Learn how internet browsers can be more secure from malicious attacks in this CIDSE Fall 2017 Invited Talk Seminar Series event hosted by Assistant Professors Adam Doupé and Yan Shoshitaishvili.
Attacking the Browser
Presented by Alexandros Kapravelos, assistant professor, Department of Computer Science, North Carolina State University
Monday, December 4, 2017
Brickyard (BYENG) 209, Tempe campus [map]
The browser has evolved from a simple program that displays static web pages to a continuously changing platform that has become our portal to the internet. The fierce competition among browser vendors has led to a remarkable introduction of features in the past few years. The rapid changes and the high popularity of browsers have attracted attackers, which pose new threats to unsuspecting internet surfers.
Alexandros Kapravelos will focus on recent attacks related to browsers, explore the security implications of browser extensions with malicious intent and discuss how difficult it is to automatically analyze and classify them.
Kapravelos will present Hulk, a dynamic analysis system that detects malicious behavior in browser extensions by monitoring their execution and corresponding network activity.
About the speaker
Alexandros Kapravelos is an assistant professor in the Department of Computer Science at North Carolina State University. He received his doctorate in computer science from the University of California, Santa Barbara in 2015.
His research interests span the areas of systems and software security. Currently he studies how the web changes on the client side via browser extensions and how we can protect the browser from malicious client-side attacks.
He is also interested in internet privacy and browser fingerprinting specifically, where he is working on making internet users less distinctive while they browse the web. He has been the lead developer of Wepawet, a publicly available system that detects drive-by downloads with the use of an emulated browser, Revolver, a system that detects evasive drive-by download attempts, and Hulk, a browser extension analysis system.