Below is the calendar for this semester course. This is the preliminary schedule, which will be altered as the semester progresses. It is the responsibility of the students to frequently check this web-page for schedule, readings, and assignment changes. As the professor, I will attempt to announce any change to the class, but this web-page should be viewed as authoritative. If you have any questions, please contact me (contact information is available at the course homepage).

Readings for Discussion
(do readings before class)
01/14/11 Introduction
Course syllabus. link Presenter:
Candidate Paper List link Presenter:
01/21/11 Divya's Project
Capsicum: Practical Capabilities for UNIX, Robert N.M. Watson and Jonathan Anderson, University of Cambridge; Ben Laurie and Kris Kennaway, Google UK Ltd. (Haya) link Presenter:
01/28/11 No class
02/04/11 Trent's Story
Intrusion Recovery Using Selective Re-execution. Taesoo Kim, Xi Wang, Nickolai Zeldovich, and M. Frans Kaashoek, MIT CSAIL (Xi) link Presenter:
02/11/11 USENIX Security Story (2/14)
Accountable Virtual Machines. Andreas Haeberlen, Paarijaat Aditya, Rodrigo Rodrigues, Peter Druschel, University of Pennsylvania and Max Planck Institute for Software Systems (MPI-SWS) (Josh) link Presenter:
02/18/11 Josh's Comprehensive Story
Symbolic Security Analysis of Ruby-on-Rails Web Applications. Avik Chaudhuri and Jeffrey S. Foster University of Maryland, College Park. (Adam) link Presenter:
02/25/11 Hayawardh's SOSP Story
Fabric: A Platform for Secure Distributed Computation and Storage. Jed Liu, Michael D. George, K. Vikram, Xin Qi, Lucas Waye, Andrew C. Myers, Cornell University. (Divya) link Presenter:
03/04/11 Sandra's Thesis
Automating configuration troubleshooting with dynamic information flow analysis. Mona Attariyan and Jason Flinn, University of Michigan. (Haya) link Presenter:
03/11/11 Spring Break - No class
03/18/11 Xi's Story
Enabling Configuration-Independent Automation by Non-Expert Users. Nate Kushman and Dina Katabi, Massachusetts Institute of Technology. (Sandra) link Presenter:
03/25/11 Adam's Story
Depot: Cloud storage with minimal trust. Prince Mahajan, Srinath Setty, Sangmin Lee, Allen Clement, Lorenzo Alvisi, Mike Dahlin, and Michael Walfish, The University of Texas at Austin. (Xi) link Presenter:
04/01/11 Divya's CCS Story
VEX: Vetting Browser Extensions For Security Vulnerabilities. Sruthi Bandhakavi, Samuel T. King, P. Madhusudan, Marianne Winslett, University of Illinois at Urbana Champaign. (Adam) link Presenter:
04/08/11 Josh's Update
Making Linux protection mechanisms egalitarian with UserFS. Taesoo Kim and Nickolai Zeldovich. MIT. 19th USENIX Security Symposium.(Sandra) link Presenter:
04/15/11 Hayawardh's Post SOSP
SPORC: Group Collaboration using Untrusted Cloud Resources. Ariel J. Feldman, William P. Zeller, Michael J. Freedman, and Edward W. Felten, Princeton University. (Josh) link Presenter:
04/22/11 Adam's Follow-Up Story
Toward Automated Detection of Logic Vulnerabilities in Web Applications. Viktoria Felmetsger, Ludovico Cavedon, Christopher Kruegel, Giovanni Vigna, UCSB. (Divya) link Presenter:
04/29/11 Xi's Followup
HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity. Zhi Wang and Xuxian Jiang, North Carolina State University. (Trent) link Presenter:
05/06/11 Final Project