MadS&P | S&P Seminar

S&P Seminar is UW-Madison’s Security and Privacy Seminar where presentations are given broadly in the area of computer security and privacy research. Presentations range from informal discussions on current events to invited talks from external researchers.

Fall 2025

Unless otherwise noted, seminars take place in Morgridge Hall 5621 from 2-3pm on Mondays.

Date	Location	Title/Topic	Speaker
Sep 22	MH 5621	Informal discussion on “slopsquatting” and package hallucination attacks	Julia N
Sep 29	MH 5621	Discussion: LTrack: Stealthy Tracking of Mobile Phones in LTE	Ben K
Oct 6	MH 5621	CCS Practice Talks	Asmit N & Julia N
Oct 13	MH 5621	Discussion: Towards More Practical Threat Models in Artificial Intelligence Security	Kyle D
Oct 20	MH 5621	Discussion: Share Your Tools & Tips	Tim L
Oct 27	MH 5621	Invited talk: QUICstep: Evaluating connection migration based QUIC censorship circumvention	Seungju Lee (Princeton)
Nov 3	MH 5631
Nov 10	MH 5621
Nov 17	MH 5621
Nov 24	MH 5621
Dec 1	MH 5621
Dec 8	MH 5621

Spring 2025

Date	Title
Jan 28	Guest talk by Wenxin Ding
Feb 4	Guest talk by Avital Shafran
Feb 18	Paper Discussion Collaborative Verification of Information Flow for a High-Assurance App Store
Feb 25	CHI Practice Talk
Mar 4	Guest talk by Anvith Thudi
Mar 11	“I can’t believe it’s not better!” discussion session
Mar 18	“I can’t believe it IS better” discussion section
Apr 1	Guest talk by Jake Chanenson
Apr 15	Guest talk by Jennifer Vander Loop
Apr 22	Guest talk by Farhana Shahid
Apr 29	End of semester research group chat

Fall 2024

Date	Title
Sep 10	Lightning Round Research Activity
Sep 17	Adversarial Examples Are Not Bugs, They Are Features
Sep 24	Artifact reviewing - “Get in Researchers; We’re Measuring Reproducibility”
Oct 1	A fuzzy Vault scheme
Oct 8	Practice for CCS
Oct 15	A Researcher’s Guide to Some Legal Risks of Security Research
Oct 22	How to Zotero
Oct 29	On the Feasibility of Stealthily Introducing Vulnerabilities in Open-Source Software via Hypocrite Commits
Nov 5	“Edna: Disguising and Revealing User Data in Web Applications” SOSP ‘23
Nov 12	Preparing for Midwest Security Workshop
Nov 19	Investigating How Practitioners Scope, Motivate, and Conduct Privacy Work When Developing AI Products
Dec 3	End of semester wrap up/social

Summer 2024

Date	Title
May 10	Guest Speaker - Nick (Hengrui) Jia
May 17	Practice Talks IEEE S&P
Jun 7	Diving into Robocall Content with SnorCall
Jun 14	Guest Speaker - Zhuolin Yang - Identifying and Mitigating AI-enhanced Privacy Attacks
Jun 21	Data Redaction from Conditional Generative Models
Jun 28	The Effect of Population and “Structural” Biases on Social Media-based Algorithms: A Case Study in Geolocation Inference Across the Urban-Rural Spectrum
Jul 8	Guest Speaker - Jaron Mink - Human Factors in Secure and Non-abusive AI
Jul 19	Lightning round research activity
Jul 30	Practice Talk USENIX
Aug 6	Tooling/Environment/Code style… Activity
Aug 13	Practical No-box Adversarial Attacks with Training-free Hybrid Image Transformation
Aug 20	DP use by the 2020 US Census
Aug 27	The Process Matters: Ensuring Data Veracity in Cyber-Physical Systems
Sep 3	Top Score on the Wrong Exam: On Benchmarking in Machine Learning for Vulnerability Detection

Spring 2024

Date	Title
Jan 26	Spring 2024 Kickoff - Introductions & Discussion of Research Interests
Feb 2	Lightning Talks - Research Tips/Tools/Challenges
Feb 9	SoK: I Have the (Developer) Power! Sample Size Estimation for Fisher’s Exact, Chi-Squared, McNemar’s Wilcoxon Rank-Sum, Wilcoxon Signed-Rank and t-tests in Developer-Centered Usable Security
Feb 16	A Study of Multi-Factor and Risk-Based Authentication Availability
Feb 23	“They Look at Vulnerability and Use That to Abuse You’’: Participatory Threat Modelling with Migrant Domestic Workers
Mar 1	SoK: Cryptographic Confidentiality of Data on Mobile Devices
Mar 8	CS dept welcome events for prospective incoming students:
Mar 15	Achieving Compositional Safety and Security in IoT Environments - Muslum Ozgur Ozmen
Mar 22	Who Are You (I Really Wanna Know)?
Apr 5	Compromising Industrial Processes using Web-Based Programmable Logic Controller Malware
Apr 12	Privacy-Preserving Systems for a Data-Driven World - Anwar Hithnawi
Apr 19	Guest Speaker - Sourav Das Recent Results on Threshold Signatures: Supporting Weights and Adaptive Security

Fall 2023

Date	Title
Sep 1	Welcome new members, summer experience, logistics reading group.
Sep 8	Everyone introduce themselves (research interests, on-going project or ideas, etc.)
Sep 15	What Does it Mean for a Language Model to Preserve Privacy?
Sep 22	Replication: Why We Still Can’t Browse in Peace: On the Uniqueness and Reidentifiability of Web Browsing Histories & Why Johnny Can’t Browse in Peace: On the Uniqueness of Web Browsing History Patterns
Sep 29	Not what you’ve signed up for: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection
Oct 6	SoK: Safer Digital-Safety Research Involving At-Risk Users
Oct 13	SoK: Benchmarking Flaws in Systems Security
Oct 20	Practice IMC Talk: The CVE Wayback Machine: Measuring Coordinated Disclosure from Exploits Against 2 Years of Zero-Days
Oct 27	Understanding Digital-Safety Experiences of Youth in the U.S.
Nov 3	Exploring the Security and Privacy Risks of Chatbots in Messaging Services
Nov 10	Understanding the Privacy Risks of Popular Search Engine Advertising Systems
Nov 17	SoK: Cryptographic Protection of Random Access Memory
Dec 1	Talk from Guest Speaker - Deepak Kumar
Dec 8	The Security Mirage

Fall 2023 (Distinguished Lecture Series)

Date	Title	Speaker
Nov 6	How to make YOUR computer more secure than the Internet?	Wenke Lee (Georgia Tech)
Nov 9	From pandas and gibbons to malware detection: Attacking and defending real-world uses of machine learning	Lujo Bauer (Carnegie Mellon University)
Nov 15	Fast and Furious: How the web got turbo charged just in time…	Michael Franz (UC Irvine)
Nov 16	Cyber Attacks and Defenses: Trends, Challenges, and Outlook	Michael Franz (UC Irvine)
Nov 30	Ethical Frameworks and Computer Security Trolley Problems	Tadayoshi Kohno (University of Washington)
Dec 1	Understanding and Mitigating Online Abuse	Deepak Kumar (UC San Diego)
Dec 11	Helping Developers with Privacy	Jason Hong (Carnegie Mellon University)

Summer 2023

Date	Title
Jun 9	SoK: Science, Security, and the Elusive Goal of Security as a Scientific Pursuit
Jun 16	Are Consumers Willing to Pay for Security and Privacy of IoT Devices?
Jun 23	Power in Computer Security and Privacy: A Critical Lens
Jul 21	Practice Talk USENIX Security Sneaky Spy Devices and Defective Detectors: The Ecosystem of Intimate Partner Surveillance with Covert Devices
Jul 28	Practice Talk USENIX Security DScope: A Cloud-Native Internet Telescope Talk
Aug 4	Practice Talk USENIX Security “It’s the Equivalent of Feeling Like You’re in Jail”: Lessons from Firsthand and Secondhand Accounts of IoT-Enabled Intimate Partner Abuse & Discovering password guessing attacks in practice

Spring 2023

Date	Title
Feb 24	Provably-Safe Multilingual Software Sandboxing using WebAssembly
Mar 3	Welcome week
Mar 31	Fighting for our sisters: Community advocacy and action for missing and murdered Indigenous women and girls
Apr 7	How to read & write research papers?
Apr 14	CS Research symposium
May 5	Blind My - An Improved Cryptographic Protocol to Prevent Stalking in Apple’s Find My Network

Fall 2022

Date	Title
Sep 9	Ubicomp Practice Talk
Sep 16	Meetup and elevated speech about everyone’s own research
Sep 23	OpenVPN is Open to VPN Fingerprinting
Sep 30	ABY3 a secure framework for ML models
Oct 7	Spinning Language Models: Risks of Propaganda-As-A-Service and Countermeasures
Oct 21	Ethics in Internet measurement
Oct 28	Building a Privacy-Preserving Smart Camera System
Nov 4	Dos and Don’ts of Machine Learning in Computer Security
Nov 18	Discussion of recent papers in CCS, TCC
Dec 2	Gender Shades: Intersectional Accuracy Disparities in Commercial Gender Classification
Dec 9	Discussion of S&P for victims of intimate partner violence

Spring 2022

Date	Title
Feb 25	Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud
Mar 11	CrawlPhish: Large-scale Analysis of Client-side Cloaking Techniques in Phishing
Apr 8	Dual use of artificial-intelligence-powered drug discovery
May 6	IEEE S&P Practice Talk
Jul 1	PETS Practice Talk
Jul 15	USENIX Security Practice Talk

Fall 2021

Date	Title	Speaker
Nov 19	Keystone: Flexible trusted execution with commodity hardware	David Kohlbrenner (University of Washington)
Dec 10	Cryptographic Enforcement of End-to-End Data Privacy	Anwar Hithnawi (Privacy Preserving Systems Lab)

Spring 2021

Date	Title	Speaker
Mar 03	Game-Set-MATCH: Using Mobile Devices for Seamless External-Facing Biometric Matching	Saikrishna Badrinarayanan (Visa Research)

Fall 2020

Date	Title	Speaker
Sep 14	Threat Hunting, Evolved: Efficient and Secure Approaches to Investigating System Intrusions	Adam Bates (UIUC)
Sep 18	Resource-Aware Session Types for Digital Contracts	Ankush Das (Carnegie Mellon University)
Oct 26	Formalizing Data Deletion in the Context of the Right to be Forgotten	Sanjam Garg (UC-Berkeley)
Nov 13	SandTrap: Securing JavaScript-driven Trigger-Action Platforms	Andrei Sabelfeld (Chalmers University of Technology-Gothenburg, Sweden)
Nov 20	How To Find ML Bugs That Expose Data and Bias Outcomes	Matt Fredrikson (Carnegie Mellon University)
Dec 4	Expanding the Reach of Fuzz Testing	Caroline Lemieux (UC-Berkeley)