Show simple item record

dc.contributor.authorNikiforakis, Nick
dc.date.accessioned2017-10-02T15:40:22Z
dc.date.available2017-10-02T15:40:22Z
dc.date.issued2017-09-22
dc.identifier.urihttp://hdl.handle.net/1853/58812
dc.descriptionPresented on September 22, 2017 at 12:00 p.m. in the Pettit Microelectronics Research CEnter, ROom 102A/B.en_US
dc.descriptionNick Nikiforakis is an assistant professor in the Department of Computer Science at Stony Brook University. He is the director of the PragSec lab where students conduct research in all aspects of pragmatic security and privacy including web tracking, mobile security, DNS abuse, social engineering, and cyber crime.en_US
dc.descriptionRuntime: 59:07 minutesen_US
dc.description.abstractThe modern web, as users experience it, bears little resemblance to the original world wide web invented by Tim Berners-Lee. Static, stateless, HTML pages with text and the occasional pixelated images gave way to dynamic, stateful, TLS-protected Web 2.0 pages where the expressiveness of JavaScript and the ever expansion of HTML5 APIs enable users to spend the vast majority of their time within a browser, with little need for traditional installed applications. As we keep on adding new features to modern browsers we are also invariably increasing their attack surface. In this talk, we are going to present three recent results of our group on the security and privacy of modern web browsers. On the security front, we will discuss the idiosyncrasies of mobile web browsers and show that they are vulnerable to attacks that were never an issue on traditional desktop platforms. We will present the results of analyzing over 2,000 versions of mobile browsers, spanning five years and 128 browser families, and show that mobile browsers are becoming more vulnerable to certain classes of attacks with each passing year. On the privacy front, we focus on the extension systems of modern browsers and show that browser extensions can be abused to fingerprint users against their will and identify their socioeconomic status and political inclinations. Finally, we will present our analysis of PII-leaking extensions, where we find that popular browser extensions, whether on purpose or by accident, leak a user's browsing-history to multiple third-party servers.en_US
dc.format.extent59:07 minutes
dc.language.isoen_USen_US
dc.publisherGeorgia Institute of Technologyen_US
dc.relation.ispartofseriesCybersecurity Lecture Seriesen_US
dc.subjectModern web browsersen_US
dc.subjectPrivacyen_US
dc.subjectSecurityen_US
dc.titleSecurity and Privacy Issues of Modern Web Browsersen_US
dc.typeLectureen_US
dc.typeVideoen_US
dc.contributor.corporatenameGeorgia Institute of Technology. Institute for Information Security & Privacyen_US
dc.contributor.corporatenameStony Brook University. Dept. of Computer Scienceen_US


Files in this item

This item appears in the following Collection(s)

Show simple item record