[Busec] [Announcement] BU/LL Systems Security Reading Group (First Meeting: Fri. Feb. 5th, Noon, MCS 148)

Manuel Egele megele at bu.edu
Thu Jan 21 18:14:17 EST 2016

We are happy to announce that we're bringing back the joint Boston
University & MIT Lincoln Lab Systems Security Reading Group. This
semester, we decided to make some changes to the format of this
bi-weekly event which should benefit everyone involved. 

More details are at the bottom of this email, but the executive summary
consists of the following 5 items:

0.) Future communication re. the reading group will go through the bu-ll
mailinglist. Sign-up: http://cs-mailman.bu.edu/mailman/listinfo/bu-ll

1.) Topic area for this semester -- Security in the Internet of Things
(IoT). Further details on the topic at the end of this email.

2.) Bi-weekly (i.e., every other week) meetings on Fridays at noon.

3.) Pizza will be served.

4.) If you are a student, we might be able to work out details to make
this reading group _part of_ a for-credit arrangement (Please contact
Azer and Manuel about this option).

To get started, we need a volunteer who leads the discussion on the
first meeting on Friday, Feb. 5th on "A Large-Scale Analysis of the
Security of Embedded Firmwares (Usenix '14)". First come, first served.

We are convinced that we can reach a critical mass between the
participants at BU and LL to make this an excellent venue for discussing
security topics. In this spirit, we are looking forward to seeing you at
the first installment of the BU/LL Systems Security Reading Group on
Friday, Feb. 5th. at noon in MCS 148.

Please feel free to forward and extend this invitation to any
security-minded person at BU or LL you see fit.

To prevent idling security on Fri. the 29th, the Hariri Insitute is 
hosting the all-day "Cybersecurity Applications of Big Data" workshop.
More info on that is available here:


p.s. please shoot us a quick email if you plan to participate so we can
order the appropriate amount of pizza.

Proposed agenda for the semester:
This semester we will take a closer look at security issues and
solutions in the space of the "Internet of Things" (IoT) and closely
related topics. To this end, we put together the following agenda for
this semester. We open with a survey of embedded firmware security and
spend the majority of the sessions going into further detail. Then we
conclude with some interesting IoT-specific methods to provide secure
identities and authentication.

1. A Large-Scale Analysis of the Security of Embedded Firmwares 
	(Usenix '14)
2. Towards Fully Automated Dynamic Analysis for Embedded Firmware 
	(NDSS ’16)
3. Avatar: A Framework to Support Dynamic Security Analysis of Embedded
Systems' Firmwares 
	(NDSS '14)
4. Firmalice - Automatic Detection of Authentication Bypass
Vulnerabilities in Binary Firmware 
	(NDSS ’15)
5. SKEE: A lightweight Secure Kernel-level Execution Environment for
	(NDSS '16)
6. PyCRA: Physical Challenge-Response Authentication For Active Sensors
Under Spoofing Attacks 
	(CCS ’15)
7. Virtual Proofs of Reality and Their Physical Implementation 
	(S&P ‘15)

More information about the Busec mailing list