IT Security Reading Group (IT-SRG) - Winter 2011
The IT Security Reading Group (IT-SRG) is a group of UOIT students (graduate and senior undergraduate) and faculty interested in computer security and privacy. We meet for critical review and discussion of current security research papers. This term, we will review selected 2010 papers from USENIX Security, ACM CCS, and IEEE Oakland. See below for the schedule. All interested faculty and students are invited to join by contacting Julie Thorpe (firstname.lastname at uoit.ca).
The IT-SRG provides a venue for faculty and students to review recent work and discuss new ideas for security research, and for students to:
- Develop and discuss new ideas for security research
- Develop critiquing skills
- Develop presentation skills
*Note that the time and location will be announced through the mailing list (to join, please contact Julie Thorpe).
|Jan. 24||Testing Metrics for Password Creation Policies by Attacking Large Sets of Revealed Passwords by Weir et al.||ACM CCS 2010||Julie Thorpe|
|Jan. 31||All You Ever Wanted to Know about Dynamic Taint Analysis and Forward Symbolic Execution by Schwartz et al.||IEEE Oakland 2010||Ricardo Rodriguez Garcia||Feb. 7||The Security of Modern Password Expiration: An Algorithmic Framework and Empirical Analysis by Zhang et al.||ACM CCS 2010||Julie Thorpe|
|Feb. 14||SCiFI - A System for Secure Face Identification by Osadchy et al.||IEEE Oakland 2010||Khalil El-Khatib|
|Feb. 28||VEX: Vetting Browser Extensions for Security Vulnerabilities by Bandhakavi et al.||USENIX Security 2010||Julie Thorpe|
|Mar. 7||State of the Art: Automated Black-Box Web Application Vulnerability Testing by Bau et al.||IEEE Oakland 2010||Daniel Da Silva|
|Mar. 14||TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection by Wang et al.||IEEE Oakland 2010||Ricardo Rodriguez Garcia|
|Mar. 21||Outside the Closed World: On Using Machine Learning For Network Intrusion Detection by Sommer et al.||IEEE Oakland 2010||Miguel Vargas Martin|
|Apr. 4||On the Incoherencies in Web Browser Access Control Policies by Singh et al.||IEEE Oakland 2010||Miguel Vargas Martin|
|Apr. 11||Toward Automated Detection of Logic Vulnerabilites in Web Applicaitons by Felmetsger et al.||USENIX Security 2010||Xiaodong Lin|