Here is an archive of past ASRG discussions. The current schedule is elsewhere.
| Topic | Date | Discussion leader | Paper | Scribe notes |
| Storage-based Intrusion Detection: Watching storage activity for suspicious behavior AND Establishing the Genuinity of Remote Computer Systems | July 21, 2003 | Dave Andersen and Simson Garfinkel | Abstract | |
| Security Holes...Who Cares? AND Preventing Privilege Escalation | July 14, 2003 | Simson Garfinkel and Emil Sit | Abstract | |
| Remote Timing Attacks Are Practical AND 802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions | July 7, 2003 | Nick Feamster and Kevin Fu | Abstract | |
| Trusted Computing, Peer-To-Peer Distribution, and the Economics of Pirated Entertainment | May 8, 2003 | Stuart Schechter, Harvard University | Abstract | |
| On the Economics of Anonymity | April 10, 2003, 4PM | Roger Dingledine | Abstract | |
| Working around BGP: An Incremental Approach to Improving Security and Accuracy in Interdomain Routing | April 3, 2003 | Geoffrey Goodell, Harvard University | Abstract | |
| Mayday: Distributed Filtering for Internet Services | March 20, 2003 | David Andersen | Abstract | |
| Defeating Web Censorship with Untrusted Messenger Discovery | February 27, 2003 | Nick Feamster | Abstract | |
| Fighting Spam May Be Easier Than You Think | December 12, 2002 | Cynthia Dwork, Microsoft Research, Silicon Valley Campus | Abstract | |
| Static detection of buffer overflows | October 4, 2002 | David Molnar, Harvard | [Abstract] | |
| Secure Execution Via Program Shepherding | May 22, 2002 | Saman Amarasinghe | [Abstract] | |
| Shifting Trends in Attack, Vulnerability, and Defense: Findings from the Commercial Sector | April 24, 2002 | John Nye, Managing Security Architect, @stake, Inc. | [Abstract] | |
| Security in a large university network | April 17, 2002 | Bob Mahoney, Team Leader, MIT Network Security Team | [Abstract] | |
| Chaffinch | March 13, 2002 | George Danezis | [Abstract] [Homepage] | |
| Traceability | February 27, 2002 | Richard Clayton | [Abstract] | |
| Covert channels in TCP timestamps | February 20, 2002 | Rachel Greenstadt | [Abstract] | |
| Infranet: Circumventing Web Censorship and Surveillance | February 13, 2002 | Nick Feamster | [Abstract] | |
| Anonymous Communications and Reputation | November 14, 2001 | Roger Dingledine | PS | |
| Privacy Engineering for DRM Systems | October 31, 2001 | Michael Freedman | PS | |
| Secure Program Partitioning | October 17, 2001 | Emil Sit | Abstract PS | |
| Identity Based Encryption vs PKI? | October 10, 2001 | Dwaine Clarke | Abstract | Handout 1 (PDF) and 2 (PS). |
| How Secure is SSL? | October 3, 2001 | Michael Freedman | PS | |
| SSH Keystroke Timing | September 26, 2001 | Rachel Greenstadt | [CiteSeer] | |
| Organizational Meeting | September 19, 2001 | Emil Sit | [HTML] | |
| Removing Watermarks | May 14, 2001 | Nick Feamster | [HTML] | [Gzipped PS slides] |
| So, Where's All the Financial Cryptography? | April 27, 2001 | Win Treese | [HTML] | [video] |
| Power Attacks on Cryptographic Hardware | April 2, 2001 | Jonathan Towle, Intertrust | [HTML, PS poster, PDF poster] | [video] |
| Defeating Statistical Steganalysis | Mar 13, 2001 | Niels Provos, University of Michigan, CITI | [HTML] [PS poster] [PDF poster] | [PS slides] [video] |
| Organizational meeting | Feb 26, 2001 | |||
| Timing Attacks on Web Privacy | Feb 12, 2001 | Kevin Fu | [PDF (MIT only) or PDF] | |
| Cryptographic Puzzles and Bread Pudding | Dec 11, 2000 | Ari Juels, Principal Research Scientist, RSA Laboratories | [PS, PS] | [video] |
| AES/Rijndahl | Dec 4, 2000 | Zulfikar Ramzan and William Ricker | [HTML, HTML, HTML, HTML] | [video] |
| Hands-on OpenSSL Programming | Nov 13, 2000 | David Molnar and Kevin Fu | [HTML] | [HTML, video] |
| Secure Electronic Voting on the Internet | Nov 6, 2000 | Kendra Smith, John Sangster, Mark Hershberg | [HTML, HTML, HTML, HTML] | Too close to call |
| Efficient and Fresh Certification | Oct 30, 2000 | Ivan Nestlerode, MIT/Bell Labs, Lucent Technologies | [Gzipped PS] | [HTML, PPT] |
| Security Issues in Internet Routing | Oct 16, 2000 | Avi Freedman, VP of Network Architecture, Akamai | [PPT, PPT] | [video] |
| Unix Forensics and Distributed Denial of Service | Oct 6, 2000 | Dave Dittrich, University of Washington | [HTML] | [HTML, video] |
| Fun with Cookie Passwords | Oct 2, 2000 | Kevin Fu | [HTML, HTML, HTML] | [To appear at USENIX] |
| Organizational meeting | Sept 18, 2000 | [HTML] | ||
| Remote detection of "passive" promiscuous devices | Sept 11, 2000 | Mudge, The L0pht/@Stake | [HTML] | [Video] |
| Fast and secure distributed read-only file system | May 1, 2000 | Kevin Fu | [HTML] | [PS slides] |
| Absent: Secure Remote Access to an Internal Web Server | Mar 29, 2000 | Avi Rubin, AT&T Labs-Research | [HTML] | [HTML] |
| Dealing With Remote Computation: the SETI@Home Problem | Mar 6, 2000 | David Molnar, Harvard | [HTML] | |
| Real-Time Fraud Detection | Feb 28, 2000 | Gary Dougherty, Fleet Bank | [MSWord] | [HTML] |
| The Free Haven Project | Feb 22, 2000 | Roger Dingledine, Cryptoanarchist | [PS] | [HTML] |
| Distributed Denial of Service | Feb 14, 2000 | David Andersen | [TXT][HTML] | [HTML] |
| Security issues in HTML-based Email | Feb 7, 2000 | Richard M. Smith, Security Consultant | [HTML, HTML] | [HTML] |
| Selecting Cryptographic Key Sizes | Dec 6, 1999 | Kevin Fu | [PDF] | [HTML] |
| Tempest | Nov 22, 1999 | Ivan Nestlerode | [PDF] | |
| Graphical Passwords | Nov 15, 1999 | Emil Sit | [PDF] |