Detection of Intrusions and Malware, and Vulnerability Assessment [electronic resource] : 18th International Conference, DIMVA 2021, Virtual Event, July 14–16, 2021, Proceedings /

You’ve Got (a Reset) Mail: A Security Analysis of Email-Based Password Reset Procedures -- The Full Gamut of an Attack: An Empirical Analysis of OAuth CSRF in the Wild -- Detecting and Measuring In-The-Wild DRDoS Attacks at IXPs -- Digging Deeper: An Analysis of Domain Impersonation in the Lower DNS Hierarchy -- Help, my Signal has bad Device! - Breaking the Signal Messenger's Post-Compromise Security through a Malicious Device -- Refined Grey-Box Fuzzing with Sivo -- SCRUTINIZER: Detecting Code Reuse in Malware via Decompilation and Machine Learning -- SPECULARIZER: Uncovering Speculative Execution Attacks via Performance Tracing in Commodity Hardware -- Aion Attacks: Exposing Software Timer Problem in Trusted Execution Environment -- Third-Eye: Practical and Context-Aware Inference of Causal Relationship Violations in Commodity Kernels -- Find My Sloths: Automated Comparative Analysis of How Real Enterprise Computers Keep Up with the Software Update Races -- FP-Redemption: Studying Browser Fingerprinting Adoption for the Sake of Web Security -- Introspect Virtual Machines Like It Is the Linux Kernel! -- Calibration Done Right: Noiseless Flush+Flush Attacks -- Zero Footprint Opaque Predicates: Synthesizing Opaque Predicates From Naturally Occurring Invariants -- PetaDroid: Adaptive Android Malware Detection using Deep Learning -- Spotlight on Phishing: A Longitudinal Study on Phishing Awareness Trainings -- Extended Abstract: A First Large-scale Analysis on Usage of MTA-STS -- Centy: Scalable Server-side Web Integrity Verification System Based on Fuzzy Hashes.

Chapter “SPECULARIZER: Detecting Speculative Execution Attacks via Performance Tracing” is available open access under a Creative Commons Attribution 4.0 International License via link.springer.com.