Note: Online proceedings are now available!

• A Qualitative Investigation of Insecure Code Propagation from Online Forums
  Michelle Mazurek, Wei Bai, Omer Akgul (University of Maryland)
• Compositional Testing of Network Protocols
  Kenneth L. McMillan (Microsoft Research); Lenore D. Zuck (University of Illinois at Chicago)
• CryptoAPI-Bench: A Comprehensive Benchmark on Java Cryptographic API Misuses
  Sharmin Afrose, Sazzadur Rahaman, Danfeng (Daphne) Yao (Virginia Tech)
• Detecting Callback Related Deep Vulnerabilities in Linux Device Drivers
  Tuba Yavuz (University of Florida)
• Downright: A Framework and Toolchain For Privilege Handling
  Remo Schweizer, Stephan Neuhaus (Zurich University of Applied Sciences)
• Exploitation Techniques and Defenses for Data-Oriented Attacks
  Long Cheng (Clemson University); Hans Liljestrand (Aalto University, Finland); Md Salman Ahmed (Virginia Tech); Thomas Nyman (Aalto University, Finland); Danfeng (Daphne) Yao (Virginia Tech); Trent Jaeger (Pennsylvania State University); N. Asokan (Aalto University, Finland)
• On the Universally Composable Security of OpenStack
  Hoda Maleki (University of Connecticut); Kyle Hogan (MIT); Reza Rahaeimehr (University of Connecticut); Ran Canetti, Mayank Varia, Jason Hennessey (Boston University); Marten van Dijk (University of Connecticut); Haibin Zhang (UMBC)
• Polymorphic Relaxed Noninterference
  Raimil Cruz (University of Chile); Éric Tanter (University of Chile & Inria)
• Role-Based Ecosystem for the Design, Development, and Deployment of Secure Multi-Party Data Analytics Applications
  Andrei Lapets, Kinan Dak Albab, Rawane Issa, Lucy Qin, Mayank Varia, Azer Bestavros, Frederick Jansen (Boston University)
• Self-Authenticating Traditional Domain Names
  Paul Syverson, Matthew Traudt (U.S. Naval Research Laboratory)
• Start your ENGINEs: Dynamically Loadable Contemporary Crypto
  Nicola Tuveri, Billy Bob Brumley (Tampere University)
• System-Level Framework for Logic Obfuscation with Quantified Metrics for Evaluation
  Vivek Venugopalan, Gaurav Kolhe, Andrew Schmidt, Joshua Monson, Matthew French (USC-Information Sciences Institute); Yinghua Hu, Peter A Beerel, Pierluigi Nuzzo (University of Southern California)

Note: Online proceedings are now available!

• Development Cycle Estimation Modeling
  Samuel Denard, Susan Mengel, Atila Ertas, Stephen Ekwaro-Osire (Texas Tech University)
• Effective Static Analysis Enforcement in Complex Cloud Native Dockerized Systems
  Abhishek Pathak, Kaarthik Sivakumar, Jin Sheng, Anlu Yan, Mazhar Haque (Cisco Systems)
• Multi-Cluster Visualization and Live Reporting of Static Analysis Security Testing (SAST) Warnings
  Abhishek Pathak, Kaarthik Sivakumar, Mazhar Haque, Prasanna Ganesan (Cisco Systems)
• OpenOSC: Open Source Object Size Checking Library With Built-in Metrics
  Yongkui Han, Pankil Shah, Richard Livingston (Cisco Systems)
• Using Rules Engine in the Automation of System Security Review
  Abdulrahman Alnaim (Saudi Aramco)
• With Great Abstraction Comes Great Responsibility: Sealing the Microservices Attack Surface
  Chien An Chen (Palo Alto Networks)

• Detecting Security Vulnerabilities with SPARK
  Benjamin Brosgol, Clair Dross, Yannick Moy (AdaCore)
• Indurative: Authenticated Semantics for Free
  John-Paul Smith (Trail of Bits, Inc.)
• OpenOSC and Curioscan: an Object Size Checking Library and the Tool to Collect Its Built-in Metrics
  Yongkui Han, Pankil Shah, Richard Livingston (Cisco Systems)

• A Comprehensive Benchmark on Java Cryptographic API Misuses
  Sharmin Afrose, Sazzadur Rahaman, Danfeng (Daphne) Yao (Virginia Tech)
• A Virtual FPGA Platform for High Assurance Design
  Judea Nifong (Georgia Tech Research Instituted)
• Anomaly-based Intrusion Detection Systems with An Adaptive Threshold Method
  Younghun Chae (Kent State University at Stark); Natallia Katenka, Lisa Cingiser DiPippo (University of Rhode Island)
• Automated conversion of legacy code to Checked C
  Aravind Machiry (University of California, Santa Barbara); Hasan Touma, Ray Chen, Michael Hicks (University of Maryland, College Park)
• BranchCorr: Detecting Incompatible Branch Behavior by Enforcing Branch Correlation Integrity
  Long Cheng, Ebuka Okpala, Song Liao (Clemson University); Danfeng (Daphne) Yao (Virginia Tech)
• Defensive Deception in a Hypergame
  Gaurav Dixit, Jin-Hee Cho, Ing-Ray Chen (Virginia Tech); Mu Zhu, Munindar P. Singh (North Carolina State University); Charles Kamhoua (US Army Research Laboratory)
• Development Cycle Estimation Modeling
  Samuel Denard, Susan Mengel, Atila Ertas, Stephen Ekwaro-Osire (Texas Tech University)
• Dynamic Keystroke for Authentication with Machine Learning Algorithms
  Tawab Attaie, John Caldwell, Trenton Ward, Yusef Yassin (Prairie View A&M University), Kwesi Elliot, Jonathon Graham (Norfolk State University)
• Multi-variate Data Anomaly Detection in Wireless Sensor Networks
  Braxton Dula, Prudence Phillips, Hassan Salmani (Howard University)
• Quantifying the Impact of Fine-grained Code Randomization on Attack Surface Reduction
  Md Salman Ahmed, Ya Xiao, Danfeng Yao (Virginia Tech); Gang Tan (Penn State University); Kevin Snow (Zero Point Dynamics); Fabian Monrose (UNC at Chapel Hill)
• Runtime Enforcement of LTL Specifications
  William Stuckey (Georgia Tech Research Institute); Matt Abate (Georgia Tech); Elizabeth Prucka (Georgia Tech Research Institute); Eric Feron, Sam Coogan (Georgia Tech); Lee Lerner (Georgia Tech Research Institute)
• Toward Building and Validating a Scale for Secure Software Development Self-Efficacy
  Desiree Abrokwa, Daniel Votipka, Michelle Mazurek (University of Maryland)
• Trigger-Action Integrity in Cyber-Physical Systems
  Douglas Everson, Long Cheng (Clemson University); Danfeng (Daphne) Yao (Virginia Tech)