| Date | Topic | Slides | Readings for Discussion
(do readings before class) |
| 01/09/12 | Introduction | |
|
| 01/16/12 | Martin Luther King Day - No Class |
| 01/23/12 | IEEE S-P 2011 | |
Slides
Silencing Hardware Backdoors -- Adam Waksman, Simha Sethumadhavan (Columbia University) Presenter: Josh
|
| 01/30/12 | IEEE S-P | |
Distilling Critical Attack Graph Surface iteratively through Minimum-Cost SAT Solving -- Huang et. al.
Presenter: Nirupama Static Detection of Access Control Vulnerabilities in Web Applications -- Fangqi Sun, Liang Xu, and Zhendong Su, University of California, Davis Presenter: Divya Project Presentation Presenter: Hayawardh
|
| 02/06/12 | IEEE S-P 2011 | |
ADsafety: Type-Based Verification of JavaScript Sandboxing -- Joe Gibbs Politz, Spiridon Aristides Eliopoulos, Arjun Guha, and Shriram Krishnamurthi, Brown University Presenter: George Virtuoso: Narrowing the Semantic Gap in Virtual Machine Presenter: Yuqiong Project Presentation Presenter: Devin
|
| 02/13/12 | Usenix Deadline - No Class |
| 02/20/12 | IEEE S-P 2011 | |
SHELLOS: Enabling Fast Detection and Forensic Analysis of Code Injection Attacks --
Kevin Z. Snow, Srinivas Krishnan, and Fabian Monrose, University of North Carolina at Chapel Hill; Niels Provos, Google Presenter: Devin Project Presentation Presenter: Divya
|
| 02/27/12 | Usenix
Security 2011 | |
TxBox: Building Secure, Efficient Sandboxes with System --Transactions Suman Jana (University of Texas at Austin), Vitaly Shmatikov (University of Texas at Austin), Donald E. Porter (Stony Brook University) Presenter: Hayawardh MACE: Model-inference-Assisted Concolic Exploration for Protocol and Vulnerability Discovery Presenter: Nirupama Project Presentation Presenter: Yuqiong
|
| 03/05/12 | Spring Break - No class |
| 03/12/12 | Usenix
Security 2011 | |
Inference of expressive declassification policies -- Jeffrey Vaughan (UC Los Angeles), Stephen Chong (Harvard University) Presenter: Divya Q: Exploit Hardening Made Easy -- Edward J. Schwartz, Thanassis Avgerinos, and David Brumley, Carnegie Mellon University Presenter: Hayawardh Project Presentation Presenter: Nirupama
|
| 03/19/12 | Usenix
Security 2011 | |
Trusted Platform-as-a-Service: A Foundation for Trustworthy Cloud-Hosted Applications Presenter: Yuqiong QUIRE: Lightweight Provenance for Smart Phone Operating Systems -- Michael Dietz, Shashi Shekhar, Yuliy Pisetsky, Anhei Shu, and Dan S. Wallach, Rice University Presenter: Devin Project Presentation Presenter: George |
| 03/26/12 | Usenix
Security 2011 | |
Automatic Error Finding in Access-Control Policies -- Jayaraman et. al. Presenter: Divya Differential Privacy Under Fire -- Andreas Haeberlen, Benjamin C. Pierce, and Arjun Narayan, University of Pennsylvania Presenter: George Project Presentation Presenter: Hayawardh
|
| 04/02/12 | CCS 2011 | |
Verification of Information Flow and Access Control Policies via Dependent Types Presenter: Nirupama The Power of Procrastination: Detection and Mitigation of Execution-Stalling Malicious Code
Presenter: Hayawardh Project Presentation Presenter: Divya
|
| 04/09/12 | CCS 2011 | |
Unicorn: Two-Factor Attestation for Data Security -- Mohammad Mannan, Beom Kim, Afshar Ganjali and David Lie Presenter: Yuqiong Project Presentation Presenter: Devin |
| 04/16/12 | CCS 2011 | |
Policy Auditing over Incomplete Logs: Theory, Implementation and Applications --
Deepak Garg, Limin Jia and Anupam Datta Presenter: Devin A General Approach for Efficiently Accelerating Software-based Dynamic Data Flow Tracking on Commodity Hardware Presenter: Hayawardh Project Presentation Presenter: Yuqiong |
| 04/23/12 | CCS 2011 | |
Deobfuscating Virtualization-Obfuscated Software: A Semantics-Based Approach --
Kevin Coogan, Gen Lu and Saumya Debray
Presenter:
Information-Flow Types for Homomorphic Encryptions --
Cedric Fournet, Jeremy Planul and Tamara Rezk
Presenter: Project Presentation Presenter: Nirupama |
|
04/30/12
|
No Final Exam
|