You are here

Past Seminars

05/10/2017 - 16:00

The seminar is based on the paper:

Loi Luu, Duc-Hiep Chu, Hrishi Olickel, Prateek Saxena, Aquinas Hobor: Making Smart Contracts Smarter. ACM Conference on Computer and Communications Security (CCS) 2016: 254-269.

20/09/2017 - 17:00

On "Mining Input Grammars from Dynamic Taints" M. Hoeschele and A. Zeller, ASE 2016.

Abstract (of the paper):

14/09/2017 - 16:00

Abstract: I will present the paper:

Joshua Garcia, Mahmoud Hammad, Negar Ghorbani, and Sam Malek. 2017. Automatic generation of inter-component communication exploits for Android applications. ESEC/FSE 2017. Pages 661-671.

25/05/2017 - 16:00

Abstract: When testing software, developers can place oracles externally or internally to a method. Given a faulty execution state, i.e., one that differs from the expected one, an oracle might be unable to expose the fault if it is placed at a program point with no access to the incorrect program state or where the program state is no longer corrupted. In such a case, the oracle is subject to failed error propagation. Internal oracles are in principle less subject to failed error propagation than external oracles. However, they are also more difficult to define manually.

18/05/2017 - 16:00

Abstract: The design of any software system requires that a high percentage of its intended users actually accept to use the system. Fulfillment of such Acceptance Requirements critically depends on psychological, behavioral and social factors which may influence intrinsic and extrinsic motivations. These factors can be identified, designed and fine tuned via gamification (making a game out of system usage), serious games and other techniques.

04/05/2017 - 16:00
Abstract: Previously, I presented a work in progress on permission re-delegation vulnerability detection framework. In this seminar, I will talk about the complete work and results we obtained. Permission re-delegation is a kind of privilege escalation where one software component performs privileged action on behalf of another component that does not hold the required permission. Static analysis is the de facto technique used to identify this kind of vulnerability by extracting execution paths from entry-point to sensitive sinks.
27/04/2017 - 16:00

Abstract[Context/Motivation]: The strategy of an organisation defines its long-term goals and develop plans to achieve these goals. Strategic planning is the activity of deciding how to allocate resources within the organisation to satisfy its strategy. Strategic planning precedes more detailed requirements engineering activities that clarify the requirements for the software systems concerned by the strategic plan.

20/04/2017 - 16:00

Abstract: Test case generation for web applications aims at ensuring full coverage of the navigation structure. Existing approaches resort to crawling and manual/random input generation, with or without a preliminary construction of the navigation model. However, crawlers might be unable to reach some parts of the web application and random input generation might not receive enough guidance to produce the inputs needed to cover a given path.

06/04/2017 - 16:00

I will present the following paper: