[talks] B Zeller general exam

Melissa M Lawson mml at CS.Princeton.EDU
Fri May 2 13:17:43 EDT 2008

Bill Zeller will present his research seminar/general exam on Monday May 12
at 2PM in Room 402.  The members of his committee are:  Ed Felten (advisor), 
Brian Kernighan, and Andrew Appel.  Everyone is invited to attend his talk, and 
those faculty wishing to remain for the oral exam following are welcome to do so.
His abstract and reading list follow below.


Cross-Site Request Forgery (CSRF) attacks occur when a malicious web site causes a user's
web browser to perform an unwanted action on a trusted site. These attacks have been
called the "sleeping giant" of web-based vulnerabilities, because many sites on the
Internet fail to protect against them and because they have been largely ignored by the
web development and security communities. We present four serious CSRF vulnerabilities we
have discovered on four major sites, including what we believe is the first published
attack involving a financial institution. These vulnerabilities allow an attacker to
transfer money out of user bank accounts, harvest user email addresses, violate user
privacy and compromise user accounts. We recommend server-side changes (which we have
implemented) that are able to completely protect a site from CSRF attacks. We also
describe the features a server-side solution should have (the lack of which has caused
CSRF protections to unnecessarily break typical web browsing behavior). Additionally, we
have implemented a client-side browser plugin that can protect users from certain types of
CSRF attacks even if a site has not taken steps to protect itself.

    - Practical Cryptography: Ferguson, Schneier
    - Security Engineering: Anderson

    - [Anupam, Mayer] Security of Web Browser Scripting Languages: Vulnerabilities,
Attacks, and Remedies

   - [Fu, Sit, Smith, Feamster] Dos and Don'ts of Client Authentication on the Web

   - [Krannig] Towards Web Security Using PLASMA

   - [Moore, Voelker, Savage] Inferring Internet Denial-of-Service Activity

   - [Huang, Yu, Christian Hang, Tsai, Lee, Kuo] Securing Web Application Code by Static
Analysis and Runtime Protection

   - [Bortz, Boneh, Nandy] Exposing Private Information by Timing Web Applications

   - [Boyd, Keromytis] SQLrand: Preventing SQL Injection Attacks

   - [Chou, Ledesma, Teraguchi, Boneh, Mitchell] Client-side defense against web-based
identity theft

   - [Xie, Aiken] Static Detection of Security Vulnerabilities in Scripting Languages

   - [Vogt, Nentwich, Jovanovic, Kirda, Kruegel, Vigna]  Cross-Site Scripting Prevention
with Dynamic Data Tainting and Static Analysis

   - [Ye, Smith] Trusted Paths for Browsers

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cs.princeton.edu/pipermail/talks/attachments/20080502/af414854/attachment.html>

More information about the talks mailing list