First ACM Workshop for Women in Cybersecurity (Affiliated with ACM CCS 2017). Dallas, Texas. 30 October 2017. [SpeakerDeck]Adversarial Machine Learning: Are We Playing the Wrong Game?
CISPA Distinguished Lecture. Center for IT-Security, Privacy and Accountability, Universität des Saarlandes, Saarbrücken, Germany. 10 July 2017. [SpeakerDeck]Secure Multi-Party Computation: Promises, Protocols, and Practicalities
ECRYPT NET Workshop on Crypto for the Cloud & Implementation, Paris, France, 27 June 2017. [SpeakerDeck]Adversarial Machine Learning: Are We Playing the Wrong Game?
International Computer Science Institute, Berkeley, CA, 8 June 2017. [Speaker Deck] [EvadeML]Classifiers Under Attack
USENIX Enigma 2017, Oakland, CA, 1 February 2017. [Speaker Deck] [Video] [EvadeML]
Cybersecurity Awareness at UVA, Commonwealth Room, 7 December 2017. [Speaker Deck]Classifiers Under Attack
O'Reilly Security 2016, New York City, 2 November 2016. [Speaker Deck] [Video]Demystifying the Blockchain Hype
#hashtagzero Meetup, Willow Tree Apps, Charlottesville, VA, 25 October 2016. [Speaker Deck]Private Data Analysis using Multi-Party Computation
Federal Trade Commission (joint presentation with Denis Nekipelov), 18 August, 2016Memory for Data Oblivious Computation
ShanghaiTech Symposium, 25 June 2016. [Speaker Deck]From Mercury Delay Lines to Magnetic Core Memories: Progress in Oblivious Memories
Workshop on Theory and Practice of Secure Multiparty Computation, Aarhus University, Denmark. 1 June 2016. [Speaker Deck]Garbling Techniques and Data-Oblivious Data
Tutorials at Summer School on Secure and Oblivious Computation and Outsourcing, Notre Dame, Indiana. 9-10 May 2016.
DC-Area Crypto Day, Johns Hopkins University, 30 October 2015.How to Live in Paradise
Advice for Prospective, New, and Disgruntled Faculty, USENIX Security 2015 Doctoral Colloquium, Washington DC, 13 August 2015. [Slideshare] (mostly a reprise of the 2014 talk.Multi-Party Computation for the Masses
CROSSING Conference (Where Quantum Physics, Cryptography, System Security and Software Engineering Meet), Darmstadt, Germany, 1 June 2015. [Slideshare]
Hacker School (eBay's office), New York, 13 October 2014.How to Live in Paradise
Oysters of Advice for New and Disgruntled Faculty, USENIX Security 2014 Doctoral Colloquium (Keynote Talk), San Diego, 21 August 2014. [Slideshare]Multi-Party Computation in 2029: Boom, Bust, or Bonanza?
Applied Multi-Party Computation (Keynote Talk), Microsoft Research Redmond, 21 February 2014. [Slideshare] [Movahedi and Zamani] [MPC Lounge]
Tech-Connect, Harrison-Small Auditorium, University of Virginia, 1 May 2013. [Slides: PDF, PPSX, SlideShare] [UVaToday Article]Scaling Secure Computation
Distinguished Speaker, Oregon Computer Security Day, Eugene, Oregon, 5 April 2013. [Slides: PDF, PPTS, SlideShare]
Math Colloquium Series, University of Richmond. 30 January 2012. [Abstract] [Slides: PDF, PPTX, SlideShare]
Keynote Talk at Seventh International Conference on Information Systems Security (ICISS), Jadavpur University, Kolkata, India. 17 December 2011. [Slides: PPTX, PDF]Meta Talk: How to Give a Talk So Good You'll Be Asked to Give Talks About Nothing Research in Security and Privacy A Research Agenda for Scientific Foundations of Security
Panel presentation for NITRD Federal Cyber-Security Research event organized at Oakland 2011. 25 May 2011, Berkeley CA. [PPTX, PDF]What Every Biologist, Chemist, and Poet Should Know about Computer Science
UVa CompBio Seminar, 25 April 2011. [PPTX, PDF]Practical Cryptographic Secure Computation Secure Computation in the Real(ish) World Computing Without Exposing Data Security and Privacy
Opening Remarks [PPTX, PDF]Next Steps Towards a Science of Security
Business Meeting [PPTX, PDF]
31st IEEE Symposium on Security and Privacy, Berkeley, CA, 16-19 May 2010.
Program Committee Meeting [PPTX]. Charlottesville, VA, 28-29 January 2010.
IARPA Visit, 11 January 2010.
In-Service Day talk to Jefferson-Madison Regional Library, Charlottesville Doubletree, 11 November 2009. [PDF] [PPTX] [Pictures]Understanding and Mitigating Supply Chain Risks for Computing and Communications (or: Who's Driving Your Missiles?)
Defense Science Study Group Think Piece Presentation. Alexandria, VA. October 2009. [PPTX]
Summary of the NSF/IARPA/NSA Workshop on the Science of Security, INFOSEC Research Council, Alexandria, VA. 16 July 2009. [PPTX]
Tapestry 2009 Workshop (for high school computing teachers), University of Virginia, 15 July 2009 [PDF] [PPTX]Thwarting Malware and UI Redressing Attacks with Verifiable User Actions
University of Washington Security Seminar, Seattle, WA, 1 May 2009 [PDF] [PPS, 19MB]
(Earlier versions of this talk were presented at Microsoft Research and a Dagstuhl Workshop in March and April 2009.)
UVa cs290 Seminar Talk, 21 February 2008.
Security and Privacy Applied Research Seminar at Johns Hopkins University, Baltimore, Maryland, 17 October 2007.
Talk to first year graduate students, 17 September 2007.Turing Machines, Busy Beavers, and Big Questions about Computing [PPT] [PDF]
Talk to College Science Scholars, 12 September 2007. (Partly inspired by Scott Aaronson's essay Who Can Name the Bigger Number?.)Disk-Level Behavioral Virus Detection [PPT] [PDF]
Seminar at North Carolina State University, Raleigh, North Carolina, 5 March 2007.Meta Talk: How to Give a Talk So Good There Will Be Pizza Left for You [PPT] [PDF] [Notes]
Talk to University of Virginia Theory Lunch, 25 January 2007.
Talk to League of Women Voters of Montgomery County, Virginia, Blacksburg Town Hall (also broadcast on local television), 15 November 2006. [Roanoke Times story]Curing Cancer with your Cell Phone: Why All Sciences Are Becoming Computing Sciences [PPT] [PDF]
Talk to College Science Scholars, 6 September 2006.N-Variant Systems: A Secretless Framework for Security through Diversity [PPT, PDF]
Seminar talk at Beijing Institute of Technology, 30 May 2006.N-Variant Systems: A Secretless Framework for Security through Diversity [PPT, PDF]
Seminar talk at Institute of Software, Chinese Academy of Sciences, Beijing, 29 May 2006.Inculcating Invariants in Introductory Courses [PPT, PDF]
Conference talk in ICSE Education Track. Shanghai, 24 May 2006. (Slides include some pictures of Shanghai.)Promising Breaks and Breaking Promises: Program Analysis in Theory and Practice [PPT, PDF]
90-minute class at SDWest 2006, 17 March 2006. Incoporates slides from a talk by Jinlin Yang.Cryptography in World War II
Four general-audience talks on cryptography, centered around code-breaking efforts during World War II. Taught as a course for the Jefferson Institute for Lifelong Learning, February-March 2006.
Colloquim at University of Texas at San Antonio, 4 October 2005.Polygraphing Processes: N-Variant Systems for Secretless Security [PPT]
DARPA SRS PIs Meeting, Alexandria, VA. 12 July 2005.Stealing Secrets and Secretless Security Structures [PPT]
Colloquim at Harvard University. 27 June 2005.Security Through Diversity [PPT]
Colloquim at MIT CSAIL. 23 June 2005.Monte Carlo Techniques for Secure Localization [PPT]
ARO Workshop on Localization in Wireless Sensor Networks. Seattle, Washington. 14 June 2005.Where's the FEEB?: The Effectiveness of Instruction Set Randomization [PPT]
Invited CERIAS Seminar at Purdue University, Indiana. 9 March 2005.Static/Dynamic Analysis: Past, Present and Future [PPT]
Panel presentation at SRI Workshop on the Verification Grand Challenge, Menlo Park, California. 22 February 2005.Where's the FEEB?: Effectiveness of Instruction Set Randomization [PPT]
Presentation at DARPA SRS PI's meeting, Alexandria, VA. 27 January 2005.
Seminar on Applications of Mathematics, UVa Institute of Mathematical Science. 2 December 2004Automatically Inferring Temporal Properties for Program Evolution [PPT] (Jinlin Yang and David Evans)
Conference talk at 15th IEEE International Symposium on Software Reliability Engineering (ISSRE 2004). 5 November 2004.Localization for Mobile Sensor Networks [PPT] (Lingxuan Hu and David Evans)
Conference talk at Tenth Annual International Conference on Mobile Computing and Networking (ACM MobiCom 2004). 28 September 2004.Wireless Security in the Real World: Using Physical Properties to Mitigate Wormhole Attacks [PPT]
Invited seminar talk at University of Delaware SIGNET Seminar, 15 September 2004.What Biology Can (and Can't) Teach Us About Security [PPT] [PDF]
Invited talk at USENIX Security Symposium, San Diego, August 12, 2004.Dynamically Inferring Temporal Properties [PPT] (Jinlin Yang and David Evans)
Jinlin Yang's talk at ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE 2004), Washington, DC 7 June 2004.1001 Things Every Self-Respecting Computer Scientist Should Know [PPT] [Notes]
Senior Seminar (CS 390) talk, 14 April 2004.Introduction to Static Analysis [PPT]
Guest lecture for CS340: Advanced Software Development Methods, 1 March 2004.Finding Security Vulnerabilities Before Evildoers Do [SXI (OpenOffice), PPT]
Invited talk at Conferencia Internacional de Software Libre, Malaga, Spain, 20 February 2004.Using Directional Antennas to Prevent Wormhole Attacks (Lingxuan Hu and David Evans) [PPT]
Conference paper presentation at Network and Distributed System Security Symposium, San Diego, 6 February 2004.
Seminar talk for UVa's Communications, Controls, and Signal Processing Seminar, 8 December, 2003.Privacy Grand Challenge [PPT]
Short talk at CRA Grand Challenges in Information Security & Assurance Conference, Airlie, Virginia, 18 November 2003.What Biology Can Teach Us About Security [PPT (warning: 35MB)]
Invited talk at Johns Hopkins University Information Security Institute, 14 November 2003.1000 Things Every Self-Respecting Computer Scientist Should Know [PPT] [Notes]
University of Richmond, 10 November 2003.Computer Science [PPT]
Talk to Rodman Scholars (1st year students) intriducing Computer Science, 15 October 2003.Robin Hood and the 40 Million Thieves [PPT]
Talk on File Sharing for UVa Pugwash Meeting, 6 October 2003.CS696: The Bugs and the Bees: Research in Programming Languages and Security [PPT]
Research overview talk for graduate orientation seminar, 1 October 2003.Static Analysis [PPT]
Guest lecture for CS551/651 Dependable Computing, 25 September 2003.Biological Programming Models for Intrusion-Tolerant Systems [PPT (warning 18MB)]
Invited presentation at Workshop on Statistical and Machine Learning Techniques in Computer Intrusion Detection, George Mason University (Fairfax, VA), 24 September 2003.Biological Programming Models for Robustness and Scalability [PPT (warning: 9MB)]
Panel presentation for Dynamic Data-Driven Application Systems (DDAS) Panel at ACM International Conference on Supercomputing, San Francisco, 23 June 2003.Programming the Way Biology Programs [PPT]
Panel presentation for NSF Advanced Computation Inspired by Biological Processes Conference, Arlington, VA, 7 April 2003.1001 Things Every Self-Respecting Computer Scientist Should Know [PPT] [Notes]
Senior Seminar (CS 390) talk, March 2003.Secure Aggregation for Wireless Networks (Lingxuan Hu and David Evans) [PPT]
Workshop on Security and Assurance for Ad hoc Wireless Networks, Orlando, 28 January 2003.Securing Bits with Atoms (and Vices with Verses) [PPT, PDF]
Short talk in "Outrageous Ideas" session at DIMACS Workshop on Software Security, 6-7 January 2003.
Talk by Selvin George at Workshop on Self-Healing Systems (WOSS 02), 18-19 November 2002.CS696: The Bugs and the Bees: Research in Programming Languages and Security [PPT]
Research overview talk for graduate orientation seminar, 23 September 2002.101 Things Every Computer Scientist Should Know [PPT]
Presentation to incoming graduate students, September 2002.
Short presentation for Computer Science Corporate Partners, 9 November 2001.Swarm Programming: How to Program a MicroNet [PPT] [PDF]
Short presentation to Keck Foundation, 20 September 2001.Encryption: How it works, why it (sometimes) doesn't, and what it can do [PPT] [PDF]
Guest lecture in UVa Law School Cyberlaw course on encryption, 19 September 2001.CS696: The Bugs and the Bees [PPT] [PDF]
Research overview talk for graduate orientation seminar, 17 September 2001.Statically Detecting Likely Buffer Overflow Vulnerabilities (David Larochelle and David Evans) [PPT] [PDF]
David Larochelle's talk at USENIX Security '01 for Statically Detecting Likely Buffer Overflow Vulnerabilities.Extensible Lightweight Static Checking [PPT] [PDF]
Short talk at University of Washington and Microsoft Research Summer Institute on Specifying and Checking Properties of Software, 14 August 2001.CS390: A Smorgasbord of Security, a Smattering of Swarm Programming, and Sampling of Static Checking and a Splash of Web Sites
Senior Seminar (CS 390) talk describing Fourth-Year Thesis Projects I am supervising, 21 March 2001.Why You Should Be Paranoid About What Comes Into and Out Of Your Computer
Engineering Week talk, 21 February 2001.
Research overview talk for graduate orientation seminar, 2 October 2000.Annotation-Assisted Lightweight Static Checking
Talk at The First International Workshop on Automated Program Analysis, Testing and Verification (ICSE 2000). June 2000. (Position Paper)Let's Stop Beating Dead Horses and Start Beating Trojan Horses
Slides from my short presentation in a debate on Proof-Carrying Code with Peter Lee at the Infosec Research Council, Malicious Code Study Group. San Antonio, 13 January 2000.
PowerPoint (8 slides)
Invited talk at Reliable Software Technologies. Summarizes Naccio and LCLint. Sterling, VA, 14 December 1999.Research in Programming Languages and Security
PowerPoint (33 slides)
Talk describing my research program for UVa's graduate orientation seminar.Flexible Policy-Directed Code Safety
PowerPoint (20 slides)
Talk describing Naccio presented at 1999 IEEE Symposium on Security and Privacy. Oakland, California, 10 May 1999.Policy-Directed Code Safety
HTML (18 slides)
Abstract and paper
Seminar describing my thesis work. Versions of this talk were delivered at AT&T Research, Compaq SRC, IBM Yorktown, Lucent Bell Labs, Microsoft Research, UC Davis, UCLA, University of Maryland and University of Virginia in February, March and April 1999.
HTML (32 slides)