CTF Sharing Session

  Chris is a senior security engineer from ASTRI and also a CTFer. Last year, he discovered various RCE vulnerabilities in a series of commercial routers. Chris shared with us his experience in CTF competitions and introduced some common tools used in CTF. In addition, sample questions were also provided and analyzed.   You can find […]

Capture The Flag Training Session

In the talk, Prof. Zhang introduced CTF security competition. Next week, we will invite Chris from ASTRI to share his experience on CTF competition and five training sessions will also be provided in following weeks. Some self-learning material list for CTF. self-learning list for CTF (you can search them on Google): 1. RPI CTF 2. GIT […]

A Year of Kernel Development

Wei Tang has spent the past year developing a microkernel. Rust is a new generation of system level programming language that builds on lessons of the C programming language. The kernel is written in Rust, which provides memory safety compared with C. The development is done in QEMU. A microkernel is supposed to have, aka […]

From Image Pixel Optimization to Object Understanding

Speaker: Xiaoyong Shen In this talk, Xiaoyong Shen briefly presented the research projects on computer vision during his PhD study. First, He showed the pixel-level manipulation works including image restoration, filtering, denoising, deblurring, etc. Second, approaches for image matching based on image region understanding were introduced. At last, He introduced our recent researches on automatic object […]

Sign into Your App Accounts with Facebook and Sina

Speaker: Ronghai Yang Mainstream Identity Providers (e.g. Facebook, Sina) have adopted OAuth 2.0 protocol to support Single-Sign-On service. We will present several OAuth vulnerabilities, all of which can be exploited to sign into a victim’s mobile app account. These vulnerabilities have affected lots of popular third-party applications. Part of the result has been demonstrated on […]