A collection of important security related papers worth a read.
Papers involve topics ranging from web,privacy and systems security.
https://research.sidstamm.com/papers/csp-www2010.pdf
https://www.cs.princeton.edu/~arvindn/publications/OpenWPM_1_million_site_tracking_measurement.pdf
https://arxiv.org/pdf/1708.08510.pdf
https://crypto.stanford.edu/safecache/sameorigin.pdf
https://hovav.net/ucsd/dist/geometry.pdf
https://www.usenix.org/system/files/conference/usenixsecurity13/sec13-paper_akhawe.pdf
https://www.adambarth.com/papers/2009/barth-weinberger-song.pdf
The Emperorâs New Security IndicatorsAn evaluation of website authenticationand the effect of role playing on usability studies
http://www.usablesecurity.org/emperor/emperor.pdf
http://www.usablesecurity.org/papers/jackson.pdf
âIf HTTPS Were Secure, I Wouldnât Need 2FAâ-End User and Administrator Mental Models of HTTPS"
https://publications.sba-research.org/publications/2019-Pfeffer-HTTPS_Mental_Models.pdf
https://www.usenix.org/system/files/conference/woot14/woot14-bursztein.pdf
https://www2.eecs.berkeley.edu/Research/Projects/CS/vision/shape/mori-gimpy.pdf
https://gruss.cc/files/fantastictimers.pdf
https://crypto.stanford.edu/dns/dns-rebinding.pdf
https://tom.vg/papers/timeless-timing-attack_usenix2020.pdf
https://seclab.stanford.edu/websec/chromium/chromium-security-architecture.pdf
CSP Is Dead, Long Live CSP! On the Insecurity ofWhitelists and the Future of Content Security Policy
https://storage.googleapis.com/pub-tools-public-publication-data/pdf/45542.pdf
Signing Me onto Your Accounts through Facebook and Google: a Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services
https://www.microsoft.com/en-us/research/wp-content/uploads/2012/05/websso-final.pdf
https://www.cs.uic.edu/pub/Kanich/Publications/re.captchas.pdf
http://www.gnu.org/software/shishi/wu99realworld.pdf
http://www.jbonneau.com/doc/B12-IEEESP-analyzing_70M_anonymized_passwords.pdf
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-817.pdf
https://css.csail.mit.edu/6.858/2020/readings/baggy.pdf
https://css.csail.mit.edu/6.858/2014/readings/brop.pdf
https://www.comp.nus.edu.sg/~gregory/papers/cc16lowfatptrs.pdf
https://css.csail.mit.edu/6.858/2020/readings/okws.pdf
https://css.csail.mit.edu/6.858/2020/readings/komodo.pdf
https://hovav.net/ucsd/dist/iago.pdf
https://www.microsoft.com/en-us/research/wp-content/uploads/2016/02/asplos2011-drawbridge.pdf
https://www.usenix.org/system/files/conference/woot17/woot17-paper-brasser.pdf
https://www.ieee-security.org/TC/SP2015/papers-archived/6949a640.pdf
https://eprint.iacr.org/2016/086.pdf
https://regmedia.co.uk/2019/02/12/sgxmalware.pdf
https://css.csail.mit.edu/6.858/2020/readings/ios-security-may19.pdf
https://css.csail.mit.edu/6.858/2020/readings/android-platform.pdf
https://mdsattacks.com/files/ridl.pdf
https://css.csail.mit.edu/6.858/2020/readings/exe.pdf
https://css.csail.mit.edu/6.858/2020/readings/lookback-tcpip.pdf
https://shattered.io/static/shattered.pdf
https://www.alchemistowl.org/pocorgtfo/pocorgtfo00.pdf
https://www.cs.uic.edu/~polakis/papers/solomos-ndss21.pdf
https://web.eecs.umich.edu/~weimerw/481/readings/SapFix-Automated-End-to-End-Repair-at-Scale-v2.pdf