Presentations

  • 2014


  • New: ZØ: An Optimizing Distributing Zero-Knowledge Compiler.
    [PPTX] [PDF]
    Matt Fredrikson and Benjamin Livshits
    Usenix Security, August 2014.

  • New: Programming for social scientists with InterPoll.
    [PPT] [PDF]
    Benjamin Livshits
    ECOOP summer school, August 2014.

  • New: Automatic Mediation of Privacy-Sensitive Resource Access in Smartphone Applications.
    [PPT] [PDF]
    Benjamin Livshits
    Usenix Security, August 2013.

  • 2013


  • New: Personalization and Privacy: An Overview.
    [PPT] [PDF]
    Benjamin Livshits
    Microsoft Research Faculty Summit, July 2013.

  • New: Challenges in Pointer Analysis of JavaScript.
    [PPT] [PDF]
    Benjamin Livshits
    Dagstuhl seminar 13162, April 2013.

  • New: Towards Fully Automatic Placement of Security Sanitizers and Declassifiers.
    [PPT] [PDF]
    Benjamin Livshits and Stephen Chong
    Symposium on the Principles of Programming Languages (POPL), January 2013.

  • 2012


  • Private Client-side Profiling with Random Forests and Hidden Markov Models.
    [PPT] [PDF]
    George Danezis, Markulf Kohlweiss, Benjamin Livshits, and Alfredo Rial
    Privacy Enhancing Technologies Symposium, July 2012.

  • Finding Malware on a Web Scale: an Updated Overview.
    [PPT] [PDF]
    Benjamin Livshits, Benjamin Zorn, Christian Seifert, and others

  • Rozzle: De-Cloaking Internet Malware.
    [PPT] [PDF]
    Clemens Kolbitsch, Benjamin Livshits, Benjamin Zorn, and Christian Seifert

  • 2011


  • Finding Malware on a Web Scale: an Overview.
    [PPT] [PDF]
    Benjamin Livshits, Benjamin Zorn, Christian Seifert, and others

  • Zozzle: Finding Malware on a Web Scale.
    [PPT] [PDF]
    Charlie Curtsinger, Benjamin Livshits, Benjamin Zorn, and Christian Seifert
    Usenix Security, August 2011.

  • RePriv: Re-Envisioning In-Browser Privacy.
    [PPT] [PDF]
    Benjamin Livshits and Matt Fredrikson
    Overview talk , March 2011.

  • 2010


  • Privacy and Security for Brower Extensions: A Language-Based Approach.
    [PPT] [PDF]
    Benjamin Livshits, Nikhil Swamy, Matt Fredrikson, and Arjun Guha
    Overview talk , December 2010.

  • JSMeter: Comparing the Behavior of JavaScript Benchmarks with Real Web Applications.
    [PPT] [PDF]
    Paruj Ratanaworabhan, Benjamin Livshits, and Benjamin Zorn
    USENIX Conference on Web Application Development (WebApps) , June 2010.

  • JSZap: Compressing JavaScript Code
    [PPT] [PDF]
    Martin Burtscher, Benjamin Livshits, Gaurav Sinha, and Benjamin Zorn
    USENIX Conference on Web Application Development (WebApps) , June 2010.

  • Gulfstream: Incremental Static Analysis for Streaming JavaScript Applications.
    [PPT] [PDF]
    Salvatore Guarnieri and Benjamin Livshits
    USENIX Conference on Web Application Development (WebApps) , June 2010.

  • Fluxo: A System for Internet Service Programming by Non-expert Developers.
    [PPT] [PDF]
    Emre Kiciman, Benjamin Livshits, Madanlal Musuvathi, and Kevin C. Webb
    ACM Symposium on Cloud Computing (SOCC) , June 2010.

  • Empowering Browser Security for Mobile Devices Using Smart CDNs.
    [PPT] [PDF]
    Benjamin Livshits and David Molnar
    Workshop on Web 2.0 Security and Privacy (W2SP), May 2010.

  • Secure Cooperative Sharing of JavaScript, Browser, and Physical Resources.
    [PPT] [PDF]
    Leo Meyerovich, David Zhu, and Benjamin Livshits
    Workshop on Web 2.0 Security and Privacy (W2SP), May 2010.

  • ConScript: Specifying and Enforcing Fine-Grained Security Policies for JavaScript in the Browser.
    [PPT] [PDF]
    Leo Meyerovich and Benjamin Livshits
    IEEE Symposium on Security and Privacy (Oakland Security), May 2010.

  • 2009


  • Ripley: Automatically Securing Web 2.0 Applications Through Replicated Execution.
    [PPT] [PDF]
    K. Vikram, Abhishek Prateek, and Benjamin Livshits
    In Conference on Computer and Communications Security (CCS), November 2009.
  • Gatekeeper: Mostly Static Enforcement of Security and Reliability Policies for JavaScript Code.
    [PPT] [PDF]
    Salvatore Guarnieri and Benjamin Livshits.
    In Usenix Security, August 2009.

  • Nozzle: A Defense Against Heap-spraying Code Injection Attacks.
    [PPT] [PDF]
    Paruj Ratanaworabhan, Benjamin Livshits, and Benjamin Zorn.
    In Usenix Security, August 2009.

  • Merlin: Specification Inference for Explicit Information Flow Problems.
    [PPT] [PDF]
    Benjamin Livshits, Aditya V. Nori, Sriram K. Rajamani, and Anindya Banerjee.
    (slides by Aditya Nori)
    In PLDI, June 2009.

  • Fluxo: Simple Service Compiler.
    [PPT] [PDF]
    Emre Kiciman, Ben Livshits, and Madanlal Musuvathi.
    (slides by Emre Kiciman)
    In HotOS, May 2009.

  • Fluxo: Improving the Responsiveness of Internet Services with Automatic Cache Placement.
    [PDF]
    Alexander Rasmussen, Emre Kiciman, Ben Livshits, and Madanlal Musuvathi.
    (slides by Alexander Rasmussen)
    In EuroSys, March 2009.

  • 2008


  • Doloto: Code Splitting for Web 2.0 Applications.
    [PPT] [PDF]
    Benjamin Livshits and Emre Kiciman.
    In Foundations of Software Engineering (FSE), November 2008.

  • Spectator: Detection and Containment of JavaScript Worms.
    [PPT] [PDF]
    Benjamin Livshits and Weidong Cui.
    In Usenix Annual Technical Conference, June 2008.

  • Doloto: Code Splitting for AJAX Applications.
    [PPT] [PDF]
    Benjamin Livshits and Emre Kiciman.
    In Velocity Web Peformance Conference, June 2008.

  • 2007


  • AjaxScope: Remotely Monitoring Client-side Web-App Behavior. (slides by Emre Kiciman)
    [PPT] [PDF]
    Emre Kiciman and Benjamin Livshits.
    In Symposium of Operating System Principles (SOSP 2007), October 2007.

  • Using Web Application Construction Frameworks to Protect Against Code Injection Attacks.
    [PPT] [PDF]
    Benjamin Livshits and Ulfar Erlingsson.
    In Workshop on Programming Languages and Analysis for Security (PLAS 2007), June 2007.

  • Towards Security by Construction for Web 2.0 Applications.
    [PPT] [PDF]
    Benjamin Livshits and Ulfar Erlingsson.
    In Web 2.0 Security & Privacy 2007, May 2007.

  • Finding Application Errors and Security Flaws Using PQL: A Program Query Language.
    [PPT] [PDF]
    Michael Martin, Benjamin Livshits, and Monica Lam.
    In Dagstugl seminar on Runtime Verification (07011), January 2007.

  • 2005


  • Reflection Analysis for Java.
    [PPT] [PDF]
    Benjamin Livshits, John Whaley, and Monica S. Lam
    In Third Asian Symposium on Programming Languages and Systems, Tsukuba, Japan, November, 2005.

  • Finding Application Errors and Security Flaws Using PQL: a Program Query Language.
    [PPT] [PDF]
    Michael Martin, Benjamin Livshits, and Monica S. Lam
    In 20th Annual ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications, San Diego, California, October 2005 (slides and presentation by Michael Martin).

  • DynaMine: Finding Common Error Patterns by Mining Software Revision Histories.
    [PPT] [PDF]
    Benjamin Livshits and Thomas Zimmermann
    In ACM SIGSOFT Symposium on the Foundations of Software Engineering, Lisbon, Portugal, September 2005 (slides and presentation by Thomas Zimmermann).

  • Finding Security Vulnerabilities in Java Applications with Static Analysis.
    [PPT] [PDF]
    Benjamin Livshits and Monica Lam.
    In Usenix Security Symposium, Baltimore, Maryland, August 2005.

  • DynaMine: Finding Common Error Patterns by Mining Software Revision Histories.
    [PPT] [PDF]
    Benjamin Livshits and Thomas Zimmermann.
    In Dagstugl seminar 05261, June 2005.

  • Locating Matching Method Calls by Mining Revision History Data.
    [PPT] [PDF]
    Benjamin Livshits and Thomas Zimmermann
    In the Workshop on the Evaluation of Software Defect Detection Tools, Chicago, Illinois, June 2005.

  • Using Static Analysis to Find Input Validation Errors in Java Programs.
    [PPT] [PDF]
    Benjamin Livshits and Monica S. Lam.
    In Stanford 7th Annual Security Workshop, May 2005.

  • Turning Eclipse Against Itself: Finding Errors in Eclipse Sources.
    [PPT] [PDF]
    Benjamin Livshits.
    In Eclipsecon '05 Research Exchange, March 2005.

  • 2004 and earlier


  • Finding Security Errors in Java Applications Using Lightweight Static Analysis.
    [PPT] [PDF]
    Benjamin Livshits.
    Work-in-Progress Report, Annual Computer Security Applications Conference, November 2004.

  • Tracking Pointers with Path and Context Sensitivity for Bug Detection in C Programs.
    [PPT] [PDF]
    Benjamin Livshits and Monica S. Lam
    11th ACM SIGSOFT International Symposium on the Foundations of Software Engineering, September 2003.

  • Finding Security Violations by Using Precise Source-level Analysis.
    [PPT] [PDF]
    Benjamin Livshits and Monica S. Lam
    In Stanford 5th Annual Security Workshop, May 2003.
Top of page