Towards Scalable User-Agnostic Attack Defense – Zhichun Li
https://www.ispeech.org
Abstract:
Security has become one of the major concerns for today's Internet.
End users, however, are slow in adopting new security technologies.
Many users cannot manage security well by themselves. Ideally,
security mechanisms should be as transparent as possible to the users.
On the other hand, IT managers desire efficient and scalable
protection mechanisms.
Towards addressing these issues, in this talk, I would like to
introduce two of my efforts. First, I will present the design of
NetShield, a new vulnerability signature based NIDS/NIPS, which
achieves high throughput comparable to that of the state-of-the-art
regular expression based systems while offering much better accuracy.
In particular, we propose a candidate selection algorithm which
efficiently matches thousands of vulnerability signatures
simultaneously, and design a parsing transition state machine that
achieves fast protocol parsing.
Second, I will talk about WebShield, a secure web proxy design that
protects clients from web-based exploits by processing potentially
malicious JavaScript in a sandboxed environment (shadow browser) on a
middlebox. With shadow browsers, WebShield also aims to deploy
client-based defenses against various classes of web attacks without
client modifications.
Bio:
Zhichun Li currently is a research staff member at NEC Laboratories in
Princeton, NJ. Before joining NEC, he received his Ph.D. on Dec 2009
from Northwestern University. He earned both M.S. and B.S. degrees
from Tsinghua University in China. His research interests span the
areas of security, networking and distributed systems with an emphasis
on smartphone security, web security, network security, network
measurement and distributed system diagnosis. Previously, he has
conducted research at Microsoft Research Redmond and International
Computer Science Institute (ICSI) of UC Berkeley.
source
Gloss