Detecting and Preventing Web Application Security Vulnerabilities via Program Analysis

*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************

Event Details
  • Date/Time:
    • Friday January 11, 2013 - Saturday January 12, 2013
      11:00 am - 11:59 am
  • Location: KACB 1116E
  • Phone:
  • URL:
  • Email:
  • Fee(s):
    N/A
  • Extras:
Contact

Dr. Mayur Naik: mayur.naik@cc.gatech.edu or 404-385-4746

Summaries

Summary Sentence: Web Security Talk- Omer Tripp, Tel-Aviv University

Full Summary: Omer Tripp is a graduate student at Tel-Aviv University, soon to complete his studies under the supervision of Prof. Mooly Sagiv. Omer has also been working for IBM for the last five years, and has recently been nominated IBM Master Inventor for his extensive and prolific innovation and mentoring work. Omer's research work -- published at leading conferences and journals including POPL, PLDI, OOPSLA and TOSEM -- has focused on two main areas: (i) program analysis for security and language-based security, and (ii) automatic and interactive software parallelization.
(http://www.cs.tau.ac.il/~omertrip/)

Web applications are the subject of an increasing number of attacks. Most attack types involve injection of malicious content into the data processed by the Web application (e.g. HTTP parameter values, session attributes, cookies, etc). The large number of severe attacks reported in recent years on banking applications, as well as corporate and government Web sites, has created a special motivation to develop analysis tools for detecting vulnerabilities in Web applications. In the last five years, Tripp has been a leading member of an IBM project with this goal, collaborating with researchers at IBM and in academia. In this talk, he will present several research challenges that were addressed as part of this ambitious project, as well as solutions developed in response to these challenges.

Additional Information

In Campus Calendar
No
Groups

College of Computing

Invited Audience
No audiences were selected.
Categories
Seminar/Lecture/Colloquium
Keywords
No keywords were submitted.
Status
  • Created By: Antonette Benford
  • Workflow Status: Published
  • Created On: Jan 9, 2013 - 10:09am
  • Last Updated: Oct 7, 2016 - 10:01pm