##Talk 1:
Who: William Robertson\
When: Monday, {{ page.date | date_to_long_string }}, 10:00-11:00\
Where: Room 8103\
Title: on web malware (read abstract and bio below)
##Talk 2:
Who: Daniel Hausknecht’s \
When: Monday, {{ page.date | date_to_long_string }}, 13:15-15:00\
Where: Room EE\
Title: Licentiate’s defence (read abstract below)\
[get the slides here](url for slides)
Abstract of Robertson’s talk: The modern Web is heavily reliant on JavaScript for implementing client-side web applications and extending browser functionality. And yet, despite varied efforts to isolate, tame, or analyze it, JavaScript continues to enable new attacks against the web platform.
In this talk, I will present recent work on bypassing browser security controls via a novel form of code reuse, and discuss a lightweight static analysis to detect this class of vulnerabilities. Then, I will present ZigZag, a system for hardening JavaScript-based web applications against client-side validation vulnerabilities that relies on invariant detection and efficient instrumentation.
Biographical Note William Robertson is an assistant professor of Computer Science at Northeastern University in Boston, MA, and co-directs the NEU Systems Security Lab. His research revolves around improving the security of operating systems, mobile devices, and the web, making use of techniques such as security by design, program analysis, and anomaly detection.
Abstract of Hausknecht’s talk: