Abstract:  The insecurity of Internet services can lead to disastrous
consequences – confidential communications can be monitored, financial
information can be stolen, and our critical Internet infrastructure
can be crippled. However, many prior works on Internet services only
focus on the security of an individual network layer in isolation,
whereas the adversaries do quite the opposite – they look for
opportunities to exploit the interactions across heterogeneous
components and layers to compromise the system security. This gap
leaves the privacy and security of billions of users as well as our
critical infrastructure at risk.
I aim to bridge this gap to build privacy-preserving and secure
Internet services. In this talk, I will focus on two Internet
services, the Tor network and the Public Key Infrastructure. I have
uncovered new vulnerabilities in these services by taking a crosslayer
approach to exploit the interdependencies across different
network layers. I have demonstrated attacks in the wild (ethically) to
evaluate the real effects of vulnerabilities. Consequently, I have
built practical defenses that have received real-world deployment by
the Tor Project which serves millions of users, and Let's Encrypt
which is the world's largest Certificate Authority that has issued
hundreds of millions of digital certificates.

Bio:  Yixin Sun is a PhD candidate in Computer Science at Princeton
University. Her research focuses on building privacy-preserving and
secure networked systems. She received the Information Controls
Fellowship from the Open Technology Fund, the SEAS Award for
Excellence from Princeton, and the EECS rising star from MIT.
Throughout her career, Yixin has collaborated with many industrial
labs and non-profit organizations, such as the Tor Project, Let's
Encrypt, Verisign Labs, NEC Labs and International Computer Science
Institute (ICSI). Previously, Yixin received her Bachelor's degree in
Computer Science and Mathematics from the University of Virginia.