| Date: | 2006 Sep 25 |
| Time: | Refreshments 1:30, talk starts at 1:45 |
| Location: | NSH 3305 |
We continue to grow increasingly dependent on the Web as a source of data, software, and computational and communications services. Unsurprisingly, as a result of this, attackers are focusing on Web-borne threats as a way of reaching their potential victims. For example, modern Web users are exposed to drive-by download attacks, malware piggy-backed on executables, and phishing attacks.
In this talk, I will first present the results of a measurement study whose goal is to quantify the nature and extent of spyware delivered through the Web, either through drive-by downloads or piggy-backed delivery on executables. Our data suggests that spyware is widespread but relatively benign; for example, 1 in 8 executables that we examined contained piggy-backed spyware, but most spyware contains only "annoyances" such as advertising functions.
Following this, I will discuss two different systems that can help protect users against Web-borne threats. The first, called spyproxy, performs on-the-fly analysis of Web content within a virtualized environment, and can detect threats before they have the chance to reach victims. The second, called Tahoma, re-examines the architecture of Web browsers, and introduces the notion of a "Web browser operating system" to isolate Web applications from each other and from the users' desktop.
Steven D. Gribble is an Associate Professor in the University of Washington Department of Computer Science and Engineering. Steve joined the department in November of 2000, after receiving his Ph.D. from UC Berkeley under Professor Eric Brewer. Steve's research interests include the design and operation of robust, scalable Internet infrastructure and services, the measurement and design of wide-scale distributed systems, virtual machine monitor architectures and applications, and systems security topics such as combating the spyware problem. He received his B.Sc. in Computer Science and Physics from the University of British Columbia, and his M.S. in Computer Science from UC Berkeley. He is an ACM and USENIX member, and was a co-founder of ProxiNet, Inc. (now a division of PumaTech). Steve is a recipient of the Alfred P. Sloan Research Fellowship, the National Science Foundation CAREER Award, and the Torode Family Endowed Career Development Professorship in Computer Science.
Last updated: Mon May 19 15:26:26 EDT 2008 [validate xhtml]