Achtung:

Sie haben Javascript deaktiviert!
Sie haben versucht eine Funktion zu nutzen, die nur mit Javascript möglich ist. Um sämtliche Funktionalitäten unserer Internetseite zu nutzen, aktivieren Sie bitte Javascript in Ihrem Browser.

Studierende in den Seminarräumen des O-Gebäudes, Foto: Universität Paderborn, Fotografin: Judith Kraft Bildinformationen anzeigen

Studierende in den Seminarräumen des O-Gebäudes, Foto: Universität Paderborn, Fotografin: Judith Kraft

If you want to register to our PANDA course to get access to the presentations about research/writing/review/presentation skills, you can use the following password: SysSec22

Topics

The central topic of this seminar are security papers presented at top conferences.

The seminar is expected to take place as a block seminar at the end of the lecture period.

  1. A Practical Approach for Taking Down Avalanche Botnets Under Real-World Constraints
  2. A Stealthier Partitioning Attack against Bitcoin Peer-to-Peer Network
  3. Automating the Development of Chosen Ciphertext Attacks
  4. Awakening the Web’s Sleeper Agents: Misusing Service Workers for Privacy Leakage
  5. CDN Judo: Breaking the CDN DoS Protection with Itself
  6. Detecting stuffing of a user’s credentials at her own accounts
  7. Encrypted DNS ⇒ Privacy? A Traffic Analysis Perspective
  8. Everything Old is New Again: Binary Security of WebAssembly
  9. Favocado: Fuzzing the Binding Code of JavaScript Engines Using Semantically Correct Test Cases
  10. Fingerprinting in Style: Detecting Browser Extensions via Injected Style Sheets
  11. FREEDOM: Engineering a State-of-the-Art DOM Fuzzer
  12. FUSE: Finding File Upload Bugs via Penetration Testing
  13. I Know Where You Parked Last Summer: Automated Reverse Engineering and Privacy Analysis of Modern Cars
  14. JAW: Studying Client-side CSRF with Hybrid Property Graphs and Declarative Traversals
  15. Let’s Revoke: Scalable Global Certificate Revocation
  16. Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization
  17. On the Resilience of Biometric Authentication Systems against Random Inputs
  18. On Training Robust PDF Malware Classifiers
  19. Partitioning Oracle Attacks
  20. Plug-N-Pwned: Comprehensive Vulnerability Analysis of OBD-II Dongles as A New Over-the-Air Attack Surface in Automotive IoT
  21. Poison Over Troubled Forwarders: A Cache Poisoning Attack Targeting DNS Forwarding Devices
  22. SEAL: Attack Mitigation for Encrypted Databases via Adjustable Leakage
  23. Talking with Familiar Strangers: An Empirical Study on HTTPS Context Confusion Attacks
  24. This PIN Can Be Easily Guessed: Analyzing the Security of Smartphone Unlock PINs
  25. Towards HTTPS Everywhere on Android: We Are Not There Yet
  26. Who’s Hosting the Block Party? Studying Third-Party Blockage of CSP and SRI
  27. Why TLS is better without STARTTLS: A Security Analysis of STARTTLS in the Email Context
  28. You’ve Changed: Detecting Malicious Browser Extensions through their Update Deltas
  29. Zero-delay Lightweight Defenses against Website Fingerprinting
  30. ... Your Topic. You can also suggest your own topic by writing a mail to Juraj (juraj.somorovsky(at)upb(dot)de). DO NOT put a suggested topic on your list without prior approval.

Dates & Deadlines

  • First week: distribution of topics.
  • 21.11.: Submission deadline for preliminary seminar thesis version (at least 5 pages of text; excluding title page, table of contents, references, figures, ...) describing the main paper problem AND briefly describe 2 related papers citing your paper.
  • 9.1.: Submission deadline for the final seminar thesis.
  • 22.1.: Submission deadline for the reviews.
  • 1.2.: Submission deadline for your presentation slides (you can still change your slides a bit before the talk).
  • 2.2. and 3.2. 9:00-13:30: Block Seminar, Presentation of your work.
  • 6.2. Submission deadline for the final graded version of the seminar thesis.

The seminar will be organized over Panda. Deadlines are till the end of the day (23:59 local time/as according to Panda).

Meetings

We will have five meetings in FU.511, with different topics which will (hopefully) be helpful for you to pass the seminar:

  • 14.10. 9:15 Introduction
  • 21.10. 9:15 Research Skills
  • 28.10. 9:15 Writing Skills
  • 13.1. 9:15 Review Skills
  • 20.1. 9:15 Presentation Skills

Registration of Topics

Over Jupyter. We might ask for further preferences if too many Students requested the same topics.

Grading and Demands

The final grade consists of your presentation (30%), your paper (60%), and your reviews (10%). Additionally, you must meet all deadlines.

Presentation

20 minutes presentation. 5 minutes discussion and questions.

The best presentation will be awarded! More information will be given in the first meeting.

Seminar Thesis

Essay written according to the standards of a scientific paper. It MUST be written using our LaTeX template (unchanged). We expect around 15 pages of content, the hard lower limit is 9 pages of pure text (excluding figures, tables, etc).

Reviews

We will follow a peer review procedure similar to scientific publications:

  • You submit your thesis (paper) at Panda
  • Some (2) peers (other students) review your submission:
    • Read and understand the submitted paper
    • Criticize your paper
    • Make recommendations on how to improve
    • Be honest, polite, and helpful when writing your reviews
  • The reviews you write will influence your final grade
  • The reviews you receive will not influence your final grade (but you should address/apply them in your final version)
  • Each student has to write 2 reviews (each 1-2 pages)

Die Universität der Informationsgesellschaft