PhD Thesis Defense: Understanding Issues of Misplaced Trust on the Internet
Title: Understanding Issues of Misplaced Trust on the Internet
Speaker: Tobias Lauinger, PhD Candidate, College of Computer and Information Science at Northeastern University
Location: Northeastern University, 805 Columbus Avenue, Interdisciplinary Science and Engineering Complex (ISEC), 1st Floor, Room #136, Boston, Massachusetts 02120
Incorrect security assumptions and misplaced trust are common on the Internet. When web developers place a link to an external site, for example, they typically do not expect ownership (and contents) of that site to change. However, around 1.7% of all registered .com domains are deleted every month, and many of them are re-registered by a new owner.
Violations of security assumptions can enable attacks with severe consequences. Therefore, it is critical to quantify how often security assumptions or best practices are violated in order to understand the extent of the threat. Furthermore, visibility into the underlying reasons can help devise more effective and efficient countermeasures.
In both areas, instead of focusing on a single, specific type of attack, Lauinger will propose to measure at a higher level of abstraction that captures issues related to misplaced trust and violated assumptions in a more general way. The preliminary results indicate that such measurements can help better understand what drives these issues, and ultimately inform more targeted remediation efforts.
About the Speaker
Tobias Lauinger is a PhD student at Northeastern University with an interest in Internet-scale measurements of everything security, and beyond.
Professor Engin Kirda, Professor, Interdisciplinary with the College of Computer and Information Science (CCIS) and College of Engineering (COE) at Northeastern University (Advisor)
Professor William Robertson, Associate Professor, Interdisciplinary with the College of Computer and Information Science (CCIS) and College of Engineering (COE) at Northeastern University
Professor Christo Wilson, Assistant Professor, Director of Bachelor of Science in Cybersecurity Program, College of Computer and Information Science (CCIS) at Northeastern University
Professor Damon McCoy, Assistant Professor, Tandon School of Engineering at New York University
Friday, September 8, 2017 at 2:00pm