Below is the calendar for this semester course. This is the preliminary schedule, which will be altered as the semester progresses. It is the responsibility of the students to frequently check this web-page for schedule, readings, and assignment changes. As the professor, I will attempt to announce any change to the class, but this web-page should be viewed as authoritative. If you have any questions, please contact me (contact information is available at the course homepage).

DateTopic
Slides
Readings for Discussion
(do readings before class)
01/09/12Introduction
  • Course syllabus.
01/16/12Martin Luther King Day - No Class
01/23/12IEEE S-P 2011 Slides
  • Silencing Hardware Backdoors -- Adam Waksman, Simha Sethumadhavan (Columbia University)
    Presenter: Josh
01/30/12IEEE S-P
  • Distilling Critical Attack Graph Surface iteratively through Minimum-Cost SAT Solving -- Huang et. al.
    Presenter: Nirupama
  • Static Detection of Access Control Vulnerabilities in Web Applications -- Fangqi Sun, Liang Xu, and Zhendong Su, University of California, Davis
    Presenter: Divya
  • Project Presentation
    Presenter: Hayawardh
02/06/12IEEE S-P 2011
  • ADsafety: Type-Based Verification of JavaScript Sandboxing -- Joe Gibbs Politz, Spiridon Aristides Eliopoulos, Arjun Guha, and Shriram Krishnamurthi, Brown University
    Presenter: George
  • Virtuoso: Narrowing the Semantic Gap in Virtual Machine
    Presenter: Yuqiong
  • Project Presentation
    Presenter: Devin
02/13/12Usenix Deadline - No Class
02/20/12IEEE S-P 2011
  • SHELLOS: Enabling Fast Detection and Forensic Analysis of Code Injection Attacks -- Kevin Z. Snow, Srinivas Krishnan, and Fabian Monrose, University of North Carolina at Chapel Hill; Niels Provos, Google
    Presenter: Devin
  • Project Presentation
    Presenter: Divya
02/27/12
Usenix
Security 2011
  • TxBox: Building Secure, Efficient Sandboxes with System --Transactions Suman Jana (University of Texas at Austin), Vitaly Shmatikov (University of Texas at Austin), Donald E. Porter (Stony Brook University)
    Presenter: Hayawardh
  • MACE: Model-inference-Assisted Concolic Exploration for Protocol and Vulnerability Discovery
    Presenter: Nirupama
  • Project Presentation
    Presenter: Yuqiong
03/05/12Spring Break - No class
03/12/12
Usenix
Security 2011
  • Inference of expressive declassification policies -- Jeffrey Vaughan (UC Los Angeles), Stephen Chong (Harvard University)
    Presenter: Divya
  • Q: Exploit Hardening Made Easy -- Edward J. Schwartz, Thanassis Avgerinos, and David Brumley, Carnegie Mellon University
    Presenter: Hayawardh
  • Project Presentation
    Presenter: Nirupama
03/19/12
Usenix
Security 2011
  • Trusted Platform-as-a-Service: A Foundation for Trustworthy Cloud-Hosted Applications
    Presenter: Yuqiong
  • QUIRE: Lightweight Provenance for Smart Phone Operating Systems -- Michael Dietz, Shashi Shekhar, Yuliy Pisetsky, Anhei Shu, and Dan S. Wallach, Rice University
    Presenter: Devin
  • Project Presentation
    Presenter: George
03/26/12
Usenix
Security 2011
  • Automatic Error Finding in Access-Control Policies -- Jayaraman et. al.
    Presenter: Divya
  • Differential Privacy Under Fire -- Andreas Haeberlen, Benjamin C. Pierce, and Arjun Narayan, University of Pennsylvania
    Presenter: George
  • Project Presentation
    Presenter: Hayawardh
04/02/12CCS 2011
  • Verification of Information Flow and Access Control Policies via Dependent Types
    Presenter: Nirupama
  • The Power of Procrastination: Detection and Mitigation of Execution-Stalling Malicious Code
    Presenter: Hayawardh
  • Project Presentation
    Presenter: Divya
04/09/12CCS 2011
  • Unicorn: Two-Factor Attestation for Data Security -- Mohammad Mannan, Beom Kim, Afshar Ganjali and David Lie
    Presenter: Yuqiong
  • Project Presentation
    Presenter: Devin
04/16/12CCS 2011
  • Policy Auditing over Incomplete Logs: Theory, Implementation and Applications -- Deepak Garg, Limin Jia and Anupam Datta
    Presenter: Devin
  • A General Approach for Efficiently Accelerating Software-based Dynamic Data Flow Tracking on Commodity Hardware
    Presenter: Hayawardh
  • Project Presentation
    Presenter: Yuqiong
04/23/12CCS 2011
  • Deobfuscating Virtualization-Obfuscated Software: A Semantics-Based Approach -- Kevin Coogan, Gen Lu and Saumya Debray
    Presenter:
  • Information-Flow Types for Homomorphic Encryptions -- Cedric Fournet, Jeremy Planul and Tamara Rezk
    Presenter:
  • Project Presentation
    Presenter: Nirupama
04/30/12 No Final Exam
.