Abstract: The World Wide Web is the primary platform that billions of people use to interact over the Internet on a daily basis. Because of their increasing importance, the applications and their huge number of users on the web have become the primary targets of cyber attacks and abuses. However, the dynamic and open nature of modern web applications makes the detection and mitigation of those attacks and abuses, especially by using static analysis approaches, very challenging. In this talk, I will share my experience on detecting and mitigating web attacks and abuses through dynamic program monitoring, which allows us to better analyze the runtime behavior of both client-side and server-side application code. Specifically, I will focus on two works that address two emerging threats against the end users and the service providers, respectively. First, I will present Observer, a browser-based analysis framework that monitors JavaScript’s interaction with web content for systematically investigating click interception on the web. Second, I will introduce Rampart, a runtime defense mechanism that protects the server end of web applications from CPU-exhaustion DoS attacks with context-sensitive function-level program profiling. Finally, I will discuss about the other challenges and opportunities for making the web a more secure platform.

Bio: Wei Meng is an Assistant Professor in the Department of Computer Science and Engineering at the Chinese University of Hong Kong. He received his Ph.D. degree in Computer Science from the Georgia Institute of Technology in 2017 and his Bachelor’s degree in Computer Science from Tsinghua University in 2012. His research focuses on computer security and privacy. He is particularly interested in designing and building systems to protect end users and applications on the Internet. His research has been published at top conferences such as USENIX Security, WWW, IEEE S&P, CCS, NDSS and NSDI. He currently leads the Computer Security Lab in the CSE department at CUHK.