Quo Vadis? A Look at the Evolution of the Security of Web Applications

Friday, March 15, 2013 - 11:00am - 12:00pm EDT

  • Location:2 MetroTech Center, 10.099
    Brooklyn, NY, US
  • Contact:Nasir Memon
    memon@poly.edu

Speaker: Engin Kirda, Northeastern University


Abstract:

Web applications have become important services in our daily lives. Millions of users use web applications to obtain information, perform \357\254\201nancial transactions, have fun, socialize, and communicate. Unfortunately, web applications are also frequently targeted by attackers. Recent data from SANS institute estimates that up to 60% of Internet attacks target web applications. In this talk, I will talk about some of the web security research we have conducted in the last seven years, and will discuss how input validation \357\254\202aws have evolved in the last decade. In particular, I will discuss empirical experiments that try to determine if developers are more aware of web security problems


Web applications have become important services in our daily lives. Millions of users use web applications to obtain information, perform \357\254\201nancial transactions, have fun, socialize, and communicate. Unfortunately, web applications are also frequently targeted by attackers. Recent data from SANS institute estimates that up to 60% of Internet attacks target web applications. In this talk, I will talk about some of the web security research we have conducted in the last seven years, and will discuss how input validation \357\254\202aws have evolved in the last decade. In particular, I will discuss empirical experiments that try to determine if developers are more aware of web security problems today than they used to be in the past.

Bio:

Engin Kirda is the Sy and Laurie Sternberg Associate Professor of Information Assurance at Northeastern University in Boston. He is also the director of the Northeastern Information Assurance Institute. Before that, he has held faculty positions at Institute Eurecom in the French Riviera and the Technical University of Vienna where he co-founded the Secure Systems Lab that is now distributed over five institutions in Europe and US. Engin is interested in systems, software and network security (with focus on Web security, binary analysis, malware detection).