Security Reading Group

Instructors: Juan Caballero and Boris Köpf
Meets: Tuesdays at 11:00 - 12:45 (The first class will be on September 13th)
Location:Room 3307,the IMDEA Software Conference Room
Mailing list: We will soon reveal how to sign up for the SRG mailing list

Course Description

The Security Reading Group is part of the UPM / IMDEA Track in Software Development through Rigorous Methods, a specialization of the Master on Software and Systems at UPM.
The aim of the security reading group is to provide an academic environment for lively and interactive discussion on security research papers.
The security reading group introduces students to key security topics in an environment where students can develop their critical reading, discussion, and presentation skills.
The Security Reading Group is open to all participants, regardless if they are registered in the course.

Course Structure

Before each session, students will have to read the assigned papers (at least one, possibly two) and submit a one-page reading critique for each paper.
The reading critique has a maximum length of 1 page and needs to include a couple of paragraphs summarizing the paper, 3 positive aspects of the paper, and 3 constructive criticisms of the paper.
The reading critiques are expected to show that the student understands the contributions, as well as the limitations of the solutions proposed in the paper.
Each paper will be presented by a student or an invited speaker. The presentations will typically last 25-30 minutes and will be followed by questions and a discussion about the paper.

In addition, we will feature one conference rump session, where each person attending the session (regardless if a student)
will select a paper from a previously selected and recent security conference and present it in 7 minutes, followed by a 5 minute discussion about the paper.
We may also feature an improv presentation session, which Boris promises will be fun! (more details later in the semester)

Grading

Students will be graded on the basis of the quality of their presentations, the degree and quality of their participation in the discussions, and their reading critiques.
Students are expected to be active participants in the discussions.

Syllabus

The academic calendar for the MUSS Master is available here

Date	Session	Presenter	Papers
Sep. 13th	Introduction	Boris, Juan	Small Guide to Giving Presentations;Reading a Computer Science Research Paper
Sep. 27th	Applied Cryptography	Federico, Juan Manuel	Overview of Cryptography; Remote timing attacks are practical
Oct. 11th	Software Security	Ali, Shiva	Smashing the Stack for Fun and Profit; Document Structure Integrity: A Robust Basis for Cross-site Scripting Defense; (Optional) Reflections on Trusting Trust
Oct. 25th	Rump Session (CCS 2011)	Everyone	Select one from the CCS 2011 technical program
Nov. 15th	Language-Based Security	Federico, Shiva	Proof Carrying Code;Quantitative Information Flow as Network Flow Capacity
Nov. 29th	Network Security	Ali, Claudio Soriente	Robust Defenses for Cross-Site Request Forgery; (Optional) PEPSI---privacy-enhanced participatory sensing infrastructure
Dec. 20th	Systems/OS Security	Juan Manuel, invited speaker	Making Information Flow Explicit in HiStar