Building on Top of Shifting Sands: Web Security Through the Lens of Content Integrity
Event Description
Abstract: In this talk, we take a step back and argue that many varied and seemingly unrelated attacks on the web are actually symptoms of one deeper problem that has existed since the web's inception. Whether it is attacks due to expired domain names, cloaking done by malicious websites, malvertising, or even our growing distrust of the news can be largely attributed back to the issue of stateless linking. Stateless linking refers to the absence of any integrity guarantees between the time that a link for a remote resource was created, to a future time when this link is resolved by web clients. We draw on 10+ years of research to demonstrate how stateless linking and the resulting lack of content integrity is the true culprit for many of our past, current, and likely future web problems. Successfully tackling this one really challenging problem, has the potential of solving many of our web woes.
Bio: Nick Nikiforakis is affiliated with the National Security Institute. He received his PhD in Computer Science from KU Leuven in Belgium. He received his MSc, in Parallel and Distributed Systems and BSc in Computer Science from the University of Crete, Greece. His research focuses on web security and privacy, software security, and intrusion detection.
Location: NCS 120
Bio: Nick Nikiforakis is affiliated with the National Security Institute. He received his PhD in Computer Science from KU Leuven in Belgium. He received his MSc, in Parallel and Distributed Systems and BSc in Computer Science from the University of Crete, Greece. His research focuses on web security and privacy, software security, and intrusion detection.
Location: NCS 120
