Computer Security Seminar


Prof. Dr.-Ing. Volker Roth


This seminar builds on and extends the topics covered in the Computer Security course that took place in the previous semester.

Students are not given one topic on which they have to prepare and present a report near the end of the semester. Instead, all seminar participants must read the papers assigned for each meeting and be prepared to discuss them.

In a round-robin fashion, students must present one of the selected papers plus related work. Related work must be identified by the student. The presentations can be short, ranging from 5 minutes to 20 minutes, as long as the subsequent discussion is well-prepared and fruitful. Two papers will be presented per session provided there are enough participants.

Each presentation must address at least the following topics about the presented paper:

There is literature that teaches strategies how to read papers. Here is a starting point:

The discussion will depend on the type of contribution. If the contribution is, say, a security mechanism then we will ask questions such as:

Additionally, each student must develop and present a research idea at the end of the semester. It is not necessary to perform the actual research, but the presentation must clearly state:

Time and Location


Note: the first meetings of the seminar is going to be in the second week of the semester.


Students will be graded on their preparedness for discussion, their presentations and their research proposal.


No meeting on Thursday October 21, seminar starts next week

Meeting 1, Thursday October 28

This meeting serves as an introduction to the seminar.

Meeting 2, Thursday November 04

Read [1], [2]

  1. W. Enck, P. Gilbert, B. Gon Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In Proc. OSDI, 2010.
  2. Mona Attariyan and Jason Flinn. Automating configuration troubleshooting with dynamic information flow analysis. In Proc. OSDI, 2010.

Meeting 3, Thursday November 11

Read [1], [2]

  1. Roxana Geambasu, Amit Levy, Tadayoshi Kohno, Arvind Krishnamurthy, Henry M. Levy. Comet: An Active Distributed Key-Value Store. In Proc. OSDI, Vancouver, Canada, October 2010.
  2. Jed Liu, Michael D. George, K. Vikram, Xin Qi, Lucas Waye and Andrew C. Myers. Fabric: A Platform for Secure Distributed Computation and Storage. In Proc. SOSP, 2009.

Meeting 4, Thursday November 18

Read [1], [2]

  1. Shuo Tang, Haohui Mai, Samuel T. King. Trust and Protection in the Illinois Browser Operating System. In Proc. OSDI, 2010.
  2. Alexander Yip, Xi Wang, Nickolai Zeldovich, and M. Frans Kaashoek. Improving Application Security with Data Flow Assertions. In Proc. SOSP, 2009.

Meeting 5, Thursday November 25

Read: [1]

  1. Dongseok Jang, Ranjit Jhala, Sorin Lerner, and Hovav Shacham. An empirical study of privacy-violating information flows in JavaScript web applications. In Proc. CCS, 2010, pp. 270-283.

No meeting on Thursday December 02

Meeting 6, Thursday December 09

Read: [1]

  1. Joshua Mason, Sam Small, Fabian Monrose, and Greg MacManus. English shellcode. In Proc. ACM CCS, 2009, pp. 524-533.

No meeting on Thursday December 16

Meeting 7, Thursday January 06

Read: [1]

  1. Joseph Siefers, Gang Tan, and Greg Morrisett. 2010. Robusta: taming the native beast of the JVM. In Proc. ACM CCS, 201-211.