Apple + Eye + Security

MIT LCS Applied Security Reading Group

Past discussions

Here is an archive of past ASRG discussions. The current schedule is elsewhere.

Topic Date Discussion leader Paper Scribe notes
Storage-based Intrusion Detection: Watching storage activity for suspicious behavior AND Establishing the Genuinity of Remote Computer Systems July 21, 2003 Dave Andersen and Simson Garfinkel Abstract  
Security Holes...Who Cares? AND Preventing Privilege Escalation July 14, 2003 Simson Garfinkel and Emil Sit Abstract  
Remote Timing Attacks Are Practical AND 802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions July 7, 2003 Nick Feamster and Kevin Fu Abstract  
Trusted Computing, Peer-To-Peer Distribution, and the Economics of Pirated Entertainment May 8, 2003 Stuart Schechter, Harvard University Abstract  
On the Economics of Anonymity April 10, 2003, 4PM Roger Dingledine Abstract  
Working around BGP: An Incremental Approach to Improving Security and Accuracy in Interdomain Routing April 3, 2003 Geoffrey Goodell, Harvard University Abstract  
Mayday: Distributed Filtering for Internet Services March 20, 2003 David Andersen Abstract  
Defeating Web Censorship with Untrusted Messenger Discovery February 27, 2003 Nick Feamster Abstract  
Fighting Spam May Be Easier Than You Think December 12, 2002 Cynthia Dwork, Microsoft Research, Silicon Valley Campus Abstract  
Static detection of buffer overflows October 4, 2002 David Molnar, Harvard [Abstract]  
Secure Execution Via Program Shepherding May 22, 2002 Saman Amarasinghe [Abstract]  
Shifting Trends in Attack, Vulnerability, and Defense: Findings from the Commercial Sector April 24, 2002 John Nye, Managing Security Architect, @stake, Inc. [Abstract]  
Security in a large university network April 17, 2002 Bob Mahoney, Team Leader, MIT Network Security Team [Abstract]  
Chaffinch March 13, 2002 George Danezis [Abstract] [Homepage]  
Traceability February 27, 2002 Richard Clayton [Abstract]  
Covert channels in TCP timestamps February 20, 2002 Rachel Greenstadt [Abstract]  
Infranet: Circumventing Web Censorship and Surveillance February 13, 2002 Nick Feamster [Abstract]  
Anonymous Communications and Reputation November 14, 2001 Roger Dingledine PS  
Privacy Engineering for DRM Systems October 31, 2001 Michael Freedman PS  
Secure Program Partitioning October 17, 2001 Emil Sit Abstract PS  
Identity Based Encryption vs PKI? October 10, 2001 Dwaine Clarke Abstract Handout 1 (PDF) and 2 (PS).
How Secure is SSL? October 3, 2001 Michael Freedman PS  
SSH Keystroke Timing September 26, 2001 Rachel Greenstadt [CiteSeer]  
Organizational Meeting September 19, 2001 Emil Sit   [HTML]
Removing Watermarks May 14, 2001 Nick Feamster [HTML] [Gzipped PS slides]
So, Where's All the Financial Cryptography? April 27, 2001 Win Treese [HTML] [video]
Power Attacks on Cryptographic Hardware April 2, 2001 Jonathan Towle, Intertrust [HTML, PS poster, PDF poster] [video]
Defeating Statistical Steganalysis Mar 13, 2001 Niels Provos, University of Michigan, CITI [HTML] [PS poster] [PDF poster] [PS slides] [video]
Organizational meeting Feb 26, 2001      
Timing Attacks on Web Privacy Feb 12, 2001 Kevin Fu [PDF (MIT only) or PDF]  
Cryptographic Puzzles and Bread Pudding Dec 11, 2000 Ari Juels, Principal Research Scientist, RSA Laboratories [PS, PS] [video]
AES/Rijndahl Dec 4, 2000 Zulfikar Ramzan and William Ricker [HTML, HTML, HTML, HTML] [video]
Hands-on OpenSSL Programming Nov 13, 2000 David Molnar and Kevin Fu [HTML] [HTML, video]
Secure Electronic Voting on the Internet Nov 6, 2000 Kendra Smith, John Sangster, Mark Hershberg [HTML, HTML, HTML, HTML] Too close to call
Efficient and Fresh Certification Oct 30, 2000 Ivan Nestlerode, MIT/Bell Labs, Lucent Technologies [Gzipped PS] [HTML, PPT]
Security Issues in Internet Routing Oct 16, 2000 Avi Freedman, VP of Network Architecture, Akamai [PPT, PPT] [video]
Unix Forensics and Distributed Denial of Service Oct 6, 2000 Dave Dittrich, University of Washington [HTML] [HTML, video]
Fun with Cookie Passwords Oct 2, 2000 Kevin Fu [HTML, HTML, HTML] [To appear at USENIX]
Organizational meeting Sept 18, 2000     [HTML]
Remote detection of "passive" promiscuous devices Sept 11, 2000 Mudge, The L0pht/@Stake [HTML] [Video]
Fast and secure distributed read-only file system May 1, 2000 Kevin Fu [HTML] [PS slides]
Absent: Secure Remote Access to an Internal Web Server Mar 29, 2000 Avi Rubin, AT&T Labs-Research [HTML] [HTML]
Dealing With Remote Computation: the SETI@Home Problem Mar 6, 2000 David Molnar, Harvard   [HTML]
Real-Time Fraud Detection Feb 28, 2000 Gary Dougherty, Fleet Bank [MSWord] [HTML]
The Free Haven Project Feb 22, 2000 Roger Dingledine, Cryptoanarchist [PS] [HTML]
Distributed Denial of Service Feb 14, 2000 David Andersen [TXT][HTML] [HTML]
Security issues in HTML-based Email Feb 7, 2000 Richard M. Smith, Security Consultant [HTML, HTML] [HTML]
Selecting Cryptographic Key Sizes Dec 6, 1999 Kevin Fu [PDF] [HTML]
Tempest Nov 22, 1999 Ivan Nestlerode [PDF]  
Graphical Passwords Nov 15, 1999 Emil Sit [PDF]  


We have VHS tapes of some of our discussions. Email to borrow videos.
Maintained by
Last updated: $Date: 2003/12/06 05:34:24 $ GMT