XiaoFeng Wang

According to our database1, XiaoFeng Wang
  • authored at least 100 papers between 2003 and 2017.
  • has a "Dijkstra number"2 of four.

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Other 

Links

On csauthors.net:

Bibliography

2017
Addressing Beacon re-identification attacks: quantification and mitigation of privacy risks.
JAMIA, 2017

Apple ZeroConf Holes: How Hackers Can Steal iPhone Photos.
IEEE Security & Privacy, 2017

Privacy Loss in Apple's Implementation of Differential Privacy on MacOS 10.12.
CoRR, 2017

Understanding IoT Security Through the Data Crystal Ball: Where We Are Now and Where We Are Going to Be.
CoRR, 2017

Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX.
CoRR, 2017

Guardian of the HAN: Thwarting Mobile Attacks on Smart-Home Devices Using OS-level Situation Awareness.
CoRR, 2017

HanGuard: SDN-driven protection of smart home WiFi devices from malicious mobile apps.
Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks, 2017

SmartAuth: User-Centered Authorization for the Internet of Things.
Proceedings of the 26th USENIX Security Symposium, 2017

Picking Up My Tab: Understanding and Mitigating Synchronized Token Lifting and Spending in Mobile Payment.
Proceedings of the 26th USENIX Security Symposium, 2017

Filtering for Malice Through the Data Ocean: Large-Scale PHA Install Detection at the Communication Service Provider Level.
Proceedings of the Research in Attacks, Intrusions, and Defenses, 2017

An empirical characterization of IFTTT: ecosystem, usage, and performance.
Proceedings of the 2017 Internet Measurement Conference, 2017

Ghost Installer in the Shadow: Security Analysis of App Installation on Android.
Proceedings of the 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2017

SemFuzz: Semantics-based Automatic Generation of Proof-of-Concept Exploits.
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX.
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

Unleashing the Walking Dead: Understanding Cross-App Remote Infections on Mobile WebViews.
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

Mass Discovery of Android Traffic Imprints through Instantiated Partial Execution.
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

2016
Seeking Nonsense, Looking for Trouble: Efficient Promotional-Infection Detection through Semantic Inconsistency Search.
Proceedings of the IEEE Symposium on Security and Privacy, 2016

Following Devil's Footprints: Cross-Platform Analysis of Potentially Harmful Libraries on Android and iOS.
Proceedings of the IEEE Symposium on Security and Privacy, 2016

Staying Secure and Unprepared: Understanding and Mitigating the Security Risks of Apple ZeroConf.
Proceedings of the IEEE Symposium on Security and Privacy, 2016

Acing the IOC Game: Toward Automatic Discovery and Analysis of Open-Source Cyber Threat Intelligence.
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

Lurking Malice in the Cloud: Understanding and Detecting Cloud Repository as a Malicious Service.
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

Catching predators at watering holes: finding and understanding strategically compromised websites.
Proceedings of the 32nd Annual Conference on Computer Security Applications, 2016

2015
Choosing blindly but wisely: differentially private solicitation of DNA datasets for disease marker discovery.
JAMIA, 2015

Privacy in the Genomic Era.
IACR Cryptology ePrint Archive, 2015

Privacy in the Genomic Era.
ACM Comput. Surv., 2015

Unauthorized Cross-App Resource Access on MAC OS X and iOS.
CoRR, 2015

Finding Unknown Malice in 10 Seconds: Mass Vetting for New Threats at the Google-Play Scale.
Proceedings of the 24th USENIX Security Symposium, 2015

Leave Me Alone: App-Level Protection against Runtime Information Gathering on Android.
Proceedings of the 2015 IEEE Symposium on Security and Privacy, 2015

Elite: Automatic Orchestration of Elastic Detection Services to Secure Cloud Hosting.
Proceedings of the Research in Attacks, Intrusions, and Defenses, 2015

What's in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources.
Proceedings of the 22nd Annual Network and Distributed System Security Symposium, 2015

OpenSRN: A software-defined semantic routing network architecture.
Proceedings of the 2015 IEEE Conference on Computer Communications Workshops, 2015

Cracking App Isolation on Apple: Unauthorized Cross-App Resource Access on MAC OS~X and iOS.
Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

Efficient Genome-Wide, Privacy-Preserving Similar Patient Query based on Private Edit Distance.
Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

Perplexed Messengers from the Cloud: Automated Security Analysis of Push-Messaging Integrations.
Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

Practicing Oblivious Access on Cloud Storage: the Gap, the Fallacy, and the New Way Forward.
Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

Hare Hunting in the Wild Android: A Study on the Threat of Hanging Attribute References.
Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

2014
Thwarting Wi-Fi Side-Channel Analysis through Traffic Demultiplexing.
IEEE Trans. Wireless Communications, 2014

Privacy and Security in the Genomic Era.
CoRR, 2014

Understanding the Dark Side of Domain Parking.
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations.
Proceedings of the 2014 IEEE Symposium on Security and Privacy, 2014

Upgrading Your Android, Elevating My Malware: Privilege Escalation through Mobile OS Updating.
Proceedings of the 2014 IEEE Symposium on Security and Privacy, 2014

Hunting the Red Fox Online: Understanding and Detection of Mass Redirect-Script Injections.
Proceedings of the 2014 IEEE Symposium on Security and Privacy, 2014

Inside Job: Understanding and Mitigating the Threat of External Device Mis-Binding on Android.
Proceedings of the 21st Annual Network and Distributed System Security Symposium, 2014

Screenmilker: How to Milk Your Android Screen for Secrets.
Proceedings of the 21st Annual Network and Distributed System Security Symposium, 2014

The Tangled Web of Password Reuse.
Proceedings of the 21st Annual Network and Distributed System Security Symposium, 2014

Privacy Risk in Anonymized Heterogeneous Information Networks.
Proceedings of the 17th International Conference on Extending Database Technology, 2014

Controlled Functional Encryption.
Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

Mayhem in the Push Clouds: Understanding and Mitigating Security Hazards in Mobile Push-Messaging Services.
Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

2013
Finding the Linchpins of the Dark Web: a Study on Topologically Dedicated Hosts on Malicious Web Infrastructures.
Proceedings of the 2013 IEEE Symposium on Security and Privacy, 2013

InteGuard: Toward Automatic Protection of Third-Party Web Service Integrations.
Proceedings of the 20th Annual Network and Distributed System Security Symposium, 2013

Identity, location, disease and more: inferring your secrets from android public resources.
Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013

Unauthorized origin crossing on mobile platforms: threats and mitigation.
Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013

2012
Signing Me onto Your Accounts through Facebook and Google: A Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services.
Proceedings of the IEEE Symposium on Security and Privacy, 2012

Large-Scale Privacy-Preserving Mapping of Human Genomic Sequences on Hybrid Clouds.
Proceedings of the 19th Annual Network and Distributed System Security Symposium, 2012

Privacy Protection in Sharing Personal Genome Sequencing Data.
Proceedings of the 2012 IEEE Second International Conference on Healthcare Informatics, 2012

Knowing your enemy: understanding and detecting malicious web advertising.
Proceedings of the ACM Conference on Computer and Communications Security, 2012

2011
Memory and State Exhaustion Denial of Service.
Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011

Computational Puzzles.
Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011

Security Risk Management Using Incentives.
IEEE Security & Privacy, 2011

How to Shop for Free Online - Security Analysis of Cashier-as-a-Service Based Web Stores.
Proceedings of the 32nd IEEE Symposium on Security and Privacy, 2011

Soundcomber: A Stealthy and Context-Aware Sound Trojan for Smartphones.
Proceedings of the Network and Distributed System Security Symposium, 2011

Beyond Risk-Based Access Control: Towards Incentive-Based Access Control.
Proceedings of the Financial Cryptography and Data Security, 2011

To Release or Not to Release: Evaluating Information Leaks in Aggregate Human-Genome Data.
Proceedings of the Computer Security - ESORICS 2011, 2011

Toward securing sensor clouds.
Proceedings of the 2011 International Conference on Collaboration Technologies and Systems, 2011

Sedic: privacy-aware data intensive computing on hybrid clouds.
Proceedings of the 18th ACM Conference on Computer and Communications Security, 2011

2010
Deterring voluntary trace disclosure in re-encryption mix-networks.
ACM Trans. Inf. Syst. Secur., 2010

Using Web-Referral Architectures to Mitigate Denial-of-Service Threats.
IEEE Trans. Dependable Sec. Comput., 2010

Using Budget-Based Access Control to Manage Operational Risks Caused by Insiders.
JoWUA, 2010

Side-Channel Leaks in Web Applications: A Reality Today, a Challenge Tomorrow.
Proceedings of the 31st IEEE Symposium on Security and Privacy, 2010

Mash-IF: Practical information-flow control within client-side mashups.
Proceedings of the 2010 IEEE/IFIP International Conference on Dependable Systems and Networks, 2010

Secure cloud computing with brokered trusted sensor networks.
Proceedings of the 2010 International Symposium on Collaborative Technologies and Systems, 2010

Sidebuster: automated detection and quantification of side-channel leaks in web application development.
Proceedings of the 17th ACM Conference on Computer and Communications Security, 2010

FIRM: capability-based inline mediation of Flash behaviors.
Proceedings of the Twenty-Sixth Annual Computer Security Applications Conference, 2010

2009
Denial of service attacks and defenses in decentralized trust management.
Int. J. Inf. Sec., 2009

Peeping Tom in the Neighborhood: Keystroke Eavesdropping on Multi-User Systems.
Proceedings of the 18th USENIX Security Symposium, 2009

Effective and Efficient Malware Detection at the End Host.
Proceedings of the 18th USENIX Security Symposium, 2009

Mitigating Inadvertent Insider Threats with Incentives.
Proceedings of the Financial Cryptography and Data Security, 2009

Privacy-preserving genomic computation through program specialization.
Proceedings of the 2009 ACM Conference on Computer and Communications Security, 2009

Learning your identity and disease from research papers: information leaks in genome wide association study.
Proceedings of the 2009 ACM Conference on Computer and Communications Security, 2009

Improved layered space time architecture over quasi-static fading channels with unequal power allocation and multistage decoding.
Proceedings of the 22nd Canadian Conference on Electrical and Computer Engineering, 2009

2008
Fast and Black-box Exploit Detection and Signature Generation for Commodity Software.
ACM Trans. Inf. Syst. Secur., 2008

A multi-layer framework for puzzle-based denial-of-service defense.
Int. J. Inf. Sec., 2008

Game-theoretic modeling and analysis of insider threats.
IJCIP, 2008

Delegateable signatures based on non-interactive witness indistinguishable and non-interactive witness hiding proofs.
Science in China Series F: Information Sciences, 2008

Making CAPTCHAs clickable.
Proceedings of the 9th Workshop on Mobile Computing Systems and Applications, 2008

Panalyst: Privacy-Aware Remote Error Analysis on Commodity Software .
Proceedings of the 17th USENIX Security Symposium, 2008

PRECIP: Towards Practical and Retrofittable Confidential Information Protection.
Proceedings of the Network and Distributed System Security Symposium, 2008

AGIS: Towards automatic generation of infection signatures.
Proceedings of the 38th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2008

Towards automatic reverse engineering of software security configurations.
Proceedings of the 2008 ACM Conference on Computer and Communications Security, 2008

2007
SpyShield: Preserving Privacy from Spy Add-Ons.
Proceedings of the Recent Advances in Intrusion Detection, 10th International Symposium, 2007

2006
WRAPS: Denial-of-Service Defense through Web Referrals.
Proceedings of the 25th IEEE Symposium on Reliable Distributed Systems (SRDS 2006), 2006

Deterring Voluntary Trace Disclosure in Re-encryption Mix Networks.
Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P 2006), 2006

Denial of Service Attacks and Defenses in Decentralized Trust Management.
Proceedings of the Second International Conference on Security and Privacy in Communication Networks and the Workshops, 2006

Packet vaccine: black-box exploit detection and signature generation.
Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, Alexandria, VA, USA, Ioctober 30, 2006

Improved Layered Space Time Architecture Through Unequal Power Allocation and Multistage Decoding.
Proceedings of the Canadian Conference on Electrical and Computer Engineering, 2006

2005
Building Reliable Mix Networks with Fair Exchange.
Proceedings of the Applied Cryptography and Network Security, 2005

2004
Stealth attacks in vehicular technologies.
Proceedings of the 60th IEEE Vehicular Technology Conference, 2004

Mitigating bandwidth-exhaustion attacks using congestion puzzles.
Proceedings of the 11th ACM Conference on Computer and Communications Security, 2004

Fragile mixing.
Proceedings of the 11th ACM Conference on Computer and Communications Security, 2004

2003
Defending Against Denial-of-Service Attacks with Puzzle Auction.
Proceedings of the 2003 IEEE Symposium on Security and Privacy (S&P 2003), 2003


  Loading...