[Owasp-sanfran] OWASP Meeting 12/13 -- Web-Based Malware, Browser Security & More
OWASP - San Francisco Chapter
owasp-sanfran at lists.owasp.org
Tue Dec 4 13:09:13 EST 2007
Greetings IT
Professionals,
OWASP Bay Area will host its next
meeting at the Stanford University Alumni Association Center on Thursday, December 13. As usual
attendance is free and food and beverages will be provided. This will be an
awesome event and a great opportunity to network with industry peers. The event
is open to the public; please forward this invite to your colleagues and friends
who are interested in computer and application security.
Agenda and
Presentations:
6:00pm - 6:30pm ... Check-in and
Holiday Reception (food & beverages)
6:30pm - 7:15pm ... Ghosts in the
Browser – Niels Provos, Google
7:15pm - 8:00pm ... Ph.D.
Student Presentations – Adam Barth & Collin Jackson, Stanford University
8:00pm - 8:30pm ...
Networking Session
Venue:
Stanford
Alumni Association Center
Stanford
University
326 Galvez
Street
Stanford, CA 94305
Map and
Directions
Ghosts in the
Browser
Presented
by: Niels Provos, Ph.D., Google,
Inc.
Abstract:
As more users are connected to the
Internet and conduct their daily activities electronically, computer users have
become the target of an underground economy that infects hosts with malware or
adware for financial gain. Unfortunately, even a single visit to an infected web
site enables the attacker to detect vulnerabilities in the user’s applications
and force the download a multitude of malware binaries. Frequently, this malware
allows the adversary to gain full control of the compromised systems leading to
the ex-filtration of sensitive information or installation of utilities that
facilitate remote control of the host. We believe that such behavior is similar
to our traditional understanding of botnets. However, the main difference is
that web-based malware infections are pull-based and that the resulting command
feedback loop is looser. To characterize the nature of this rising thread, we
identify the four prevalent mechanisms used to inject malicious content on
popular web sites: web server security, user contributed content, advertising
and third-party widgets. For each of these areas, we present examples of abuse
found on the Internet. Our aim is to present the state of malware on the Web and
emphasize the importance of this rising threat.
Bio: Based out
of Mt.View, Niels Provos is a Senior Staff Engineer at Google, Inc. His
interests include research in Web-Based Malware, Distributed Denial of Service,
Steganography, Cryptography and Computer and Network Security. Niels studied
Physics and Mathematics at University of Hamburg,
Germany, and attended the
University of
Michigan as a graduate
student where he earned both is Masters in Computer Science and his Ph.D. in
Computer Science. He has published countless research papers and recently
authored the book Virtual Honeypots: From Tracking Botnets to Intrusion
Detection.
Ph.D. Student
Presentations
Presented by:
Adam Barth & Collin Jackson, Stanford University
Preview of OWASP Bay Area, Mandeep
Khera
Mandeep will provide an outline of the goals and
objectives for local OWASP affiliates in 2008.
Please RSVP by responding to this
email or visit http://owaspdec2007.eventbrite.com
Special thanks to Stanford
University Alumni Association for hosting this event and to Cenzic
and AppSec Consulting for sponsoring.
I hope to see you all there,
Robi Papp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-sanfran/attachments/20071204/558fc1c9/attachment.html
More information about the Owasp-sanfran
mailing list