【学术沙龙】NISL 5月25日活动预告 - TO BE ON AIR

清华大学网络与信息安全实验室学术沙龙，欢迎关注~ 

This is the Paper Reading Seminar of Network and Information Security Lab (NISL) at Tsinghua University. Tune in for more details!

* 本次分享部分对外公开直播，线上参会者要求实名备注“姓名-单位”

1.【论文分享】Web Cache Deception Escalates!

• Presenter: 梁越嘉

• Conference: USENIX Security'22

• Authors: Seyed Ali Mirheidari, Matteo Golinelli, Kaan Onarlioglu, Engin Kirda, Bruno Crispo

• Abstract: This paper explores Web Cache Deception (WCD) attacks, proposes a new detection method, and highlights the broader implications of WCD beyond personal information leaks. The authors conducted experiments on various websites, revealing numerous vulnerabilities and demonstrating the damaging effects of WCD on non-authenticated pages.

• Link to paper: https://www.usenix.org/conference/usenixsecurity22/presentation/mirheidari

2.【论文分享】Bilingual Problems: Studying the Security Risks Incurred by Native Extensions in Scripting Languages

• Presenter: 张书樵

• Conference: USENIX Security'23

• Authors: Cristian-Alexandru Staicu, Sazzadur Rahaman, Ágnes Kiss, Michael Backes

• Abstract: The authors discuss a novel methodology for studying the misuse of the native extension API in scripting languages.

• Link to paper: https://www.usenix.org/system/files/sec23fall-prepub-262_staicu.pdf