[CSEE Talk] talk: Measurement of Vulnerabilities and Design of Usable New Systems, Noon Mon 3/23, ITE325b UMBC
Tim Finin
finin at cs.umbc.edu
Fri Mar 13 09:22:55 EDT 2015
Computer Science and Electrical Engineering
University of Maryland, Baltimore County
TOWARDS LARGE-SCALE MEASUREMENT OF VULNERABILITIES
AND DESIGN OF USABLE NEW SYSTEMS
Prof. Chuan Yue
University of Colorado Colorado Springs
12:00-1:00 Monday, 23 March 2015, ITE325b, UMBC
Security and privacy vulnerabilities are pervasive in computer and
network systems. In my research group, we aim to accurately measure
and analyze the vulnerabilities of Web, Cloud, and Mobile systems on a
large scale; we also aim to design usable new systems that provide
better security and privacy protection to millions of users. In this
talk, I will first present our research on analyzing the
vulnerabilities of popular Web browsers' built-in password managers
and some third-party browser-and-cloud-based password managers. Next,
I will present a framework for automatic detection of information
leakage vulnerabilities in JavaScript-based browser extensions
including password managers. I will explain why it is very challenging
to accurately and automatically analyze JavaScript-based browser
extensions, justify why our static and dynamic combined approach is
practical and appropriate, and further discuss how we may increase the
capabilities of this framework to automatically measure and analyze
JavaScript related security and privacy vulnerabilities on a large
scale. Finally, I will discuss some of our current and future
projects on security and privacy research and education, for example,
one project is on measuring users' susceptibility to sophisticated and
highly insidious phishing attacks.
Chuan Yue is an Assistant Professor of Computer Science at the
University of Colorado Colorado Springs. His current research focuses
on Web, Cloud, and Mobile Systems Security and Privacy. He received
his B.E. and M.E. degrees in Computer Science from Xidian University,
China, in 1996 and 1999, respectively, and his Ph.D. in Computer
Science from the College of William and Mary in 2010. He worked as a
Member of Technical Staff at Bell Labs China, Lucent Technologies for
four years from 1999 to 2003, mainly on the design and development of
the Web-based Distributed Service Management System for Intelligent
Network.
-- more information and directions: http://bit.ly/UMBCtalks --
More information about the CSEE-colloquium-out
mailing list