Shuo Chen's Presentations

  1. “Signing Me onto Your Accounts through Facebook and Google: A Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services,” Microsoft Research CoolTalk, May 10th, 2012
  2. “Security and privacy implications of the multi-component nature of Software-as-a-ServiceStanford Security Seminar, Stanford, CA, April 4th, 2011. Also given in MSR Silicon Valley Lab (video), April 5th, 2011.
  3. “Side-Channel-Leaks in Web Applications: A Reality Today, A Challenge Tomorrow,” IEEE Symposium on Security and Privacy, Oakland, CA, May 17th, 2010
  4. “Residue Objects: A Challenge to Web Browser Security,” ACM EuroSys, Paris, France, April 15th, 2010 (demo)
  5. “浏览器逻辑正确性是个艰巨的安全课题,” 2009/12/28 福州大学数计学院,2010/1/6 清华大学网络中心
  6. “Pretty-Bad-Proxy: An Overlooked Adversary in Browsers’ HTTPS Deployments,” IEEE Symposium on Security and Privacy, Oakland, CA, May 20th, 2009. (demo)
  7. “Understanding the Challenges in Browser Logic CorrectnessStanford Security Seminar, Stanford, CA, March 13th, 2008.
  8. “An Analysis of Browser Domain-Isolation Bugs and A Light-Weight Transparent Defense Mechanism,” ACM Conference on Computer and Communications Security, Alexandria, VA, Oct 30th, 2007. (demo)
  9. “A Systematic Approach to Uncover Security Flaws in GUI Logic,” IEEE Symposium on Security and Privacy, Oakland, CA, May 21st, 2007. (demo)
  10. “Browser Security: A New Research Territory, ” CS seminars in Purdue University and University of Illinois at Urbana-Champaign, April, 2007
  11. “Non-Control-Data Attacks Are Realistic Threats,” USENIX Security Symposium, Baltimore, MD, Aug. 4th, 2005.
  12. “Enhancing Security of Real-World Systems with a Better Understanding of Threats,” (video) job interview talk, Microsoft Research, Redmond, WA, 3/14/2005.
  13. “A Black-Box Tracing Technique to Identify Causes of Least-Privilege Incompatibilities”. Network and Distributed System Security Symposium (NDSS), San Diego, CA, Feb. 4, 2005.
  14. "Formal Reasoning of Security Vulnerabilities by Pointer Taintedness Semantics". Given in Computer Engineering Seminar, Coordinated Science Lab, UIUC, 10/12/2004.
  15. "A Finite State Machine Methodology for Analyzing Security Vulnerabilities". Given in IEEE International Conference on Dependable Systems and Networks, San Francisco, June, 2003.
  16. "Secure Detection and Isolation of TCP-unfriendly Flows" (Summer Project in Bell Labs). Given in the Data Network Research Center, Bell Laboratories, Holmdel, New Jersey, August, 2002.
  17. "Evaluating the Security Threat of Instruction Corruptions in Firewalls". Given in IEEE International Conference on Dependable Systems and Networks, Washington D.C., June, 2002.
  18. "Libsafe for Windows" (Summer Project in Avaya Labs). Given in the Network Software Research Department, Avaya Labs, Basking Ridge, New Jersey, August, 2001.

Other Related Presentations

1.      “How to Shop for Free Online – Security Analysis of Cashier-as-a-Service Based Web Stores,” presented by Rui Wang at IEEE Symposium on Security and Privacy, Oakland, CA, May 25th, 2011

2.      “Defeating Memory Corruption Attacks via Pointer Taintedness Detection,” presented by Jun Xu at IEEE International Conference on Dependable Systems and Networks, Yokohama, Japan, June 30, 2005