Proseminar System Security
The central topic of this seminar are security papers presented at top conferences around the topic of web security.
The seminar is expected to take place as a block seminar at the end of the lecture period.
The students work in pairs (groups of two people) on one topic.
Topics
- Abusing Hidden Properties to Attack the Node.js Ecosystem
- Detecting stuffing of a user’s credentials at her own accounts
- LZR: Identifying Unexpected Internet Services
- Reining in the Web’s Inconsistencies with Site Policy
- XSinator.com: From a Formal Model to the Automatic Evaluation of Cross-Site Leaks in Web Browsers
- Saphire: Sandboxing PHP Applications with Tailored System Call Allowlists
- SerialDetector: Principled and Practical Exploration of Object Injection Vulnerabilities for the Web
- Fingerprinting the Fingerprinters: Learning to Detect Browser Fingerprinting Behaviors
- Geneva: Evolving Censorship Evasion Strategies
- JAW: Studying Client-side CSRF with Hybrid Property Graphs and Declarative Traversals
Dates & Deadlines
- First week: distribution of topics (see above).
- 19.5.: Submission deadline for preliminary seminar thesis version (at least 5 pages of text; excluding title page, table of contents, references, figures, ...) describing the main paper problem AND briefly describe 2 related papers citing your paper.
- 26.6.: Submission deadline for the final seminar thesis.
- 7.7.: Submission deadline for the reviews.
- 11.7.: Submission deadline for your presentation slides (you can still change your slides a bit before the talk).
- 12.7. 9:00-14:30: Block Seminar, Presentation of your work.
- 23.7.: Submission deadline for the final graded version of the seminar thesis.
The seminar will be organized over Panda. Deadlines are till the end of the day (23:59 local time/as according to Panda).
Meetings
We will have five meetings in FU.511, with different topics which will (hopefully) be helpful for you to pass the seminar:
- 14.4. 10:15 Introduction
- 21.4. 9:15 Research Skills
- 28.4. 9:15 Writing Skills
- 23.6. 9:15 Review Skills
- 30.6. 9:15 Presentation Skills
Grading and Demands
The final grade consists of your review (10%), your presentation (30%), and your paper (60%). Additionally, you must meet all deadlines. There are no individual grades, you are graded as a group. If you have issues with the work of your partner, please contact us as soon as possible.
Presentation
20 minutes presentation. 5 minutes discussion and questions.
The best presentation will be awarded! More information will be given in the first meeting.
Seminar Thesis
Essay written according to the standards of a scientific paper. It MUST be written using our LaTeX template (unchanged). We expect around 15 pages of content, the hard lower limit is 9 pages of pure text (excluding figures, tables, etc).
Reviews
We will follow a peer review procedure similar to scientific publications:
- You submit your thesis (paper) at Panda
- Some (2) peers (other students) review your submission:
- Read and understand the submitted paper
- Criticize your paper
- Make recommendations on how to improve
- Be honest, polite, and helpful when writing your reviews
- The reviews you write will influence your final grade
- The reviews you receive will not influence your final grade (but you should address/apply them in your final version)
- Each student has to write 1 reviews (1-2 pages)