Security Reading Group Spring 2011Security Reading Group meets almost every week on Tuesday from 12:40pm to 1:40pm in 606 Soda Hall. We eat and chat for the first 15 minutes, and the presenter presents or leads discussion for the next 45.
|01/18/2011||Devdatta||Devdatta||Using Hypervisor to Provide Data Secrecy for User Applications on a Per-Page Basis. Jusoo Yang and Kang G. Shin. (VEE 2008)|
|01/25/2011||Chris||Joel||Accountable Virtual Machines. Andreas Haeberlen, Paarijaat Aditya, Rodrigo Rodrigues, and Peter Druschel. (OSDI 2010)|
|02/01/2011||Justin||Justin||AEG: Automatic Exploit Generation. Thanassis Avgerinos, Sang Kil Cha, Brent Lim Tze Hao, and David Brumley. (NDSS 2011)|
|02/08/2011||Justin||Justin||Privilege separation made easy: Trusting small libraries not big processes. Derek G. Murray and Steven Hand. (EuroSec 2008)|
|02/15/2011||Joel||Chris||Verified Security for Browser Extensions. Nikhil Swamy, Benjamin Livshits, Arjun Guha, and Matthew Fredrikson. (Oakland 2011)|
|02/22/2011||Steve||Kevin||Howard: A Dynamic Excavator for Reverse Engineering Data Structures. Asia Slowinska, Traian Stancescu and Herbert Bos. (NDSS 2011)|
|03/01/2011||Kevin||Alex||TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, Anmol N. Sheth. (OSDI 2010)|
|03/08/2011||Ari||Brad||Where Do Security Policies Come From?". Dinei Florencio and Cormac Herley. (SOUPS 2010)|
|03/15/2011||Kevin||Paul||WebPatrol: Automated Collection and Replay of Web-based Malware Scenarios. Kevin Zhijie Chen, Guofei Gu, Jose Nazario, Xinhui Han and Jianwei Zhuge. (ASIA CCS 2011)|
|03/29/2011||Brad||?||"You Might Also Like:" Privacy Risks of Collaborative Filtering. Joseph A. Calandrino, Ann Kilzer, Arvind Narayanan, Edward W. Felten, Vitaly Shmatikov. (Oakland 2011)|
|04/05/2011||Steve||Matt||TxBox: Building Secure, Efficient Sandboxes with System Transactions. Suman Jana, Vitaly Shmatikov, and Donald E. Porter. (Oakland 2011)|
|04/12/2011||Prashanth||?||Attacks against process control systems: risk assessment, detection, and response. A. A. Cardenas, S. Amin, Y.-L. Huang, Z.-Y. Lin, C.-Y. Huang, S. S. Sastry. (ASIA CCS 2011)|
|04/19/2011||Raluca Ada Popa (MIT)||Adrian||CryptDB: A Practical Encrypted Relational DBMS. Raluca Ada Popa, Nickolai Zeldovich, and Hari Balakrishnan. (Techreport)|
|04/26/2011||Chris||Inflight Modifications of Content: Who Are the Culprits?. Chao Zhang, Cheng Huang, Keith W. Ross, David A. Maltz, and Jin Li.|
Instructions for presentersYou are welcome to present your own work or somebody else's. The most common strategy seems to be to choose a paper that interests you from a recent conference. Many of the papers we discuss come from CCS, NDSS, Oakland, or USENIX Security, but anything related to security that you find exciting is appropriate.
You are responsible for leading the discussion. This may include making sure people stay on topic, or reminding someone to give everyone else a chance to speak. Do not be afraid to do either of these things. If you are giving a practice talk and would not like to be interrupted, please tell everyone this before beginning your talk.