Computer Science Department




Quo Vadis? A Look at the Evolution of the Security of Web Applications

Prof. Engin Kirda

Northeastern University


Friday, March 22, 2013

11:00 a.m. 12:00 p.m.

Fuller Labs 320




Web applications have become important services in our daily lives. Millions of users use web applications to obtain information, perform financial transactions, have fun, socialize, and communicate. Unfortunately, web applications are also frequently targeted by attackers. Recent data from SANS institute estimates that up to 60% of Internet attacks target web applications. In this talk, I will talk about some of the web security research we have conducted in the last seven years, and will discuss how input validation flaws have evolved in the last decade. In particular, I will discuss empirical experiments that try to determine if developers are more aware of web security problems
today than they used to be in the past.


Engin Kirda is the Sy and Laurie Sternberg Associate Professor of Information Assurance at Northeastern University in Boston. He is also the director of the Northeastern Information Assurance Institute. Before that, he has held faculty positions at Institute Eurecom in the French Riviera and the Technical University of Vienna where he co-founded the Secure Systems Lab that is now distributed over five institutions in Europe and US. Engin is interested in systems, software and network security (with focus on Web security, binary analysis, malware detection).



Host: Prof. Kathi Fisler


Refreshments will be served.