Seminar: System Security WS24
In our seminar, you should learn to present research results in a concise manner, both in writing (Seminar Thesis) and speaking (Seminar Presentation). Additionally, you should learn to give proper feedback, for both the presentation and the thesis of other students in this seminar.
To achieve these goals, we have the following main parts in our seminar (in chronological order):
- Submission of a preliminary version of the seminar paper.
This submission is intended to provide a very early feedback on your paper. - Submission of a pre-final version of the seminar paper.
This is a finished version of your seminar paper that is then reviewed by other students in the seminar. - Submission of the reviews.
Each student is assigned and has to submit two reviews of their peers papers. The reviews you receive should help you to improve your own paper. - Presentation of your paper.
This presentation is held in front of the whole seminar, and you grade each other, the presentation that receives the highest grade from their peers receives the “Best Presentation” award. (This grade is independent of the grade you receive from us for the presentation.) - Submission of the final version of the seminar paper.
This version includes the feedback from the reviews and is the one graded by us.
Additionally, we have presentations on the topics of research, writing, review, and presentation skills.
Dates
- The topics are distributed in the first week of the semester.
- The presentations of the seminar papers will be held as a block seminar at the end of the semester.
- The date is 28.1. and 29.1. 9:00-13:00
Deadlines
- 25.11.: Partial Seminar Paper Submission
- 9.1.: Final Seminar Paper Submission
- 23.1.: Peer Review Submission
- 27.1.: Presentation Slide Submission (you can still change your slides a bit before the talk)
- 3.2.: Camera-Ready Seminar Paper Submission
The seminar will be organized over Panda. Deadlines are till the end of the day (23:59 local time/as according to Panda).
Presentations
We will have five meetings, with different topics which will (hopefully) be helpful for you to pass the seminar:
- 10.10. 16:15 Introduction
- 17.10. 16:15 Research Skills
- 31.10. 16:15 Writing Skills
- 5.12. 16:15 Review Skills
- 19.12. 16:15 Presentation Skills
Topics
The central topic of this seminar are security papers presented at top conferences.
- A Large-scale and Longitudinal Measurement Study of DKIM Deployment
- Balboa: Bobbing and Weaving around Network Censorship
- Breaking the Specification: PDF Certification
- Even Censors Have a Backup: Examining China’s Double HTTPS Censorship Middleboxes
- GET /out: Automated Discovery of Application-Layer Censorship Evasion Strategies
- Hammurabi: A Framework for Pluggable, Logic-Based X.509 Certificate Validation Policies
- How Not to Protect Your IP – An Industry-Wide Break of IEEE 1735 Implementations
- Many Roads Lead To Rome: How Packet Headers Influence DNS Censorship Measurement
- Mining Node.js Vulnerabilities via Object Dependence Graph and Query
- Network measurement methods for locating and examining censorship devices
- Open to a fault: On the passive compromise of TLS keys via transient errors
- OpenVPN is Open to VPN Fingerprinting
- QCSD: A QUIC Client-Side Website-Fingerprinting Defence Framework
- Reining in the Web’s Inconsistencies with Site Policy
- T-Reqs: HTTP Request Smuggling with Differential Fuzzing
- The Circle Of Life: A Large-Scale Study of The IoT Malware Lifecycle
- The State of the SameSite: Studying the Usage, Effectiveness, and Adequacy of SameSite Cookies
- Towards Automated Auditing for Account and Session Management Flaws in Single Sign-On Deployments
- Trust Dies in Darkness: Shedding Light on Samsung’s TrustZone Keymaster Design
- Uninvited Guests: Analyzing the Identity and Behavior of Certificate Transparency Bots
- Why Eve and Mallory Still Love Android: Revisiting TLS (In)Security in Android Applications
- Why Crypto-detectors Fail: A Systematic Evaluation of Cryptographic Misuse Detection Techniques
- Доверя’й, но проверя’й: SFI safety for native-compiled Wasm
Grading, Demands, and Expectations
The final grade consists of your presentation (30%), your paper (60%), and your reviews (10%). Additionally, you must meet all deadlines. Getting 0% (i.e., not submitting/not presenting) means failing the seminar.
Seminar Paper
Preliminary Version
- at least 5 pages of text (excluding title page, table of contents, references, figures, …)
- describes the main paper problem
- briefly describe 2 related papers citing your paper
Final Version
- Essay written according to the standards of a scientific paper.
Unless otherwise discussed with us:- Your paper should summarize the original paper.
- You should introduce concepts so that any other student in the seminar can understand your paper. (This does not include basic cryptographic/computer science terms.)
- Like the preliminary, the final paper version has to describe two papers that cite the original. This should give a broader context for your paper.
- It MUST be written using our LaTeX template (unchanged).
- We expect around 15 pages of content, the hard lower limit is 9 pages of text (excluding title page, table of contents, references, figures, …). In most cases, the paper should not be longer than 20 pages of content.
Presentation
- 20 minutes presentation. 5 minutes discussion and questions.
The best presentation will be awarded! More information will be given in the first meeting.
Reviews
We will follow a peer review procedure similar to scientific publications:
- You submit your paper on PANDA
- Some (2) peers (other students) review your submission:
- Read and understand the submitted paper
- Criticize your paper
- Make recommendations on how to improve
- Be honest, polite, and helpful when writing your reviews
- The reviews you receive will not influence your final grade (but you should address/apply them in your final version)
- Each student has to write 2 reviews (each 1–2 pages)