{"595098":{"#nid":"595098","#data":{"type":"event","title":"Cybersecurity Lecture Series with Nick Nikiforakis","body":[{"value":"\u003Ch5\u003E\u003Cstrong\u003E\u003Cem\u003E\u0026quot;Security and Privacy Issues of Modern Web Browsers\u0026quot;\u003C\/em\u003E\u003C\/strong\u003E\u003Cbr \/\u003E\r\n\u0026nbsp;\u003C\/h5\u003E\r\n\r\n\u003Cdiv\u003E\r\n\u003Cp\u003EThe modern web, as users experience it, bears little resemblance to the original world wide web invented by Tim Berners-Lee. Static, stateless, HTML pages with text and the occasional pixelated images gave way to dynamic, stateful, TLS-protected Web 2.0 pages where the expressiveness of JavaScript and the ever expansion of HTML5 APIs enable users to spend the vast majority of their time within a browser, with little need for traditional installed applications. As we keep on adding new features to modern browsers we are also invariably increasing their attack surface.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EIn this talk, we are going to present three recent results of our group on the security and privacy of modern web browsers. On the security front, we will discuss the idiosyncrasies of mobile web browsers and show that they are vulnerable to attacks that were never an issue on traditional desktop platforms. We will present the results of analyzing over 2,000 versions of mobile browsers, spanning five years and 128 browser families, and show that mobile browsers are becoming more vulnerable to certain classes of attacks with each passing year. On the privacy front, we focus on the extension systems of modern browsers and show that browser extensions can be abused to fingerprint users against their will and identify their socioeconomic status and political inclinations. Finally, we will present our analysis of PII-leaking extensions, where we find that popular browser extensions, whether on purpose or by accident, leak a user\u0026#39;s browsing-history to multiple third-party servers.\u003C\/p\u003E\r\n\u003C\/div\u003E\r\n\r\n\u003Cp\u003E\u003Ca href=\u0022http:\/\/attend.com\/cyberlecture-nick\u0022\u003E\u003Cstrong\u003ERegister to attend\u003C\/strong\u003E\u003C\/a\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003ENick Nikiforakis\u003C\/strong\u003E, Ph.D., is an assistant professor in the Department of Computer Science at Stony Brook University. He is the director of the PragSec lab where students conduct research in all aspects of pragmatic security and privacy including web tracking, mobile security, DNS abuse, social engineering, and cyber crime. He has authored more than 50 academic papers and his work often finds its way to the popular press including TheRegister, SlashDot, BBC, and Wired. For his work, he received an Honorable Mention Award from PETS 2016 and a Distinguished Paper Award from NDSS 2017. His research is supported by the National Science Foundation and the Office of Naval Research and he regularly serves in the Program Committees of all top-tier security conferences.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EOrganized by the\u0026nbsp;\u003Ca href=\u0022https:\/\/protect-us.mimecast.com\/s\/1dr5BkcYL59Mh8\u0022 rel=\u0022noopener\u0022 target=\u0022_blank\u0022\u003EInstitute for Information Security \u0026amp; Privacy\u003C\/a\u003E, the free and open-to-the-public Cybersecurity Lecture Series \u003Ca href=\u0022http:\/\/www.iisp.gatech.edu\/cyber-lecture\u0022 target=\u0022_blank\u0022\u003Emeets throughout the fall\u003C\/a\u003E each Friday at Noon on the Georgia Tech campus, August \u0026ndash; December. Invited speakers include executives and researchers from Fortune 500 companies, federal intelligence agencies, start-ups and incubators, as well as Georgia Tech faculty and students presenting their research.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003E\u003Ca href=\u0022http:\/\/www.iisp.gatech.edu\/sign-cybersecurity-lecture-updates\u0022\u003EReceive future schedule updates\u003C\/a\u003E\u003C\/strong\u003E\u003C\/p\u003E\r\n","summary":null,"format":"limited_html"}],"field_subtitle":"","field_summary":[{"value":"\u003Cp\u003EGeorgia Tech\u0026rsquo;s free and open-to-the-public Cybersecurity Lecture Series welcomes\u003Cstrong\u003E Nick Nikiforakis\u003C\/strong\u003E, an assistant professor at Stony Brook University and an affiliate of the National Security Institute.\u003C\/p\u003E\r\n","format":"limited_html"}],"field_summary_sentence":[{"value":"Georgia Tech\u2019s Cybersecurity Lecture Series welcomes Nick Nikiforakis of Stony Brook University."}],"uid":"27490","created_gmt":"2017-08-28 13:55:12","changed_gmt":"2017-08-29 03:09:32","author":"Tara La Bouff","boilerplate_text":"","field_publication":"","field_article_url":"","field_event_time":{"event_time_start":"2017-09-22T13:00:00-04:00","event_time_end":"2017-09-22T14:00:00-04:00","event_time_end_last":"2017-09-22T14:00:00-04:00","gmt_time_start":"2017-09-22 17:00:00","gmt_time_end":"2017-09-22 18:00:00","gmt_time_end_last":"2017-09-22 18:00:00","rrule":null,"timezone":"America\/New_York"},"extras":[],"hg_media":{"593723":{"id":"593723","type":"image","title":"Cybersecurity Lecture Series by IISP","body":null,"created":"1500996186","gmt_created":"2017-07-25 15:23:06","changed":"1500996186","gmt_changed":"2017-07-25 15:23:06","alt":"","file":{"fid":"226333","name":"CLS_logo_FY18 w tag.jpg","image_path":"\/sites\/default\/files\/images\/CLS_logo_FY18%20w%20tag.jpg","image_full_path":"http:\/\/www.tlwarc.hg.gatech.edu\/\/sites\/default\/files\/images\/CLS_logo_FY18%20w%20tag.jpg","mime":"image\/jpeg","size":580256,"path_740":"http:\/\/www.tlwarc.hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/images\/CLS_logo_FY18%20w%20tag.jpg?itok=8s4XWw-w"}},"595149":{"id":"595149","type":"image","title":"Nick Nikiforakis","body":null,"created":"1503946809","gmt_created":"2017-08-28 19:00:09","changed":"1503946809","gmt_changed":"2017-08-28 19:00:09","alt":"","file":{"fid":"226813","name":"nick-portrait.jpg","image_path":"\/sites\/default\/files\/images\/nick-portrait.jpg","image_full_path":"http:\/\/www.tlwarc.hg.gatech.edu\/\/sites\/default\/files\/images\/nick-portrait.jpg","mime":"image\/jpeg","size":2844204,"path_740":"http:\/\/www.tlwarc.hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/images\/nick-portrait.jpg?itok=MbVHkdtM"}}},"media_ids":["593723","595149"],"groups":[{"id":"430601","name":"Institute for Information Security and Privacy"}],"categories":[],"keywords":[{"id":"1404","name":"Cybersecurity"}],"core_research_areas":[],"news_room_topics":[],"event_categories":[{"id":"1795","name":"Seminar\/Lecture\/Colloquium"}],"invited_audience":[{"id":"78761","name":"Faculty\/Staff"},{"id":"78771","name":"Public"},{"id":"174045","name":"Graduate students"},{"id":"78751","name":"Undergraduate students"}],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[{"value":"\u003Cp\u003ELindsey Panetta, \u003Ca href=\u0022mailto:lindsey.panetta@gtri.gatech.edu\u0022\u003Elindsey.panetta@gtri.gatech.edu\u003C\/a\u003E\u003C\/p\u003E\r\n","format":"limited_html"}],"email":[],"slides":[],"orientation":[],"userdata":""}}}