[talks] B Zeller general exam

Melissa M Lawson mml at CS.Princeton.EDU
Fri May 2 13:17:43 EDT 2008 

Bill Zeller will present his research seminar/general exam on Monday May 12
at 2PM in Room 402.  The members of his committee are:  Ed Felten (advisor), 
Brian Kernighan, and Andrew Appel.  Everyone is invited to attend his talk, and 
those faculty wishing to remain for the oral exam following are welcome to do so.
His abstract and reading list follow below.
---------------------------------------

Abstract:

Cross-Site Request Forgery (CSRF) attacks occur when a malicious web site causes a user's
web browser to perform an unwanted action on a trusted site. These attacks have been
called the "sleeping giant" of web-based vulnerabilities, because many sites on the
Internet fail to protect against them and because they have been largely ignored by the
web development and security communities. We present four serious CSRF vulnerabilities we
have discovered on four major sites, including what we believe is the first published
attack involving a financial institution. These vulnerabilities allow an attacker to
transfer money out of user bank accounts, harvest user email addresses, violate user
privacy and compromise user accounts. We recommend server-side changes (which we have
implemented) that are able to completely protect a site from CSRF attacks. We also
describe the features a server-side solution should have (the lack of which has caused
CSRF protections to unnecessarily break typical web browsing behavior). Additionally, we
have implemented a client-side browser plugin that can protect users from certain types of
CSRF attacks even if a site has not taken steps to protect itself.

Books:
    - Practical Cryptography: Ferguson, Schneier
    - Security Engineering: Anderson

Papers
    - [Anupam, Mayer] Security of Web Browser Scripting Languages: Vulnerabilities,
Attacks, and Remedies
      http://delivery.acm.org/10.1145/1270000/1267564/p15-anupam.pdf?key1=1267564
<http://delivery.acm.org/10.1145/1270000/1267564/p15-anupam.pdf?key1=1267564&key2=75597540
21&coll=GUIDE&dl=GUIDE&CFID=57632849&CFTOKEN=53175682>
&key2=7559754021&coll=GUIDE&dl=GUIDE&CFID=57632849&CFTOKEN=53175682

   - [Fu, Sit, Smith, Feamster] Dos and Don'ts of Client Authentication on the Web
     http://pdos.csail.mit.edu/papers/webauth:sec10.pdf    

   - [Krannig] Towards Web Security Using PLASMA
     http://delivery.acm.org/10.1145/1270000/1267563/p14-krannig.pdf?key1=1267563
<http://delivery.acm.org/10.1145/1270000/1267563/p14-krannig.pdf?key1=1267563&key2=0389754
021&coll=GUIDE&dl=GUIDE&CFID=57633385&CFTOKEN=26863737>
&key2=0389754021&coll=GUIDE&dl=GUIDE&CFID=57633385&CFTOKEN=26863737

   - [Moore, Voelker, Savage] Inferring Internet Denial-of-Service Activity
     http://www.caida.org/publications/papers/2001/BackScatter/usenixsecurity01.pdf

   - [Huang, Yu, Christian Hang, Tsai, Lee, Kuo] Securing Web Application Code by Static
Analysis and Runtime Protection
     http://www.cs.ucsb.edu/~yuf/paper/WWW04.pdf
<http://www.cs.ucsb.edu/%7Eyuf/paper/WWW04.pdf> 

   - [Bortz, Boneh, Nandy] Exposing Private Information by Timing Web Applications
     http://crypto.stanford.edu/~abortz/papers/timingweb.pdf
<http://crypto.stanford.edu/%7Eabortz/papers/timingweb.pdf> 

   - [Boyd, Keromytis] SQLrand: Preventing SQL Injection Attacks
     http://www1.cs.columbia.edu/~angelos/Papers/sqlrand.pdf
<http://www1.cs.columbia.edu/%7Eangelos/Papers/sqlrand.pdf> 

   - [Chou, Ledesma, Teraguchi, Boneh, Mitchell] Client-side defense against web-based
identity theft
     http://crypto.stanford.edu/SpoofGuard/webspoof.pdf

   - [Xie, Aiken] Static Detection of Security Vulnerabilities in Scripting Languages
     http://theory.stanford.edu/~aiken/publications/papers/usenix06.pdf
<http://theory.stanford.edu/%7Eaiken/publications/papers/usenix06.pdf> 

   - [Vogt, Nentwich, Jovanovic, Kirda, Kruegel, Vigna]  Cross-Site Scripting Prevention
with Dynamic Data Tainting and Static Analysis
     http://www.seclab.tuwien.ac.at/papers/xss_prevention.pdf

   - [Ye, Smith] Trusted Paths for Browsers
     http://delivery.acm.org/10.1145/1070000/1065546/p153-ye.pdf?key1=1065546
<http://delivery.acm.org/10.1145/1070000/1065546/p153-ye.pdf?key1=1065546&key2=3080854021&
coll=GUIDE&dl=GUIDE&CFID=57635236&CFTOKEN=42774008>
&key2=3080854021&coll=GUIDE&dl=GUIDE&CFID=57635236&CFTOKEN=42774008

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cs.princeton.edu/pipermail/talks/attachments/20080502/af414854/attachment.html>

More information about the talks mailing list