Security Reading Group

Instructors: Juan Caballero and Boris Köpf
Meets: Tuesdays at 11:00 - 12:45 (The first class will be on February 21st)
Location:Room 3307,the IMDEA Software Conference Room

Course Description

The Security Reading Group is part of the UPM / IMDEA Track in Software Development through Rigorous Methods, a specialization of the Master on Software and Systems at UPM.
The aim of the security reading group is to provide an academic environment for lively and interactive discussion on security research papers.
The security reading group introduces students to key security topics in an environment where students can develop their critical reading, discussion, and presentation skills.
The Security Reading Group is open to all participants, regardless if they are registered in the course.

Course Structure

Before each session, students will have to read the assigned papers (at least one, possibly two). Students who are not presenting in the session, will have to submit a one-page reading critique for each paper.
The reading critique has a maximum length of 1 page and needs to include a couple of paragraphs summarizing the paper, 3 positive aspects of the paper, and 3 constructive criticisms of the paper.
The reading critiques are expected to show that the student understands the contributions, as well as the limitations of the solutions proposed in the paper.
Each paper will be presented by a student or an invited speaker. The presentations will typically last 25-30 minutes and will be followed by questions and a discussion about the paper.

In addition, we will feature one conference rump session, where each person attending the session (regardless if a student)
will select a paper from a previously selected and recent security conference and present it in 7 minutes, followed by a 5 minute discussion about the paper.
We may also feature an improv presentation session, which Boris promises will be fun! (more details later in the semester)

Grading

Students will be graded on the basis of the quality of their presentations, the degree and quality of their participation in the discussions, and their reading critiques.
Students are expected to be active participants in the discussions.

Syllabus

The academic calendar for the MUSS Master is available here
DateSessionPresenterPapers
Feb. 21thIntroductionBoris, JuanSmall Guide to Giving Presentations
Reading a Computer Science Research Paper
Mar. 6thNetwork SecurityAntonio, LeydiJACKSTRAWS: Picking Command and Control Connections from Bot Traffic
Detecting Malware Domains at the Upper DNS Hierarchy
Mar. 27thApplied CryptographyShiva, LeydiOpenConflict: Preventing Real Time Map Hacks in Online Games
PINQ: Privacy Integrated Queries
Apr. 17thSystem SecurityShiva, AntonioHey you, get off my cloud
MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones
May 8thRump SessionEveryoneChoose one from the program of IEEE S&P 2012