Security Reading Group, Spring 2009

Held weekly on Thursday in Soda 606.
Food arrives at 11:45am, discussion starts at 12:00pm.

Fill out this form to join the mailing list.

If you have volunteered to bring food to a meeting:

Conference Proceedings. If you are presenting, feel free to choose any security-related paper from any conference. These are just some ideas to get you started: View previous semesters' schedule of talks:

Meeting Schedule

Date Presenter Topic Food
Jan 29
Joel Weinberger Finding security vulnerabilities in web browsers through JavaScript heap inspection. Cynthia Sturton
Feb 5
Erika Chin An Efficient Black-box Technique for Defeating Web Application Attacks, R. Sekar. NDSS 2009. Bonnie Zhu
Feb 12
Ari Rabkin The Impact of Incentives on Notice and Take-down, Tyler Moore and Richard Clayton. Workshop on the Economics of Information Security 2008. Matt Piotrowski
Feb 19
Mark Winterrowd Pushback for Overlay Networks: Protecting against malicious Insiders, A. Stavrou, M. E. Locasto, A. D. Keromytis. Applied Cryptography and Network Security. 2008. Adrian Mettler
Feb 26
Adrian Mettler Noncespaces: Using Randomization to Enforce Information Flow Tracking and Thwart Cross-site Scripting Attacks, Matthew Van Gundy and Hao Chen. NDSS. 2009. Matt Finifter
Mar 5
Arel Cordero The Blind Stone Tablet: Outsourcing Durability to Untrusted Parties, Peter Williams and Radu Sion. NDSS 2009. Joel Weinberger
Mar 12
Elaine Shi Predicate Privacy in Encryption Systems, Emily Shen, Elaine Shi, Brent Waters. Theory of Cryptography Conference 2009. Erika Chin
Mar 19
Juan Caballero Prospex: Protocol Specification Extraction, Paolo Milani Comparetti, Gilbert Wondracek, Christopher Kruegel and Engrin Kirda. Oakland 2009.Cynthia Sturton
Mar 26
Spring Break
Apr 2
Cynthia Sturton Wirelessly Pickpocketing a Mifare Classic Card, F. D. Garcia, et al. Oakland 2009. Arel Cordero
Apr 9
Matt Piotrowski Native Client: A Sandbox for Portable, Untrusted x86 Native Code, B. Yee, et al. Oakland 2009. Cynthia Sturton
Apr 16
Matt Finifter Secure Web Applications via Automatic Partitioning, S. Chong, et al. SOSP 2007. Paul Pearce
Apr 23
Stephen McCamant Code Injection Attacks on Harvard-Architecture Devices, A. Francillon and C. Castelluccia. CCS 2008. Heng Yin
Apr 30
Adrienne Felt Characterizing Insecure JavaScript Practices on the Web, Chuan Yue and Haining Wang. WWW 2009. Prateek Saxena
May 7
Adam Barth Attacks on JavaScript Mashup Communication, Adam Barth, Collin Jackson, and William Li. W2SP 2009. Ari Rabkin
May 14
Adrian Mettler Analyzing and Comparing the Protection Quality of Security Enhanced Operating Systems, H. Chen, N. Li, and Z. Mao. NDSS 2009 Cynthia Sturton