[talks] B Zeller general exam
Melissa M Lawson
mml at CS.Princeton.EDU
Fri May 2 13:17:43 EDT 2008
Bill Zeller will present his research seminar/general exam on Monday May 12
at 2PM in Room 402. The members of his committee are: Ed Felten (advisor),
Brian Kernighan, and Andrew Appel. Everyone is invited to attend his talk, and
those faculty wishing to remain for the oral exam following are welcome to do so.
His abstract and reading list follow below.
---------------------------------------
Abstract:
Cross-Site Request Forgery (CSRF) attacks occur when a malicious web site causes a user's
web browser to perform an unwanted action on a trusted site. These attacks have been
called the "sleeping giant" of web-based vulnerabilities, because many sites on the
Internet fail to protect against them and because they have been largely ignored by the
web development and security communities. We present four serious CSRF vulnerabilities we
have discovered on four major sites, including what we believe is the first published
attack involving a financial institution. These vulnerabilities allow an attacker to
transfer money out of user bank accounts, harvest user email addresses, violate user
privacy and compromise user accounts. We recommend server-side changes (which we have
implemented) that are able to completely protect a site from CSRF attacks. We also
describe the features a server-side solution should have (the lack of which has caused
CSRF protections to unnecessarily break typical web browsing behavior). Additionally, we
have implemented a client-side browser plugin that can protect users from certain types of
CSRF attacks even if a site has not taken steps to protect itself.
Books:
- Practical Cryptography: Ferguson, Schneier
- Security Engineering: Anderson
Papers
- [Anupam, Mayer] Security of Web Browser Scripting Languages: Vulnerabilities,
Attacks, and Remedies
http://delivery.acm.org/10.1145/1270000/1267564/p15-anupam.pdf?key1=1267564
<http://delivery.acm.org/10.1145/1270000/1267564/p15-anupam.pdf?key1=1267564&key2=75597540
21&coll=GUIDE&dl=GUIDE&CFID=57632849&CFTOKEN=53175682>
&key2=7559754021&coll=GUIDE&dl=GUIDE&CFID=57632849&CFTOKEN=53175682
- [Fu, Sit, Smith, Feamster] Dos and Don'ts of Client Authentication on the Web
http://pdos.csail.mit.edu/papers/webauth:sec10.pdf
- [Krannig] Towards Web Security Using PLASMA
http://delivery.acm.org/10.1145/1270000/1267563/p14-krannig.pdf?key1=1267563
<http://delivery.acm.org/10.1145/1270000/1267563/p14-krannig.pdf?key1=1267563&key2=0389754
021&coll=GUIDE&dl=GUIDE&CFID=57633385&CFTOKEN=26863737>
&key2=0389754021&coll=GUIDE&dl=GUIDE&CFID=57633385&CFTOKEN=26863737
- [Moore, Voelker, Savage] Inferring Internet Denial-of-Service Activity
http://www.caida.org/publications/papers/2001/BackScatter/usenixsecurity01.pdf
- [Huang, Yu, Christian Hang, Tsai, Lee, Kuo] Securing Web Application Code by Static
Analysis and Runtime Protection
http://www.cs.ucsb.edu/~yuf/paper/WWW04.pdf
<http://www.cs.ucsb.edu/%7Eyuf/paper/WWW04.pdf>
- [Bortz, Boneh, Nandy] Exposing Private Information by Timing Web Applications
http://crypto.stanford.edu/~abortz/papers/timingweb.pdf
<http://crypto.stanford.edu/%7Eabortz/papers/timingweb.pdf>
- [Boyd, Keromytis] SQLrand: Preventing SQL Injection Attacks
http://www1.cs.columbia.edu/~angelos/Papers/sqlrand.pdf
<http://www1.cs.columbia.edu/%7Eangelos/Papers/sqlrand.pdf>
- [Chou, Ledesma, Teraguchi, Boneh, Mitchell] Client-side defense against web-based
identity theft
http://crypto.stanford.edu/SpoofGuard/webspoof.pdf
- [Xie, Aiken] Static Detection of Security Vulnerabilities in Scripting Languages
http://theory.stanford.edu/~aiken/publications/papers/usenix06.pdf
<http://theory.stanford.edu/%7Eaiken/publications/papers/usenix06.pdf>
- [Vogt, Nentwich, Jovanovic, Kirda, Kruegel, Vigna] Cross-Site Scripting Prevention
with Dynamic Data Tainting and Static Analysis
http://www.seclab.tuwien.ac.at/papers/xss_prevention.pdf
- [Ye, Smith] Trusted Paths for Browsers
http://delivery.acm.org/10.1145/1070000/1065546/p153-ye.pdf?key1=1065546
<http://delivery.acm.org/10.1145/1070000/1065546/p153-ye.pdf?key1=1065546&key2=3080854021&
coll=GUIDE&dl=GUIDE&CFID=57635236&CFTOKEN=42774008>
&key2=3080854021&coll=GUIDE&dl=GUIDE&CFID=57635236&CFTOKEN=42774008
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cs.princeton.edu/pipermail/talks/attachments/20080502/af414854/attachment.html>
More information about the talks
mailing list