[CSEE Talk] talk: Measurement of Vulnerabilities and Design of Usable New Systems, Noon Mon 3/23, ITE325b UMBC

Tim Finin finin at cs.umbc.edu
Fri Mar 13 09:22:55 EDT 2015


	     Computer Science and Electrical Engineering
	       University of Maryland, Baltimore County

	  TOWARDS LARGE-SCALE MEASUREMENT OF VULNERABILITIES
		   AND DESIGN OF USABLE NEW SYSTEMS

			   Prof. Chuan Yue
	       University of Colorado Colorado Springs

	   12:00-1:00 Monday, 23 March 2015, ITE325b, UMBC

Security and privacy vulnerabilities are pervasive in computer and
network systems.  In my research group, we aim to accurately measure
and analyze the vulnerabilities of Web, Cloud, and Mobile systems on a
large scale; we also aim to design usable new systems that provide
better security and privacy protection to millions of users.  In this
talk, I will first present our research on analyzing the
vulnerabilities of popular Web browsers' built-in password managers
and some third-party browser-and-cloud-based password managers.  Next,
I will present a framework for automatic detection of information
leakage vulnerabilities in JavaScript-based browser extensions
including password managers. I will explain why it is very challenging
to accurately and automatically analyze JavaScript-based browser
extensions, justify why our static and dynamic combined approach is
practical and appropriate, and further discuss how we may increase the
capabilities of this framework to automatically measure and analyze
JavaScript related security and privacy vulnerabilities on a large
scale.  Finally, I will discuss some of our current and future
projects on security and privacy research and education, for example,
one project is on measuring users' susceptibility to sophisticated and
highly insidious phishing attacks.

Chuan Yue is an Assistant Professor of Computer Science at the
University of Colorado Colorado Springs. His current research focuses
on Web, Cloud, and Mobile Systems Security and Privacy.  He received
his B.E. and M.E. degrees in Computer Science from Xidian University,
China, in 1996 and 1999, respectively, and his Ph.D. in Computer
Science from the College of William and Mary in 2010.  He worked as a
Member of Technical Staff at Bell Labs China, Lucent Technologies for
four years from 1999 to 2003, mainly on the design and development of
the Web-based Distributed Service Management System for Intelligent
Network.

     -- more information and directions: http://bit.ly/UMBCtalks --


More information about the CSEE-colloquium-out mailing list