Security Reading Group Fall 2010

Security Reading Group meets almost every week on Monday from 12:00pm to 1:00pm in 606 Soda Hall. We eat and chat for the first 15 minutes, and the presenter presents or leads discussion for the next 45.

Meeting Schedule

Date Presenter Food Paper
08/30/2010 Devdatta Devdatta NoTamper: Automatic, Blackbox Detection of Paramter Tampering Opportunities in Web Applications. Prithvi Bisht, Timothy Hinrichs, Nazari Skrupsky, Radoslaw Bobrowicz, V.N. Venkatakrishnan (CCS 2010)
09/13/2010 MSF Devdatta Protection Poker: The New Software Security 'Game'. Williams, L. and Meneely, A. and Shipley, G. (S&P 2010)
09/20/2010 Erika Joel A Methodology for Empirical Analysis of the Permission-Based Security Models and its Application to Android. David Barrera, H. Gunes Kayacik, Paul C. van Oorschot, Anil Somayaji (CCS 2010)
09/27/2010 Justin Erika Survivable Key Compromise in Software Update Systems. Justin Samuel, Nick Mathewson, Justin Cappos, and Roger Dingledine. (CCS 2010)
10/04/2010 Joel Brad Protecting Browsers from Cross-Origin CSS Attacks. Lin-Shung Huang, Zack Weinberg, Chris Evans, Collin Jackson. (CCS 2010)
10/11/2010 Justine Wil Chipping Away at Censorship with User-Generated Content S. Burnett, N. Feamster, S. Vempala (USENIX Security 2010)
10/18/2010 Wil MSF Making Linux Protection Mechanisms Egalitarian with UserFS Taesoo Kim and Nickolai Zeldovich (USENIX Security 2010)
10/25/2010 Brad Justin Recruiting New Tor Relays with BRAIDS Rob Jansen, Nicholas Hopper, Yongdae Kim (CCS 2010)
11/1/2010 Ari Adrian Intrusion Recovery Using Selective Re-execution Taesoo Kim, Xi Wang, Nickolai Zeldovich, and M. Frans Kaashoek (OSDI 2010)
11/1/2010 Adrian Ari seL4: Formal Verification of an OS Kernel. Klein et al. (SOSP 2009)
11/15/2010 Chris Justine Mapping Kernel Objects to Enable Systematic Integrity Checking. Martim Carbone, Weidong Cui, Long Lu, Wenke Lee, Marcus Peinado, Xuxian Jiang (CCS 2009)
11/22/2010 Prateek APF
11/29/2010 APF Prateek AdJail: Practical Enforcement of Confidentiality and Integrity Policies on Web Advertisements. Mike Ter Louw, Karthik Thotta Ganesh, and V. N. Venkatakrishnan (USENIX Security 2010).

Instructions for presenters

You are welcome to present your own work or somebody else's. The most common strategy seems to be to choose a paper that interests you from a recent conference. Many of the papers we discuss come from CCS, NDSS, Oakland, or USENIX Security, but anything related to security that you find exciting is appropriate.

You are responsible for leading the discussion. This may include making sure people stay on topic, or reminding someone to give everyone else a chance to speak. Do not be afraid to do either of these things. If you are giving a practice talk and would not like to be interrupted, please tell everyone this before beginning your talk.