims
                 and perform the first in-depth measurement analysis of
                 branchless banking applications. We first perform an
                 automated analysis of all 46 known Android mobile money
                 apps across the 246 known mobile money providers from
                 2015. We then perform a comprehensive manual teardown
                 of the registration, login, and transaction procedures
                 of a diverse 15\% of these apps. We uncover pervasive
                 vulnerabilities spanning botched certification
                 validation, do-it-yourself cryptography, and other
                 forms of information leakage that allow an attacker to
                 impersonate legitimate users, modify transactions, and
                 steal financial records. These findings show that the
                 majority of these apps fail to provide the protections
                 needed by financial services. In an expanded
                 re-evaluation one year later, we find that these
                 systems have only marginally improved their security.
                 Additionally, we document our experiences working in
                 this sector for future researchers and provide
                 recommendations to improve the security of this
                 critical ecosystem. Finally, through inspection of
                 providers' terms of service, we also discover that
                 liability for these problems unfairly rests on the
                 shoulders of the customer, threatening to erode trust
                 in branchless banking and hinder efforts for global
                 financial inclusion.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "11",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Shu:2017:LSP,
  author =       "Xiaokui Shu and Danfeng (Daphne) Yao and Naren
                 Ramakrishnan and Trent Jaeger",
  title =        "Long-Span Program Behavior Modeling and Attack
                 Detection",
  journal =      j-TOPS,
  volume =       "20",
  number =       "4",
  pages =        "12:1--12:??",
  month =        oct,
  year =         "2017",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3105761",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Dec 23 09:59:06 MST 2017",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "Intertwined developments between program attacks and
                 defenses witness the evolution of program anomaly
                 detection methods. Emerging categories of program
                 attacks, e.g., non-control data attacks and
                 data-oriented programming, are able to comply with
                 normal trace patterns at local views. This article
                 points out the deficiency of existing program anomaly
                 detection models against new attacks and presents
                 long-span behavior anomaly detection (LAD), a model
                 based on mildly context-sensitive grammar verification.
                 The key feature of LAD is its reasoning of correlations
                 among arbitrary events that occurred in long program
                 traces. It extends existing correlation analysis
                 between events at a stack snapshot, e.g., paired call
                 and ret, to correlation analysis among events that
                 historically occurred during the execution. The
                 proposed method leverages specialized machine learning
                 techniques to probe normal program behavior boundaries
                 in vast high-dimensional detection space. Its two-stage
                 modeling/detection design analyzes event correlation at
                 both binary and quantitative levels. Our prototype
                 successfully detects all reproduced real-world attacks
                 against sshd, libpcre, and sendmail. The detection
                 procedure incurs 0.1 ms to 1.3 ms overhead to profile
                 and analyze a single behavior instance that consists of
                 tens of thousands of function call or system call
                 events.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "12",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Ikram:2017:MCD,
  author =       "Muhammad Ikram and Lucky Onwuzurike and Shehroze
                 Farooqi and Emiliano {De Cristofaro} and Arik Friedman
                 and Guillaume Jourjon and Mohammed Ali Kaafar and M.
                 Zubair Shafiq",
  title =        "Measuring, Characterizing, and Detecting {Facebook}
                 Like Farms",
  journal =      j-TOPS,
  volume =       "20",
  number =       "4",
  pages =        "13:1--13:??",
  month =        oct,
  year =         "2017",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3121134",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Dec 23 09:59:06 MST 2017",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "Online social networks offer convenient ways to reach
                 out to large audiences. In particular, Facebook pages
                 are increasingly used by businesses, brands, and
                 organizations to connect with multitudes of users
                 worldwide. As the number of likes of a page has become
                 a de-facto measure of its popularity and profitability,
                 an underground market of services artificially
                 inflating page likes (``like farms '') has emerged
                 alongside Facebook's official targeted advertising
                 platform. Nonetheless, besides a few media reports,
                 there is little work that systematically analyzes
                 Facebook pages' promotion methods. Aiming to fill this
                 gap, we present a honeypot-based comparative
                 measurement study of page likes garnered via Facebook
                 advertising and from popular like farms. First, we
                 analyze likes based on demographic, temporal, and
                 social characteristics and find that some farms seem to
                 be operated by bots and do not really try to hide the
                 nature of their operations, while others follow a
                 stealthier approach, mimicking regular users' behavior.
                 Next, we look at fraud detection algorithms currently
                 deployed by Facebook and show that they do not work
                 well to detect stealthy farms that spread likes over
                 longer timespans and like popular pages to mimic
                 regular users. To overcome their limitations, we
                 investigate the feasibility of timeline-based detection
                 of like farm accounts, focusing on characterizing
                 content generated by Facebook accounts on their
                 timelines as an indicator of genuine versus fake social
                 activity. We analyze a wide range of features extracted
                 from timeline posts, which we group into two main
                 categories: lexical and non-lexical. We find that like
                 farm accounts tend to re-share content more often, use
                 fewer words and poorer vocabulary, and more often
                 generate duplicate comments and likes compared to
                 normal users. Using relevant lexical and non-lexical
                 features, we build a classifier to detect like farms
                 accounts that achieves a precision higher than 99\% and
                 a 93\% recall.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "13",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Polyakov:2017:FPR,
  author =       "Yuriy Polyakov and Kurt Rohloff and Gyana Sahu and
                 Vinod Vaikuntanathan",
  title =        "Fast Proxy Re-Encryption for Publish\slash Subscribe
                 Systems",
  journal =      j-TOPS,
  volume =       "20",
  number =       "4",
  pages =        "14:1--14:??",
  month =        oct,
  year =         "2017",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3128607",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Dec 23 09:59:06 MST 2017",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2010.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "We develop two IND-CPA-secure multihop unidirectional
                 Proxy Re-Encryption (PRE) schemes by applying the
                 Ring-LWE (RLWE) key switching approach from the
                 homomorphic encryption literature. Unidirectional PRE
                 is ideal for secure publish-subscribe operations where
                 a publisher encrypts information using a public key
                 without knowing upfront who the subscriber will be and
                 what private key will be used for decryption. The
                 proposed PRE schemes provide a multihop capability,
                 meaning that when PRE-encrypted information is
                 published onto a PRE-enabled server, the server can
                 either delegate access to specific clients or enable
                 other servers the right to delegate access. Our first
                 scheme (which we call NTRU-ABD-PRE) is based on a
                 variant of the NTRU-RLWE homomorphic encryption scheme.
                 Our second and main PRE scheme (which we call BV-PRE)
                 is built on top of the Brakerski-Vaikuntanathan (BV)
                 homomorphic encryption scheme and relies solely on the
                 RLWE assumption. We present an open-source C++
                 implementation of both schemes and discuss several
                 algorithmic and software optimizations. We examine
                 parameter selection tradeoffs in the context of
                 security, runtime/latency, throughput, ciphertext
                 expansion, memory usage, and multihop capabilities. Our
                 experimental analysis demonstrates that BV-PRE
                 outperforms NTRU-ABD-PRE in both single-hop and
                 multihop settings. The BV-PRE scheme has a lower time
                 and space complexity than existing IND-CPA-secure
                 lattice-based PRE schemes and requires small concrete
                 parameters, making the scheme computationally efficient
                 for use on low-resource embedded systems while still
                 providing 100 bits of security. We present practical
                 recommendations for applying the PRE schemes to several
                 use cases of ad hoc information sharing for
                 publish-subscribe operations.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "14",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Rullo:2017:POS,
  author =       "Antonino Rullo and Daniele Midi and Edoardo Serra and
                 Elisa Bertino",
  title =        "{Pareto} Optimal Security Resource Allocation for
                 {Internet of Things}",
  journal =      j-TOPS,
  volume =       "20",
  number =       "4",
  pages =        "15:1--15:??",
  month =        oct,
  year =         "2017",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3139293",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Dec 23 09:59:06 MST 2017",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "In many Internet of Thing (IoT) application domains
                 security is a critical requirement, because malicious
                 parties can undermine the effectiveness of IoT-based
                 systems by compromising single components and/or
                 communication channels. Thus, a security infrastructure
                 is needed to ensure the proper functioning of such
                 systems even under attack. However, it is also critical
                 that security be at a reasonable resource and energy
                 cost. In this article, we focus on the problem of
                 efficiently and effectively securing IoT networks by
                 carefully allocating security resources in the network
                 area. In particular, given a set of security resources
                 R and a set of attacks to be faced A, our method
                 chooses the subset of R that best addresses the attacks
                 in A, and the set of locations where to place them,
                 that ensure the security coverage of all IoT devices at
                 minimum cost and energy consumption. We model our
                 problem according to game theory and provide a
                 Pareto-optimal solution in which the cost of the
                 security infrastructure, its energy consumption, and
                 the probability of a successful attack are minimized.
                 Our experimental evaluation shows that our technique
                 improves the system robustness in terms of packet
                 delivery rate for different network topologies.
                 Furthermore, we also provide a method for handling the
                 computation of the resource allocation plan for
                 large-scale networks scenarios, where the optimization
                 problem may require an unreasonable amount of time to
                 be solved. We show how our proposed method drastically
                 reduces the computing time, while providing a
                 reasonable approximation of the optimal solution.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "15",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Su:2017:DPM,
  author =       "Dong Su and Jianneng Cao and Ninghui Li and Elisa
                 Bertino and Min Lyu and Hongxia Jin",
  title =        "Differentially Private {$K$}-Means Clustering and a
                 Hybrid Approach to Private Optimization",
  journal =      j-TOPS,
  volume =       "20",
  number =       "4",
  pages =        "16:1--16:??",
  month =        oct,
  year =         "2017",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3133201",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Dec 23 09:59:06 MST 2017",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  abstract =     "k -means clustering is a widely used clustering
                 analysis technique in machine learning. In this
                 article, we study the problem of differentially private
                 k -means clustering. Several state-of-the-art methods
                 follow the single-workload approach, which adapts an
                 existing machine-learning algorithm by making each step
                 private. However, most of them do not have satisfactory
                 empirical performance. In this work, we develop
                 techniques to analyze the empirical error behaviors of
                 one of the state-of-the-art single-workload approaches,
                 DPLloyd, which is a differentially private version of
                 the Lloyd algorithm for k {$>$}-means clustering. Based
                 on the analysis, we propose an improvement of DPLloyd.
                 We also propose a new algorithm for k -means clustering
                 from the perspective of the noninteractive approach,
                 which publishes a synopsis of the input dataset and
                 then runs k -means on synthetic data generated from the
                 synopsis. We denote this approach by EUGkM. After
                 analyzing the empirical error behaviors of EUGkM, we
                 further propose a hybrid approach that combines our
                 DPLloyd improvement and EUGkM. Results from extensive
                 and systematic experiments support our analysis and
                 demonstrate the effectiveness of the DPLloyd
                 improvement, EUGkM, and the hybrid approach.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "16",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Abdou:2018:SLV,
  author =       "Abdelrahman Abdou and P. C. {Van Oorschot}",
  title =        "Server Location Verification {(SLV)} and Server
                 Location Pinning: Augmenting {TLS} Authentication",
  journal =      j-TOPS,
  volume =       "21",
  number =       "1",
  pages =        "1:1--1:??",
  month =        jan,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3139294",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:23 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2010.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3139294",
  abstract =     "We introduce the first known mechanism providing
                 realtime server location verification. Its uses include
                 enhancing server authentication by enabling browsers to
                 automatically interpret server location information. We
                 describe the design of this new measurement-based
                 technique, Server Location Verification (SLV), and
                 evaluate it using PlanetLab. We explain how SLV is
                 compatible with the increasing trends of geographically
                 distributed content dissemination over the Internet,
                 without causing any new interoperability conflicts.
                 Additionally, we introduce the notion of (verifiable)
                 server location pinning (conceptually similar to
                 certificate pinning) to support SLV, and evaluate their
                 combined impact using a server-authentication
                 evaluation framework. The results affirm the addition
                 of new security benefits to the existing TLS-based
                 authentication mechanisms. We implement SLV through a
                 location verification service, the simplest version of
                 which requires no server-side changes. We also
                 implement a simple browser extension that interacts
                 seamlessly with the verification infrastructure to
                 obtain realtime server location-verification results.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "1",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Shi:2018:HAV,
  author =       "Hao Shi and Jelena Mirkovic and Abdulla Alwabel",
  title =        "Handling Anti-Virtual Machine Techniques in Malicious
                 Software",
  journal =      j-TOPS,
  volume =       "21",
  number =       "1",
  pages =        "2:1--2:??",
  month =        jan,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3139292",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:23 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib;
                 https://www.math.utah.edu/pub/tex/bib/virtual-machines.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3139292",
  abstract =     "Malware analysis relies heavily on the use of virtual
                 machines (VMs) for functionality and safety. There are
                 subtle differences in operation between virtual and
                 physical machines. Contemporary malware checks for
                 these differences and changes its behavior when it
                 detects a VM presence. These anti-VM techniques hinder
                 malware analysis. Existing research approaches to
                 uncover differences between VMs and physical machines
                 use randomized testing, and thus cannot guarantee
                 completeness. In this article, we propose a
                 detect-and-hide approach, which systematically
                 addresses anti-VM techniques in malware. First, we
                 propose cardinal pill testing -a modification of red
                 pill testing that aims to enumerate the differences
                 between a given VM and a physical machine through
                 carefully designed tests. Cardinal pill testing finds
                 five times more pills by running 15 times fewer tests
                 than red pill testing. We examine the causes of pills
                 and find that, while the majority of them stem from the
                 failure of VMs to follow CPU specifications, a small
                 number stem from under-specification of certain
                 instructions by the Intel manual. This leads to
                 divergent implementations in different CPU and VM
                 architectures. Cardinal pill testing successfully
                 enumerates the differences that stem from the first
                 cause. Finally, we propose VM Cloak -a WinDbg plug-in
                 which hides the presence of VMs from malware. VM Cloak
                 monitors each execute malware command, detects
                 potential pills, and at runtime modifies the command's
                 outcomes to match those that a physical machine would
                 generate. We implemented VM Cloak and verified that it
                 successfully hides VM presence from malware.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "2",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Gong:2018:AIA,
  author =       "Neil Zhenqiang Gong and Bin Liu",
  title =        "Attribute Inference Attacks in Online Social
                 Networks",
  journal =      j-TOPS,
  volume =       "21",
  number =       "1",
  pages =        "3:1--3:??",
  month =        jan,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3154793",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:23 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3154793",
  abstract =     "We propose new privacy attacks to infer attributes
                 (e.g., locations, occupations, and interests) of online
                 social network users. Our attacks leverage seemingly
                 innocent user information that is publicly available in
                 online social networks to infer missing attributes of
                 targeted users. Given the increasing availability of
                 (seemingly innocent) user information online, our
                 results have serious implications for Internet
                 privacy-private attributes can be inferred from users'
                 publicly available data unless we take steps to protect
                 users from such inference attacks. To infer attributes
                 of a targeted user, existing inference attacks leverage
                 either the user's publicly available social friends or
                 the user's behavioral records (e.g., the web pages that
                 the user has liked on Facebook, the apps that the user
                 has reviewed on Google Play), but not both. As we will
                 show, such inference attacks achieve limited success
                 rates. However, the problem becomes qualitatively
                 different if we consider both social friends and
                 behavioral records. To address this challenge, we
                 develop a novel model to integrate social friends and
                 behavioral records, and design new attacks based on our
                 model. We theoretically and experimentally demonstrate
                 the effectiveness of our attacks. For instance, we
                 observe that, in a real-world large-scale dataset with
                 1.1 million users, our attack can correctly infer the
                 cities a user lived in for 57\% of the users; via
                 confidence estimation, we are able to increase the
                 attack success rate to over 90\% if the attacker
                 selectively attacks half of the users. Moreover, we
                 show that our attack can correctly infer attributes for
                 significantly more users than previous attacks.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "3",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Botacin:2018:EBM,
  author =       "Marcus Botacin and Paulo L{\'\i}cio {De Geus} and
                 Andr{\'e} Gr{\'e}gio",
  title =        "Enhancing Branch Monitoring for Security Purposes:
                 From Control Flow Integrity to Malware Analysis and
                 Debugging",
  journal =      j-TOPS,
  volume =       "21",
  number =       "1",
  pages =        "4:1--4:??",
  month =        jan,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3152162",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:23 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3152162",
  abstract =     "Malware and code-reuse attacks are the most
                 significant threats to current systems operation.
                 Solutions developed to countermeasure them have their
                 weaknesses exploited by attackers through sandbox
                 evasion and antidebug crafting. To address such
                 weaknesses, we propose a framework that relies on the
                 modern processors' branch monitor feature to allow us
                 to analyze malware while reducing evasion effects. The
                 use of hardware assistance aids in increasing
                 stealthiness, a key feature for debuggers, as modern
                 software (malicious or benign) may be antianalysis
                 armored. We achieve stealthier code execution control
                 by using the branch monitor hardware's inherent
                 interrupt capabilities, keeping the code under
                 execution intact. Previous works on branch monitoring
                 have already addressed the ROP attack problem but
                 require code injection and/or are limited in their
                 capture window size. Therefore, we also propose a ROP
                 detector without these limitations.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "4",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Bhattacharya:2018:UPC,
  author =       "Sarani Bhattacharya and Debdeep Mukhopadhyay",
  title =        "Utilizing Performance Counters for Compromising Public
                 Key Ciphers",
  journal =      j-TOPS,
  volume =       "21",
  number =       "1",
  pages =        "5:1--5:??",
  month =        jan,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3156015",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:23 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2010.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3156015",
  abstract =     "Hardware performance counters (HPCs) are useful
                 artifacts for evaluating the performance of software
                 implementations. Recently, HPCs have been made more
                 convenient to use without requiring explicit kernel
                 patches or superuser privileges. However, in this
                 article, we highlight that the information revealed by
                 HPCs can be also exploited to attack standard
                 implementations of public key algorithms. In
                 particular, we analyze the vulnerability due to the
                 event branch miss leaked via the HPCs during execution
                 of the target ciphers. We present an iterative attack
                 that targets the key bits of 1,024-bit RSA and 256-bit
                 ECC, whereas in the offline phase, the system's
                 underlying branch predictor is approximated by a
                 theoretical predictor in the literature. Subsimulations
                 are performed corresponding to each bit guess to
                 classify the message space into distinct partitions
                 based on the event branch misprediction and the target
                 key bit value. In the online phase, branch
                 mispredictions obtained from the hardware performance
                 monitors on the target system reveal the secret key
                 bits. We also theoretically prove that the probability
                 of success of the attack is equivalent to the accurate
                 modeling of the theoretical predictor to the underlying
                 system predictor. In addition, we propose an improved
                 version of the attack that requires fewer branch
                 misprediction traces from the HPCs to recover the
                 secret. Experimentations using both attack strategies
                 have been provided on Intel Core 2 Duo, Core i3, and
                 Core i5 platforms for 1,024-bit implementation of RSA
                 and 256-bit scalar multiplication over the secp 256 r 1
                 curve followed by results on the effect of change of
                 parameters on the success rate. The attack can
                 successfully reveal the exponent bits and thus seeks
                 attention to model secure branch predictors such that
                 it inherently prevents information leakage.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "5",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Zhang:2018:ISP,
  author =       "Yihua Zhang and Marina Blanton and Ghada Almashaqbeh",
  title =        "Implementing Support for Pointers to Private Data in a
                 General-Purpose Secure Multi-Party Compiler",
  journal =      j-TOPS,
  volume =       "21",
  number =       "2",
  pages =        "6:1--6:??",
  month =        feb,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3154600",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:23 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3154600",
  abstract =     "Recent compilers allow a general-purpose program
                 (written in a conventional programming language) that
                 handles private data to be translated into a secure
                 distributed implementation of the corresponding
                 functionality. The resulting program is then guaranteed
                 to provably protect private data using secure
                 multi-party computation techniques. The goals of such
                 compilers are generality, usability, and efficiency,
                 but the complete set of features of a modern
                 programming language has not been supported to date by
                 the existing compilers. In particular, recent compilers
                 PICCO and the two-party ANSI C compiler strive to
                 translate any C program into its secure multi-party
                 implementation, but they currently lack support for
                 pointers and dynamic memory allocation, which are
                 important components of many C programs. In this work,
                 we mitigate the limitation and add support for pointers
                 to private data and consequently dynamic memory
                 allocation to the PICCO compiler, enabling it to handle
                 a more diverse set of programs over private data.
                 Because doing so opens up a new design space, we
                 investigate the use of pointers to private data (with
                 known as well as private locations stored in them) in
                 programs and report our findings. Aside from dynamic
                 memory allocation, we examine other important topics
                 associated with common pointer use such as reference by
                 pointer/address, casting, and building various data
                 structures in the context of secure multi-party
                 computation. This results in enabling the compiler to
                 automatically translate a user program that uses
                 pointers to private data into its distributed
                 implementation that provably protects private data
                 throughout the computation. We empirically evaluate the
                 constructions and report on the performance of
                 representative programs.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "6",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Pinkas:2018:SPS,
  author =       "Benny Pinkas and Thomas Schneider and Michael Zohner",
  title =        "Scalable Private Set Intersection Based on {OT}
                 Extension",
  journal =      j-TOPS,
  volume =       "21",
  number =       "2",
  pages =        "7:1--7:??",
  month =        feb,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3154794",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:23 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/hash.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3154794",
  abstract =     "Private set intersection (PSI) allows two parties to
                 compute the intersection of their sets without
                 revealing any information about items that are not in
                 the intersection. It is one of the best studied
                 applications of secure computation and many PSI
                 protocols have been proposed. However, the variety of
                 existing PSI protocols makes it difficult to identify
                 the solution that performs best in a respective
                 scenario, especially since they were not compared in
                 the same setting. In addition, existing PSI protocols
                 are several orders of magnitude slower than an insecure
                 na{\"\i}ve hashing solution, which is used in practice.
                 In this article, we review the progress made on PSI
                 protocols and give an overview of existing protocols in
                 various security models. We then focus on PSI protocols
                 that are secure against semi-honest adversaries and
                 take advantage of the most recent efficiency
                 improvements in Oblivious Transfer (OT) extension,
                 propose significant optimizations to previous PSI
                 protocols, and suggest a new PSI protocol whose runtime
                 is superior to that of existing protocols. We compare
                 the performance of the protocols, both theoretically
                 and experimentally, by implementing all protocols on
                 the same platform, give recommendations on which
                 protocol to use in a particular setting, and evaluate
                 the progress on PSI protocols by comparing them to the
                 currently employed insecure na{\"\i}ve hashing
                 protocol. We demonstrate the feasibility of our new PSI
                 protocol by processing two sets with a billion elements
                 each.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "7",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Alrabaee:2018:FRE,
  author =       "Saed Alrabaee and Paria Shirani and Lingyu Wang and
                 Mourad Debbabi",
  title =        "{FOSSIL}: A Resilient and Efficient System for
                 Identifying {FOSS} Functions in Malware Binaries",
  journal =      j-TOPS,
  volume =       "21",
  number =       "2",
  pages =        "8:1--8:??",
  month =        feb,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3175492",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:23 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/gnu.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3175492",
  abstract =     "Identifying free open-source software (FOSS) packages
                 on binaries when the source code is unavailable is
                 important for many security applications, such as
                 malware detection, software infringement, and digital
                 forensics. This capability enhances both the accuracy
                 and the efficiency of reverse engineering tasks by
                 avoiding false correlations between irrelevant code
                 bases. Although the FOSS package identification problem
                 belongs to the field of software engineering,
                 conventional approaches rely strongly on practical
                 methods in data mining and database searching. However,
                 various challenges in the use of these methods prevent
                 existing function identification approaches from being
                 effective in the absence of source code. To make
                 matters worse, the introduction of obfuscation
                 techniques, the use of different compilers and
                 compilation settings, and software refactoring
                 techniques has made the automated detection of FOSS
                 packages increasingly difficult. With very few
                 exceptions, the existing systems are not resilient to
                 such techniques, and the exceptions are not
                 sufficiently efficient. To address this issue, we
                 propose FOSSIL, a novel resilient and efficient system
                 that incorporates three components. The first component
                 extracts the syntactical features of functions by
                 considering opcode frequencies and applying a hidden
                 Markov model statistical test. The second component
                 applies a neighborhood hash graph kernel to random
                 walks derived from control-flow graphs, with the goal
                 of extracting the semantics of the functions. The third
                 component applies z-score to the normalized
                 instructions to extract the behavior of instructions in
                 a function. The components are integrated using a
                 Bayesian network model, which synthesizes the results
                 to determine the FOSS function. The novel approach of
                 combining these components using the Bayesian network
                 has produced stronger resilience to code obfuscation.
                 We evaluate our system on three datasets, including
                 real-world projects whose use of FOSS packages is
                 known, malware binaries for which there are security
                 and reverse engineering reports purporting to describe
                 their use of FOSS, and a large repository of malware
                 binaries. We demonstrate that our system is able to
                 identify FOSS packages in real-world projects with a
                 mean precision of 0.95 and with a mean recall of 0.85.
                 Furthermore, FOSSIL is able to discover FOSS packages
                 in malware binaries that match those listed in security
                 and reverse engineering reports. Our results show that
                 modern malware binaries contain 0.10--0.45 of FOSS
                 packages.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "8",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Giacobazzi:2018:ANI,
  author =       "Roberto Giacobazzi and Isabella Mastroeni",
  title =        "Abstract Non-Interference: A Unifying Framework for
                 Weakening Information-flow",
  journal =      j-TOPS,
  volume =       "21",
  number =       "2",
  pages =        "9:1--9:??",
  month =        feb,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3175660",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:23 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3175660",
  abstract =     "Non-interference happens when some elements of a
                 dynamic system do not interfere, i.e., do not affect,
                 other elements in the same system. Originally
                 introduced in language-based security, non-interference
                 means that the manipulation of private information has
                 no effect on public observations of data. In this
                 article, we introduce abstract non-interference as a
                 weakening of non-interference by abstract
                 interpretation. Abstract non-interference is parametric
                 on which private information we want to protect and
                 which are the observational capabilities of the
                 external observer, i.e., what the attacker can observe
                 of a computation and of the data manipulated during the
                 computation. This allows us to model a variety of
                 situations in information-flow security, where the
                 security of a system can be mastered by controlling the
                 degree of precision of the strongest harmless attacker
                 and the properties that are potentially leaked in case
                 of successful attack.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "9",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Son:2018:GFD,
  author =       "Yunmok Son and Juhwan Noh and Jaeyeong Choi and
                 Yongdae Kim",
  title =        "{GyrosFinger}: Fingerprinting Drones for Location
                 Tracking Based on the Outputs of {MEMS} Gyroscopes",
  journal =      j-TOPS,
  volume =       "21",
  number =       "2",
  pages =        "10:1--10:??",
  month =        feb,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3177751",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:23 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2010.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3177751",
  abstract =     "Drones are widely used for various purposes such as
                 delivery, aerial photography, and surveillance.
                 Considering the increasing drone-related services,
                 tracking the locations of drones can cause security
                 threats such as escaping from drone surveillance,
                 disturbing drone-related services, and capturing
                 drones. For wirelessly monitoring the status of drones,
                 telemetry is used, and this status information contains
                 various data such as latitude and longitude, calibrated
                 sensor outputs, and sensor offsets. Because most of the
                 telemetry implementation supports neither
                 authentication nor encryption, an attacker can obtain
                 the status information of the drones by using an
                 appropriate wireless communication device such as
                 software-defined radio. While the attacker knows the
                 locations of the drones from the status information,
                 this information is not sufficient for tracking drones
                 because the status information does not include any
                 identity information that can bind the identity of the
                 drone with its location. \In this article, we propose a
                 fingerprinting method for drones in motion for the
                 binding of the identity of the drone with its location.
                 Our fingerprinting method is based on the sensor
                 outputs included in the status information, i.e., the
                 offsets of micro-electro mechanical systems (MEMS)
                 gyroscope, an essential sensor for maintaining the
                 attitude of drones. We found that the offsets of MEMS
                 gyroscopes are different from each other because of
                 manufacturing mismatches, and the offsets of five
                 drones obtained through their telemetry are
                 distinguishable and constant during their flights. To
                 evaluate the performance of our fingerprinting method
                 on a larger scale, we collected the offsets from 70
                 stand-alone MEMS gyroscopes to generate fingerprints.
                 Our experimental results show that, when using the
                 offsets of three and two axes calculated from 128
                 samples of the raw outputs per axis as fingerprints,
                 the F-scores of the proposed method reach 98.78\% and
                 94.47\%, respectively. The offsets collected after a
                 month are also fingerprinted with F-scores of 96.58\%
                 and 78.45\% under the same condition, respectively. The
                 proposed fingerprinting method is effective, robust,
                 and persistent. Additionally, unless the MEMS gyroscope
                 is not replaced, our fingerprinting method can be used
                 for drone tracking even when the target drones are
                 flying.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "10",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Carminati:2018:SEB,
  author =       "Michele Carminati and Mario Polino and Andrea
                 Continella and Andrea Lanzi and Federico Maggi and
                 Stefano Zanero",
  title =        "Security Evaluation of a Banking Fraud Analysis
                 System",
  journal =      j-TOPS,
  volume =       "21",
  number =       "3",
  pages =        "11:1--11:??",
  month =        jun,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3178370",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:24 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3178370",
  abstract =     "The significant growth of banking fraud, fueled by the
                 underground economy of malware, has raised the need for
                 effective detection systems. Therefore, in the last few
                 years, banks have upgraded their security to protect
                 transactions from fraud. State-of-the-art solutions
                 detect fraud as deviations from customers' spending
                 habits. To the best of our knowledge, almost all
                 existing approaches do not provide an in-depth model's
                 granularity and security analysis against elusive
                 attacks. In this article, we examine Banksealer, a
                 decision support system for banking fraud analysis that
                 evaluates the influence on detection performance of the
                 granularity at which spending habits are modeled and
                 its security against evasive attacks. First, we compare
                 user-centric modeling, which builds a model for each
                 user, with system-centric modeling, which builds a
                 model for the entire system, from the point of view of
                 detection performance. Then, we assess the robustness
                 of Banksealer against malicious attackers that are
                 aware of the structure of the models in use. To this
                 end, we design and implement a proof-of-concept attack
                 tool that performs mimicry attacks, emulating a
                 sophisticated attacker that cloaks frauds to avoid
                 detection. We experimentally confirm the feasibility of
                 such attacks, their cost, and the effort required by an
                 attacker in order to perform them. In addition, we
                 discuss possible countermeasures. We provide a
                 comprehensive evaluation on a large real-world dataset
                 obtained from one of the largest Italian banks.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "11",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Kelbert:2018:DUC,
  author =       "Florian Kelbert and Alexander Pretschner",
  title =        "Data Usage Control for Distributed Systems",
  journal =      j-TOPS,
  volume =       "21",
  number =       "3",
  pages =        "12:1--12:??",
  month =        jun,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3183342",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:24 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3183342",
  abstract =     "Data usage control enables data owners to enforce
                 policies over how their data may be used after they
                 have been released and accessed. We address distributed
                 aspects of this problem, which arise if the protected
                 data reside within multiple systems. We contribute by
                 formalizing, implementing, and evaluating a fully
                 decentralized system that (i) generically and
                 transparently tracks protected data across systems,
                 (ii) propagates data usage policies along, and (iii)
                 efficiently and preventively enforces policies in a
                 decentralized manner. The evaluation shows that (i)
                 dataflow tracking and policy propagation achieve a
                 throughput of 21--54\% of native execution and (ii)
                 decentralized policy enforcement outperforms a
                 centralized approach in many situations.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "12",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Stobert:2018:PLC,
  author =       "Elizabeth Stobert and Robert Biddle",
  title =        "The Password Life Cycle",
  journal =      j-TOPS,
  volume =       "21",
  number =       "3",
  pages =        "13:1--13:??",
  month =        jun,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3183341",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:24 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3183341",
  abstract =     "Managing passwords is a difficult task for users, who
                 must create, remember, and keep track of large numbers
                 of passwords. In this work, we investigated users'
                 coping strategies for password management. Through a
                 series of interviews, we identified a ``life cycle'' of
                 password use and find that users' central task in
                 coping with their passwords is rationing their effort
                 to best protect their important accounts. We followed
                 up this work by interviewing experts about their
                 password management practices and found that experts
                 rely on the same kinds of coping strategies as
                 non-experts, but that their increased situation
                 awareness of security allows them to better ration
                 their effort into protecting their accounts. Finally,
                 we conducted a survey study to explore how the life
                 cycle model generalizes to the larger population and
                 find that the life cycle and rationing patterns can be
                 seen in the broader population, but that survey
                 respondents were less likely to characterize security
                 management as a challenging task.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "13",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Wei:2018:APG,
  author =       "Fengguo Wei and Sankardas Roy and Xinming Ou and
                 Robby",
  title =        "{Amandroid}: A Precise and General Inter-component
                 Data Flow Analysis Framework for Security Vetting of
                 {Android} Apps",
  journal =      j-TOPS,
  volume =       "21",
  number =       "3",
  pages =        "14:1--14:??",
  month =        jun,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3183575",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:24 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3183575",
  abstract =     "We present a new approach to static analysis for
                 security vetting of Android apps and a general
                 framework called Amandroid. Amandroid determines
                 points-to information for all objects in an Android app
                 component in a flow and context-sensitive
                 (user-configurable) way and performs data flow and data
                 dependence analysis for the component. Amandroid also
                 tracks inter-component communication activities. It can
                 stitch the component-level information into the
                 app-level information to perform intra-app or inter-app
                 analysis. In this article, (a) we show that the
                 aforementioned type of comprehensive app analysis is
                 completely feasible in terms of computing resources
                 with modern hardware, (b) we demonstrate that one can
                 easily leverage the results from this general analysis
                 to build various types of specialized security
                 analyses-in many cases the amount of additional coding
                 needed is around 100 lines of code, and (c) the result
                 of those specialized analyses leveraging Amandroid is
                 at least on par and often exceeds prior works designed
                 for the specific problems, which we demonstrate by
                 comparing Amandroid's results with those of prior works
                 whenever we can obtain the executable of those tools.
                 Since Amandroid's analysis directly handles
                 inter-component control and data flows, it can be used
                 to address security problems that result from
                 interactions among multiple components from either the
                 same or different apps. Amandroid's analysis is sound
                 in that it can provide assurance of the absence of the
                 specified security problems in an app with
                 well-specified and reasonable assumptions on Android
                 runtime system and its library.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "14",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Zhao:2018:FFI,
  author =       "Siqi Zhao and Xuhua Ding",
  title =        "{FIMCE}: A Fully Isolated Micro-Computing Environment
                 for Multicore Systems",
  journal =      j-TOPS,
  volume =       "21",
  number =       "3",
  pages =        "15:1--15:??",
  month =        jun,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3195181",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:24 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3195181",
  abstract =     "Virtualization-based memory isolation has been widely
                 used as a security primitive in various security
                 systems to counter kernel-level attacks. In this
                 article, our in-depth analysis on this primitive shows
                 that its security is significantly undermined in the
                 multicore setting when other hardware resources for
                 computing are not enclosed within the isolation
                 boundary. We thus propose to construct a fully isolated
                 micro-computing environment (FIMCE) as a new primitive.
                 By virtue of its architectural niche, FIMCE not only
                 offers stronger security assurance than its
                 predecessor, but also features a flexible and
                 composable environment with support for peripheral
                 device isolation, thus greatly expanding the scope of
                 applications. In addition, FIMCE can be integrated with
                 recent technologies such as Intel Software Guard
                 Extensions (SGX) to attain even stronger security
                 guarantees. We have built a prototype of FIMCE with a
                 bare-metal hypervisor. To show the benefits of using
                 FIMCE as a building block, we have also implemented
                 four applications which are difficult to construct
                 using the existing memory isolation method. Experiments
                 with these applications demonstrate that FIMCE imposes
                 less than 1\% overhead on single-threaded applications,
                 while the maximum performance loss on multithreaded
                 applications is bounded by the degree of parallelism at
                 the processor level.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "15",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Farris:2018:VSV,
  author =       "Katheryn A. Farris and Ankit Shah and George Cybenko
                 and Rajesh Ganesan and Sushil Jajodia",
  title =        "{VULCON}: A System for Vulnerability Prioritization,
                 Mitigation, and Management",
  journal =      j-TOPS,
  volume =       "21",
  number =       "4",
  pages =        "16:1--16:??",
  month =        oct,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3196884",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:24 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3196884",
  abstract =     "Vulnerability remediation is a critical task in
                 operational software and network security management.
                 In this article, an effective vulnerability management
                 strategy, called VULCON (VULnerability CONtrol), is
                 developed and evaluated. The strategy is based on two
                 fundamental performance metrics: (1)
                 time-to-vulnerability remediation (TVR) and (2) total
                 vulnerability exposure (TVE). VULCON takes as input
                 real vulnerability scan reports, metadata about the
                 discovered vulnerabilities, asset criticality, and
                 personnel resources. VULCON uses a mixed-integer
                 multiobjective optimization algorithm to prioritize
                 vulnerabilities for patching, such that the above
                 performance metrics are optimized subject to the given
                 resource constraints. VULCON has been tested on
                 multiple months of real scan data from a cyber-security
                 operations center (CSOC). Results indicate an overall
                 TVE reduction of 8.97\% when VULCON optimizes a
                 realistic security analyst workforce's effort.
                 Additionally, VULCON demonstrates that it can determine
                 monthly resources required to maintain a target TVE
                 score. As such, VULCON provides valuable operational
                 guidance for improving vulnerability response processes
                 in CSOCs.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "16",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Kim:2018:EPP,
  author =       "Jinsu Kim and Dongyoung Koo and Yuna Kim and Hyunsoo
                 Yoon and Junbum Shin and Sungwook Kim",
  title =        "Efficient Privacy-Preserving Matrix Factorization for
                 Recommendation via Fully Homomorphic Encryption",
  journal =      j-TOPS,
  volume =       "21",
  number =       "4",
  pages =        "17:1--17:??",
  month =        oct,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3212509",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:24 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2010.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3212509",
  abstract =     "There are recommendation systems everywhere in our
                 daily life. The collection of personal data of users by
                 a recommender in the system may cause serious privacy
                 issues. In this article, we propose the first
                 privacy-preserving matrix factorization for
                 recommendation using fully homomorphic encryption. Our
                 protocol performs matrix factorization over encrypted
                 users' rating data and returns encrypted outputs so
                 that the recommendation system learns nothing on rating
                 values and resulting user/item profiles. Furthermore,
                 the protocol provides a privacy-preserving method to
                 optimize the tuning parameters that can be a business
                 benefit for the recommendation service providers. To
                 overcome the performance degradation caused by the use
                 of fully homomorphic encryption, we introduce a novel
                 data structure to perform computations over encrypted
                 vectors, which are essential for matrix factorization,
                 through secure two-party computation in part. Our
                 experiments demonstrate the efficiency of our
                 protocol.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "17",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Levesque:2018:THF,
  author =       "Fanny Lalonde L{\'e}vesque and Sonia Chiasson and Anil
                 Somayaji and Jos{\'e} M. Fernandez",
  title =        "Technological and Human Factors of Malware Attacks: A
                 Computer Security Clinical Trial Approach",
  journal =      j-TOPS,
  volume =       "21",
  number =       "4",
  pages =        "18:1--18:??",
  month =        oct,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3210311",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:24 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3210311",
  abstract =     "The success (or failure) of malware attacks depends
                 upon both technological and human factors. The most
                 security-conscious users are susceptible to unknown
                 vulnerabilities, and even the best security mechanisms
                 can be circumvented as a result of user actions.
                 Although there has been significant research on the
                 technical aspects of malware attacks and defence, there
                 has been much less research on how users interact with
                 both malware and current malware defences. This article
                 describes a field study designed to examine the
                 interactions between users, antivirus (AV) software,
                 and malware as they occur on deployed systems. In a
                 fashion similar to medical studies that evaluate the
                 efficacy of a particular treatment, our experiment
                 aimed to assess the performance of AV software and the
                 human risk factors of malware attacks. The 4-month
                 study involved 50 home users who agreed to use laptops
                 that were instrumented to monitor for possible malware
                 attacks and gather data on user behaviour. This study
                 provided some very interesting, non-intuitive insights
                 into the efficacy of AV software and human risk
                 factors. AV performance was found to be lower under
                 real-life conditions compared to tests conducted in
                 controlled conditions. Moreover, computer expertise,
                 volume of network usage, and peer-to-peer activity were
                 found to be significant correlates of malware attacks.
                 We assert that this work shows the viability and the
                 merits of evaluating security products, techniques, and
                 strategies to protect systems through long-term field
                 studies with greater ecological validity than can be
                 achieved through other means.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "18",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Ye:2018:VBA,
  author =       "Guixin Ye and Zhanyong Tang and Dingyi Fang and
                 Xiaojiang Chen and Willy Wolff and Adam J. Aviv and
                 Zheng Wang",
  title =        "A Video-based Attack for {Android} Pattern Lock",
  journal =      j-TOPS,
  volume =       "21",
  number =       "4",
  pages =        "19:1--19:??",
  month =        oct,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3230740",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:24 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2010.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3230740",
  abstract =     "Pattern lock is widely used for identification and
                 authentication on Android devices. This article
                 presents a novel video-based side channel attack that
                 can reconstruct Android locking patterns from video
                 footage filmed using a smartphone. As a departure from
                 previous attacks on pattern lock, this new attack does
                 not require the camera to capture any content displayed
                 on the screen. Instead, it employs a computer vision
                 algorithm to track the fingertip movement trajectory to
                 infer the pattern. Using the geometry information
                 extracted from the tracked fingertip motions, the
                 method can accurately infer a small number of (often
                 one) candidate patterns to be tested by an attacker. We
                 conduct extensive experiments to evaluate our approach
                 using 120 unique patterns collected from 215
                 independent users. Experimental results show that the
                 proposed attack can reconstruct over 95\% of the
                 patterns in five attempts. We discovered that, in
                 contrast to most people's belief, complex patterns do
                 not offer stronger protection under our attacking
                 scenarios. This is demonstrated by the fact that we are
                 able to break all but one complex patterns (with a
                 97.5\% success rate) as opposed to 60\% of the simple
                 patterns in the first attempt. We demonstrate that this
                 video-side channel is a serious concern for not only
                 graphical locking patterns but also PIN-based
                 passwords, as algorithms and analysis developed from
                 the attack can be easily adapted to target PIN-based
                 passwords. As a countermeasure, we propose to change
                 the way the Android locking pattern is constructed and
                 used. We show that our proposal can successfully defeat
                 this video-based attack. We hope the results of this
                 article can encourage the community to revisit the
                 design and practical use of Android pattern lock.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "19",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Zhang:2018:VGP,
  author =       "Yupeng Zhang and Charalampos Papamanthou and Jonathan
                 Katz",
  title =        "Verifiable Graph Processing",
  journal =      j-TOPS,
  volume =       "21",
  number =       "4",
  pages =        "20:1--20:??",
  month =        oct,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3233181",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:24 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3233181",
  abstract =     "We consider a scenario in which a data owner
                 outsources storage of a large graph to an untrusted
                 server; the server performs computations on this graph
                 in response to queries from a client (whether the data
                 owner or others), and the goal is to ensure
                 verifiability of the returned results. Applying generic
                 verifiable computation (VC) would involve compiling
                 each graph computation to a circuit or a RAM program
                 and would incur large overhead, especially in the
                 proof-computation time. In this work, we address the
                 above by designing, building, and evaluating Alitheia,
                 a VC system tailored for graph queries such as
                 computing shortest paths, longest paths, and maximum
                 flows. The underlying principle of Alitheia is to
                 minimize the use of generic VC techniques by leveraging
                 various algorithmic approaches specific for graphs.
                 This leads to both theoretical and practical
                 improvements. Asymptotically, it improves the
                 complexity of proof computation by at least a
                 logarithmic factor. On the practical side, our system
                 achieves significant performance improvements over
                 current state-of-the-art VC systems (up to a
                 10-orders-of-magnitude improvement in proof-computation
                 time, and a 99.9\% reduction in server storage), while
                 scaling to 200,000-node graphs.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "20",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Madi:2018:IAV,
  author =       "Taous Madi and Yosr Jarraya and Amir Alimohammadifar
                 and Suryadipta Majumdar and Yushun Wang and Makan
                 Pourzandi and Lingyu Wang and Mourad Debbabi",
  title =        "{ISOTOP}: Auditing Virtual Networks Isolation Across
                 Cloud Layers in {OpenStack}",
  journal =      j-TOPS,
  volume =       "22",
  number =       "1",
  pages =        "1:1--1:??",
  month =        jan,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3267339",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:24 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3267339",
  abstract =     "Multi-tenancy in the cloud is a double-edged sword.
                 While it enables cost-effective resource sharing, it
                 increases security risks for the hosted applications.
                 Indeed, multiplexing virtual resources belonging to
                 different tenants on the same physical substrate may
                 lead to critical security concerns such as
                 cross-tenants data leakage and denial of service.
                 Particularly, virtual networks isolation failures are
                 among the foremost security concerns in the cloud. To
                 remedy these, automated tools are needed to verify
                 security mechanisms compliance with relevant security
                 policies and standards. However, auditing virtual
                 networks isolation is challenging due to the dynamic
                 and layered nature of the cloud. Particularly,
                 inconsistencies in network isolation mechanisms across
                 cloud-stack layers, namely, the infrastructure
                 management and the implementation layers, may lead to
                 virtual networks isolation breaches that are
                 undetectable at a single layer. In this article, we
                 propose an offline automated framework for auditing
                 consistent isolation between virtual networks in
                 OpenStack-managed cloud spanning over overlay and layer
                 2 by considering both cloud layers' views. To capture
                 the semantics of the audited data and its relation to
                 consistent isolation requirement, we devise a
                 multi-layered model for data related to each
                 cloud-stack layer's view. Furthermore, we integrate our
                 auditing system into OpenStack, and present our
                 experimental results on assessing several properties
                 related to virtual network isolation and consistency.
                 Our results show that our approach can be successfully
                 used to detect virtual network isolation breaches for
                 large OpenStack-based data centers in reasonable
                 time.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "1",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Reaves:2018:CSS,
  author =       "Bradley Reaves and Luis Vargas and Nolen Scaife and
                 Dave Tian and Logan Blue and Patrick Traynor and Kevin
                 R. B. Butler",
  title =        "Characterizing the Security of the {SMS} Ecosystem
                 with Public Gateways",
  journal =      j-TOPS,
  volume =       "22",
  number =       "1",
  pages =        "2:1--2:??",
  month =        jan,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3268932",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:24 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2010.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3268932",
  abstract =     "Recent years have seen the Short Message Service (SMS)
                 become a critical component of the security
                 infrastructure, assisting with tasks including identity
                 verification and second-factor authentication. At the
                 same time, this messaging infrastructure has become
                 dramatically more open and connected to public networks
                 than ever before. However, the implications of this
                 openness, the security practices of benign services,
                 and the malicious misuse of this ecosystem are not well
                 understood. In this article, we provide a comprehensive
                 longitudinal study to answer these questions, analyzing
                 over 900,000 text messages sent to public online SMS
                 gateways over the course of 28 months. From this data,
                 we uncover the geographical distribution of spam
                 messages, study SMS as a transmission medium of
                 malicious content, and find that changes in benign and
                 malicious behaviors in the SMS ecosystem have been
                 minimal during our collection period. The key takeaways
                 of this research show many services sending sensitive
                 security-based messages through an unencrypted medium,
                 implementing low entropy solutions for one-use codes,
                 and behaviors indicating that public gateways are
                 primarily used for evading account creation policies
                 that require verified phone numbers. This latter
                 finding has significant implications for combating
                 phone-verified account fraud and demonstrates that such
                 evasion will continue to be difficult to detect and
                 prevent.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "2",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Jansen:2018:KKI,
  author =       "Rob Jansen and Matthew Traudt and John Geddes and
                 Chris Wacek and Micah Sherr and Paul Syverson",
  title =        "{KIST}: Kernel-Informed Socket Transport for {Tor}",
  journal =      j-TOPS,
  volume =       "22",
  number =       "1",
  pages =        "3:1--3:??",
  month =        jan,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3278121",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:24 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3278121",
  abstract =     "Tor's growing popularity and user diversity has
                 resulted in network performance problems that are not
                 well understood, though performance is understood to be
                 a significant factor in Tor's security. A large body of
                 work has attempted to solve performance problems
                 without a complete understanding of where congestion
                 occurs in Tor. In this article, we first study
                 congestion in Tor at individual relays as well as along
                 the entire end-to-end Tor path and find that congestion
                 occurs almost exclusively in egress kernel socket
                 buffers. We then analyze Tor's socket interactions and
                 discover two major contributors to Tor's congestion:
                 Tor writes sockets sequentially, and Tor writes as much
                 as possible to each socket. To improve Tor's
                 performance, we design, implement, and test KIST: a new
                 socket management algorithm that uses real-time kernel
                 information to dynamically compute the amount to write
                 to each socket while considering all circuits of all
                 writable sockets when scheduling cells. We find that,
                 in the medians, KIST reduces circuit congestion by more
                 than 30\%, reduces network latency by 18\%, and
                 increases network throughput by nearly 10\%. We also
                 find that client and relay performance with KIST
                 improves as more relays deploy it and as network load
                 and packet loss rates increase. We analyze the security
                 of KIST and find an acceptable performance and security
                 tradeoff, as it does not significantly affect the
                 outcome of well-known latency, throughput, and traffic
                 correlation attacks. KIST has been merged and
                 configured as the default socket scheduling algorithm
                 in Tor version 0.3.2.1-alpha (released September 18,
                 2017) and became stable in Tor version 0.3.2.9
                 (released January 9, 2018). While our focus is Tor, our
                 techniques and observations should help analyze and
                 improve overlay and application performance, both for
                 security applications and in general.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "3",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Sluganovic:2018:ARE,
  author =       "Ivo Sluganovic and Marc Roeschlin and Kasper B.
                 Rasmussen and Ivan Martinovic",
  title =        "Analysis of Reflexive Eye Movements for Fast
                 Replay-Resistant Biometric Authentication",
  journal =      j-TOPS,
  volume =       "22",
  number =       "1",
  pages =        "4:1--4:??",
  month =        jan,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3281745",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:24 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2010.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3281745",
  abstract =     "Eye tracking devices have recently become increasingly
                 popular as an interface between people and
                 consumer-grade electronic devices. Due to the fact that
                 human eyes are fast, responsive, and carry information
                 unique to an individual, analyzing person's gaze is
                 particularly attractive for rapid biometric
                 authentication. Unfortunately, previous proposals for
                 gaze-based authentication systems either suffer from
                 high error rates or requires long authentication times.
                 We build on the fact that some eye movements can be
                 reflexively and predictably triggered and develop an
                 interactive visual stimulus for elicitation of
                 reflexive eye movements that support the extraction of
                 reliable biometric features in a matter of seconds,
                 without requiring any memorization or cognitive effort
                 on the part of the user. As an important benefit, our
                 stimulus can be made unique for every authentication
                 attempt and thus incorporated in a challenge-response
                 biometric authentication system. This allows us to
                 prevent replay attacks, which are possibly the most
                 applicable attack vectors against biometric
                 authentication. Using a gaze tracking device, we build
                 a prototype of our system and perform a series of
                 systematic user experiments with 30 participants from
                 the general public. We thoroughly analyze various
                 system parameters and evaluate the performance and
                 security guarantees under several different attack
                 scenarios. The results show that our system matches or
                 surpasses existing gaze-based authentication methods in
                 achieved equal error rates (6.3\%) while achieving
                 significantly lower authentication times (5s).",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "4",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Pomonis:2018:KPA,
  author =       "Marios Pomonis and Theofilos Petsios and Angelos D.
                 Keromytis and Michalis Polychronakis and Vasileios P.
                 Kemerlis",
  title =        "Kernel Protection Against Just-In-Time Code Reuse",
  journal =      j-TOPS,
  volume =       "22",
  number =       "1",
  pages =        "5:1--5:??",
  month =        jan,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3277592",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:24 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3277592",
  abstract =     "The abundance of memory corruption and disclosure
                 vulnerabilities in kernel code necessitates the
                 deployment of hardening techniques to prevent privilege
                 escalation attacks. As stricter memory isolation
                 mechanisms between the kernel and user space become
                 commonplace, attackers increasingly rely on code reuse
                 techniques to exploit kernel vulnerabilities. Contrary
                 to similar attacks in more restrictive settings, as in
                 web browsers, in kernel exploitation, non-privileged
                 local adversaries have great flexibility in abusing
                 memory disclosure vulnerabilities to dynamically
                 discover, or infer, the location of code snippets in
                 order to construct code-reuse payloads. Recent studies
                 have shown that the coupling of code diversification
                 with the enforcement of a ``read XOR execute'' (R$
                 \caret $X) memory safety policy is an effective defense
                 against the exploitation of userland software, but so
                 far this approach has not been applied for the
                 protection of the kernel itself. In this article, we
                 fill this gap by presenting kR$ \caret $X: a
                 kernel-hardening scheme based on execute-only memory
                 and code diversification. We study a previously
                 unexplored point in the design space, where a
                 hypervisor or a super-privileged component is not
                 required. Implemented mostly as a set of GCC plugins,
                 kR$ \caret $X is readily applicable to x86 Linux
                 kernels (both 32b and 64b) and can benefit from
                 hardware support (segmentation on x86, MPX on x86-64)
                 to optimize performance. In full protection mode, kR$
                 \caret $X incurs a low runtime overhead of 4.04\%,
                 which drops to 2.32\% when MPX is available, and 1.32\%
                 when memory segmentation is in use.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "5",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Ugarte-Pedrero:2018:CLD,
  author =       "Xabier Ugarte-Pedrero and Mariano Graziano and Davide
                 Balzarotti",
  title =        "A Close Look at a Daily Dataset of Malware Samples",
  journal =      j-TOPS,
  volume =       "22",
  number =       "1",
  pages =        "6:1--6:??",
  month =        jan,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3291061",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:24 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3291061",
  abstract =     "The number of unique malware samples is growing out of
                 control. Over the years, security companies have
                 designed and deployed complex infrastructures to
                 collect and analyze this overwhelming number of
                 samples. As a result, a security company can collect
                 more than 1M unique files per day only from its
                 different feeds. These are automatically stored and
                 processed to extract actionable information derived
                 from static and dynamic analysis. However, only a tiny
                 amount of this data is interesting for security
                 researchers and attracts the interest of a human
                 expert. To the best of our knowledge, nobody has
                 systematically dissected these datasets to precisely
                 understand what they really contain. The security
                 community generally discards the problem because of the
                 alleged prevalence of uninteresting samples. In this
                 article, we guide the reader through a step-by-step
                 analysis of the hundreds of thousands Windows
                 executables collected in one day from these feeds. Our
                 goal is to show how a company can employ existing
                 state-of-the-art techniques to automatically process
                 these samples and then perform manual experiments to
                 understand and document what is the real content of
                 this gigantic dataset. We present the filtering steps,
                 and we discuss in detail how samples can be grouped
                 together according to their behavior to support manual
                 verification. Finally, we use the results of this
                 measurement experiment to provide a rough estimate of
                 both the human and computer resources that are required
                 to get to the bottom of the catch of the day.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "6",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Modersheim:2018:ABP,
  author =       "Sebastian M{\"o}dersheim and Luca Vigan{\`o}",
  title =        "Alpha--Beta Privacy",
  journal =      j-TOPS,
  volume =       "22",
  number =       "1",
  pages =        "7:1--7:??",
  month =        jan,
  year =         "2018",
  DOI =          "https://doi.org/10.1145/3289255",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:24 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2010.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3289255",
  abstract =     "The formal specification of privacy goals in symbolic
                 protocol models has proved to be not quite trivial so
                 far. The most widely used approach in formal methods is
                 based on the static equivalence of frames in the
                 applied pi-calculus, basically asking whether or not
                 the intruder is able to distinguish two given worlds.
                 But then a subtle question emerges: How can we be sure
                 that we have specified all pairs of worlds to properly
                 reflect our intuitive privacy goal? To address this
                 problem, we introduce in this article a novel and
                 declarative way to specify privacy goals, called (
                 \alpha , \beta )-privacy. This new approach is based on
                 specifying two formulae \alpha and \beta in first-order
                 logic with Herbrand universes, where \alpha reflects
                 the intentionally released information and \beta
                 includes the actual cryptographic (``technical'')
                 messages the intruder can see. Then ( \alpha , \beta
                 )-privacy means that the intruder cannot derive any
                 ``nontechnical'' statement from \beta that he cannot
                 derive from \alpha already. We describe by a variety of
                 examples how this notion can be used in practice. Even
                 though ( \alpha , \beta )-privacy does not directly
                 contain a notion of distinguishing between worlds,
                 there is a close relationship to static equivalence of
                 frames that we investigate formally. This allows us to
                 justify (and criticize) the specifications that are
                 currently used in verification tools and obtain a
                 decision procedure for a large fragment of ( \alpha ,
                 \beta )-privacy.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "7",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Kreutz:2019:ALC,
  author =       "Diego Kreutz and Jiangshan Yu and Fernando M. V. Ramos
                 and Paulo Esteves-Verissimo",
  title =        "{ANCHOR}: Logically Centralized Security for
                 Software-Defined Networks",
  journal =      j-TOPS,
  volume =       "22",
  number =       "2",
  pages =        "8:1--8:??",
  month =        apr,
  year =         "2019",
  DOI =          "https://doi.org/10.1145/3301305",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:25 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3301305",
  abstract =     "Software-defined networking (SDN) decouples the
                 control and data planes of traditional networks,
                 logically centralizing the functional properties of the
                 network in the SDN controller. While this
                 centralization brought advantages such as a faster pace
                 of innovation, it also disrupted some of the natural
                 defenses of traditional architectures against different
                 threats. The literature on SDN has mostly been
                 concerned with the functional side, despite some
                 specific works concerning non-functional properties
                 such as security or dependability. Though addressing
                 the latter in an ad-hoc, piecemeal way may work, it
                 will most likely lead to efficiency and effectiveness
                 problems. We claim that the enforcement of
                 non-functional properties as a pillar of SDN robustness
                 calls for a systemic approach. We further advocate, for
                 its materialization, the reiteration of the successful
                 formula behind SDN: `logical centralization'. As a
                 general concept, we propose anchor, a subsystem
                 architecture that promotes the logical centralization
                 of non-functional properties. To show the effectiveness
                 of the concept, we focus on security in this article:
                 we identify the current security gaps in SDNs and we
                 populate the architecture middleware with the
                 appropriate security mechanisms in a global and
                 consistent manner. Essential security mechanisms
                 provided by anchor include reliable entropy and
                 resilient pseudo-random generators, and protocols for
                 secure registration and association of SDN devices. We
                 claim and justify in the article that centralizing such
                 mechanisms is key for their effectiveness by allowing
                 us to define and enforce global policies for those
                 properties; reduce the complexity of controllers and
                 forwarding devices; ensure higher levels of robustness
                 for critical services; foster interoperability of the
                 non-functional property enforcement mechanisms; and
                 promote the security and resilience of the architecture
                 itself. We discuss design and implementation aspects,
                 and we prove and evaluate our algorithms and
                 mechanisms, including the formalisation of the main
                 protocols and the verification of their core security
                 properties using the Tamarin prover.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "8",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Pagani:2019:ITD,
  author =       "Fabio Pagani and Oleksii Fedorov and Davide
                 Balzarotti",
  title =        "Introducing the Temporal Dimension to Memory
                 Forensics",
  journal =      j-TOPS,
  volume =       "22",
  number =       "2",
  pages =        "9:1--9:??",
  month =        apr,
  year =         "2019",
  DOI =          "https://doi.org/10.1145/3310355",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:25 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3310355",
  abstract =     "Kickstarted by the Digital Forensic Research Workshop
                 (DFRWS) conference in 2005, modern memory analysis is
                 now one of most active areas of computer forensics and
                 it mostly focuses on techniques to locate key operating
                 system data structures and extract high-level
                 information. These techniques work on the assumption
                 that the information inside a memory dump is consistent
                 and the copy of the physical memory was obtained in an
                 atomic operation. Unfortunately, this is seldom the
                 case in real investigations, where software acquisition
                 tools record information while the rest of the system
                 is running. Thus, since the content of the memory is
                 changing very rapidly, the resulting memory dump may
                 contain inconsistent data. While this problem is known,
                 its consequences are unclear and often overlooked.
                 Unfortunately, errors can be very subtle and can affect
                 the results of an analysis in ways that are difficult
                 to detect. In this article, we argue that memory
                 forensics should also consider the time in which each
                 piece of data was acquired. This new temporal dimension
                 provides a preliminary way to assess the reliability of
                 a given result and opens the door to new research
                 directions that can minimize the effect of the
                 acquisition time or detect inconsistencies. To support
                 our hypothesis, we conducted several experiments to
                 show that inconsistencies are very frequent and can
                 negatively impact an analysis. We then discuss
                 modifications we made to popular memory forensic tools
                 to make the temporal dimension explicit during the
                 analysis and to minimize its effect by resorting to a
                 locality-based acquisition.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "9",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Kwon:2019:SEI,
  author =       "Donghyun Kwon and Hayoon Yi and Yeongpil Cho and
                 Yunheung Paek",
  title =        "Safe and Efficient Implementation of a Security System
                 on {ARM} using Intra-level Privilege Separation",
  journal =      j-TOPS,
  volume =       "22",
  number =       "2",
  pages =        "10:1--10:??",
  month =        apr,
  year =         "2019",
  DOI =          "https://doi.org/10.1145/3309698",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:25 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3309698",
  abstract =     "Security monitoring has long been considered as a
                 fundamental mechanism to mitigate the damage of a
                 security attack. Recently, intra-level security systems
                 have been proposed that can efficiently and securely
                 monitor system software without any involvement of more
                 privileged entity. Unfortunately, there exists no full
                 intra-level security system that can universally
                 operate at any privilege level on ARM. However, as
                 malware and attacks increase against virtually every
                 level of privileged software including an OS, a
                 hypervisor, and even the highest privileged software
                 armored by TrustZone, we have been motivated to develop
                 an intra-level security system, named Hilps. Hilps
                 realizes true intra-level scheme in all these levels of
                 privileged software on ARM by elaborately exploiting a
                 new hardware feature of ARM's latest 64-bit
                 architecture, called TxSZ, that enables elastic
                 adjustment of the accessible virtual address range.
                 Furthermore, Hilps newly supports the sandbox mechanism
                 that provides security tools with individually isolated
                 execution environments, thereby minimizing security
                 threats from untrusted security tools. We have
                 implemented a prototype of Hilps on a real machine. The
                 experimental results demonstrate that Hilps is quite
                 promising for practical use in real deployments.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "10",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Woo:2019:UEM,
  author =       "Simon S. Woo and Ron Artstein and Elsi Kaiser and Xiao
                 Le and Jelena Mirkovic",
  title =        "Using Episodic Memory for User Authentication",
  journal =      j-TOPS,
  volume =       "22",
  number =       "2",
  pages =        "11:1--11:??",
  month =        apr,
  year =         "2019",
  DOI =          "https://doi.org/10.1145/3308992",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:25 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2010.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3308992",
  abstract =     "Passwords are widely used for user authentication, but
                 they are often difficult for a user to recall, easily
                 cracked by automated programs, and heavily reused.
                 Security questions are also used for secondary
                 authentication. They are more memorable than passwords,
                 because the question serves as a hint to the user, but
                 they are very easily guessed. We propose a new
                 authentication mechanism, called ``life-experience
                 passwords (LEPs).'' Sitting somewhere between passwords
                 and security questions, an LEP consists of several
                 facts about a user-chosen life event-such as a trip, a
                 graduation, a wedding, and so on. At LEP creation, the
                 system extracts these facts from the user's input and
                 transforms them into questions and answers. At
                 authentication, the system prompts the user with
                 questions and matches the answers with the stored ones.
                 We show that question choice and design make LEPs much
                 more secure than security questions and passwords,
                 while the question-answer format promotes low password
                 reuse and high recall. Specifically, we find that: (1)
                 LEPs are 10 9 --10 14 $ \times $ stronger than an
                 ideal, randomized, eight-character password; (2) LEPs
                 are up to 3 $ \times $ more memorable than passwords
                 and on par with security questions; and (3) LEPs are
                 reused half as often as passwords. While both LEPs and
                 security questions use personal experiences for
                 authentication, LEPs use several questions that are
                 closely tailored to each user. This increases LEP
                 security against guessing attacks. In our evaluation,
                 only 0.7\% of LEPs were guessed by casual friends, and
                 9.5\% by family members or close friends-roughly half
                 of the security question guessing rate. On the
                 downside, LEPs take around 5 $ \times $ longer to input
                 than passwords. So, these qualities make LEPs suitable
                 for multi-factor authentication at high-value servers,
                 such as financial or sensitive work servers, where
                 stronger authentication strength is needed.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "11",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Noh:2019:TBS,
  author =       "Juhwan Noh and Yujin Kwon and Yunmok Son and Hocheol
                 Shin and Dohyun Kim and Jaeyeong Choi and Yongdae Kim",
  title =        "{Tractor Beam}: Safe-hijacking of Consumer Drones with
                 Adaptive {GPS} Spoofing",
  journal =      j-TOPS,
  volume =       "22",
  number =       "2",
  pages =        "12:1--12:??",
  month =        apr,
  year =         "2019",
  DOI =          "https://doi.org/10.1145/3309735",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:25 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3309735",
  abstract =     "The consumer drone market is booming. Consumer drones
                 are predominantly used for aerial photography; however,
                 their use has been expanding because of their autopilot
                 technology. Unfortunately, terrorists have also begun
                 to use consumer drones for kamikaze bombing and
                 reconnaissance. To protect against such threats,
                 several companies have started ``anti-drone'' services
                 that primarily focus on disrupting or incapacitating
                 drone operations. However, the approaches employed are
                 inadequate, because they make any drone that has
                 intruded stop and remain over the protected area. We
                 specify this issue by introducing the concept of
                 safe-hijacking, which enables a hijacker to expel the
                 intruding drone from the protected area remotely. As a
                 safe-hijacking strategy, we investigated whether
                 consumer drones in the autopilot mode can be hijacked
                 via adaptive GPS spoofing. Specifically, as consumer
                 drones activate GPS fail-safe and change their flight
                 mode whenever a GPS error occurs, we performed black-
                 and white-box analyses of GPS fail-safe flight mode and
                 the following behavior after GPS signal recovery of
                 existing consumer drones. Based on our analyses
                 results, we developed a taxonomy of consumer drones
                 according to these fail-safe mechanisms and designed
                 safe-hijacking strategies for each drone type.
                 Subsequently, we applied these strategies to four
                 popular drones: DJI Phantom 3 Standard, DJI Phantom 4,
                 Parrot Bebop 2, and 3DR Solo. The results of field
                 experiments and software simulations verified the
                 efficacy of our safe-hijacking strategies against these
                 drones and demonstrated that the strategies can force
                 them to move in any direction with high accuracy.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "12",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Ruoti:2019:USF,
  author =       "Scott Ruoti and Jeff Andersen and Luke Dickinson and
                 Scott Heidbrink and Tyler Monson and Mark O'Neill and
                 Ken Reese and Brad Spendlove and Elham Vaziripour and
                 Justin Wu and Daniel Zappala and Kent Seamons",
  title =        "A Usability Study of Four Secure Email Tools Using
                 Paired Participants",
  journal =      j-TOPS,
  volume =       "22",
  number =       "2",
  pages =        "13:1--13:??",
  month =        apr,
  year =         "2019",
  DOI =          "https://doi.org/10.1145/3313761",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:25 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3313761",
  abstract =     "Secure email is increasingly being touted as usable by
                 novice users, with a push for adoption based on recent
                 concerns about government surveillance. To determine
                 whether secure email is ready for grassroots adoption,
                 we employ a laboratory user study that recruits pairs
                 of novice users to install and use several of the
                 latest systems to exchange secure messages. We present
                 both quantitative and qualitative results from 28 pairs
                 of novices as they use Private WebMail (Pwm), Tutanota,
                 and Virtru and 10 pairs of novices as they use
                 Mailvelope. Participants report being more at ease with
                 this type of study and better able to cope with
                 mistakes since both participants are ``on the same
                 page.'' We find that users prefer integrated solutions
                 over depot-based solutions and that tutorials are
                 important in helping first-time users. Finally, our
                 results demonstrate that Pretty Good Privacy using
                 manual key management is still unusable for novice
                 users, with 9 of 10 participant pairs failing to
                 complete the study.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "13",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Onwuzurike:2019:MDA,
  author =       "Lucky Onwuzurike and Enrico Mariconti and Panagiotis
                 Andriotis and Emiliano {De Cristofaro} and Gordon Ross
                 and Gianluca Stringhini",
  title =        "{MaMaDroid}: Detecting {Android} Malware by Building
                 {Markov} Chains of Behavioral Models (Extended
                 Version)",
  journal =      j-TOPS,
  volume =       "22",
  number =       "2",
  pages =        "14:1--14:??",
  month =        apr,
  year =         "2019",
  DOI =          "https://doi.org/10.1145/3313391",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:25 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3313391",
  abstract =     "As Android has become increasingly popular, so has
                 malware targeting it, thus motivating the research
                 community to propose different detection techniques.
                 However, the constant evolution of the Android
                 ecosystem, and of malware itself, makes it hard to
                 design robust tools that can operate for long periods
                 of time without the need for modifications or costly
                 re-training. Aiming to address this issue, we set to
                 detect malware from a behavioral point of view, modeled
                 as the sequence of abstracted API calls. We introduce M
                 AMADROID, a static-analysis-based system that abstracts
                 app's API calls to their class, package, or family, and
                 builds a model from their sequences obtained from the
                 call graph of an app as Markov chains. This ensures
                 that the model is more resilient to API changes and the
                 features set is of manageable size. We evaluate
                 MAMADROID using a dataset of 8.5K benign and 35.5K
                 malicious apps collected over a period of 6 years,
                 showing that it effectively detects malware (with up to
                 0.99 F-measure) and keeps its detection capabilities
                 for long periods of time (up to 0.87 F-measure 2 years
                 after training). We also show that MAMADROID remarkably
                 overperforms DROIDAPIMINER, a state-of-the-art
                 detection system that relies on the frequency of ( raw
                 ) API calls. Aiming to assess whether MAMADROID's
                 effectiveness mainly stems from the API abstraction or
                 from the sequencing modeling, we also evaluate a
                 variant of it that uses frequency (instead of
                 sequences), of abstracted API calls. We find that it is
                 not as accurate, failing to capture maliciousness when
                 trained on malware samples that include API calls that
                 are equally or more frequently used by benign apps.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "14",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Rao:2019:HPR,
  author =       "Fang-Yu Rao and Jianneng Cao and Elisa Bertino and
                 Murat Kantarcioglu",
  title =        "Hybrid Private Record Linkage: Separating
                 Differentially Private Synopses from Matching Records",
  journal =      j-TOPS,
  volume =       "22",
  number =       "3",
  pages =        "15:1--15:??",
  month =        jul,
  year =         "2019",
  DOI =          "https://doi.org/10.1145/3318462",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:25 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2010.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3318462",
  abstract =     "Private record linkage protocols allow multiple
                 parties to exchange matching records, which refer to
                 the same entities or have similar values, while keeping
                 the non-matching ones secret. Conventional protocols
                 are based on computationally expensive cryptographic
                 primitives and therefore do not scale. To address these
                 scalability issues, hybrid protocols have been proposed
                 that combine differential privacy techniques with
                 secure multiparty computation techniques. However, a
                 drawback of such protocols is that they disclose to the
                 parties both the matching records and the
                 differentially private synopses of the datasets
                 involved in the linkage. Consequently, differential
                 privacy is no longer always satisfied. To address this
                 issue, we propose a novel framework that separates the
                 private synopses from the matching records. The two
                 parties do not access the synopses directly, but still
                 use them to efficiently link records. We theoretically
                 prove the security of our framework under the
                 state-of-the-art privacy notion of differential privacy
                 for record linkage (DPRL). In addition, we develop a
                 simple but effective strategy for releasing private
                 synopses. Extensive experimental results show that our
                 framework is superior to the existing methods in terms
                 of efficiency.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "15",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Sharif:2019:GFA,
  author =       "Mahmood Sharif and Sruti Bhagavatula and Lujo Bauer
                 and Michael K. Reiter",
  title =        "A General Framework for Adversarial Examples with
                 Objectives",
  journal =      j-TOPS,
  volume =       "22",
  number =       "3",
  pages =        "16:1--16:??",
  month =        jul,
  year =         "2019",
  DOI =          "https://doi.org/10.1145/3317611",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:25 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3317611",
  abstract =     "Images perturbed subtly to be misclassified by neural
                 networks, called adversarial examples, have emerged as
                 a technically deep challenge and an important concern
                 for several application domains. Most research on
                 adversarial examples takes as its only constraint that
                 the perturbed images are similar to the originals.
                 However, real-world application of these ideas often
                 requires the examples to satisfy additional objectives,
                 which are typically enforced through custom
                 modifications of the perturbation process. In this
                 article, we propose adversarial generative nets (AGNs),
                 a general methodology to train a generator neural
                 network to emit adversarial examples satisfying desired
                 objectives. We demonstrate the ability of AGNs to
                 accommodate a wide range of objectives, including
                 imprecise ones difficult to model, in two application
                 domains. In particular, we demonstrate physical
                 adversarial examples-eyeglass frames designed to fool
                 face recognition-with better robustness,
                 inconspicuousness, and scalability than previous
                 approaches, as well as a new attack to fool a
                 handwritten-digit classifier.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "16",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Yan:2019:DAW,
  author =       "Chao Yan and Bo Li and Yevgeniy Vorobeychik and Aron
                 Laszka and Daniel Fabbri and Bradley Malin",
  title =        "Database Audit Workload Prioritization via Game
                 Theory",
  journal =      j-TOPS,
  volume =       "22",
  number =       "3",
  pages =        "17:1--17:??",
  month =        jul,
  year =         "2019",
  DOI =          "https://doi.org/10.1145/3323924",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:25 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3323924",
  abstract =     "The quantity of personal data that is collected,
                 stored, and subsequently processed continues to grow
                 rapidly. Given its sensitivity, ensuring privacy
                 protections has become a necessary component of
                 database management. To enhance protection, a number of
                 mechanisms have been developed, such as audit logging
                 and alert triggers, which notify administrators about
                 suspicious activities. However, this approach is
                 limited. First, the volume of alerts is often
                 substantially greater than the auditing capabilities of
                 organizations. Second, strategic attackers can attempt
                 to disguise their actions or carefully choose targets,
                 thus hide illicit activities. In this article, we
                 introduce an auditing approach that accounts for
                 adversarial behavior by (1) prioritizing the order in
                 which types of alerts are investigated and (2)
                 providing an upper bound on how much resource to
                 allocate for each type. Specifically, we model the
                 interaction between a database auditor and attackers as
                 a Stackelberg game. We show that even a highly
                 constrained version of such problem is NP-Hard. Then,
                 we introduce a method that combines linear programming,
                 column generation, and heuristic searching to derive an
                 auditing policy. On the synthetic data, we perform an
                 extensive evaluation on the approximation degree of our
                 solution with the optimal one. The two real datasets,
                 (1) 1.5 months of audit logs from Vanderbilt University
                 Medical Center and (2) a publicly available credit card
                 application dataset, are used to test the
                 policy-searching performance. The findings demonstrate
                 the effectiveness of the proposed methods for searching
                 the audit strategies, and our general approach
                 significantly outperforms non-game-theoretic
                 baselines.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "17",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Outkin:2019:GQT,
  author =       "Alexander V. Outkin and Brandon K. Eames and Meghan A.
                 Galiardi and Sarah Walsh and Eric D. Vugrin and Byron
                 Heersink and Jacob Hobbs and Gregory D. Wyss",
  title =        "{GPLADD}: Quantifying Trust in Government and
                 Commercial Systems: a Game-Theoretic Approach",
  journal =      j-TOPS,
  volume =       "22",
  number =       "3",
  pages =        "18:1--18:??",
  month =        jul,
  year =         "2019",
  DOI =          "https://doi.org/10.1145/3326283",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:25 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3326283",
  abstract =     "Trust in a microelectronics-based system can be
                 characterized as the level of confidence that a system
                 is free of subversive alterations made during system
                 development, or that the development process of a
                 system has not been manipulated by a malicious
                 adversary. Trust in systems has become an increasing
                 concern over the past decade. This article presents a
                 novel game-theoretic framework, called GPLADD
                 (Graph-based Probabilistic Learning Attacker and
                 Dynamic Defender), for analyzing and quantifying system
                 trustworthiness at the end of the development process,
                 through the analysis of risk of development-time system
                 manipulation. GPLADD represents attacks and
                 attacker-defender contests over time. It treats time as
                 an explicit constraint and allows incorporating the
                 informational asymmetries between the attacker and
                 defender into analysis. GPLADD includes an explicit
                 representation of attack steps via multi-step attack
                 graphs, attacker and defender strategies, and player
                 actions at different times. GPLADD allows quantifying
                 the attack success probability over time and the
                 attacker and defender costs based on their capabilities
                 and strategies. This ability to quantify different
                 attacks provides an input for evaluation of trust in
                 the development process. We demonstrate GPLADD on an
                 example attack and its variants. We develop a method
                 for representing success probability for arbitrary
                 attacks and derive an explicit analytic
                 characterization of success probability for a specific
                 attack. We present a numeric Monte Carlo study of a
                 small set of attacks, quantify attack success
                 probabilities, attacker and defender costs, and
                 illustrate the options the defender has for limiting
                 the attack success and improving trust in the
                 development process.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "18",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Wedaj:2019:DDA,
  author =       "Samuel Wedaj and Kolin Paul and Vinay J. Ribeiro",
  title =        "{DADS}: Decentralized Attestation for Device Swarms",
  journal =      j-TOPS,
  volume =       "22",
  number =       "3",
  pages =        "19:1--19:??",
  month =        jul,
  year =         "2019",
  DOI =          "https://doi.org/10.1145/3325822",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Sep 21 08:26:25 MDT 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3325822",
  abstract =     "We present a novel scheme called Decentralized
                 Attestation for Device Swarms (DADS), which is, to the
                 best of our knowledge, the first to accomplish
                 decentralized attestation in device swarms. Device
                 swarms are smart, mobile, and interconnected devices
                 that operate in large numbers and are likely to be part
                 of emerging applications in Cyber-Physical Systems
                 (CPS) and Industrial Internet of Things (IIoTs). Swarm
                 devices process and exchange safety, privacy, and
                 mission-critical information. Thus, it is important to
                 have a good code verification technique that scales to
                 device swarms and establishes trust among collaborating
                 devices. DADS has several advantages over current
                 state-of-the-art swarm attestation techniques: It is
                 decentralized, has no single point of failure, and can
                 handle changing topologies after nodes are compromised.
                 DADS assures system resilience to node
                 compromise/failure while guaranteeing only devices that
                 execute genuine code remain part of the group. We
                 conduct performance measurements of communication,
                 computation, memory, and energy using the TrustLite
                 embedded systems architecture in OMNeT++ simulation
                 environment. We show that the proposed approach can
                 significantly reduce communication cost and is very
                 efficient in terms of computation, memory, and energy
                 requirements. We also analyze security and show that
                 DADS is very effective and robust against various
                 attacks.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "19",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Cantali:2019:AMS,
  author =       "Gokcan Cantali and Orhan Ermis and Mehmet Ufuk
                 {\c{C}}aglayan and Cem Ersoy",
  title =        "Analytical Models for the Scalability of Dynamic
                 Group-key Agreement Protocols and Secure File Sharing
                 Systems",
  journal =      j-TOPS,
  volume =       "22",
  number =       "4",
  pages =        "20:1--20:??",
  month =        dec,
  year =         "2019",
  DOI =          "https://doi.org/10.1145/3342998",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Wed Dec 18 14:55:10 MST 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3342998",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "20",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Jin:2019:RPP,
  author =       "Hongyu Jin and Panos Papadimitratos",
  title =        "Resilient Privacy Protection for Location-Based
                 Services through Decentralization",
  journal =      j-TOPS,
  volume =       "22",
  number =       "4",
  pages =        "21:1--21:??",
  month =        dec,
  year =         "2019",
  DOI =          "https://doi.org/10.1145/3319401",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Wed Dec 18 14:55:10 MST 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2010.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3319401",
  abstract =     "Location-Based Services (LBSs) provide valuable
                 services, with convenient features for mobile users.
                 However, the location and other information disclosed
                 through each query to the LBS erodes user privacy. This
                 is a concern especially because LBS providers can be
                 honest-but-curious, collecting queries and tracking
                 users' whereabouts and infer sensitive user data. This
                 motivated both centralized and decentralized location
                 privacy protection schemes for LBSs: anonymizing and
                 obfuscating LBS queries to not disclose exact
                 information, while still getting useful responses.
                 Decentralized schemes overcome disadvantages of
                 centralized schemes, eliminating anonymizers, and
                 enhancing users' control over sensitive information.
                 However, an insecure decentralized system could create
                 serious risks beyond private information leakage. More
                 so, attacking an improperly designed decentralized LBS
                 privacy protection scheme could be an effective and
                 low-cost step to breach user privacy. We address
                 exactly this problem, by proposing security
                 enhancements for mobile data sharing systems. We
                 protect user privacy while preserving accountability of
                 user activities, leveraging pseudonymous authentication
                 with mainstream cryptography. We show our scheme can be
                 deployed with off-the-shelf devices based on an
                 experimental evaluation of an implementation in a
                 static automotive testbed.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "21",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Powell:2019:MOH,
  author =       "Brian A. Powell",
  title =        "Malicious Overtones: Hunting Data Theft in the
                 Frequency Domain with One-class Learning",
  journal =      j-TOPS,
  volume =       "22",
  number =       "4",
  pages =        "22:1--22:??",
  month =        dec,
  year =         "2019",
  DOI =          "https://doi.org/10.1145/3360469",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Wed Dec 18 14:55:10 MST 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3360469",
  abstract =     "A method for detecting electronic data theft from
                 computer networks is described, capable of recognizing
                 patterns of remote exfiltration occurring over days to
                 weeks. Normal traffic flow data, in the form of a
                 host's ingress and egress bytes over time, is used to
                 train an ensemble of one-class learners. The detection
                 ensemble is modular, with individual classifiers
                 trained on different traffic features thought to
                 characterize malicious data transfers. We select
                 features that model the egress to ingress byte balance
                 over time, periodicity, short timescale irregularity,
                 and density of the traffic. The features are most
                 efficiently modeled in the frequency domain, which has
                 the added benefit that variable duration flows are
                 transformed to a fixed-size feature vector, and by
                 sampling the frequency space appropriately,
                 long-duration flows can be tested. When trained on days
                 or weeks worth of traffic from individual hosts, our
                 ensemble achieves a low false-positive rate.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "22",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Senarath:2019:WTU,
  author =       "Awanthika Senarath and Marthie Grobler and Nalin
                 Asanka Gamagedara Arachchilage",
  title =        "Will They Use It or Not? {Investigating} Software
                 Developers' Intention to Follow Privacy Engineering
                 Methodologies",
  journal =      j-TOPS,
  volume =       "22",
  number =       "4",
  pages =        "23:1--23:??",
  month =        dec,
  year =         "2019",
  DOI =          "https://doi.org/10.1145/3364224",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Wed Dec 18 14:55:10 MST 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3364224",
  abstract =     "With the increasing concerns over privacy in software
                 systems, there is a growing enthusiasm to develop
                 methods to support the development of privacy aware
                 software systems. Inadequate privacy in software system
                 designs could result in users losing their sensitive
                 data, such as health information and financial
                 information, which may cause financial and reputation
                 loss. Privacy Engineering Methodologies (PEMs) are
                 introduced into the software development processes with
                 the goal of guiding software developers to embed
                 privacy into the systems they design. However, for PEMs
                 to be successful it is imperative that software
                 developers have a positive intention to use PEMs.
                 Otherwise, developers may attempt to bypass the privacy
                 methodologies or use them partially and hence develop
                 software systems that may not protect user privacy
                 appropriately. To investigate the factors that affect
                 software developers' behavioural intention to follow
                 PEMs, in this article, we conducted a study with 149
                 software developers. Findings of the study show that
                 the usefulness of the PEM to the developers' existing
                 work to be the strongest determinant that affects
                 software developers' intention to follow PEMs.
                 Moreover, the compatibility of the PEM with their way
                 of work and how the PEM demonstrates its results when
                 used were also found to be significant. These findings
                 provide important insights in understanding the
                 behaviour of software developers and how they perceive
                 PEMs. The findings could be used to assist
                 organisations and researchers to deploy PEMs and design
                 PEMs that are positively accepted by software
                 developers.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "23",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Cecconello:2019:STK,
  author =       "Stefano Cecconello and Alberto Compagno and Mauro
                 Conti and Daniele Lain and Gene Tsudik",
  title =        "{Skype \& Type}: Keyboard Eavesdropping in
                 {Voice-over-IP}",
  journal =      j-TOPS,
  volume =       "22",
  number =       "4",
  pages =        "24:1--24:??",
  month =        dec,
  year =         "2019",
  DOI =          "https://doi.org/10.1145/3365366",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Wed Dec 18 14:55:10 MST 2019",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/citation.cfm?id=3365366",
  abstract =     "Voice-over-IP (VoIP) software are among the most
                 widely spread and pervasive software, counting millions
                 of monthly users. However, we argue that people ignore
                 the drawbacks of transmitting information along with
                 their voice, such as keystroke sounds --- as such sound
                 can reveal what someone is typing on a keyboard. In
                 this article, we present and assess a new keyboard
                 acoustic eavesdropping attack that involves VoIP,
                 called Skype \& Type (S\&T). Unlike previous attacks,
                 S\&T assumes a weak adversary model that is very
                 practical in many real-world settings. Indeed, S\&T is
                 very feasible, as it does not require (i) the attacker
                 to be physically close to the victim (either in person
                 or with a recording device) and (ii) precise profiling
                 of the victim's typing style and keyboard; moreover, it
                 can work with a very small amount of leaked keystrokes.
                 We observe that leakage of keystrokes during a VoIP
                 call is likely, as people often ``multi-task'' during
                 such calls. As expected, VoIP software acquires and
                 faithfully transmits all sounds, including emanations
                 of pressed keystrokes, which can include passwords and
                 other sensitive information. We show that one very
                 popular VoIP software (Skype) conveys enough audio
                 information to reconstruct the victim's
                 input-keystrokes typed on the remote keyboard. Our
                 results demonstrate that, given some knowledge on the
                 victim's typing style and keyboard model, the attacker
                 attains top-5 accuracy of 91.7\% in guessing a random
                 key pressed by the victim. This work extends previous
                 results on S\&T, demonstrating that our attack is
                 effective with many different recording devices (such
                 as laptop microphones, headset microphones, and
                 smartphones located in proximity of the target
                 keyboard), diverse typing styles and speed, and is
                 particularly threatening when the victim is typing in a
                 known language.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "24",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "http://dl.acm.org/citation.cfm?id=J1547",
}

@Article{Hoang:2020:MSO,
  author =       "Thang Hoang and Attila A. Yavuz and Jorge Guajardo",
  title =        "A Multi-server {ORAM} Framework with Constant Client
                 Bandwidth Blowup",
  journal =      j-TOPS,
  volume =       "23",
  number =       "1",
  pages =        "1:1--1:35",
  month =        feb,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3369108",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Feb 15 07:50:03 MST 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3369108",
  abstract =     "Oblivious Random Access Machine (ORAM) allows a client
                 to hide the access pattern when accessing sensitive
                 data on a remote server. It is known that there exists
                 a logarithmic communication lower bound on any passive
                 ORAM construction, where the server \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "1",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Khan:2020:MAS,
  author =       "Hassan Khan and Urs Hengartner and Daniel Vogel",
  title =        "Mimicry Attacks on Smartphone Keystroke
                 Authentication",
  journal =      j-TOPS,
  volume =       "23",
  number =       "1",
  pages =        "2:1--2:34",
  month =        feb,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3372420",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Feb 15 07:50:03 MST 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2020.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3372420",
  abstract =     "Keystroke behaviour-based authentication employs the
                 unique typing behaviour of users to authenticate them.
                 Recent such proposals for virtual keyboards on
                 smartphones employ diverse temporal, contact, and
                 spatial features to achieve over 95\% accuracy.
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "2",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Lanotte:2020:FAP,
  author =       "Ruggero Lanotte and Massimo Merro and Andrei Munteanu
                 and Luca Vigan{\`o}",
  title =        "A Formal Approach to Physics-based Attacks in
                 Cyber-physical Systems",
  journal =      j-TOPS,
  volume =       "23",
  number =       "1",
  pages =        "3:1--3:41",
  month =        feb,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3373270",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Feb 15 07:50:03 MST 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3373270",
  abstract =     "We apply formal methods to lay and streamline
                 theoretical foundations to reason about Cyber-Physical
                 Systems (CPSs) and physics-based attacks, i.e., attacks
                 targeting physical devices. We focus on a formal
                 treatment of both integrity and denial of \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "3",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Belman:2020:DPT,
  author =       "Amith K. Belman and Vir V. Phoha",
  title =        "Discriminative Power of Typing Features on Desktops,
                 Tablets, and Phones for User Identification",
  journal =      j-TOPS,
  volume =       "23",
  number =       "1",
  pages =        "4:1--4:36",
  month =        feb,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3377404",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Feb 15 07:50:03 MST 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2020.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3377404",
  abstract =     "Research in Keystroke-Dynamics (KD) has customarily
                 focused on temporal features without considering
                 context to generate user templates that are used in
                 authentication. Additionally, work on KD in hand-held
                 devices such as smart-phones and tablets have
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "4",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Karegar:2020:DUE,
  author =       "Farzaneh Karegar and John S{\"o}ren Pettersson and
                 Simone Fischer-H{\"u}bner",
  title =        "The Dilemma of User Engagement in Privacy Notices:
                 Effects of Interaction Modes and Habituation on User
                 Attention",
  journal =      j-TOPS,
  volume =       "23",
  number =       "1",
  pages =        "5:1--5:38",
  month =        feb,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3372296",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Feb 15 07:50:03 MST 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3372296",
  abstract =     "Privacy notices and consent forms are the means of
                 conveying privacy policy information to users. In
                 Europe, a valid consent needs to be confirmed by a
                 clear affirmative action. Despite previous research, it
                 is not yet clear whether user engagement with
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "5",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Wu:2020:CPM,
  author =       "Fang-Jing Wu and Tie Luo",
  title =        "{CrowdPrivacy}: Publish More Useful Data with Less
                 Privacy Exposure in Crowdsourced Location-Based
                 Services",
  journal =      j-TOPS,
  volume =       "23",
  number =       "1",
  pages =        "6:1--6:25",
  month =        feb,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3375752",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Feb 15 07:50:03 MST 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3375752",
  abstract =     "Location-based services (LBSs) typically crowdsource
                 geo-tagged data from mobile users. Collecting more data
                 will generally improve the utility for LBS providers;
                 however, it also leads to more privacy exposure of
                 users' mobility patterns. Although the \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "6",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Ye:2020:UGA,
  author =       "Guixin Ye and Zhanyong Tang and Dingyi Fang and
                 Zhanxing Zhu and Yansong Feng and Pengfei Xu and
                 Xiaojiang Chen and Jungong Han and Zheng Wang",
  title =        "Using Generative Adversarial Networks to Break and
                 Protect Text Captchas",
  journal =      j-TOPS,
  volume =       "23",
  number =       "2",
  pages =        "7:1--7:29",
  month =        may,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3378446",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Wed May 27 08:04:28 MDT 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3378446",
  abstract =     "Text-based CAPTCHAs remains a popular scheme for
                 distinguishing between a legitimate human user and an
                 automated program. This article presents a novel
                 genetic text captcha solver based on the generative
                 adversarial network. As a departure from prior
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "7",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Ikram:2020:MAC,
  author =       "Muhammad Ikram and Rahat Masood and Gareth Tyson and
                 Mohamed Ali Kaafar and Noha Loizon and Roya Ensafi",
  title =        "Measuring and Analysing the Chain of Implicit Trust: a
                 Study of Third-party Resources Loading",
  journal =      j-TOPS,
  volume =       "23",
  number =       "2",
  pages =        "8:1--8:27",
  month =        may,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3380466",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Wed May 27 08:04:28 MDT 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3380466",
  abstract =     "The web is a tangled mass of interconnected services,
                 whereby websites import a range of external resources
                 from various third-party domains. The latter can also
                 load further resources hosted on other domains. For
                 each website, this creates a dependency \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "8",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Naor:2020:SLU,
  author =       "Moni Naor and Lior Rotem and Gil Segev",
  title =        "The Security of Lazy Users in Out-of-Band
                 Authentication",
  journal =      j-TOPS,
  volume =       "23",
  number =       "2",
  pages =        "9:1--9:32",
  month =        may,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3377849",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Wed May 27 08:04:28 MDT 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2020.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3377849",
  abstract =     "Faced with the threats posed by man-in-the-middle
                 attacks, messaging platforms rely on ``out-of-band''
                 authentication, assuming that users have access to an
                 external channel for authenticating one short value.
                 For example, assuming that users recognizing \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "9",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Parker:2020:BIB,
  author =       "James Parker and Michael Hicks and Andrew Ruef and
                 Michelle L. Mazurek and Dave Levin and Daniel Votipka
                 and Piotr Mardziel and Kelsey R. Fulton",
  title =        "Build It, Break It, Fix It: Contesting Secure
                 Development",
  journal =      j-TOPS,
  volume =       "23",
  number =       "2",
  pages =        "10:1--10:36",
  month =        may,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3383773",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Wed May 27 08:04:28 MDT 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3383773",
  abstract =     "Typical security contests focus on breaking or
                 mitigating the impact of buggy systems. We present the
                 Build-it, Break-it, Fix-it (BIBIFI) contest, which aims
                 to assess the ability to securely build software, not
                 just break it. In BIBIFI, teams build \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "10",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Anwar:2020:CFC,
  author =       "Fatima M. Anwar and Mani Srivastava",
  title =        "A Case for Feedforward Control with Feedback Trim to
                 Mitigate Time Transfer Attacks",
  journal =      j-TOPS,
  volume =       "23",
  number =       "2",
  pages =        "11:1--11:25",
  month =        may,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3382503",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Wed May 27 08:04:28 MDT 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3382503",
  abstract =     "We propose a new clock synchronization architecture
                 for systems under time transfer attacks. Facilitated by
                 a feedforward control with feedback trim-based clock
                 adjustment, coupled with packet filtering and frequency
                 shaping techniques, our proposed \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "11",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Boshrooyeh:2020:PPP,
  author =       "Sanaz Taheri Boshrooyeh and Alptekin
                 K{\"u}p{\c{c}}{\"u} and {\"O}znur {\"O}zkasap",
  title =        "{Privado}: Privacy-preserving Group-based Advertising
                 Using Multiple Independent Social Network Providers",
  journal =      j-TOPS,
  volume =       "23",
  number =       "3",
  pages =        "12:1--12:36",
  month =        jul,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3386154",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jul 10 09:15:30 MDT 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3386154",
  abstract =     "Online Social Networks (OSNs) offer free storage and
                 social networking services through which users can
                 communicate personal information with one another. The
                 personal information of the users collected by the OSN
                 provider comes with privacy problems \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "12",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Sciarretta:2020:FAM,
  author =       "Giada Sciarretta and Roberto Carbone and Silvio Ranise
                 and Luca Vigan{\`o}",
  title =        "Formal Analysis of Mobile Multi-Factor Authentication
                 with Single Sign-On Login",
  journal =      j-TOPS,
  volume =       "23",
  number =       "3",
  pages =        "13:1--13:37",
  month =        jul,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3386685",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jul 10 09:15:30 MDT 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2020.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3386685",
  abstract =     "Over the last few years, there has been an almost
                 exponential increase in the number of mobile
                 applications that deal with sensitive data, such as
                 applications for e-commerce or health. When dealing
                 with sensitive data, classical authentication solutions
                 based on username-password pairs are not enough, and
                 multi-factor authentication solutions that combine two
                 or more authentication factors of different categories
                 are required instead. Even if several solutions are
                 currently used, their security analyses have been
                 performed informally or semiformally at best, and
                 without a reference model and a precise definition of
                 the multi-factor authentication property. This makes a
                 comparison among the different solutions both complex
                 and potentially misleading. In this article, we first
                 present the design of two reference models for native
                 applications based on the requirements of two
                 real-world use-case scenarios. Common features between
                 them are the use of one-time password approaches and
                 the support of a single sign-on experience. Then, we
                 provide a formal specification of our threat model and
                 the security goals, and discuss the automated security
                 analysis that we performed. Our formal analysis
                 validates the security goals of the two reference
                 models we propose and provides an important building
                 block for the formal analysis of different multi-factor
                 authentication solutions.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "13",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Antonioli:2020:KND,
  author =       "Daniele Antonioli and Nils Ole Tippenhauer and Kasper
                 Rasmussen",
  title =        "Key Negotiation Downgrade Attacks on {Bluetooth} and
                 {Bluetooth} Low Energy",
  journal =      j-TOPS,
  volume =       "23",
  number =       "3",
  pages =        "14:1--14:28",
  month =        jul,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3394497",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jul 10 09:15:30 MDT 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3394497",
  abstract =     "Bluetooth (BR/EDR) and Bluetooth Low Energy (BLE) are
                 pervasive wireless technologies specified in the
                 Bluetooth standard. The standard includes key
                 negotiation protocols used to generate long-term keys
                 (during pairing) and session keys (during secure
                 \ldots{}).",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "14",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Shin:2020:SCW,
  author =       "Hocheol Shin and Juhwan Noh and Dohyun Kim and Yongdae
                 Kim",
  title =        "The System That Cried Wolf: Sensor Security Analysis
                 of Wide-area Smoke Detectors for Critical
                 Infrastructure",
  journal =      j-TOPS,
  volume =       "23",
  number =       "3",
  pages =        "15:1--15:32",
  month =        jul,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3393926",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jul 10 09:15:30 MDT 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3393926",
  abstract =     "Fire alarm and signaling systems are a networked
                 system of fire detectors, fire control units, automated
                 fire extinguishers, and fire notification appliances.
                 Malfunction of these safety-critical cyber-physical
                 systems may lead to chaotic evacuations, \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "15",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Hurley-Smith:2020:QLC,
  author =       "Darren Hurley-Smith and Julio Hernandez-Castro",
  title =        "Quantum Leap and Crash: Searching and Finding Bias in
                 Quantum Random Number Generators",
  journal =      j-TOPS,
  volume =       "23",
  number =       "3",
  pages =        "16:1--16:25",
  month =        jul,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3398726",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jul 10 09:15:30 MDT 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2020.bib;
                 https://www.math.utah.edu/pub/tex/bib/prng.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/abs/10.1145/3398726",
  abstract =     "Random numbers are essential for cryptography and
                 scientific simulation. Generating truly random numbers
                 for cryptography can be a slow and expensive process.
                 Quantum physics offers a variety of promising solutions
                 to this challenge, proposing sources of entropy that
                 may be genuinely unpredictable, based on the inherent
                 randomness of certain physical phenomena. These
                 properties have been employed to design Quantum Random
                 Number Generators (QRNGs), some of which are
                 commercially available. In this work, we present the
                 first published analysis of the Quantis family of QRNGs
                 (excluding AIS-31 models), designed and manufactured by
                 ID Quantique (IDQ). Our study also includes Comscire's
                 PQ32MU QRNG, and two online services: the Australian
                 National University's (ANU) QRNG, and the Humboldt
                 Physik generator.\par

                 Each QRNG is analysed using five batteries of
                 statistical tests: Dieharder, National Institute of
                 Standards and Technology (NIST) SP800-22, Ent, Tuftests
                 and TestU01, as part of our thorough examination of
                 their output. Our analysis highlights issues with
                 current certification schemes, which largely rely on
                 NIST SP800-22 and Diehard tests of randomness. We find
                 that more recent tests of randomness identify issues in
                 the output of QRNG, highlighting the need for mandatory
                 post-processing even for low-security usage of random
                 numbers sourced from QRNGs.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "16",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Nabeel:2020:FPD,
  author =       "Mohamed Nabeel and Issa M. Khalil and Bei Guan and
                 Ting Yu",
  title =        "Following Passive {DNS} Traces to Detect Stealthy
                 Malicious Domains Via Graph Inference",
  journal =      j-TOPS,
  volume =       "23",
  number =       "4",
  pages =        "17:1--17:36",
  month =        aug,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3401897",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 29 07:11:57 MDT 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3401897",
  abstract =     "Malicious domains, including phishing websites, spam
                 servers, and command and control servers, are the
                 reason for many of the cyber attacks nowadays. Thus,
                 detecting them in a timely manner is important to not
                 only identify cyber attacks but also take \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "17",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Rizvi:2020:EAG,
  author =       "Syed Zain Raza Rizvi and Philip W. L. Fong",
  title =        "Efficient Authorization of Graph-database Queries in
                 an Attribute-supporting {ReBAC} Model",
  journal =      j-TOPS,
  volume =       "23",
  number =       "4",
  pages =        "18:1--18:33",
  month =        aug,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3401027",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 29 07:11:57 MDT 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3401027",
  abstract =     "Neo4j is a popular graph database that offers two
                 versions: an enterprise edition and a community
                 edition. The enterprise edition offers customizable
                 Role-based Access Control features through custom
                 developed procedures, while the community edition
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "18",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Diamantaris:2020:SDS,
  author =       "Michalis Diamantaris and Francesco Marcantoni and
                 Sotiris Ioannidis and Jason Polakis",
  title =        "The Seven Deadly Sins of the {HTML5 WebAPI}: a
                 Large-scale Study on the Risks of Mobile Sensor-based
                 Attacks",
  journal =      j-TOPS,
  volume =       "23",
  number =       "4",
  pages =        "19:1--19:31",
  month =        aug,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3403947",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 29 07:11:57 MDT 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3403947",
  abstract =     "Modern smartphone sensors can be leveraged for
                 providing novel functionality and greatly improving the
                 user experience. However, sensor data can be misused by
                 privacy-invasive or malicious entities. Additionally, a
                 wide range of other attacks that use \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "19",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Abrath:2020:CRN,
  author =       "Bert Abrath and Bart Coppens and Jens {Van Den Broeck}
                 and Brecht Wyseur and Alessandro Cabutto and Paolo
                 Falcarin and Bjorn {De Sutter}",
  title =        "Code Renewability for Native Software Protection",
  journal =      j-TOPS,
  volume =       "23",
  number =       "4",
  pages =        "20:1--20:31",
  month =        aug,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3404891",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 29 07:11:57 MDT 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3404891",
  abstract =     "Software protection aims at safeguarding assets
                 embedded in software by preventing and delaying reverse
                 engineering and tampering attacks. This article
                 presents an architecture and supporting tool flow to
                 renew parts of native applications dynamically.
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "20",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Samtani:2020:PIE,
  author =       "Sagar Samtani and Hongyi Zhu and Hsinchun Chen",
  title =        "Proactively Identifying Emerging Hacker Threats from
                 the {Dark Web}: a Diachronic Graph Embedding Framework
                 {(D-GEF)}",
  journal =      j-TOPS,
  volume =       "23",
  number =       "4",
  pages =        "21:1--21:33",
  month =        aug,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3409289",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 29 07:11:57 MDT 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3409289",
  abstract =     "Cybersecurity experts have appraised the total global
                 cost of malicious hacking activities to be \$450
                 billion annually. Cyber Threat Intelligence (CTI) has
                 emerged as a viable approach to combat this societal
                 issue. However, existing processes are \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "21",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Cho:2020:SUI,
  author =       "Geumhwan Cho and Jun Ho Huh and Soolin Kim and Junsung
                 Cho and Heesung Park and Yenah Lee and Konstantin
                 Beznosov and Hyoungshick Kim",
  title =        "On the Security and Usability Implications of
                 Providing Multiple Authentication Choices on
                 Smartphones: The More, the Better?",
  journal =      j-TOPS,
  volume =       "23",
  number =       "4",
  pages =        "22:1--22:32",
  month =        aug,
  year =         "2020",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3410155",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 29 07:11:57 MDT 2020",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3410155",
  abstract =     "The latest smartphones have started providing multiple
                 authentication options including PINs, patterns, and
                 passwords (knowledge based), as well as face,
                 fingerprint, iris, and voice identification
                 (biometric-based). In this article, we conducted two
                 user studies to investigate how the convenience and
                 security of unlocking phones are influenced by the
                 provision of multiple authentication options. In a
                 task-based user study with 52 participants, we analyze
                 how participants choose an option to unlock their
                 smartphone in daily life. The user study results
                 demonstrate that providing multiple biometric-based
                 authentication choices does not really influence
                 convenience, because fingerprint had monopolistic
                 dominance in the usage of unlock methods (111 of a
                 total of 115 unlock trials that used a biometric-based
                 authentication factor) due to users' habitual behavior
                 and fastness in unlocking phones. However, convenience
                 was influenced by the provision of both knowledge-based
                 and biometric-based authentication categories, as
                 biometric-based authentication options were used in
                 combination with knowledge-based authentication options
                 --- pattern was another frequently used unlock method.
                 Our findings were confirmed and generalized through a
                 follow-up survey with 327 participants. First,
                 knowledge-based and biometric-based authentication
                 options are used interchangeably. Second, providing
                 multiple authentication options for knowledge-based
                 authentication may influence convenience --- both PINs
                 (55.7\%) and patterns (39.2\%) are quite evenly used.
                 Last, in contrast to knowledge-based authentication,
                 providing multiple authentication choices for
                 biometric-based authentication has less influence on
                 choosing unlock options --- fingerprint scanner is the
                 most frequently used option (134 of 187 unlock methods
                 used among biometric-based authentication options).",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "22",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Zhao:2021:EBS,
  author =       "Benjamin Zi Hao Zhao and Hassan Jameel Asghar and
                 Mohamed Ali Kaafar and Francesca Trevisan and Haiyue
                 Yuan",
  title =        "Exploiting Behavioral Side Channels in Observation
                 Resilient Cognitive Authentication Schemes",
  journal =      j-TOPS,
  volume =       "24",
  number =       "1",
  pages =        "1:1--1:33",
  month =        jan,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3414844",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Feb 5 09:05:31 MST 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2020.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3414844",
  abstract =     "Observation Resilient Authentication Schemes (ORAS)
                 are a class of shared secret challenge-response
                 identification schemes where a user mentally computes
                 the response via a cognitive function to authenticate
                 herself such that eavesdroppers cannot \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "1",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Ahmed:2021:NPD,
  author =       "Chuadhry Mujeeb Ahmed and Aditya P. Mathur and
                 Mart{\'\i}n Ochoa",
  title =        "{NoiSense} Print: Detecting Data Integrity Attacks on
                 Sensor Measurements Using Hardware-based Fingerprints",
  journal =      j-TOPS,
  volume =       "24",
  number =       "1",
  pages =        "2:1--2:35",
  month =        jan,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3410447",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Feb 5 09:05:31 MST 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3410447",
  abstract =     "Fingerprinting of various physical and logical devices
                 has been proposed for uniquely identifying users or
                 devices of mainstream IT systems such as PCs, laptops,
                 and smart phones. However, the application of such
                 techniques in Industrial Control Systems \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "2",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Alexopoulos:2021:TIM,
  author =       "Nikolaos Alexopoulos and Sheikh Mahbub Habib and
                 Steffen Schulz and Max M{\"u}hlh{\"a}user",
  title =        "The Tip of the Iceberg: On the Merits of Finding
                 Security Bugs",
  journal =      j-TOPS,
  volume =       "24",
  number =       "1",
  pages =        "3:1--3:33",
  month =        jan,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3406112",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Feb 5 09:05:31 MST 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/gnu.bib;
                 https://www.math.utah.edu/pub/tex/bib/linux.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib;
                 https://www.math.utah.edu/pub/tex/bib/unix.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3406112",
  abstract =     "In this article, we investigate a fundamental question
                 regarding software security: Is the security of SW
                 releases increasing over time? We approach this
                 question with a detailed analysis of the large body of
                 open-source software packaged in the popular Debian
                 GNU/Linux distribution. Contrary to common intuition,
                 we find no clear evidence that the vulnerability rate
                 of widely used software decreases over time: Even in
                 popular and ``stable'' releases, the fixing of bugs
                 does not seem to reduce the rate of newly identified
                 vulnerabilities. The intuitive conclusion is worrisome:
                 Commonly employed development and validation procedures
                 do not seem to scale with the increase of features and
                 complexity --- they are only chopping pieces off the
                 top of an iceberg of vulnerabilities.\par

                 To the best of our knowledge, this is the first
                 investigation into the problem that studies a complete
                 distribution of software, spanning multiple versions.
                 Although we can not give a definitive answer, we show
                 that several popular beliefs also cannot be confirmed
                 given our dataset. We publish our Debian Vulnerability
                 Analysis Framework (DVAF), an automated dataset
                 creation and analysis process, to enable reproduction
                 and further analysis of our results. Overall, we hope
                 our contributions provide important insights into the
                 vulnerability discovery process and help in identifying
                 effective techniques for vulnerability analysis and
                 prevention.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "3",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Meylan:2021:SUC,
  author =       "Alexandre Meylan and Mauro Cherubini and Bertil
                 Chapuis and Mathias Humbert and Igor Bilogrevic and
                 K{\'e}vin Huguenin",
  title =        "A Study on the Use of Checksums for Integrity
                 Verification of {Web} Downloads",
  journal =      j-TOPS,
  volume =       "24",
  number =       "1",
  pages =        "4:1--4:36",
  month =        jan,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3410154",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Feb 5 09:05:31 MST 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3410154",
  abstract =     "App stores provide access to millions of different
                 programs that users can download on their computers.
                 Developers can also make their programs available for
                 download on their websites and host the program files
                 either directly on their website or on \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "4",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Shreeve:2021:IMB,
  author =       "Benjamin Shreeve and Joseph Hallett and Matthew
                 Edwards and Pauline Anthonysamy and Sylvain Frey and
                 Awais Rashid",
  title =        "{``So if Mr Blue Head here clicks the link\ldots{}''}
                 Risk Thinking in Cyber Security Decision Making",
  journal =      j-TOPS,
  volume =       "24",
  number =       "1",
  pages =        "5:1--5:29",
  month =        jan,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3419101",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Feb 5 09:05:31 MST 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3419101",
  abstract =     "Cyber security decision making is inherently
                 complicated, with nearly every decision having knock-on
                 consequences for an organisation's vulnerability and
                 exposure. This is further compounded by the fact that
                 decision-making actors are rarely security \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "5",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Hu:2021:ACD,
  author =       "Zhisheng Hu and Minghui Zhu and Peng Liu",
  title =        "Adaptive Cyber Defense Against Multi-Stage Attacks
                 Using Learning-Based {POMDP}",
  journal =      j-TOPS,
  volume =       "24",
  number =       "1",
  pages =        "6:1--6:25",
  month =        jan,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3418897",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Feb 5 09:05:31 MST 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3418897",
  abstract =     "Growing multi-stage attacks in computer networks
                 impose significant security risks and necessitate the
                 development of effective defense schemes that are able
                 to autonomously respond to intrusions during
                 vulnerability windows. However, the defender faces
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "6",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Papaevripides:2021:EMB,
  author =       "Michalis Papaevripides and Elias Athanasopoulos",
  title =        "Exploiting Mixed Binaries",
  journal =      j-TOPS,
  volume =       "24",
  number =       "2",
  pages =        "7:1--7:29",
  month =        feb,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3418898",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Feb 5 09:05:32 MST 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3418898",
  abstract =     "Unsafe programming systems are still very popular,
                 despite the shortcomings due to several published
                 memory-corruption vulnerabilities. Toward defending
                 memory corruption, compilers have started to employ
                 advanced software hardening such as Control-flow
                 Integrity (CFI) and SafeStack. However, there is a
                 broad interest for realizing compilers that impose
                 memory safety with no heavy runtime support (e.g.,
                 garbage collection). Representative examples of this
                 category are Rust and Go, which enforce memory safety
                 primarily statically at compile time.\par

                 Software hardening and Rust/Go are promising directions
                 for defending memory corruption, albeit combining the
                 two is questionable. In this article, we consider
                 hardened mixed binaries, i.e., machine code that has
                 been produced from different compilers and, in
                 particular, from hardened C/C++ and Rust/Go (e.g.,
                 Mozilla Firefox, Dropbox, npm, and Docker). Our
                 analysis is focused on Mozilla Firefox, which
                 outsources significant code to Rust and is open source
                 with known public vulnerabilities (with assigned CVE).
                 Furthermore, we extend our analysis in mixed binaries
                 that leverage Go, and we derive similar
                 results.\par

                 The attacks explored in this article do not exploit
                 Rust or Go binaries that depend on some legacy
                 (vulnerable) C/C++ code. In contrast, we explore how
                 Rust/Go compiled code can stand as a vehicle for
                 bypassing hardening in C/C++ code. In particular, we
                 discuss CFI and SafeStack, which are available in the
                 latest Clang. Our assessment concludes that CFI can be
                 completely nullified through Rust or Go code by
                 constructing much simpler attacks than state-of-the-art
                 CFI bypasses.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "7",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Cordero:2021:GNT,
  author =       "Carlos Garcia Cordero and Emmanouil Vasilomanolakis
                 and Aidmar Wainakh and Max M{\"u}hlh{\"a}user and Simin
                 Nadjm-Tehrani",
  title =        "On Generating Network Traffic Datasets with Synthetic
                 Attacks for Intrusion Detection",
  journal =      j-TOPS,
  volume =       "24",
  number =       "2",
  pages =        "8:1--8:39",
  month =        feb,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3424155",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Feb 5 09:05:32 MST 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3424155",
  abstract =     "Most research in the field of network intrusion
                 detection heavily relies on datasets. Datasets in this
                 field, however, are scarce and difficult to reproduce.
                 To compare, evaluate, and test related work,
                 researchers usually need the same datasets or at
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "8",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Bhattacharjee:2021:ACE,
  author =       "Shameek Bhattacharjee and Venkata Praveen Kumar
                 Madhavarapu and Simone Silvestri and Sajal K. Das",
  title =        "Attack Context Embedded Data Driven Trust Diagnostics
                 in Smart Metering Infrastructure",
  journal =      j-TOPS,
  volume =       "24",
  number =       "2",
  pages =        "9:1--9:36",
  month =        feb,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3426739",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Feb 5 09:05:32 MST 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3426739",
  abstract =     "Spurious power consumption data reported from
                 compromised meters controlled by organized adversaries
                 in the Advanced Metering Infrastructure (AMI) may have
                 drastic consequences on a smart grid's operations.
                 While existing research on data falsification
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "9",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Arceri:2021:ADC,
  author =       "Vincenzo Arceri and Isabella Mastroeni",
  title =        "Analyzing Dynamic Code: a Sound Abstract Interpreter
                 for Evil Eval",
  journal =      j-TOPS,
  volume =       "24",
  number =       "2",
  pages =        "10:1--10:38",
  month =        feb,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3426470",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Feb 5 09:05:32 MST 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3426470",
  abstract =     "Dynamic languages, such as JavaScript, employ
                 string-to-code primitives to turn dynamically generated
                 text into executable code at run-time. These features
                 make standard static analysis extremely hard if not
                 impossible, because its essential data \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "10",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Botacin:2021:OSD,
  author =       "Marcus Botacin and Hojjat Aghakhani and Stefano
                 Ortolani and Christopher Kruegel and Giovanni Vigna and
                 Daniela Oliveira and Paulo L{\'\i}cio {De Geus} and
                 Andr{\'e} Gr{\'e}gio",
  title =        "One Size Does Not Fit All: a Longitudinal Analysis of
                 {Brazilian} Financial Malware",
  journal =      j-TOPS,
  volume =       "24",
  number =       "2",
  pages =        "11:1--11:31",
  month =        feb,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3429741",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Feb 5 09:05:32 MST 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3429741",
  abstract =     "Malware analysis is an essential task to understand
                 infection campaigns, the behavior of malicious codes,
                 and possible ways to mitigate threats. Malware analysis
                 also allows better assessment of attackers'
                 capabilities, techniques, and processes. \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "11",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Wagner:2021:DSP,
  author =       "Isabel Wagner and Iryna Yevseyeva",
  title =        "Designing Strong Privacy Metrics Suites Using
                 Evolutionary Optimization",
  journal =      j-TOPS,
  volume =       "24",
  number =       "2",
  pages =        "12:1--12:35",
  month =        feb,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3439405",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Feb 5 09:05:32 MST 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3439405",
  abstract =     "The ability to measure privacy accurately and
                 consistently is key in the development of new privacy
                 protections. However, recent studies have uncovered
                 weaknesses in existing privacy metrics, as well as
                 weaknesses caused by the use of only a single
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "12",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Jacomme:2021:EFA,
  author =       "Charlie Jacomme and Steve Kremer",
  title =        "An Extensive Formal Analysis of Multi-factor
                 Authentication Protocols",
  journal =      j-TOPS,
  volume =       "24",
  number =       "2",
  pages =        "13:1--13:34",
  month =        feb,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3440712",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Feb 5 09:05:32 MST 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2020.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3440712",
  abstract =     "Passwords are still the most widespread means for
                 authenticating users, even though they have been shown
                 to create huge security problems. This motivated the
                 use of additional authentication mechanisms in
                 so-called multi-factor authentication protocols.
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "13",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Mohammady:2021:MVA,
  author =       "Meisam Mohammady and Momen Oqaily and Lingyu Wang and
                 Yuan Hong and Habib Louafi and Makan Pourzandi and
                 Mourad Debbabi",
  title =        "A Multi-view Approach to Preserve Privacy and Utility
                 in Network Trace Anonymization",
  journal =      j-TOPS,
  volume =       "24",
  number =       "3",
  pages =        "14:1--14:36",
  month =        apr,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3439732",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Apr 29 09:49:38 MDT 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3439732",
  abstract =     "As network security monitoring grows more
                 sophisticated, there is an increasing need for
                 outsourcing such tasks to third-party analysts.
                 However, organizations are usually reluctant to share
                 their network traces due to privacy concerns over
                 sensitive \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "14",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Ami:2021:SMB,
  author =       "Amit Seal Ami and Kaushal Kafle and Kevin Moran and
                 Adwait Nadkarni and Denys Poshyvanyk",
  title =        "Systematic Mutation-Based Evaluation of the Soundness
                 of Security-Focused {Android} Static Analysis
                 Techniques",
  journal =      j-TOPS,
  volume =       "24",
  number =       "3",
  pages =        "15:1--15:37",
  month =        apr,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3439802",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Apr 29 09:49:38 MDT 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3439802",
  abstract =     "Mobile application security has been a major area of
                 focus for security research over the course of the last
                 decade. Numerous application analysis tools have been
                 proposed in response to malicious, curious, or
                 vulnerable apps. However, existing tools, \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "15",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Balliu:2021:FFC,
  author =       "Musard Balliu and Massimo Merro and Michele Pasqua and
                 Mikhail Shcherbakov",
  title =        "Friendly Fire: Cross-app Interactions in {IoT}
                 Platforms",
  journal =      j-TOPS,
  volume =       "24",
  number =       "3",
  pages =        "16:1--16:40",
  month =        apr,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3444963",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Apr 29 09:49:38 MDT 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3444963",
  abstract =     "IoT platforms enable users to connect various smart
                 devices and online services via reactive apps running
                 on the cloud. These apps, often developed by
                 third-parties, perform simple computations on data
                 triggered by external information sources and
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "16",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Jarecki:2021:TFP,
  author =       "Stanislaw Jarecki and Mohammed Jubur and Hugo Krawczyk
                 and Nitesh Saxena and Maliheh Shirvanian",
  title =        "Two-factor Password-authenticated Key Exchange with
                 End-to-end Security",
  journal =      j-TOPS,
  volume =       "24",
  number =       "3",
  pages =        "17:1--17:37",
  month =        apr,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3446807",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Apr 29 09:49:38 MDT 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2020.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3446807",
  abstract =     "We present a secure two-factor authentication (TFA)
                 scheme based on the user's possession of a password and
                 a crypto-capable device. Security is ``end-to-end'' in
                 the sense that the attacker can attack all parts of the
                 system, including all communication \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "17",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Cui:2021:PPD,
  author =       "Shujie Cui and Xiangfu Song and Muhammad Rizwan Asghar
                 and Steven D. Galbraith and Giovanni Russello",
  title =        "Privacy-preserving Dynamic Symmetric Searchable
                 Encryption with Controllable Leakage",
  journal =      j-TOPS,
  volume =       "24",
  number =       "3",
  pages =        "18:1--18:35",
  month =        apr,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3446920",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Apr 29 09:49:38 MDT 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2020.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3446920",
  abstract =     "Searchable Encryption (SE) is a technique that allows
                 Cloud Service Providers to search over encrypted
                 datasets without learning the content of queries and
                 records. In recent years, many SE schemes have been
                 proposed to protect outsourced data. However,
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "18",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Mayrhofer:2021:APS,
  author =       "Ren{\'e} Mayrhofer and Jeffrey {Vander Stoep} and Chad
                 Brubaker and Nick Kralevich",
  title =        "The {Android} Platform Security Model",
  journal =      j-TOPS,
  volume =       "24",
  number =       "3",
  pages =        "19:1--19:35",
  month =        apr,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3448609",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Apr 29 09:49:38 MDT 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2020.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3448609",
  abstract =     "Android is the most widely deployed end-user focused
                 operating system. With its growing set of use cases
                 encompassing communication, navigation, media
                 consumption, entertainment, finance, health, and access
                 to sensors, actuators, cameras, or microphones,.
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "19",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Veras:2021:LSA,
  author =       "Rafael Veras and Christopher Collins and Julie
                 Thorpe",
  title =        "A Large-Scale Analysis of the Semantic Password Model
                 and Linguistic Patterns in Passwords",
  journal =      j-TOPS,
  volume =       "24",
  number =       "3",
  pages =        "20:1--20:21",
  month =        apr,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3448608",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Apr 29 09:49:38 MDT 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3448608",
  abstract =     "In this article, we present a thorough evaluation of
                 semantic password grammars. We report multifactorial
                 experiments that test the impact of sample size,
                 probability smoothing, and linguistic information on
                 password cracking. The semantic grammars are \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "20",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Abuhamad:2021:LSR,
  author =       "Mohammed Abuhamad and Tamer Abuhmed and David Mohaisen
                 and Daehun Nyang",
  title =        "Large-scale and Robust Code Authorship Identification
                 with Deep Feature Learning",
  journal =      j-TOPS,
  volume =       "24",
  number =       "4",
  pages =        "23:1--23:35",
  month =        nov,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3461666",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Oct 1 08:22:18 MDT 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3461666",
  abstract =     "Successful software authorship de-anonymization has
                 both software forensics applications and privacy
                 implications. However, the process requires an
                 efficient extraction of authorship attributes. The
                 extraction of such attributes is very challenging, due
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "23",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Acar:2021:LPA,
  author =       "Abbas Acar and Shoukat Ali and Koray Karabina and
                 Cengiz Kaygusuz and Hidayet Aksu and Kemal Akkaya and
                 Selcuk Uluagac",
  title =        "A Lightweight {Privacy-Aware Continuous Authentication
                 Protocol} --- {PACA}",
  journal =      j-TOPS,
  volume =       "24",
  number =       "4",
  pages =        "24:1--24:28",
  month =        nov,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3464690",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Oct 1 08:22:18 MDT 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3464690",
  abstract =     "As many vulnerabilities of one-time authentication
                 systems have already been uncovered, there is a growing
                 need and trend to adopt continuous authentication
                 systems. Biometrics provides an excellent means for
                 periodic verification of the authenticated \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "24",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Salem:2021:MAA,
  author =       "Aleieldin Salem and Sebastian Banescu and Alexander
                 Pretschner",
  title =        "\pkg{Maat}: Automatically Analyzing {VirusTotal} for
                 Accurate Labeling and Effective Malware Detection",
  journal =      j-TOPS,
  volume =       "24",
  number =       "4",
  pages =        "25:1--25:35",
  month =        nov,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3465361",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Oct 1 08:22:18 MDT 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3465361",
  abstract =     "The malware analysis and detection research community
                 relies on the online platform VirusTotal to label
                 Android apps based on the scan results of around 60
                 antiviral scanners. Unfortunately, there are no
                 standards on how to best interpret the scan \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "25",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Cheng:2021:ETD,
  author =       "Long Cheng and Salman Ahmed and Hans Liljestrand and
                 Thomas Nyman and Haipeng Cai and Trent Jaeger and N.
                 Asokan and Danfeng (Daphne) Yao",
  title =        "Exploitation Techniques for Data-oriented Attacks with
                 Existing and Potential Defense Approaches",
  journal =      j-TOPS,
  volume =       "24",
  number =       "4",
  pages =        "26:1--26:36",
  month =        nov,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3462699",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Oct 1 08:22:18 MDT 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3462699",
  abstract =     "Data-oriented attacks manipulate non-control data to
                 alter a program's benign behavior without violating its
                 control-flow integrity. It has been shown that such
                 attacks can cause significant damage even in the
                 presence of control-flow defense \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "26",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Demetrio:2021:AES,
  author =       "Luca Demetrio and Scott E. Coull and Battista Biggio
                 and Giovanni Lagorio and Alessandro Armando and Fabio
                 Roli",
  title =        "Adversarial {EXEmples}: a Survey and Experimental
                 Evaluation of Practical Attacks on Machine Learning for
                 {Windows} Malware Detection",
  journal =      j-TOPS,
  volume =       "24",
  number =       "4",
  pages =        "27:1--27:31",
  month =        nov,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3473039",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Oct 1 08:22:18 MDT 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3473039",
  abstract =     "Recent work has shown that adversarial Windows malware
                 samples-referred to as adversarial EXE mples in this
                 article-can bypass machine learning-based detection
                 relying on static code analysis by perturbing
                 relatively few input bytes. To preserve \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "27",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Maqsood:2021:DDE,
  author =       "Sana Maqsood and Sonia Chiasson",
  title =        "Design, Development, and Evaluation of a
                 Cybersecurity, Privacy, and Digital Literacy Game for
                 Tweens",
  journal =      j-TOPS,
  volume =       "24",
  number =       "4",
  pages =        "28:1--28:37",
  month =        nov,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3469821",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Oct 1 08:22:18 MDT 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3469821",
  abstract =     "Tweens are avid users of digital media, which exposes
                 them to various online threats. Teachers are primarily
                 expected to teach children safe online behaviours,
                 despite not necessarily having the required training or
                 classroom tools to support this \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "28",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Helble:2021:FMR,
  author =       "Sarah C. Helble and Ian D. Kretz and Peter A. Loscocco
                 and John D. Ramsdell and Paul D. Rowe and Perry
                 Alexander",
  title =        "Flexible Mechanisms for Remote Attestation",
  journal =      j-TOPS,
  volume =       "24",
  number =       "4",
  pages =        "29:1--29:23",
  month =        nov,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3470535",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Oct 1 08:22:18 MDT 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3470535",
  abstract =     "Remote attestation consists of generating evidence of
                 a system's integrity via measurements and reporting the
                 evidence to a remote party for appraisal in a form that
                 can be trusted. The parties that exchange information
                 must agree on formats and \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "29",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Markert:2021:SSU,
  author =       "Philipp Markert and Daniel V. Bailey and Maximilian
                 Golla and Markus D{\"u}rmuth and Adam J. Aviv",
  title =        "On the Security of Smartphone Unlock {PINs}",
  journal =      j-TOPS,
  volume =       "24",
  number =       "4",
  pages =        "30:1--30:36",
  month =        nov,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3473040",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Oct 1 08:22:18 MDT 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3473040",
  abstract =     "In this article, we provide the first comprehensive
                 study of user-chosen four- and six-digit PINs ($ n =
                 1705 $) collected on smartphones with participants
                 being explicitly primed for device unlocking. We find
                 that against a throttled attacker (with 10, 30, or 100
                 guesses, matching the smartphone unlock setting), using
                 six-digit PINs instead of four-digit PINs provides
                 little to no increase in security and surprisingly may
                 even decrease security. We also study the effects of
                 blocklists, where a set of ``easy to guess'' PINs is
                 disallowed during selection. Two such blocklists are in
                 use today by iOS, for four digits (274 PINs) as well as
                 six digits (2,910 PINs). We extracted both blocklists
                 and compared them with six other blocklists, three for
                 each PIN length. In each case, we had a small
                 (four-digit: 27 PINs; six-digit: 29 PINs), a large
                 (four-digit: 2,740 PINs; six-digit: 291,000 PINs), and
                 a placebo blocklist that always excluded the
                 first-choice PIN. For four-digit PINs, we find that the
                 relatively small blocklist in use today by iOS offers
                 little to no benefit against a throttled guessing
                 attack. Security gains are only observed when the
                 blocklist is much larger. In the six-digit case, we
                 were able to reach a similar security level with a
                 smaller blocklist. As the user frustration increases
                 with the blocklists size, developers should employ a
                 blocklist that is as small as possible while ensuring
                 the desired security.Based on our analysis, we
                 recommend that for four-digit PINs a blocklist should
                 contain the 1,000 most popular PINs to provide the best
                 balance between usability and security and for
                 six-digit PINs the 2,000 most popular PINs should be
                 blocked.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "30",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Birnbach:2021:PRW,
  author =       "Simon Birnbach and Richard Baker and Simon Eberz and
                 Ivan Martinovic",
  title =        "{{\#PrettyFlyForAWiFi}}: Real-world Detection of
                 Privacy Invasion Attacks by Drones",
  journal =      j-TOPS,
  volume =       "24",
  number =       "4",
  pages =        "31:1--31:34",
  month =        nov,
  year =         "2021",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3473672",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Oct 1 08:22:18 MDT 2021",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3473672",
  abstract =     "Drones are becoming increasingly popular for hobbyists
                 and recreational use. But with this surge in popularity
                 comes increased risk to privacy as the technology makes
                 it easy to spy on people in otherwise-private
                 environments, such as an individual's \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "31",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Savvides:2022:CCB,
  author =       "Savvas Savvides and Seema Kumar and Julian James
                 Stephen and Patrick Eugster",
  title =        "{C3PO}: Cloud-based Confidentiality-preserving
                 Continuous Query Processing",
  journal =      j-TOPS,
  volume =       "25",
  number =       "1",
  pages =        "1:1--1:36",
  month =        feb,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3472717",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jan 7 07:47:52 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3472717",
  abstract =     "With the advent of the Internet of things (IoT),
                 billions of devices are expected to continuously
                 collect and process sensitive data (e.g., location,
                 personal health factors). Due to the limited
                 computational capacity available on IoT devices, the
                 current \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "1",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Berlato:2022:FMA,
  author =       "Stefano Berlato and Roberto Carbone and Adam J. Lee
                 and Silvio Ranise",
  title =        "Formal Modelling and Automated Trade-off Analysis of
                 Enforcement Architectures for Cryptographic Access
                 Control in the Cloud",
  journal =      j-TOPS,
  volume =       "25",
  number =       "1",
  pages =        "2:1--2:37",
  month =        feb,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3474056",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jan 7 07:47:52 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3474056",
  abstract =     "To facilitate the adoption of cloud by organizations,
                 Cryptographic Access Control (CAC) is the obvious
                 solution to control data sharing among users while
                 preventing partially trusted Cloud Service Providers
                 (CSP) from accessing sensitive data. Indeed, \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "2",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Alper:2022:OEM,
  author =       "Handan Kilin{\c{c}} Alper and Alptek{\.\i}n
                 K{\"u}p{\c{c}}{\"u}",
  title =        "Optimally Efficient Multi-party Fair Exchange and Fair
                 Secure Multi-party Computation",
  journal =      j-TOPS,
  volume =       "25",
  number =       "1",
  pages =        "3:1--3:34",
  month =        feb,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3477530",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jan 7 07:47:52 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3477530",
  abstract =     "Multi-party fair exchange (MFE) and fair secure
                 multi-party computation (fair SMPC) are under-studied
                 fields of research, with practical importance. In
                 particular, we consider MFE scenarios where at the end
                 of the protocol, either every participant \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "3",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Qin:2022:VUF,
  author =       "Le Qin and Fei Peng and Min Long and Raghavendra
                 Ramachandra and Christoph Busch",
  title =        "Vulnerabilities of Unattended Face Verification
                 Systems to Facial Components-based Presentation
                 Attacks: an Empirical Study",
  journal =      j-TOPS,
  volume =       "25",
  number =       "1",
  pages =        "4:1--4:28",
  month =        feb,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3491199",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jan 7 07:47:52 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3491199",
  abstract =     "As face presentation attacks (PAs) are realistic
                 threats for unattended face verification systems, face
                 presentation attack detection (PAD) has been
                 intensively investigated in past years, and the recent
                 advances in face PAD have significantly reduced the
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "4",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Bazai:2022:NHA,
  author =       "Sibghat Ullah Bazai and Julian Jang-Jaccard and Hooman
                 Alavizadeh",
  title =        "A Novel Hybrid Approach for Multi-Dimensional Data
                 Anonymization for {Apache Spark}",
  journal =      j-TOPS,
  volume =       "25",
  number =       "1",
  pages =        "5:1--5:25",
  month =        feb,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3484945",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jan 7 07:47:52 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3484945",
  abstract =     "Multi-dimensional data anonymization approaches (e.g.,
                 Mondrian) ensure more fine-grained data privacy by
                 providing a different anonymization strategy applied
                 for each attribute. Many variations of
                 multi-dimensional anonymization have been implemented
                 on \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "5",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Pagani:2022:ATA,
  author =       "Fabio Pagani and Davide Balzarotti",
  title =        "{AutoProfile}: Towards Automated Profile Generation
                 for Memory Analysis",
  journal =      j-TOPS,
  volume =       "25",
  number =       "1",
  pages =        "6:1--6:26",
  month =        feb,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3485471",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jan 7 07:47:52 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3485471",
  abstract =     "Despite a considerable number of approaches that have
                 been proposed to protect computer systems,
                 cyber-criminal activities are on the rise and forensic
                 analysis of compromised machines and seized devices is
                 becoming essential in computer security. \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "6",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Perillo:2022:SSE,
  author =       "Angelo Massimo Perillo and Giuseppe Persiano and
                 Alberto Trombetta",
  title =        "Secure Selections on Encrypted Multi-writer Streams",
  journal =      j-TOPS,
  volume =       "25",
  number =       "1",
  pages =        "7:1--7:33",
  month =        feb,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3485470",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jan 7 07:47:52 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2020.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3485470",
  abstract =     "Performing searches over encrypted data is a very
                 current and active area. Several efficient solutions
                 have been provided for the single-writer scenario in
                 which all sensitive data originate with one party (the
                 Data Owner ) that encrypts and uploads the \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "7",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Braun:2022:MFM,
  author =       "Lennart Braun and Daniel Demmler and Thomas Schneider
                 and Oleksandr Tkachenko",
  title =        "{MOTION} --- A Framework for Mixed-Protocol
                 Multi-Party Computation",
  journal =      j-TOPS,
  volume =       "25",
  number =       "2",
  pages =        "8:1--8:35",
  month =        may,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3490390",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Jul 2 07:50:27 MDT 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3490390",
  abstract =     "We present MOTION, an efficient and generic
                 open-source framework for mixed-protocol secure
                 multi-party computation (MPC). MOTION is built in a
                 user-friendly, modular, and extensible way, intended to
                 be used as a tool in MPC research and to increase
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "8",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Botacin:2022:TSC,
  author =       "Marcus Botacin and Francis B. Moreira and Philippe O.
                 A. Navaux and Andr{\'e} Gr{\'e}gio and Marco A. Z.
                 Alves",
  title =        "{Terminator}: a Secure Coprocessor to Accelerate
                 Real-Time {AntiViruses} Using Inspection Breakpoints",
  journal =      j-TOPS,
  volume =       "25",
  number =       "2",
  pages =        "9:1--9:34",
  month =        may,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3494535",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Jul 2 07:50:27 MDT 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3494535",
  abstract =     "AntiViruses (AVs) are essential to face the myriad of
                 malware threatening Internet users. AVs operate in two
                 modes: on-demand checks and real-time verification.
                 Software-based real-time AVs intercept system and
                 function calls to execute AV's inspection \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "9",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Wang:2022:CPA,
  author =       "Xueou Wang and Xiaolu Hou and Ruben Rios and Nils Ole
                 Tippenhauer and Mart{\'\i}n Ochoa",
  title =        "Constrained Proximity Attacks on Mobile Targets",
  journal =      j-TOPS,
  volume =       "25",
  number =       "2",
  pages =        "10:1--10:29",
  month =        may,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3498543",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Jul 2 07:50:27 MDT 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3498543",
  abstract =     "Proximity attacks allow an adversary to uncover the
                 location of a victim by repeatedly issuing queries with
                 fake location data. These attacks have been mostly
                 studied in scenarios where victims remain static and
                 there are no constraints that limit the \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "10",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Debant:2022:NYF,
  author =       "Alexandre Debant and St{\'e}phanie Delaune and Cyrille
                 Wiedling",
  title =        "So Near and Yet So Far --- Symbolic Verification of
                 Distance-Bounding Protocols",
  journal =      j-TOPS,
  volume =       "25",
  number =       "2",
  pages =        "11:1--11:39",
  month =        may,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3501402",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Jul 2 07:50:27 MDT 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3501402",
  abstract =     "The continuous adoption of Near Field Communication
                 (NFC) tags offers many new applications whose security
                 is essential (e.g., contactless payments). In order to
                 prevent flaws and attacks, we develop in this article a
                 framework allowing us to analyse the \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "11",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Zolotavkin:2022:IUA,
  author =       "Yevhen Zolotavkin and Jongkil Jay Jeong and Veronika
                 Kuchta and Maksym Slavnenko and Robin Doss",
  title =        "Improving Unlinkability of Attribute-based
                 Authentication through Game Theory",
  journal =      j-TOPS,
  volume =       "25",
  number =       "2",
  pages =        "12:1--12:36",
  month =        may,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3501260",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Jul 2 07:50:27 MDT 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3501260",
  abstract =     "This article first formalizes the problem of
                 unlinkable attribute-based authentication in the system
                 where each user possesses multiple assertions and uses
                 them interchangeably. Currently, there are no
                 recommendations for optimal usage of assertions in
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "12",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Daoudi:2022:DDI,
  author =       "Nadia Daoudi and Kevin Allix and Tegawend{\'e}
                 Fran{\c{c}}ois Bissyand{\'e} and Jacques Klein",
  title =        "A Deep Dive Inside {DREBIN}: an Explorative Analysis
                 beyond {Android} Malware Detection Scores",
  journal =      j-TOPS,
  volume =       "25",
  number =       "2",
  pages =        "13:1--13:28",
  month =        may,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3503463",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Jul 2 07:50:27 MDT 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3503463",
  abstract =     "Machine learning advances have been extensively
                 explored for implementing large-scale malware
                 detection. When reported in the literature, performance
                 evaluation of machine learning based detectors
                 generally focuses on highlighting the ratio of samples
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "13",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Oser:2022:RPI,
  author =       "Pascal Oser and Rens W. van der Heijden and Stefan
                 L{\"u}ders and Frank Kargl",
  title =        "Risk Prediction of {IoT} Devices Based on
                 Vulnerability Analysis",
  journal =      j-TOPS,
  volume =       "25",
  number =       "2",
  pages =        "14:1--14:36",
  month =        may,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3510360",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Jul 2 07:50:27 MDT 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3510360",
  abstract =     "Internet of Things (IoT) devices are becoming more
                 widespread not only in areas such as smart homes and
                 smart cities but also in research and office
                 environments. The sheer number, heterogeneity, and
                 limited patch availability provide significant ...
                 $^$",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "14",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Briseno:2022:IUI,
  author =       "Julian de Gortari Briseno and Akash Deep Singh and
                 Mani Srivastava",
  title =        "{InkFiltration}: Using Inkjet Printers for Acoustic
                 Data Exfiltration from Air-Gapped Networks",
  journal =      j-TOPS,
  volume =       "25",
  number =       "2",
  pages =        "15:1--15:26",
  month =        may,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3510583",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Jul 2 07:50:27 MDT 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3510583",
  abstract =     "Printers have become ubiquitous in modern office
                 spaces, and their placement in these spaces been guided
                 more by accessibility than security. Due to the
                 proximity of printers to places with potentially
                 high-stakes information, the possible misuse of these
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "15",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Clifton:2022:DPN,
  author =       "Chris Clifton and Eric J. Hanson and Keith Merrill and
                 Shawn Merrill",
  title =        "Differentially Private $k$-Nearest Neighbor Missing
                 Data Imputation",
  journal =      j-TOPS,
  volume =       "25",
  number =       "3",
  pages =        "16:1--16:23",
  month =        aug,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3507952",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Jul 25 09:49:14 MDT 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3507952",
  abstract =     "Using techniques employing smooth sensitivity, we
                 develop a method for \( k \)-nearest neighbor missing
                 data imputation with differential privacy. This
                 requires bounding the number of data incomplete tuples
                 that can have their data complete ``donor'' \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "16",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Chen:2022:SMA,
  author =       "Yuxuan Chen and Jiangshan Zhang and Xuejing Yuan and
                 Shengzhi Zhang and Kai Chen and Xiaofeng Wang and
                 Shanqing Guo",
  title =        "{SoK}: a Modularized Approach to Study the Security of
                 Automatic Speech Recognition Systems",
  journal =      j-TOPS,
  volume =       "25",
  number =       "3",
  pages =        "17:1--17:31",
  month =        aug,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3510582",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Jul 25 09:49:14 MDT 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3510582",
  abstract =     "With the wide use of Automatic Speech Recognition
                 (ASR) in applications such as human machine
                 interaction, simultaneous interpretation, audio
                 transcription, and so on, its security protection
                 becomes increasingly important. Although recent studies
                 have \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "17",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Landauer:2022:DSA,
  author =       "Max Landauer and Florian Skopik and Markus
                 Wurzenberger and Andreas Rauber",
  title =        "Dealing with Security Alert Flooding: Using Machine
                 Learning for Domain-independent Alert Aggregation",
  journal =      j-TOPS,
  volume =       "25",
  number =       "3",
  pages =        "18:1--18:36",
  month =        aug,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3510581",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Jul 25 09:49:14 MDT 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3510581",
  abstract =     "Intrusion Detection Systems (IDS) secure all kinds of
                 IT infrastructures through automatic detection of
                 malicious activities. Unfortunately, they are known to
                 produce large numbers of alerts that often become
                 overwhelming for manual analysis. Therefore, \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "18",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Martins:2022:GQT,
  author =       "Cl{\'a}udio Martins and Ib{\'e}ria Medeiros",
  title =        "Generating Quality Threat Intelligence Leveraging
                 {OSINT} and a Cyber Threat Unified Taxonomy",
  journal =      j-TOPS,
  volume =       "25",
  number =       "3",
  pages =        "19:1--19:39",
  month =        aug,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3530977",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Jul 25 09:49:14 MDT 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3530977",
  abstract =     "Today's threats use multiple means of propagation,
                 such as social engineering, email, and application
                 vulnerabilities, and often operate in different phases,
                 such as single device compromise, lateral network
                 movement, and data exfiltration. These complex
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "19",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Alvim:2022:ILG,
  author =       "M{\'a}rio S. Alvim and Konstantinos Chatzikokolakis
                 and Yusuke Kawamoto and Catuscia Palamidessi",
  title =        "Information Leakage Games: Exploring Information as a
                 Utility Function",
  journal =      j-TOPS,
  volume =       "25",
  number =       "3",
  pages =        "20:1--20:36",
  month =        aug,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3517330",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Jul 25 09:49:14 MDT 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3517330",
  abstract =     "A common goal in the areas of secure information flow
                 and privacy is to build effective defenses against
                 unwanted leakage of information. To this end, one must
                 be able to reason about potential attacks and their
                 interplay with possible defenses. In this \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "20",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Fischer:2022:CED,
  author =       "Andreas Fischer and Benny Fuhry and J{\"o}rn
                 Ku{\ss}maul and Jonas Janneck and Florian Kerschbaum
                 and Eric Bodden",
  title =        "Computation on Encrypted Data Using Dataflow
                 Authentication",
  journal =      j-TOPS,
  volume =       "25",
  number =       "3",
  pages =        "21:1--21:36",
  month =        aug,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3513005",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Jul 25 09:49:14 MDT 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/cryptography2020.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3513005",
  abstract =     "Encrypting data before sending it to the cloud ensures
                 data confidentiality but requires the cloud to compute
                 on encrypted data. Trusted execution environments, such
                 as Intel SGX enclaves, promise to provide a secure
                 environment in which data can be \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "21",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Iyer:2022:LRB,
  author =       "Padmavathi Iyer and Amirreza Masoumzadeh",
  title =        "Learning Relationship-Based Access Control Policies
                 from Black-Box Systems",
  journal =      j-TOPS,
  volume =       "25",
  number =       "3",
  pages =        "22:1--22:36",
  month =        aug,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3517121",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Jul 25 09:49:14 MDT 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3517121",
  abstract =     "Access control policies are crucial in securing data
                 in information systems. Unfortunately, often times,
                 such policies are poorly documented, and gaps between
                 their specification and implementation prevent the
                 system users, and even its developers, from \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "22",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Qian:2022:MMT,
  author =       "Yaguan Qian and Yankai Guo and Qiqi Shao and Jiamin
                 Wang and Bin Wang and Zhaoquan Gu and Xiang Ling and
                 Chunming Wu",
  title =        "{EI-MTD}: Moving Target Defense for Edge Intelligence
                 against Adversarial Attacks",
  journal =      j-TOPS,
  volume =       "25",
  number =       "3",
  pages =        "23:1--23:24",
  month =        aug,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3517806",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Jul 25 09:49:14 MDT 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3517806",
  abstract =     "Edge intelligence has played an important role in
                 constructing smart cities, but the vulnerability of
                 edge nodes to adversarial attacks becomes an urgent
                 problem. A so-called adversarial example can fool a
                 deep learning model on an edge node for \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "23",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Akavia:2022:PPD,
  author =       "Adi Akavia and Max Leibovich and Yehezkel S. Resheff
                 and Roey Ron and Moni Shahar and Margarita Vald",
  title =        "Privacy-Preserving Decision Trees Training and
                 Prediction",
  journal =      j-TOPS,
  volume =       "25",
  number =       "3",
  pages =        "24:1--24:30",
  month =        aug,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3517197",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Jul 25 09:49:14 MDT 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3517197",
  abstract =     "In the era of cloud computing and machine learning,
                 data has become a highly valuable resource. Recent
                 history has shown that the benefits brought forth by
                 this data driven culture come at a cost of potential
                 data leakage. Such breaches have a devastating ...
                 $^$",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "24",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Fenske:2022:APS,
  author =       "Ellis Fenske and Akshaya Mani and Aaron Johnson and
                 Micah Sherr",
  title =        "Accountable Private Set Cardinality for Distributed
                 Measurement",
  journal =      j-TOPS,
  volume =       "25",
  number =       "4",
  pages =        "25:1--25:??",
  month =        nov,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3477531",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3477531",
  abstract =     "We introduce cryptographic protocols for securely and
                 efficiently computing the cardinality of set union and
                 set intersection. Our private set-cardinality protocols
                 (PSC) are designed for the setting in which a large set
                 of parties in a distributed system \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "25",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Lehman:2022:HPS,
  author =       "Sarah M. Lehman and Abrar S. Alrumayh and Kunal Kolhe
                 and Haibin Ling and Chiu C. Tan",
  title =        "Hidden in Plain Sight: Exploring Privacy Risks of
                 Mobile Augmented Reality Applications",
  journal =      j-TOPS,
  volume =       "25",
  number =       "4",
  pages =        "26:1--26:??",
  month =        nov,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3524020",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3524020",
  abstract =     "Mobile augmented reality systems are becoming
                 increasingly common and powerful, with applications in
                 such domains as healthcare, manufacturing, education,
                 and more. This rise in popularity is thanks in part to
                 the functionalities offered by commercially \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "26",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Oliveri:2022:LMM,
  author =       "Andrea Oliveri and Davide Balzarotti",
  title =        "In the Land of {MMUs}: Multiarchitecture {OS}-Agnostic
                 Virtual Memory Forensics",
  journal =      j-TOPS,
  volume =       "25",
  number =       "4",
  pages =        "27:1--27:??",
  month =        nov,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3528102",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3528102",
  abstract =     "The first step required to perform any analysis of a
                 physical memory image is the reconstruction of the
                 virtual address spaces, which allows translating
                 virtual addresses to their corresponding physical
                 offsets. However, this phase is often overlooked,
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "27",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Crampton:2022:VAP,
  author =       "Jason Crampton and Eduard Eiben and Gregory Gutin and
                 Daniel Karapetyan and Diptapriyo Majumdar",
  title =        "Valued Authorization Policy Existence Problem: Theory
                 and Experiments",
  journal =      j-TOPS,
  volume =       "25",
  number =       "4",
  pages =        "28:1--28:??",
  month =        nov,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3528101",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3528101",
  abstract =     "Recent work has shown that many problems of
                 satisfiability and resiliency in workflows may be
                 viewed as special cases of the authorization policy
                 existence problem (APEP), which returns an
                 authorization policy if one exists and ``No''
                 otherwise. However, in \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "28",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Idan:2022:PFP,
  author =       "Lihi Idan and Joan Feigenbaum",
  title =        "{PRShare}: a Framework for Privacy-preserving,
                 Interorganizational Data Sharing",
  journal =      j-TOPS,
  volume =       "25",
  number =       "4",
  pages =        "29:1--29:??",
  month =        nov,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3531225",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3531225",
  abstract =     "We consider the task of interorganizational data
                 sharing, in which data owners, data clients, and data
                 subjects have different and sometimes competing privacy
                 concerns. One real-world scenario in which this problem
                 arises concerns law-enforcement use of \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "29",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Stojmenovic:2022:WBS,
  author =       "Milica Stojmenovi{\'c} and Eric Spero and Milos
                 Stojmenovi{\'c} and Robert Biddle",
  title =        "What is Beautiful is Secure",
  journal =      j-TOPS,
  volume =       "25",
  number =       "4",
  pages =        "30:1--30:??",
  month =        nov,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3533047",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3533047",
  abstract =     "Visual appeal has been shown to influence perceptions
                 of usability and credibility, and we hypothesize that
                 something similar is happening with user judgments of
                 website security: What is beautiful is secure. Web
                 certificates provide reliable information \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "30",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Nussbaum:2022:PAQ,
  author =       "Eyal Nussbaum and Michael Segal",
  title =        "Privacy Analysis of Query-Set-Size Control",
  journal =      j-TOPS,
  volume =       "25",
  number =       "4",
  pages =        "31:1--31:??",
  month =        nov,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3532774",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3532774",
  abstract =     "The publication of user data for statistical analysis
                 and research can be extremely beneficial for both
                 academic and commercial uses, such as statistical
                 research and recommendation systems. To maintain user
                 privacy when such a publication occurs many \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "31",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Cui:2022:DBT,
  author =       "Jinhua Cui and Shweta Shinde and Satyaki Sen and
                 Prateek Saxena and Pinghai Yuan",
  title =        "Dynamic Binary Translation for {SGX} Enclaves",
  journal =      j-TOPS,
  volume =       "25",
  number =       "4",
  pages =        "32:1--32:??",
  month =        nov,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3532862",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3532862",
  abstract =     "Enclaves, such as those enabled by Intel SGX, offer a
                 hardware primitive for shielding user-level
                 applications from the OS. While enclaves are a useful
                 starting point, code running in the enclave requires
                 additional checks whenever control or data is
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "32",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Blair:2022:HDT,
  author =       "William Blair and Andrea Mambretti and Sajjad Arshad
                 and Michael Weissbacher and William Robertson and Engin
                 Kirda and Manuel Egele",
  title =        "{HotFuzz}: Discovering Temporal and Spatial
                 Denial-of-Service Vulnerabilities Through Guided
                 Micro-Fuzzing",
  journal =      j-TOPS,
  volume =       "25",
  number =       "4",
  pages =        "33:1--33:??",
  month =        nov,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3532184",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3532184",
  abstract =     "Fuzz testing repeatedly assails software with random
                 inputs in order to trigger unexpected program
                 behaviors, such as crashes or timeouts, and has
                 historically revealed serious security vulnerabilities.
                 In this article, we present HotFuzz, a framework for
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "33",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Chernikova:2022:FFE,
  author =       "Alesia Chernikova and Alina Oprea",
  title =        "{FENCE}: Feasible Evasion Attacks on Neural Networks
                 in Constrained Environments",
  journal =      j-TOPS,
  volume =       "25",
  number =       "4",
  pages =        "34:1--34:??",
  month =        nov,
  year =         "2022",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3544746",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3544746",
  abstract =     "As advances in Deep Neural Networks (DNNs) demonstrate
                 unprecedented levels of performance in many critical
                 applications, their vulnerability to attacks is still
                 an open question. We consider evasion attacks at
                 testing time against Deep Learning in \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "34",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Zhang:2023:DPR,
  author =       "Xueru Zhang and Mohammad Mahdi Khalili and Mingyan
                 Liu",
  title =        "Differentially Private Real-Time Release of Sequential
                 Data",
  journal =      j-TOPS,
  volume =       "26",
  number =       "1",
  pages =        "1:1--1:??",
  month =        feb,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3544837",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3544837",
  abstract =     "Many data analytics applications rely on temporal
                 data, generated (and possibly acquired) sequentially
                 for online analysis. How to release this type of data
                 in a privacy-preserving manner is of great interest and
                 more challenging than releasing one-time, \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "1",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Hagen:2023:CDM,
  author =       "Christoph Hagen and Christian Weinert and Christoph
                 Sendner and Alexandra Dmitrienko and Thomas Schneider",
  title =        "Contact Discovery in Mobile Messengers: Low-cost
                 Attacks, Quantitative Analyses, and Efficient
                 Mitigations",
  journal =      j-TOPS,
  volume =       "26",
  number =       "1",
  pages =        "2:1--2:??",
  month =        feb,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3546191",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3546191",
  abstract =     "Contact discovery allows users of mobile messengers to
                 conveniently connect with people in their address book.
                 In this work, we demonstrate that severe privacy issues
                 exist in currently deployed contact discovery methods
                 and propose suitable mitigations. \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "2",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Khan:2023:SAC,
  author =       "Shaharyar Khan and Ilya Kabanov and Yunke Hua and
                 Stuart Madnick",
  title =        "A Systematic Analysis of the Capital One Data Breach:
                 Critical Lessons Learned",
  journal =      j-TOPS,
  volume =       "26",
  number =       "1",
  pages =        "3:1--3:??",
  month =        feb,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3546068",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3546068",
  abstract =     "The 2019 Capital One data breach was one of the
                 largest data breaches impacting the privacy and
                 security of personal information of over a 100 million
                 individuals. In most reports about a cyberattack, you
                 will often hear that it succeeded because a single
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "3",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Lanotte:2023:ICS,
  author =       "Ruggero Lanotte and Massimo Merro and Andrei
                 Munteanu",
  title =        "Industrial Control Systems Security via Runtime
                 Enforcement",
  journal =      j-TOPS,
  volume =       "26",
  number =       "1",
  pages =        "4:1--4:??",
  month =        feb,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3546579",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3546579",
  abstract =     "With the advent of Industry 4.0, industrial facilities
                 and critical infrastructures are transforming into an
                 ecosystem of heterogeneous physical and cyber
                 components, such as programmable logic controllers,
                 increasingly interconnected and therefore \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "4",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Ramokapane:2023:WUW,
  author =       "Kopo Marvin Ramokapane and Jose Such and Awais
                 Rashid",
  title =        "What Users Want From Cloud Deletion and the
                 Information They Need: a Participatory Action Study",
  journal =      j-TOPS,
  volume =       "26",
  number =       "1",
  pages =        "5:1--5:??",
  month =        feb,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3546578",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3546578",
  abstract =     "Current cloud deletion mechanisms fall short in
                 meeting users' various deletion needs. They assume all
                 data is deleted the same way-data is temporally removed
                 (or hidden) from users' cloud accounts before being
                 completely deleted. This assumption neglects \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "5",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Wiefling:2023:PPS,
  author =       "Stephan Wiefling and Paul Ren{\'e} J{\o}rgensen and
                 Sigurd Thunem and Luigi {Lo Iacono}",
  title =        "Pump Up Password Security! {Evaluating} and Enhancing
                 Risk-Based Authentication on a Real-World Large-Scale
                 Online Service",
  journal =      j-TOPS,
  volume =       "26",
  number =       "1",
  pages =        "6:1--6:??",
  month =        feb,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3546069",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3546069",
  abstract =     "Risk-based authentication (RBA) aims to protect users
                 against attacks involving stolen passwords. RBA
                 monitors features during login, and requests
                 re-authentication when feature values widely differ
                 from those previously observed. It is recommended by
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "6",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Wang:2023:NCN,
  author =       "Huanran Wang and Wu Yang and Wei Wang and Dapeng Man
                 and Jiguang Lv",
  title =        "A Novel Cross-Network Embedding for Anchor Link
                 Prediction with Social Adversarial Attacks",
  journal =      j-TOPS,
  volume =       "26",
  number =       "1",
  pages =        "7:1--7:??",
  month =        feb,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3548685",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3548685",
  abstract =     "Anchor link prediction across social networks plays an
                 important role in multiple social network analysis.
                 Traditional methods rely heavily on user privacy
                 information or high-quality network topology
                 information. These methods are not suitable for
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "7",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Lembke:2023:SRN,
  author =       "James Lembke and Srivatsan Ravi and Pierre-Louis Roman
                 and Patrick Eugster",
  title =        "Secure and Reliable Network Updates",
  journal =      j-TOPS,
  volume =       "26",
  number =       "1",
  pages =        "8:1--8:??",
  month =        feb,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3556542",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3556542",
  abstract =     "Software-defined wide area networking (SD-WAN) enables
                 dynamic network policy control over a large distributed
                 network via network updates. To be practical, network
                 updates must be consistent (i.e., free of transient
                 errors caused by updates to multiple \ldots{})",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "8",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Choo:2023:DDD,
  author =       "Euijin Choo and Mohamed Nabeel and Mashael Alsabah and
                 Issa Khalil and Ting Yu and Wei Wang",
  title =        "{DeviceWatch}: a Data-Driven Network Analysis Approach
                 to Identifying Compromised Mobile Devices with
                 Graph-Inference",
  journal =      j-TOPS,
  volume =       "26",
  number =       "1",
  pages =        "9:1--9:??",
  month =        feb,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3558767",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3558767",
  abstract =     "We propose to identify compromised mobile devices from
                 a network administrator's point of view. Intuitively,
                 inadvertent users (and thus their devices) who download
                 apps through untrustworthy markets are often lured to
                 install malicious apps through in-. \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "9",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Gil:2023:AFI,
  author =       "Gonzalo Gil and Aitor Arnaiz and Mariv{\'\i} Higuero
                 and Francisco Javier Diez",
  title =        "Assessment Framework for the Identification and
                 Evaluation of Main Features for Distributed Usage
                 Control Solutions",
  journal =      j-TOPS,
  volume =       "26",
  number =       "1",
  pages =        "10:1--10:??",
  month =        feb,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3561511",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Nov 12 07:23:47 MST 2022",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3561511",
  abstract =     "Data exchange between organizations is becoming an
                 increasingly significant issue due to the great
                 opportunities it presents. However, there is great
                 reluctance to share if data sovereignty is not
                 provided. Providing it calls for not only access
                 control \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "10",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Daniel:2023:BRS,
  author =       "Lesly-Ann Daniel and S{\'e}bastien Bardin and Tamara
                 Rezk",
  title =        "{Binsec\slash Rel}: Symbolic Binary Analyzer for
                 Security with Applications to Constant-Time and
                 Secret-Erasure",
  journal =      j-TOPS,
  volume =       "26",
  number =       "2",
  pages =        "11:1--11:??",
  month =        may,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3563037",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 17 14:35:20 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3563037",
  abstract =     "This article tackles the problem of designing
                 efficient binary-level verification for a subset of
                 information flow properties encompassing constant-time
                 and secret-erasure. These properties are crucial for
                 cryptographic implementations but are generally
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "11",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Alotaibi:2023:TIE,
  author =       "Norah Alotaibi and John Williamson and Mohamed
                 Khamis",
  title =        "{ThermoSecure}: Investigating the Effectiveness of
                 {AI}-Driven Thermal Attacks on Commonly Used Computer
                 Keyboards",
  journal =      j-TOPS,
  volume =       "26",
  number =       "2",
  pages =        "12:1--12:??",
  month =        may,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3563693",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 17 14:35:20 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3563693",
  abstract =     "Thermal cameras can reveal heat traces on user
                 interfaces, such as keyboards. This can be exploited
                 maliciously to infer sensitive input, such as
                 passwords. While previous work considered thermal
                 attacks that rely on visual inspection of simple image
                 processing techniques, we show that attackers can
                 perform more effective artificial intelligence
                 (AI)-driven attacks. We demonstrate this by presenting
                 the development of ThermoSecure and its evaluation in
                 two user studies (N = 21, N = 16), which reveal novel
                 insights about thermal attacks. We detail the
                 implementation of ThermoSecure and make a dataset of
                 1,500 thermal images of keyboards with heat traces
                 resulting from input publicly available. Our first
                 study shows that ThermoSecure successfully attacks
                 6-symbol, 8-symbol, 12-symbol, and 16-symbol passwords
                 with an average accuracy of 92\%, 80\%, 71\%, and 55\%
                 respectively, and even higher accuracy when thermal
                 images are taken within 30 seconds. We found that
                 typing behavior significantly impacts vulnerability to
                 thermal attacks: hunt-and-peck typists are more
                 vulnerable than fast typists (92\% vs. 83\% thermal
                 attack success. respectively, if performed within 30
                 seconds). The second study showed that keycap material
                 has a statistically significant effect on the
                 effectiveness of thermal attacks: ABS keycaps retain
                 the thermal trace of user presses for a longer period
                 of time, making them more vulnerable to thermal
                 attacks, with a 52\% average attack accuracy compared
                 with 14\% for keyboards with PBT keycaps. Finally, we
                 discuss how systems can leverage our results to protect
                 from thermal attacks and present 7 mitigation
                 approaches that are based on our results and previous
                 work.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "12",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Barrera:2023:SBP,
  author =       "David Barrera and Christopher Bellman and Paul {Van
                 Oorschot}",
  title =        "Security Best Practices: a Critical Analysis Using
                 {IoT} as a Case Study",
  journal =      j-TOPS,
  volume =       "26",
  number =       "2",
  pages =        "13:1--13:??",
  month =        may,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3563392",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 17 14:35:20 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3563392",
  abstract =     "Academic research has highlighted the failure of many
                 Internet of Things (IoT) product manufacturers to
                 follow accepted practices, while IoT security best
                 practices have recently attracted considerable
                 attention worldwide from industry and governments.
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "13",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Hoang:2023:TAA,
  author =       "Anh-Tu Hoang and Barbara Carminati and Elena Ferrari",
  title =        "Time-aware Anonymization of Knowledge Graphs",
  journal =      j-TOPS,
  volume =       "26",
  number =       "2",
  pages =        "14:1--14:??",
  month =        may,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3565026",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 17 14:35:20 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3565026",
  abstract =     "Knowledge graphs (KGs) play an essential role in data
                 sharing, because they can model both users' attributes
                 and their relationships. KGs can tailor many data
                 analyses, such as classification where a sensitive
                 attribute is selected and the analyst \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "14",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Otoni:2023:SAS,
  author =       "Rodrigo Otoni and Matteo Marescotti and Leonardo Alt
                 and Patrick Eugster and Antti Hyv{\"a}rinen and Natasha
                 Sharygina",
  title =        "A Solicitous Approach to Smart Contract Verification",
  journal =      j-TOPS,
  volume =       "26",
  number =       "2",
  pages =        "15:1--15:??",
  month =        may,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3564699",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 17 14:35:20 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3564699",
  abstract =     "Smart contracts are tempting targets of attacks, as
                 they often hold and manipulate significant financial
                 assets, are immutable after deployment, and have
                 publicly available source code, with assets estimated
                 in the order of millions of dollars being lost
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "15",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Dambra:2023:CSS,
  author =       "Savino Dambra and Leyla Bilge and Davide Balzarotti",
  title =        "A Comparison of Systemic and Systematic Risks of
                 Malware Encounters in Consumer and Enterprise
                 Environments",
  journal =      j-TOPS,
  volume =       "26",
  number =       "2",
  pages =        "16:1--16:??",
  month =        may,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3565362",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 17 14:35:20 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3565362",
  abstract =     "Malware is still a widespread problem, and it is used
                 by malicious actors to routinely compromise the
                 security of computer systems. Consumers typically rely
                 on a single AV product to detect and block possible
                 malware infections, while corporations often \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "16",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Bhuiyan:2023:LRC,
  author =       "Farzana Ahamed Bhuiyan and Akond Rahman",
  title =        "Log-related Coding Patterns to Conduct Postmortems of
                 Attacks in Supervised Learning-based Projects",
  journal =      j-TOPS,
  volume =       "26",
  number =       "2",
  pages =        "17:1--17:??",
  month =        may,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3568020",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 17 14:35:20 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3568020",
  abstract =     "Adversarial attacks against supervised learninga
                 algorithms, which necessitates the application of
                 logging while using supervised learning algorithms in
                 software projects. Logging enables practitioners to
                 conduct postmortem analysis, which can be helpful
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "17",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{DiTizio:2023:POD,
  author =       "Giorgio {Di Tizio} and Patrick Speicher and Milivoj
                 Simeonovski and Michael Backes and Ben Stock and Robert
                 K{\"u}nnemann",
  title =        "{Pareto}-optimal Defenses for the {Web}
                 Infrastructure: Theory and Practice",
  journal =      j-TOPS,
  volume =       "26",
  number =       "2",
  pages =        "18:1--18:??",
  month =        may,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3567595",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 17 14:35:20 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3567595",
  abstract =     "The integrity of the content a user is exposed to when
                 browsing the web relies on a plethora of non-web
                 technologies and an infrastructure of interdependent
                 hosts, communication technologies, and trust relations.
                 Incidents like the Chinese Great Cannon or \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "18",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Aloufi:2023:PPP,
  author =       "Ranya Aloufi and Hamed Haddadi and David Boyle",
  title =        "Paralinguistic Privacy Protection at the Edge",
  journal =      j-TOPS,
  volume =       "26",
  number =       "2",
  pages =        "19:1--19:??",
  month =        may,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3570161",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 17 14:35:20 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3570161",
  abstract =     "Voice user interfaces and digital assistants are
                 rapidly entering our lives and becoming singular touch
                 points spanning our devices. These always-on services
                 capture and transmit our audio data to powerful cloud
                 services for further processing and \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "19",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Engstrom:2023:ASA,
  author =       "Viktor Engstr{\"o}m and Pontus Johnson and Robert
                 Lagerstr{\"o}m and Erik Ringdahl and Max
                 W{\"a}llstedt",
  title =        "Automated Security Assessments of {Amazon Web}
                 Services Environments",
  journal =      j-TOPS,
  volume =       "26",
  number =       "2",
  pages =        "20:1--20:??",
  month =        may,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3570903",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 17 14:35:20 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3570903",
  abstract =     "Migrating enterprises and business capabilities to
                 cloud platforms like Amazon Web Services (AWS) has
                 become increasingly common. However, securing cloud
                 operations, especially at large scales, can quickly
                 become intractable. Customer-side issues such as
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "20",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Habib:2023:RSB,
  author =       "Sohail Habib and Hassan Khan and Andrew
                 Hamilton-Wright and Urs Hengartner",
  title =        "Revisiting the Security of Biometric Authentication
                 Systems Against Statistical Attacks",
  journal =      j-TOPS,
  volume =       "26",
  number =       "2",
  pages =        "21:1--21:??",
  month =        may,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3571743",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 17 14:35:20 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3571743",
  abstract =     "The uniqueness of behavioral biometrics (e.g., voice
                 or keystroke patterns) has been challenged by recent
                 works. Statistical attacks have been proposed that
                 infer general population statistics and target
                 behavioral biometrics against a particular victim.
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "21",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Amro:2023:ACR,
  author =       "Ahmed Amro and Vasileios Gkioulos and Sokratis
                 Katsikas",
  title =        "Assessing Cyber Risk in Cyber-Physical Systems Using
                 the {ATT\&CK} Framework",
  journal =      j-TOPS,
  volume =       "26",
  number =       "2",
  pages =        "22:1--22:??",
  month =        may,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3571733",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Mon Apr 17 14:35:20 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3571733",
  abstract =     "Autonomous transport is receiving increasing
                 attention, with research and development activities
                 already providing prototype implementations. In this
                 article we focus on Autonomous Passenger Ships (APS),
                 which are being considered as a solution for \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "22",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article
{Hwang:2023:BSP,
  author =       "Seoyeon Hwang and Ercan Ozturk and Gene Tsudik",
  title =        "Balancing Security and Privacy in Genomic Range
                 Queries",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "23:1--23:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3575796",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3575796",
  abstract =     "Exciting recent advances in genome sequencing, coupled
                 with greatly reduced storage and computation costs,
                 make genomic testing increasingly accessible to
                 individuals. Already today, one's digitized DNA can be
                 easily obtained from a sequencing lab and \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "23",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Zhuo:2023:SHC,
  author =       "Sijie Zhuo and Robert Biddle and Yun Sing Koh and
                 Danielle Lottridge and Giovanni Russello",
  title =        "{SoK}: Human-centered Phishing Susceptibility",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "24:1--24:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3575797",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3575797",
  abstract =     "Phishing is recognized as a serious threat to
                 organizations and individuals. While there have been
                 significant technical advances in blocking phishing
                 attacks, end-users remain the last line of defence
                 after phishing emails reach their email inboxes. Most
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "24",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Hess:2023:SPC,
  author =       "Andreas V. Hess and Sebastian A. M{\"O}dersheim and
                 Achim D. Brucker",
  title =        "Stateful Protocol Composition in {Isabelle\slash
                 HOL}",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "25:1--25:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3577020",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3577020",
  abstract =     "Communication networks like the Internet form a large
                 distributed system where a huge number of components
                 run in parallel, such as security protocols and
                 distributed web applications. For what concerns
                 security, it is obviously infeasible to verify them
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "25",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Arias-Cabarcos:2023:PUE,
  author =       "Patricia Arias-Cabarcos and Matin Fallahi and Thilo
                 Habrich and Karen Schulze and Christian Becker and
                 Thorsten Strufe",
  title =        "Performance and Usability Evaluation of Brainwave
                 Authentication Techniques with Consumer Devices",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "26:1--26:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3579356",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3579356",
  abstract =     "Brainwaves have demonstrated to be unique enough
                 across individuals to be useful as biometrics. They
                 also provide promising advantages over traditional
                 means of authentication, such as resistance to external
                 observability, revocability, and intrinsic \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "26",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Lachtar:2023:RVA,
  author =       "Nada Lachtar and Duha Ibdah and Hamza Khan and Anys
                 Bacha",
  title =        "{RansomShield}: a Visualization Approach to Defending
                 Mobile Systems Against Ransomware",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "27:1--27:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3579822",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3579822",
  abstract =     "The unprecedented growth in mobile systems has
                 transformed the way we approach everyday computing.
                 Unfortunately, the emergence of a sophisticated type of
                 malware known as ransomware poses a great threat to
                 consumers of this technology. Traditional \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "27",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Li:2023:VEB,
  author =       "Litao Li and Steven H. H. Ding and Yuan Tian and
                 Benjamin C. M. Fung and Philippe Charland and Weihan Ou
                 and Leo Song and Congwei Chen",
  title =        "{VulANalyzeR}: Explainable Binary Vulnerability
                 Detection with Multi-task Learning and Attentional
                 Graph Convolution",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "28:1--28:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3585386",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3585386",
  abstract =     "Software vulnerabilities have been posing tremendous
                 reliability threats to the general public as well as
                 critical infrastructures, and there have been many
                 studies aiming to detect and mitigate software defects
                 at the binary level. Most of the standard \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "28",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Alex:2023:EES,
  author =       "Sona Alex and Dhanaraj K. J. and Deepthi P. P.",
  title =        "Energy Efficient and Secure Neural Network-based
                 Disease Detection Framework for Mobile Healthcare
                 Network",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "29:1--29:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3585536",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3585536",
  abstract =     "Adopting mobile healthcare network (MHN) services such
                 as disease detection is fraught with concerns about the
                 security and privacy of the entities involved and the
                 resource restrictions at the Internet of Things (IoT)
                 nodes. Hence, the essential \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "29",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Murray:2023:CBA,
  author =       "Hazel Murray and David Malone",
  title =        "Costs and Benefits of Authentication Advice",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "30:1--30:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3588031",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3588031",
  abstract =     "Authentication security advice is given with the goal
                 of guiding users and organisations towards secure
                 actions and practices. In this article, a taxonomy of
                 270 pieces of authentication advice is created, and a
                 survey is conducted to gather information \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "30",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Bolton:2023:PTR,
  author =       "Tom Bolton and Tooska Dargahi and Sana Belguith and
                 Carsten Maple",
  title =        "{PrivExtractor}: Toward Redressing the Imbalance of
                 Understanding between Virtual Assistant Users and
                 Vendors",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "31:1--31:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3588770",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3588770",
  abstract =     "The use of voice-controlled virtual assistants (VAs)
                 is significant, and user numbers increase every year.
                 Extensive use of VAs has provided the large, cash-rich
                 technology companies who sell them with another way of
                 consuming users' data, providing a \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "31",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Wagner:2023:PPA,
  author =       "Isabel Wagner",
  title =        "Privacy Policies across the Ages: Content of Privacy
                 Policies 1996--2021",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "32:1--32:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3590152",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3590152",
  abstract =     "It is well known that most users do not read privacy
                 policies but almost always tick the box to agree with
                 them. While the length and readability of privacy
                 policies have been well studied and many approaches for
                 policy analysis based on natural language \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "32",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Lu:2023:PPD,
  author =       "Yang Lu and Zhengxin Yu and Neeraj Suri",
  title =        "Privacy-preserving Decentralized Federated Learning
                 over Time-varying Communication Graph",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "33:1--33:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3591354",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3591354",
  abstract =     "Establishing how a set of learners can provide
                 privacy-preserving federated learning in a fully
                 decentralized (peer-to-peer, no coordinator) manner is
                 an open problem. We propose the first
                 privacy-preserving consensus-based algorithm for the
                 distributed \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "33",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Hou:2023:PPR,
  author =       "Jian Hou and Jing Wang and Mingyue Zhang and Zhi Jin
                 and Chunlin Wei and Zuohua Ding",
  title =        "Privacy-preserving Resilient Consensus for Multi-agent
                 Systems in a General Topology Structure",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "34:1--34:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3587933",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3587933",
  abstract =     "Recent advances of consensus control have made it
                 significant in multi-agent systems such as in
                 distributed machine learning, distributed multi-vehicle
                 cooperative systems. However, during its application it
                 is crucial to achieve resilience and privacy;
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "34",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{King:2023:EDN,
  author =       "Isaiah J. King and H. Howie Huang",
  title =        "{Euler}: Detecting Network Lateral Movement via
                 Scalable Temporal Link Prediction",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "35:1--35:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3588771",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3588771",
  abstract =     "Lateral movement is a key stage of system compromise
                 used by advanced persistent threats. Detecting it is no
                 simple task. When network host logs are abstracted into
                 discrete temporal graphs, the problem can be reframed
                 as anomalous edge detection in an \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "35",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Vidanage:2023:VAF,
  author =       "Anushka Vidanage and Peter Christen and Thilina
                 Ranbaduge and Rainer Schnell",
  title =        "A Vulnerability Assessment Framework for
                 Privacy-preserving Record Linkage",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "36:1--36:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3589641",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3589641",
  abstract =     "The linkage of records to identify common entities
                 across multiple data sources has gained increasing
                 interest over the last few decades. In the absence of
                 unique entity identifiers, quasi-identifying attributes
                 such as personal names and addresses are \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "36",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Guo:2023:MUC,
  author =       "Chun Guo and Xiao Wang and Xiang Xie and Yu Yu",
  title =        "The Multi-User Constrained Pseudorandom Function
                 Security of Generalized {GGM} Trees for {MPC} and
                 Hierarchical Wallets",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "37:1--37:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3592608",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3592608",
  abstract =     "Multi-user (mu) security considers large-scale
                 attackers that, given access to a number of
                 cryptosystem instances, attempt to compromise at least
                 one of them. We initiate the study of mu security of
                 the so-called GGM tree that stems from the pseudorandom
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "37",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Usynin:2023:BGE,
  author =       "Dmitrii Usynin and Daniel Rueckert and Georgios
                 Kaissis",
  title =        "Beyond Gradients: Exploiting Adversarial Priors in
                 Model Inversion Attacks",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "38:1--38:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3592800",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3592800",
  abstract =     "Collaborative machine learning settings such as
                 federated learning can be susceptible to adversarial
                 interference and attacks. One class of such attacks is
                 termed model inversion attacks, characterised by the
                 adversary reverse-engineering the model into \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "38",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Scopelliti:2023:EES,
  author =       "Gianluca Scopelliti and Sepideh Pouyanrad and Job
                 Noorman and Fritz Alder and Christoph Baumann and Frank
                 Piessens and Jan Tobias M{\"u}hlberg",
  title =        "End-to-End Security for Distributed Event-driven
                 Enclave Applications on Heterogeneous {TEEs}",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "39:1--39:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3592607",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3592607",
  abstract =     "This article presents an approach to provide strong
                 assurance of the secure execution of distributed
                 event-driven applications on shared infrastructures,
                 while relying on a small Trusted Computing Base. We
                 build upon and extend security primitives \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "39",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{AlMallah:2023:RDA,
  author =       "Ranwa {Al Mallah} and Talal Halabi and Bilal Farooq",
  title =        "Resilience-by-design in Adaptive Multi-agent Traffic
                 Control Systems",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "40:1--40:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3592799",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3592799",
  abstract =     "Connected and Autonomous Vehicles (CAVs) with their
                 evolving data gathering capabilities will play a
                 significant role in road safety and efficiency
                 applications supported by Intelligent Transport Systems
                 (ITSs), such as Traffic Signal Control (TSC) for
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "40",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Barbosa:2023:MPA,
  author =       "Manuel Barbosa and Gilles Barthe and Benjamin
                 Gr{\'e}goire and Adrien Koutsos and Pierre-Yves Strub",
  title =        "Mechanized Proofs of Adversarial Complexity and
                 Application to Universal Composability",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "41:1--41:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3589962",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3589962",
  abstract =     "In this work, we enhance the EasyCrypt proof assistant
                 to reason about the computational complexity of
                 adversaries. The key technical tool is a Hoare logic
                 for reasoning about computational complexity (execution
                 time and oracle calls) of adversarial \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "41",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Venkatesaramani:2023:DAM,
  author =       "Rajagopal Venkatesaramani and Zhiyu Wan and Bradley A.
                 Malin and Yevgeniy Vorobeychik",
  title =        "Defending Against Membership Inference Attacks on
                 Beacon Services",
  journal =      j-TOPS,
  volume =       "26",
  number =       "3",
  pages =        "42:1--42:??",
  month =        aug,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3603627",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Sat Aug 19 07:23:52 MDT 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3603627",
  abstract =     "Large genomic datasets are created through numerous
                 activities, including recreational genealogical
                 investigations, biomedical research, and clinical care.
                 At the same time, genomic data has become valuable for
                 reuse beyond their initial point of \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "42",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Gong:2023:BBA,
  author =       "Xueluan Gong and Yanjiao Chen and Wenbin Yang and
                 Huayang Huang and Qian Wang",
  title =        "{$ B^3 $}: Backdoor Attacks against Black-box Machine
                 Learning Models",
  journal =      j-TOPS,
  volume =       "26",
  number =       "4",
  pages =        "43:1--43:??",
  month =        nov,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3605212",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Tue Dec 5 08:41:54 MST 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3605212",
  abstract =     "Backdoor attacks aim to inject backdoors to victim
                 machine learning models during training time, such that
                 the backdoored model maintains the prediction power of
                 the original model towards clean inputs and misbehaves
                 towards backdoored inputs with the \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "43",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Chen:2023:TME,
  author =       "Jinfu Chen and Luo Song and Saihua Cai and Haodi Xie
                 and Shang Yin and Bilal Ahmad",
  title =        "{TLS-MHSA}: an Efficient Detection Model for Encrypted
                 Malicious Traffic based on Multi-Head Self-Attention
                 Mechanism",
  journal =      j-TOPS,
  volume =       "26",
  number =       "4",
  pages =        "44:1--44:??",
  month =        nov,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3613960",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Tue Dec 5 08:41:54 MST 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3613960",
  abstract =     "In recent years, the use of TLS (Transport Layer
                 Security) protocol to protect communication information
                 has become increasingly popular as users are more aware
                 of network security. However, hackers have also
                 exploited the salient features of the TLS \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "44",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Paladini:2023:FDU,
  author =       "Tommaso Paladini and Francesco Monti and Mario Polino
                 and Michele Carminati and Stefano Zanero",
  title =        "Fraud Detection under Siege: Practical Poisoning
                 Attacks and Defense Strategies",
  journal =      j-TOPS,
  volume =       "26",
  number =       "4",
  pages =        "45:1--45:??",
  month =        nov,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3613244",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Tue Dec 5 08:41:54 MST 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3613244",
  abstract =     "Machine learning (ML) models are vulnerable to
                 adversarial machine learning (AML) attacks. Unlike
                 other contexts, the fraud detection domain is
                 characterized by inherent challenges that make
                 conventional approaches hardly applicable. In this
                 article, we \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "45",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Kim:2023:LSA,
  author =       "Dohyun Kim and Mangi Cho and Hocheol Shin and Jaehoon
                 Kim and Juhwan Noh and Yongdae Kim",
  title =        "{Lightbox}: Sensor Attack Detection for Photoelectric
                 Sensors via Spectrum Fingerprinting",
  journal =      j-TOPS,
  volume =       "26",
  number =       "4",
  pages =        "46:1--46:??",
  month =        nov,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3615867",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Tue Dec 5 08:41:54 MST 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3615867",
  abstract =     "Photoelectric sensors are utilized in a range of
                 safety-critical applications, such as medical devices
                 and autonomous vehicles. However, the public exposure
                 of the input channel of a photoelectric sensor makes it
                 vulnerable to malicious inputs. Several \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "46",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Sakib:2023:MIL,
  author =       "Shahnewaz Karim Sakib and George T. Amariucai and Yong
                 Guan",
  title =        "Measures of Information Leakage for Incomplete
                 Statistical Information: Application to a Binary
                 Privacy Mechanism",
  journal =      j-TOPS,
  volume =       "26",
  number =       "4",
  pages =        "47:1--47:??",
  month =        nov,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3624982",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Tue Dec 5 08:41:54 MST 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3624982",
  abstract =     "Information leakage is usually defined as the
                 logarithmic increment in the adversary's probability of
                 correctly guessing the legitimate user's private data
                 or some arbitrary function of the private data when
                 presented with the legitimate user's publicly
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "47",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Eren:2023:SSC,
  author =       "Maksim E. Eren and Manish Bhattarai and Robert J.
                 Joyce and Edward Raff and Charles Nicholas and Boian S.
                 Alexandrov",
  title =        "Semi-Supervised Classification of Malware Families
                 Under Extreme Class Imbalance via Hierarchical
                 Non-Negative Matrix Factorization with Automatic Model
                 Selection",
  journal =      j-TOPS,
  volume =       "26",
  number =       "4",
  pages =        "48:1--48:??",
  month =        nov,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3624567",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Tue Dec 5 08:41:54 MST 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3624567",
  abstract =     "Identification of the family to which a malware
                 specimen belongs is essential in understanding the
                 behavior of the malware and developing mitigation
                 strategies. Solutions proposed by prior work, however,
                 are often not practicable due to the lack of \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "48",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Zhang:2023:SQE,
  author =       "Chenhan Zhang and Shiyao Zhang and James J. Q. Yu and
                 Shui Yu",
  title =        "{SAM}: Query-efficient Adversarial Attacks against
                 Graph Neural Networks",
  journal =      j-TOPS,
  volume =       "26",
  number =       "4",
  pages =        "49:1--49:??",
  month =        nov,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3611307",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Tue Dec 5 08:41:54 MST 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3611307",
  abstract =     "Recent studies indicate that Graph Neural Networks
                 (GNNs) are vulnerable to adversarial attacks.
                 Particularly, adversarially perturbing the graph
                 structure, e.g., flipping edges, can lead to salient
                 degeneration of GNNs' accuracy. In general, efficiency
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "49",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Bansal:2023:SAR,
  author =       "Ayoosh Bansal and Anant Kandikuppa and Monowar Hasan
                 and Chien-Ying Chen and Adam Bates and Sibin Mohan",
  title =        "System Auditing for Real-Time Systems",
  journal =      j-TOPS,
  volume =       "26",
  number =       "4",
  pages =        "50:1--50:??",
  month =        nov,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3625229",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Tue Dec 5 08:41:54 MST 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3625229",
  abstract =     "System auditing is an essential tool for detecting
                 malicious events and conducting forensic analysis.
                 Although used extensively on general-purpose systems,
                 auditing frameworks have not been designed with
                 consideration for the unique constraints and \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "50",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Sajid:2023:SCV,
  author =       "Md Sajidul Islam Sajid and Jinpeng Wei and Ehab
                 Al-Shaer and Qi Duan and Basel Abdeen and Latifur
                 Khan",
  title =        "{symbSODA}: Configurable and Verifiable Orchestration
                 Automation for Active Malware Deception",
  journal =      j-TOPS,
  volume =       "26",
  number =       "4",
  pages =        "51:1--51:??",
  month =        nov,
  year =         "2023",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3624568",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Tue Dec 5 08:41:54 MST 2023",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3624568",
  abstract =     "Malware is commonly used by adversaries to compromise
                 and infiltrate cyber systems in order to steal
                 sensitive information or destroy critical assets.
                 Active Cyber Deception (ACD) has emerged as an
                 effective proactive cyber defense against malware to
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "51",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Wang:2024:SAS,
  author =       "Shen Wang and Mahshid Delavar and Muhammad Ajmal Azad
                 and Farshad Nabizadeh and Steve Smith and Feng Hao",
  title =        "Spoofing Against Spoofing: Toward Caller {ID}
                 Verification in Heterogeneous Telecommunication
                 Systems",
  journal =      j-TOPS,
  volume =       "27",
  number =       "1",
  pages =        "1:1--1:??",
  month =        feb,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3625546",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Feb 15 10:23:39 MST 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3625546",
  abstract =     "Caller ID spoofing is a global industry problem and
                 often acts as a critical enabler for telephone fraud.
                 To address this problem, the Federal Communications
                 Commission has mandated telecom providers in the U.S.
                 to implement STIR/SHAKEN, an industry-. \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "1",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Ottmann:2024:EAI,
  author =       "Jenny Ottmann and Frank Breitinger and Felix
                 Freiling",
  title =        "An Experimental Assessment of Inconsistencies in
                 Memory Forensics",
  journal =      j-TOPS,
  volume =       "27",
  number =       "1",
  pages =        "2:1--2:??",
  month =        feb,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3628600",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Feb 15 10:23:39 MST 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3628600",
  abstract =     "Memory forensics is concerned with the acquisition and
                 analysis of copies of volatile memory (memory dumps).
                 Based on an empirical assessment of observable
                 inconsistencies in 360 memory dumps of a running Linux
                 system, we confirm a state of overwhelming \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "2",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Blass:2024:FSC,
  author =       "Erik-Oliver Blass and Guevara Noubir",
  title =        "Forward Security with Crash Recovery for Secure Logs",
  journal =      j-TOPS,
  volume =       "27",
  number =       "1",
  pages =        "3:1--3:??",
  month =        feb,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3631524",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Feb 15 10:23:39 MST 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3631524",
  abstract =     "Logging is a key mechanism in the security of computer
                 systems. Beyond supporting important forward security
                 properties, it is critical that logging withstands both
                 failures and intentional tampering to prevent subtle
                 attacks leaving the system in an \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "3",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Cao:2024:EHD,
  author =       "Han Cao and Qindong Sun and Yaqi Li and Rong Geng and
                 Xiaoxiong Wang",
  title =        "Efficient History-Driven Adversarial Perturbation
                 Distribution Learning in Low Frequency Domain",
  journal =      j-TOPS,
  volume =       "27",
  number =       "1",
  pages =        "4:1--4:??",
  month =        feb,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3632293",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Feb 15 10:23:39 MST 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3632293",
  abstract =     "The existence of adversarial image makes us have to
                 doubt the credibility of artificial intelligence
                 system. Attackers can use carefully processed
                 adversarial images to carry out a variety of attacks.
                 Inspired by the theory of image compressed sensing,
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "4",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Shrestha:2024:SBT,
  author =       "Prakash Shrestha and Ahmed Tanvir Mahdad and Nitesh
                 Saxena",
  title =        "Sound-based Two-factor Authentication: Vulnerabilities
                 and Redesign",
  journal =      j-TOPS,
  volume =       "27",
  number =       "1",
  pages =        "5:1--5:??",
  month =        feb,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3632175",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Feb 15 10:23:39 MST 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3632175",
  abstract =     "Reducing the level of user effort involved in
                 traditional two-factor authentication (TFA) constitutes
                 an important research topic. An interesting
                 representative approach, Sound-Proof, leverages ambient
                 sounds to detect the proximity between the second-.
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "5",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Swarnkar:2024:OOC,
  author =       "Mayank Swarnkar and Neha Sharma",
  title =        "{OptiClass}: an Optimized Classifier for Application
                 Layer Protocols Using Bit Level Signatures",
  journal =      j-TOPS,
  volume =       "27",
  number =       "1",
  pages =        "6:1--6:??",
  month =        feb,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3633777",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Feb 15 10:23:39 MST 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3633777",
  abstract =     "Network traffic classification has many applications,
                 such as security monitoring, quality of service,
                 traffic engineering, and so on. For the aforementioned
                 applications, Deep Packet Inspection (DPI) is a
                 popularly used technique for traffic \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "6",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Zeng:2024:ESH,
  author =       "Yong Zeng and Jiale Liu and Tong Dong and Qingqi Pei
                 and Jianfeng Ma and Yao Liu",
  title =        "Eyes See Hazy while Algorithms Recognize Who You Are",
  journal =      j-TOPS,
  volume =       "27",
  number =       "1",
  pages =        "7:1--7:??",
  month =        feb,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3632292",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Feb 15 10:23:39 MST 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3632292",
  abstract =     "Facial recognition technology has been developed and
                 widely used for decades. However, it has also made
                 privacy concerns and researchers' expectations for
                 facial recognition privacy-preserving technologies. To
                 provide privacy, detailed or semantic \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "7",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Kluban:2024:DME,
  author =       "Maryna Kluban and Mohammad Mannan and Amr Youssef",
  title =        "On Detecting and Measuring Exploitable {JavaScript}
                 Functions in Real-world Applications",
  journal =      j-TOPS,
  volume =       "27",
  number =       "1",
  pages =        "8:1--8:??",
  month =        feb,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3630253",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Feb 15 10:23:39 MST 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/java2020.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3630253",
  abstract =     "JavaScript is often rated as the most popular
                 programming language for the development of both
                 client-side and server-side applications. Because of
                 its popularity, JavaScript has become a frequent target
                 for attackers who exploit vulnerabilities in the
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "8",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Tang:2024:DSR,
  author =       "Li Tang and Qingqing Ye and Haibo Hu and Qiao Xue and
                 Yaxin Xiao and Jin Li",
  title =        "{DeepMark}: a Scalable and Robust Framework for
                 {DeepFake} Video Detection",
  journal =      j-TOPS,
  volume =       "27",
  number =       "1",
  pages =        "9:1--9:??",
  month =        feb,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3629976",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Feb 15 10:23:39 MST 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3629976",
  abstract =     "With the rapid growth of DeepFake video techniques, it
                 becomes increasingly challenging to identify them
                 visually, posing a huge threat to our society.
                 Unfortunately, existing detection schemes are limited
                 to exploiting the artifacts left by DeepFake \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "9",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Wang:2024:DUE,
  author =       "Li Wang and Xiangtao Meng and Dan Li and Xuhong Zhang
                 and Shouling Ji and Shanqing Guo",
  title =        "{DEEPFAKER}: a Unified Evaluation Platform for Facial
                 Deepfake and Detection Models",
  journal =      j-TOPS,
  volume =       "27",
  number =       "1",
  pages =        "10:1--10:??",
  month =        feb,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3634914",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Feb 15 10:23:39 MST 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3634914",
  abstract =     "Deepfake data contains realistically manipulated
                 faces-its abuses pose a huge threat to the security and
                 privacy-critical applications. Intensive research from
                 academia and industry has produced many
                 deepfake/detection models, leading to a constant race
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "10",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Chen:2024:SHG,
  author =       "Liqun Chen and Changyu Dong and Christopher J. P.
                 Newton and Yalan Wang",
  title =        "Sphinx-in-the-Head: Group Signatures from Symmetric
                 Primitives",
  journal =      j-TOPS,
  volume =       "27",
  number =       "1",
  pages =        "11:1--11:??",
  month =        feb,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3638763",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Feb 15 10:23:39 MST 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3638763",
  abstract =     "Group signatures and their variants have been widely
                 used in privacy-sensitive scenarios such as anonymous
                 authentication and attestation. In this paper, we
                 present a new post-quantum group signature scheme from
                 symmetric primitives. Using only symmetric \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "11",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Qiao:2024:NIB,
  author =       "Yan Qiao and Kui Wu and Majid Khabbazian",
  title =        "Non-intrusive Balance Tomography Using Reinforcement
                 Learning in the Lightning Network",
  journal =      j-TOPS,
  volume =       "27",
  number =       "1",
  pages =        "12:1--12:??",
  month =        feb,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3639366",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Feb 15 10:23:39 MST 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/bitcoin.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3639366",
  abstract =     "The Lightning Network (LN) is a second layer system
                 for solving the scalability problem of Bitcoin
                 transactions. In the current implementation of LN,
                 channel capacity (i.e., the sum of individual balances
                 held in the channel) is public information, while
                 individual balances are kept secret for privacy
                 concerns. Attackers may discover a particular balance
                 of a channel by sending multiple fake payments through
                 the channel. Such an attack, however, can hardly
                 threaten the security of the LN system due to its high
                 cost and noticeable intrusions. In this work, we
                 present a novel non-intrusive balance tomography
                 attack, which infers channel balances silently by
                 performing legal transactions between two pre-created
                 LN nodes. To minimize the cost of the attack, we
                 propose an algorithm to compute the optimal payment
                 amount for each transaction and design a path
                 construction method using reinforcement learning to
                 explore the most informative path to conduct the
                 transactions. Finally, we propose two approaches
                 (NIBT-RL and NIBT-RL-$ \beta $) to accurately and
                 efficiently infer all individual balances using the
                 results of these transactions. Experiments using
                 simulated account balances over actual LN topology show
                 that our method can accurately infer 90\% to 94\% of
                 all balances in LN with around 12 USD.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "12",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Shi:2024:UCC,
  author =       "Zhenpeng Shi and Nikolay Matyunin and Kalman Graffi
                 and David Starobinski",
  title =        "Uncovering {CWE-CVE-CPE} Relations with Threat
                 Knowledge Graphs",
  journal =      j-TOPS,
  volume =       "27",
  number =       "1",
  pages =        "13:1--13:??",
  month =        feb,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3641819",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Feb 15 10:23:39 MST 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3641819",
  abstract =     "Security assessment relies on public information about
                 products, vulnerabilities, and weaknesses. So far,
                 databases in these categories have rarely been analyzed
                 in combination. Yet, doing so could help predict
                 unreported vulnerabilities and identify \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "13",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Ebrahimpour:2024:BFS,
  author =       "Ghader Ebrahimpour and Mohammad Sayad Haghighi",
  title =        "Is Bitcoin Future as Secure as We Think? {Analysis} of
                 Bitcoin Vulnerability to Bribery Attacks Launched
                 through Large Transactions",
  journal =      j-TOPS,
  volume =       "27",
  number =       "2",
  pages =        "14:1--14:??",
  month =        may,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3641546",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jun 14 06:53:34 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/bitcoin.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3641546",
  abstract =     "Bitcoin uses blockchain technology to maintain
                 transactions order and provides probabilistic
                 guarantees to prevent double-spending, assuming that an
                 attacker's computational power does not exceed 50\% of
                 the network power. In this article, we design a novel
                 bribery attack and show that this guarantee can be
                 hugely undermined. Miners are assumed to be rational in
                 this setup, and they are given incentives that are
                 dynamically calculated. In this attack, the adversary
                 misuses the Bitcoin protocol to bribe miners and
                 maximize their gained advantage. We will reformulate
                 the bribery attack to propose a general mathematical
                 foundation upon which we build multiple strategies. We
                 show that, unlike Whale Attack, these strategies are
                 practical, especially in the future when halvings lower
                 the mining rewards. In the so-called ``guaranteed
                 variable-rate bribing with commitment'' strategy,
                 through optimization by Differential Evolution (DE), we
                 show how double-spending is possible in the Bitcoin
                 ecosystem for any transaction whose value is above
                 218.9BTC, and this comes with 100\% success rate. A
                 slight reduction in the success probability, e.g., by
                 10%, brings the threshold down to 165BTC. If the
                 rationality assumption holds, then this shows how
                 vulnerable blockchain-based systems like Bitcoin
                 are. We suggest a soft fork on Bitcoin to fix this
                 issue at the end.",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "14",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Concone:2024:AAS,
  author =       "Federico Concone and Salvatore Gaglio and Andrea
                 Giammanco and Giuseppe {Lo Re} and Marco Morana",
  title =        "{AdverSPAM}: {Adversarial SPam} Account Manipulation
                 in Online Social Networks",
  journal =      j-TOPS,
  volume =       "27",
  number =       "2",
  pages =        "15:1--15:??",
  month =        may,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3643563",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jun 14 06:53:34 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3643563",
  abstract =     "In recent years, the widespread adoption of Machine
                 Learning (ML) at the core of complex IT systems has
                 driven researchers to investigate the security and
                 reliability of ML techniques. A very specific kind of
                 threats concerns the adversary mechanisms \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "15",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Sommer:2024:CCS,
  author =       "Florian Sommer and Mona Gierl and Reiner Kriesten and
                 Frank Kargl and Eric Sax",
  title =        "Combining Cyber Security Intelligence to Refine
                 Automotive Cyber Threats",
  journal =      j-TOPS,
  volume =       "27",
  number =       "2",
  pages =        "16:1--16:??",
  month =        may,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3644075",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jun 14 06:53:34 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3644075",
  abstract =     "Modern vehicles increasingly rely on electronics,
                 software, and communication technologies (cyber space)
                 to perform their driving task. Over-The-Air (OTA)
                 connectivity further extends the cyber space by
                 creating remote access entry points. Accordingly,
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "16",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Chen:2024:MMS,
  author =       "Jiayi Chen and Urs Hengartner and Hassan Khan",
  title =        "{MRAAC}: a Multi-stage Risk-aware Adaptive
                 Authentication and Access Control Framework for
                 {Android}",
  journal =      j-TOPS,
  volume =       "27",
  number =       "2",
  pages =        "17:1--17:??",
  month =        may,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3648372",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jun 14 06:53:34 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3648372",
  abstract =     "Adaptive authentication enables smartphones and
                 enterprise apps to decide when and how to authenticate
                 users based on contextual and behavioral factors. In
                 practice, a system may employ multiple policies to
                 adapt its authentication mechanisms and access
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "17",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Bayer:2024:CDA,
  author =       "Markus Bayer and Philipp Kuehn and Ramin Shanehsaz and
                 Christian Reuter",
  title =        "{CySecBERT}: a Domain-Adapted Language Model for the
                 Cybersecurity Domain",
  journal =      j-TOPS,
  volume =       "27",
  number =       "2",
  pages =        "18:1--18:??",
  month =        may,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3652594",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jun 14 06:53:34 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3652594",
  abstract =     "The field of cysec is evolving fast. Security
                 professionals are in need of intelligence on past,
                 current and -ideally --- upcoming threats, because
                 attacks are becoming more advanced and are increasingly
                 targeting larger and more complex systems. Since the
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "18",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Bernabe-Rodriguez:2024:DPD,
  author =       "Julen Bernab{\'e}-Rodr{\'\i}guez and Albert Garreta
                 and Oscar Lage",
  title =        "A Decentralized Private Data Marketplace using
                 Blockchain and Secure Multi-Party Computation",
  journal =      j-TOPS,
  volume =       "27",
  number =       "2",
  pages =        "19:1--19:??",
  month =        may,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3652162",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jun 14 06:53:34 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3652162",
  abstract =     "Big data has proven to be a very useful tool for
                 companies and users, but companies with larger datasets
                 have ended being more competitive than the others
                 thanks to machine learning or artificial intelligence.
                 Secure multi-party computation (SMPC) allows \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "19",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Park:2024:TRA,
  author =       "Namgyu Park and Jong Kim",
  title =        "Toward Robust {ASR} System against Audio Adversarial
                 Examples using Agitated Logit",
  journal =      j-TOPS,
  volume =       "27",
  number =       "2",
  pages =        "20:1--20:??",
  month =        may,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3661822",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Fri Jun 14 06:53:34 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3661822",
  abstract =     "Automatic speech recognition (ASR) systems are
                 vulnerable to audio adversarial examples, which aim at
                 deceiving ASR systems by adding perturbations to benign
                 speech signals. These audio adversarial examples appear
                 indistinguishable from benign audio waves,. \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "20",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Valentim:2024:XSA,
  author =       "Rodolfo Vieira Valentim and Idilio Drago and Marco
                 Mellia and Federico Cerutti",
  title =        "{X-squatter}: {AI} Multilingual Generation of
                 Cross-Language Sound-squatting",
  journal =      j-TOPS,
  volume =       "27",
  number =       "3",
  pages =        "21:1--21:??",
  month =        aug,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3663569",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Aug 22 12:59:04 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3663569",
  abstract =     "Sound-squatting is a squatting technique that exploits
                 similarities in word pronunciation to trick users into
                 accessing malicious resources. It is an understudied
                 threat that has gained traction with the popularity of
                 smart speakers and audio-only content,. \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "21",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Ameer:2024:ZIN,
  author =       "Safwa Ameer and Lopamudra Praharaj and Ravi Sandhu and
                 Smriti Bhatt and Maanak Gupta",
  title =        "{ZTA-IoT}: a Novel Architecture for Zero-Trust in
                 {IoT} Systems and an Ensuing Usage Control Model",
  journal =      j-TOPS,
  volume =       "27",
  number =       "3",
  pages =        "22:1--22:??",
  month =        aug,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3671147",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Aug 22 12:59:04 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3671147",
  abstract =     "Recently, several researchers motivated the need to
                 integrate Zero Trust (ZT) principles when designing and
                 implementing authentication and authorization systems
                 for IoT. An integrated Zero Trust IoT system comprises
                 the network infrastructure (physical \ldots{})",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "22",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Ahmed:2024:SAC,
  author =       "Abu Shohel Ahmed and Aleksi Peltonen and Mohit Sethi
                 and Tuomas Aura",
  title =        "Security Analysis of the Consumer Remote {SIM}
                 Provisioning Protocol",
  journal =      j-TOPS,
  volume =       "27",
  number =       "3",
  pages =        "23:1--23:??",
  month =        aug,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3663761",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Aug 22 12:59:04 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3663761",
  abstract =     "Remote SIM provisioning (RSP) for consumer devices is
                 the protocol specified by the GSM Association for
                 downloading SIM profiles into a secure element in a
                 mobile device. The process is commonly known as eSIM,
                 and it is expected to replace removable SIM \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "23",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{He:2024:CCL,
  author =       "Xinyu He and Fengrui Hao and Tianlong Gu and Liang
                 Chang",
  title =        "{CBAs}: Character-level Backdoor Attacks against
                 {Chinese} Pre-trained Language Models",
  journal =      j-TOPS,
  volume =       "27",
  number =       "3",
  pages =        "24:1--24:??",
  month =        aug,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3678007",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Aug 22 12:59:04 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3678007",
  abstract =     "Pre-trained language models (PLMs) aim to assist
                 computers in various domains to provide natural and
                 efficient language interaction and text processing
                 capabilities. However, recent studies have shown that
                 PLMs are highly vulnerable to malicious backdoor
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "24",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Gunasinghe:2024:PPP,
  author =       "Hasini Gunasinghe and Mikhail Atallah and Elisa
                 Bertino",
  title =        "{PEBASI}: a Privacy preserving, Efficient Biometric
                 Authentication Scheme based on Irises",
  journal =      j-TOPS,
  volume =       "27",
  number =       "3",
  pages =        "25:1--25:??",
  month =        aug,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3677017",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Aug 22 12:59:04 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3677017",
  abstract =     "We introduce a novel privacy-preserving biometric
                 authentication scheme based on irises that allows a
                 user to enroll once at a trusted biometric
                 certification authority (BCA) and authenticate to
                 online service providers (SPs) multiple times without
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "25",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Ou:2024:VMA,
  author =       "Weihan Ou and Steven Ding and Mohammad Zulkernine and
                 Li Tao Li and Sarah Labrosse",
  title =        "{VeriBin}: a Malware Authorship Verification Approach
                 for {APT} Tracking through Explainable and
                 Functionality-Debiasing Adversarial Representation
                 Learning",
  journal =      j-TOPS,
  volume =       "27",
  number =       "3",
  pages =        "26:1--26:??",
  month =        aug,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3669901",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Aug 22 12:59:04 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3669901",
  abstract =     "Malware attacks are posing a significant threat to
                 national security, cooperate network, and public
                 endpoint security. Identifying the Advanced Persistent
                 Threat (APT) groups behind the attacks and grouping
                 their activities into attack campaigns help \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "26",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{sathi:2024:BYI,
  author =       "Vipin N. Sathi and C. Siva Ram Murthy",
  title =        "Boost Your Immunity: {VACCINE} for Preventing a Novel
                 Stealthy Slice Selection Attack in {5G} and Beyond",
  journal =      j-TOPS,
  volume =       "27",
  number =       "4",
  pages =        "27:1--27:??",
  month =        nov,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3686152",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Oct 10 08:29:30 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3686152",
  abstract =     "G networks can offer network slices customized
                 according to the demands of the services to enhance the
                 quality of their users' experience. The time for
                 selecting an appropriate network slice to facilitate
                 traffic flow between users and services by the
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "27",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Schulmann:2024:ZMB,
  author =       "Haya Schulmann and Shujie Zhao",
  title =        "{ZPredict}: {ML}-Based {IPID} Side-channel
                 Measurements",
  journal =      j-TOPS,
  volume =       "27",
  number =       "4",
  pages =        "28:1--28:??",
  month =        nov,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3672560",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Oct 10 08:29:30 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3672560",
  abstract =     "Network reconnaissance and measurements play a central
                 role in improving Internet security and are important
                 for understanding the current deployments and trends.
                 Such measurements often require coordination with the
                 measured target. This limits the \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "28",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Sateesan:2024:SHO,
  author =       "Arish Sateesan and Jo Vliegen and Simon Scherrer and
                 Hsu-Chun Hsiao and Adrian Perrig and Nele Mentens",
  title =        "{SPArch}: a Hardware-oriented Sketch-based
                 Architecture for High-speed Network Flow Measurements",
  journal =      j-TOPS,
  volume =       "27",
  number =       "4",
  pages =        "29:1--29:??",
  month =        nov,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3687477",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Oct 10 08:29:30 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3687477",
  abstract =     "Network flow measurement is an integral part of modern
                 high-speed applications for network security and
                 data-stream processing. However, processing at line
                 rate while maintaining the required data structure
                 within the on-chip memory of the hardware \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "29",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Mohanty:2024:FFP,
  author =       "Susil Kumar Mohanty and Somanath Tripathy",
  title =        "{Flexichain}: Flexible Payment Channel Network to
                 Defend Against Channel Exhaustion Attack",
  journal =      j-TOPS,
  volume =       "27",
  number =       "4",
  pages =        "30:1--30:??",
  month =        nov,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3687476",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Oct 10 08:29:30 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/bitcoin.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3687476",
  abstract =     "The payment channel network (PCN) is an effective
                 off-chain scaling solution widely recognized for
                 reducing operational costs on permissionless
                 blockchains. However, it still faces challenges such as
                 lack of flexibility, channel exhaustion, and poor
                 \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "30",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Ceragioli:2024:SVI,
  author =       "Lorenzo Ceragioli and Letterio Galletta and Pierpaolo
                 Degano and David Basin",
  title =        "Specifying and Verifying Information Flow Control in
                 {SELinux} Configurations",
  journal =      j-TOPS,
  volume =       "27",
  number =       "4",
  pages =        "31:1--31:??",
  month =        nov,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3690636",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Oct 10 08:29:30 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/linux.bib;
                 https://www.math.utah.edu/pub/tex/bib/tops.bib;
                 https://www.math.utah.edu/pub/tex/bib/unix.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3690636",
  abstract =     "Security Enhanced Linux (SELinux) is a security
                 architecture for Linux implementing Mandatory Access
                 Control. It has been used in numerous security-critical
                 contexts ranging from servers to mobile devices.
                 However, its application is challenging as \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "31",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}

@Article{Ahmed:2024:DDE,
  author =       "Mukhtar Ahmed and Jinfu Chen and Ernest Akpaku and
                 Rexford Nii Ayitey Sosu and Ajmal Latif",
  title =        "{DELM}: Deep Ensemble Learning Model for Anomaly
                 Detection in Malicious Network Traffic-based Adaptive
                 Feature Aggregation and Network Optimization",
  journal =      j-TOPS,
  volume =       "27",
  number =       "4",
  pages =        "32:1--32:??",
  month =        nov,
  year =         "2024",
  CODEN =        "????",
  DOI =          "https://doi.org/10.1145/3690637",
  ISSN =         "2471-2566 (print), 2471-2574 (electronic)",
  ISSN-L =       "2471-2566",
  bibdate =      "Thu Oct 10 08:29:30 MDT 2024",
  bibsource =    "https://www.math.utah.edu/pub/tex/bib/tops.bib",
  URL =          "https://dl.acm.org/doi/10.1145/3690637",
  abstract =     "With the rapid advancements in internet technology,
                 the complexity and sophistication of network traffic
                 attacks are increasing, making it challenging for
                 traditional anomaly detection systems to analyze and
                 detect malicious network attacks. The \ldots{}",
  acknowledgement = ack-nhfb,
  ajournal =     "ACM Trans. Priv. Secur.",
  articleno =    "32",
  fjournal =     "ACM Transactions on Privacy and Security (TOPS)",
  journal-URL =  "https://dl.acm.org/loi/tops",
}