Episodes

  • Think Security, Write Security

    Think Security, Write Security
    Dec 28 2024
    Listen to this interview of Nicholas Boucher, PhD, Department of Computer Science and Technology, Cambridge University, UK. We talk about his coauthored paper Bad Characters: Imperceptible NLP Attacks (SP 2022) — and check out, too, Nicholas's presentation of the paper here. Nicholas Boucher: "Maybe what is interesting about the security domain is that, oftentimes, in these attack papers, you start with a hypothesis, but it's an hypothesis already informed by some result you've observed in the wild — so, you've seen some sort of system — or, to be concrete, in our case, we saw people switching between alphabets on keyboards, and that enabled us to notice how such an action could interact with the language models quickly growing in popularity — and it is at that point that a security researcher will say, 'Wow, I have something here. I know that this is a vulnerability.' But then the questioning begins, like, how to frame the vulnerability, that is, how to turn one specific example (which the researcher has a strong feeling really is a vulnerability) and uplevel it to something larger. Because that is when, in my opinion, the researcher's starting to ask very fruitful questions." Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show more Show less
    41 mins
  • Your Community Use Their Own Language to Publish — Learn it!

    Your Community Use Their Own Language to Publish — Learn it!
    Dec 28 2024
    Listen to this interview of Floris Gorter, PhD student, and Cristiano Giuffrida, Associate Professor — both at Vrije Universiteit Amsterdam, Netherlands. We talk about their coauthored paper Sticky Tags: Efficient and Deterministic Spatial Memory Error Mitigation using Persistent Memory Tags (SP 2024). Cristiano Giuffrida : "But apart from applying for positions on PCs, early-career researchers can also learn the linguistic norms of their community by reading. Good researchers just read a lot of papers — papers from across their broader communities, and especially papers from the top venues where the communities publish. Because by doing that, you learn the language — you start seeing and understanding the patterns in communication. Like, 'Oh, people write the Introduction like this' — you know, there's a problem statement, and there's emphasis placed on this and that, and there are certain keywords that convey certain drifts. So, you begin picking up the language." Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show more Show less
    42 mins
  • All of a Paper is Research, but All of the Research is not the Paper

    All of a Paper is Research, but All of the Research is not the Paper
    Dec 25 2024
    Listen to this interview of Alfonso de la Vega, Assistant Professor, Software Engineering and Real-Time Group, University of Cantabria, Spain. We talk about his coauthored paper FLEXMI: a generic and modular textual syntax for domain-specific modelling (SOSYM 2023). Alfonso de la Vega : "Yeah, we never really get the whole story in just the paper that presents the tool. There is so much work behind that — getting software that's good enough and also valid, so that it supports a research article, and then from there, to get to the point where the software is used in industry (as Epsilon is used) — that takes a lot of added work, a lot of cross-institute collaboration, a lot of dedication." Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show more Show less
    46 mins
  • Topnotch Will Out — When You Persist and See It Through

    Topnotch Will Out — When You Persist and See It Through
    Dec 21 2024
    Listen to this interview of Amir Mir, PhD candidate, Delft University of Technology, Netherlands; and of Sebastian Proksch, Assistant Professor, Delft University of Technology, Netherlands; and also of Georgios Gousios, Head of Research, Endor Labs. We talk about their coauthored paper Type4Py: Practical Deep Similarity Learning-Based Type Inference for Python (ICSE 2022). Georgios Gousios : "Yes, we submitted and resubmitted this paper many times, but before people think this is a case of paper engineering — you know, increasing publication chances by satisfying reviewers — the truth of the matter is that the actual core content of this paper was and is topnotch — and that's not something you see with all papers. I mean, I myself have written papers that were good, sure, but not near as novel as this one, Type4Py. So, in order to get to ICSE, like we have here, the core content needs to be great, and only then, on top of that, can you begin to massage the message and so on." Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show more Show less
    42 mins
  • Researchers Influence Research — Research Influences Communication — Communication Influences Researchers

    Researchers Influence Research — Research Influences Communication — Communication Influences Researchers
    Dec 16 2024
    Listen to this interview of Mathé Hertogh, PhD student, and Cristiano Giuffrida, Associate Professor — both in the Department of Computer Science, Vrije Universiteit Amsterdam, Netherlands. We talk about their coauthored paper Leaky Address Masking: Exploiting Unmasked Spectre Gadgets with Noncanonical Address Translation (SP 2024). Cristiano Giuffrida : "In security research and AI research — in fact, in AI it's happening even more — there are so many groups, so many researchers working on similar problems, that as a result, we have a lot of papers — a lot of papers being submitting and published at the venues, a lot of papers being constantly put online, for example, on arXiv — so that, all in all, the pressure on researchers to keep up is very high — we just need to read more and more and more papers. So, in answer to this, there is also a growing trend in the writing in papers, and this is, to ensure that the reader can get the maximum amount of information in as little time as possible." Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show more Show less
    44 mins
  • Research Culture /ˈriːsɜːrtʃ kʌltʃər/, Noun. Knowledge as the Act of Knowing Too

    Research Culture /ˈriːsɜːrtʃ kʌltʃər/, Noun. Knowledge as the Act of Knowing Too
    Dec 15 2024
    Listen to this interview of Bran Selic, President and Founder, Malina Software Corporation, Canada. We talk about publishing at ECMFA — that is, at the European Conference on Modelling Foundations and Applications. Bran Selic : "My experience in both industry and academia has taught me that most innovation actually comes from industry, because industry practitioners live in a competitive environment: it's, advance the state-of-the-art, or die. This forces practitioners to innovate in very pragmatic ways, meaning, to innovate with their products and in their domains. So, that is why I see the role of conferences like ECMFA as serving as a place where researchers can explore how innovations might be generalized, systematized, and ultimately, more clearly understood." Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show more Show less
    54 mins
  • Diversify Your Publishing Portfolio: An Interview with Tim Menzies

    Diversify Your Publishing Portfolio: An Interview with Tim Menzies
    Dec 13 2024
    Listen to this interview of Tim Menzies, Editor in Chief, Automated Software Engineering, and also, Full Professor, Computer Science, North Carolina State University. We talk about academic venues that target an industry audience, and we talk about one of his papers at just such a venue, Shockingly Simple: "Keys" for Better AI for SE (SW 2021). Tim Menzies : "Researchers in SE should study their profession and their venues as much as they study their research. There are linguistic conventions in how we represent ideas — and you can present the same ideas, the same challenges, the same results in different formats so that these are acceptable to different audiences. The point is, you’re allowed to say what you want to say — only, you need to pay that forum the courtesy of studying how they speak and understand things." Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show more Show less
    41 mins
  • Arrive at the New by Revisiting the Old

    Arrive at the New by Revisiting the Old
    Dec 9 2024
    Listen to this interview of Soheil Khodayari, researcher at CISPA, and Giancarlo Pellegrino, faculty also at CISPA — the Helmholtz Center for Information Security, Germany. We talk about their coauthored paper The Great Request Robbery: An Empirical Study of Client-side Request Hijacking Vulnerabilities on the Web (SP 2024). Giancarlo Pellegrino : "One the challenges here we certainly discussed a lot was, How do we tell our reader what's new in this work? And so, for example, in section 9, our discussion and conclusion — we begin at the current state, that is, at the things our reader knows right now, before our paper has become part of common knowledge. Well, in our case, that knowledge was client-side CSFR, because it was that only instance of request hijacking really known of, and so we begin there." Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show more Show less
    43 mins