Presentations

  • 2009

  • New: Ripley: Automatically Securing Web 2.0 Applications Through Replicated Execution.
    [PPT] [PDF]
    K. Vikram, Abhishek Prateek, and Benjamin Livshits
    In Conference on Computer and Communications Security (CCS), November 2009.
  • Gatekeeper: Mostly Static Enforcement of Security and Reliability Policies for JavaScript Code.
    [PPT] [PDF]
    Salvatore Guarnieri and Benjamin Livshits.
    In Usenix Security, August 2009.

  • Nozzle: A Defense Against Heap-spraying Code Injection Attacks.
    [PPT] [PDF]
    Paruj Ratanaworabhan, Benjamin Livshits, and Benjamin Zorn.
    In Usenix Security, August 2009.

  • Merlin: Specification Inference for Explicit Information Flow Problems.
    [PPT] [PDF]
    Benjamin Livshits, Aditya V. Nori, Sriram K. Rajamani, and Anindya Banerjee.
    (slides by Aditya Nori)
    In PLDI, June 2009.

  • Fluxo: Simple Service Compiler.
    [PPT] [PDF]
    Emre Kiciman, Ben Livshits, and Madanlal Musuvathi.
    (slides by Emre Kiciman)
    In HotOS, May 2009.

  • Fluxo: Improving the Responsiveness of Internet Services with Automatic Cache Placement.
    [PDF]
    Alexander Rasmussen, Emre Kiciman, Ben Livshits, and Madanlal Musuvathi.
    (slides by Alexander Rasmussen)
    In EuroSys, March 2009.

  • 2008

  • Doloto: Code Splitting for Web 2.0 Applications.
    [PPT] [PDF]
    Benjamin Livshits and Emre Kiciman.
    In Foundations of Software Engineering (FSE), November 2008.

  • Spectator: Detection and Containment of JavaScript Worms.
    [PPT] [PDF]
    Benjamin Livshits and Weidong Cui.
    In Usenix Annual Technical Conference, June 2008.

  • Doloto: Code Splitting for AJAX Applications.
    [PPT] [PDF]
    Benjamin Livshits and Emre Kiciman.
    In Velocity Web Peformance Conference, June 2008.

  • 2007

  • AjaxScope: Remotely Monitoring Client-side Web-App Behavior. (slides by Emre Kiciman)
    [PPT] [PDF]
    Emre Kiciman and Benjamin Livshits.
    In Symposium of Operating System Principles (SOSP 2007), October 2007.

  • Using Web Application Construction Frameworks to Protect Against Code Injection Attacks.
    [PPT] [PDF]
    Benjamin Livshits and Ulfar Erlingsson.
    In Workshop on Programming Languages and Analysis for Security (PLAS 2007), June 2007.

  • Towards Security by Construction for Web 2.0 Applications.
    [PPT] [PDF]
    Benjamin Livshits and Ulfar Erlingsson.
    In Web 2.0 Security & Privacy 2007, May 2007.

  • Finding Application Errors and Security Flaws Using PQL: A Program Query Language.
    [PPT] [PDF]
    Michael Martin, Benjamin Livshits, and Monica Lam.
    In Dagstugl seminar on Runtime Verification (07011), January 2007.

  • 2005

  • Reflection Analysis for Java.
    [PPT] [PDF]
    Benjamin Livshits, John Whaley, and Monica S. Lam
    In Third Asian Symposium on Programming Languages and Systems, Tsukuba, Japan, November, 2005.

  • Finding Application Errors and Security Flaws Using PQL: a Program Query Language.
    [PPT] [PDF]
    Michael Martin, Benjamin Livshits, and Monica S. Lam
    In 20th Annual ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications, San Diego, California, October 2005 (slides and presentation by Michael Martin).

  • DynaMine: Finding Common Error Patterns by Mining Software Revision Histories.
    [PPT] [PDF]
    Benjamin Livshits and Thomas Zimmermann
    In ACM SIGSOFT Symposium on the Foundations of Software Engineering, Lisbon, Portugal, September 2005 (slides and presentation by Thomas Zimmermann).

  • Finding Security Vulnerabilities in Java Applications with Static Analysis.
    [PPT] [PDF]
    Benjamin Livshits and Monica Lam.
    In Usenix Security Symposium, Baltimore, Maryland, August 2005.

  • DynaMine: Finding Common Error Patterns by Mining Software Revision Histories.
    [PPT] [PDF]
    Benjamin Livshits and Thomas Zimmermann.
    In Dagstugl seminar 05261, June 2005.

  • Locating Matching Method Calls by Mining Revision History Data.
    [PPT] [PDF]
    Benjamin Livshits and Thomas Zimmermann
    In the Workshop on the Evaluation of Software Defect Detection Tools, Chicago, Illinois, June 2005.

  • Using Static Analysis to Find Input Validation Errors in Java Programs.
    [PPT] [PDF]
    Benjamin Livshits and Monica S. Lam.
    In Stanford 7th Annual Security Workshop, May 2005.

  • Turning Eclipse Against Itself: Finding Errors in Eclipse Sources.
    [PPT] [PDF]
    Benjamin Livshits.
    In Eclipsecon '05 Research Exchange, March 2005.

  • 2004 and earlier

  • Finding Security Errors in Java Applications Using Lightweight Static Analysis.
    [PPT] [PDF]
    Benjamin Livshits.
    Work-in-Progress Report, Annual Computer Security Applications Conference, November 2004.

  • Tracking Pointers with Path and Context Sensitivity for Bug Detection in C Programs.
    [PPT] [PDF]
    Benjamin Livshits and Monica S. Lam
    11th ACM SIGSOFT International Symposium on the Foundations of Software Engineering, September 2003.

  • Finding Security Violations by Using Precise Source-level Analysis.
    [PPT] [PDF]
    Benjamin Livshits and Monica S. Lam
    In Stanford 5th Annual Security Workshop, May 2003.
Top of page