Security Reading Group Fall 2010Security Reading Group meets almost every week on Monday from 12:00pm to 1:00pm in 606 Soda Hall. We eat and chat for the first 15 minutes, and the presenter presents or leads discussion for the next 45.
|08/30/2010||Devdatta||Devdatta||NoTamper: Automatic, Blackbox Detection of Paramter Tampering Opportunities in Web Applications. Prithvi Bisht, Timothy Hinrichs, Nazari Skrupsky, Radoslaw Bobrowicz, V.N. Venkatakrishnan (CCS 2010)|
|09/13/2010||MSF||Devdatta||Protection Poker: The New Software Security 'Game'. Williams, L. and Meneely, A. and Shipley, G. (S&P 2010)|
|09/20/2010||Erika||Joel||A Methodology for Empirical Analysis of the Permission-Based Security Models and its Application to Android. David Barrera, H. Gunes Kayacik, Paul C. van Oorschot, Anil Somayaji (CCS 2010)|
|09/27/2010||Justin||Erika||Survivable Key Compromise in Software Update Systems. Justin Samuel, Nick Mathewson, Justin Cappos, and Roger Dingledine. (CCS 2010)|
|10/04/2010||Joel||Brad||Protecting Browsers from Cross-Origin CSS Attacks. Lin-Shung Huang, Zack Weinberg, Chris Evans, Collin Jackson. (CCS 2010)|
|10/11/2010||Justine||Wil||Chipping Away at Censorship with User-Generated Content S. Burnett, N. Feamster, S. Vempala (USENIX Security 2010)|
|10/18/2010||Wil||MSF||Making Linux Protection Mechanisms Egalitarian with UserFS Taesoo Kim and Nickolai Zeldovich (USENIX Security 2010)|
|10/25/2010||Brad||Justin||Recruiting New Tor Relays with BRAIDS Rob Jansen, Nicholas Hopper, Yongdae Kim (CCS 2010)|
|11/1/2010||Ari||Adrian||Intrusion Recovery Using Selective Re-execution Taesoo Kim, Xi Wang, Nickolai Zeldovich, and M. Frans Kaashoek (OSDI 2010)|
|11/1/2010||Adrian||Ari||seL4: Formal Verification of an OS Kernel. Klein et al. (SOSP 2009)|
|11/15/2010||Chris||Justine||Mapping Kernel Objects to Enable Systematic Integrity Checking. Martim Carbone, Weidong Cui, Long Lu, Wenke Lee, Marcus Peinado, Xuxian Jiang (CCS 2009)|
|11/29/2010||APF||Prateek||AdJail: Practical Enforcement of Confidentiality and Integrity Policies on Web Advertisements. Mike Ter Louw, Karthik Thotta Ganesh, and V. N. Venkatakrishnan (USENIX Security 2010).|
Instructions for presentersYou are welcome to present your own work or somebody else's. The most common strategy seems to be to choose a paper that interests you from a recent conference. Many of the papers we discuss come from CCS, NDSS, Oakland, or USENIX Security, but anything related to security that you find exciting is appropriate.
You are responsible for leading the discussion. This may include making sure people stay on topic, or reminding someone to give everyone else a chance to speak. Do not be afraid to do either of these things. If you are giving a practice talk and would not like to be interrupted, please tell everyone this before beginning your talk.