[1] Bonneau J, Herley C, van Oorschot P C, Stajano F. The quest to replace passwords:A framework for comparative evaluation of web authentication schemes. In Proc. IEEE Symp. Security and Privacy (SP), July 2012, pp.553-567.[2] Silver D, Jana S, Boneh D, Chen E, Jackson C. Password managers:Attacks and defenses. In Proc. the 23rd USENIX Conf. Security Symp., August 2014, pp.449-464.[3] Li Z W, He W, Akhawe D, Song D. The emperor's new password manager:Security analysis of web-based password managers. In Proc. the 23rd USENIX Conf. Security Symp., August 2014, pp.465-479.[4] McCarney D, Barrera D, Clark J, Chiasson S, van Oorschot P C. Tapas:Design, implementation, and usability evaluation of a password manager. In Proc. the 28th Annual Computer Security Applications Conf., December 2012, pp.89-98.[5] Tang Y, Ames P, Bhamidipati S, Bijlani A, Geambasu R, Sarda N. Cleanos:Limiting mobile data exposure with idle eviction. In Proc. the 10th USENIX Conf. Operating Systems Design and Implementation, October 2012, pp.77-91.[6] Müller T, Spreitzenbarth M. FROST. In Applied Cryptography and Network Security, Jacobson M, Locasto M, Mohassel P, Safavi-Naini R (eds.), Springer 2013, pp.373-388.[7] Zhang F Z, Chen J, Chen H B, Zang B Y. Cloudvisor:Retrofitting protection of virtual machines in multitenant cloud with nested virtualization. In Proc. the 23rd ACM Symp. Operating Systems Principles, October 2011, pp.203-216.[8] Das A, Bonneau J, Caesar M, Borisov N, Wang X F. The tangled web of password reuse. In Network and Distributed System Security Symp., February 2014, pp.23-26.[9] Alves T, Felton D. Trustzone:Integrated hardware and software security. ARM White Paper, 2004, 3(4):18-24.[10] Li W H, Ma M Y, Han J C, Xia Y B, Zang B Y, Chu C K, Li T Y. Building trusted path on untrusted device drivers for mobile devices. In Proc. the 5th Asia-Pacific Workshop on Systems, June 2014.[11] Fahl S, Harbach M, Muders T, Baumgärtner L, Freisleben B, Smith M. Why Eve and Mallory love Android:An analysis of Android SSL (in) security. In Proc. the ACM Conf. Computer and Communications Security, October 2012, pp.50-61.[12] Mantin I, Shamir A. A practical attack on broadcast RC4. In Fast Software Encryption, Matsui M (ed.), Springer, 2002, pp.152-164.[13] Morris R, Thompson K. Password security:A case history. Communications of the ACM, 1979, 22(11):594-597.[14] Zhang Y Q, Monrose F, Reiter M K. The security of modern password expiration:An algorithmic framework and empirical analysis. In Proc. the 17th ACM Conf. Computer and Communications Security, October 2010, pp.176-186.[15] Saxena N, Voris J. Exploring mobile proxies for better password authentication. In Information and Communications Security, Chim T W, Yuen T H (eds.), Springer, 2012, pp.293-302.[16] Czeskis A, Dietz M, Kohno T, Wallach D, Balfanz D. Strengthening user authentication through opportunistic cryptographic identity assertions. In Proc. the ACM Conf. Computer and Communications Security, October 2012, pp.404-414.[17] Satyanarayanan M, Bahl P, Caceres R, Davies N. The case for VM-based cloudlets in mobile computing. IEEE Pervasive Computing, 2009, 8(4):14-23.[18] Gordon M S, Jamshidi D A, Mahlke S, Mao Z M, Chen X. COMET:Code offload by migrating execution transparently. In Proc. the 10th USENIX Conf. Operating Systems Design and Implementation, October 2012, pp.93-106.[19] Geambasu R, John J P, Gribble S D, Kohno T, Levy H M. Keypad:An auditing file system for theft-prone devices. In Proc. the 6th Conf. Computer Systems, April 2011.[20] MacKenzie P, Reiter M K. Networked cryptographic devices resilient to capture. Int. Journal of Information Security, 2003, 2(1):1-20.[21] Cheng J, Wong S H Y, Yang H, Lu S W. SmartSiren:Virus detection and alert for smartphones. In Proc. the 5th Int. Conf. Mobile Systems, Applications and Services, June 2007, pp.258-271.[22] Oberheide J, Cooke E, Jahanian F. CloudAV:N-version antivirus in the network cloud. In Proc. the 17th Conf. Security Symposium, August 2008, pp.91-106.[23] Jarabek C, Barrera D, Aycock J. ThinAV:Truly lightweight mobile cloud-based anti-malware. In Proc. the 28th Annual Computer Security Applications Conf., December 2012, pp.209-218.[24] Puttaswamy K P N, Kruegel C, Zhao B Y. Silverline:Toward data confidentiality in storage-intensive cloud applications. In Proc. the 2nd ACM Symp. Cloud Computing, October 2011.[25] Satyanarayanan M, Lewis G, Morris E, Simanta S, Boleng J, Ha K. The role of cloudlets in hostile environments. IEEE Pervasive Computing, 2013, 12(4):40-49.[26] Portokalidis G, Homburg P, Anagnostakis K, Bos H. Paranoid Android:Versatile protection for smartphones. In Proc. the 26th Annual Computer Security Applications Conf., December 2010, pp.347-356.[27] Xia Y B, Liu Y T, Tan C, Ma M Y, Guan H B, Zang B Y, Chen H B. TinMan:Eliminating confidential mobile data exposure with security oriented offloading. In Proc. the 10th European Conf. Computer Systems, April 2015, Article No. 27.[28] Zhu S W, Lu L, Singh K. CASE:Comprehensive application security enforcement on COTS mobile devices. In Proc. the 14th Annual Int. Conf. Mobile Systems, Applications, and Services, June 2016, pp.375-386.[29] Huang Y, Chapman P, Evans D. Privacy-preserving applications on smartphones. In Proc. the 6th USENIX Workshop on Hot Topics in Security, August 2011.[30] Lee S, Wong E L, Goel D, Dahlin M, Shmatikov V. πBox:A platform for privacy-preserving apps. In Proc. the 10th USENIX Conf. Networked Systems Design and Implementation, April 2013, pp.501-514.[31] Cox L P, Gilbert P, Lawler G, Pistol V, Razeen A, Wu B, Cheemalapati S. SpanDex:Secure password tracking for Android. In Proc. the 23rd USENIX Conf. Security Symposium, August 2014, pp.481-494.[32] Spahn R, Bell J, Lee M Z, Bhamidipati S, Geambasu R, Kaiser G. Pebbles:Fine-grained data management abstractions for modern operating systems. In Proc. the 11th USENIX Conf. Operating Systems Design and Implementation, October 2014, pp.113-129.[33] Li X L, Hu H, Bai G D, Jia Y Q, Liang Z K, Saxena P. DroidVault:A trusted data vault for Android devices. In Proc. the 19th Int. Conf. Engineering of Complex Computer Systems (ICECCS), August 2014, pp.29-38.[34] Peterson P A H. Cryptkeeper:Improving security with encrypted RAM. In Proc. IEEE Int Conf. Technologies for Homeland Security (HST), November 2010, pp.120-126. |