[PAST EVENT] Protecting Users in the Age of the Social Web

February 17, 2016
8am - 9am
McGlothlin-Street Hall, Room 020
251 Jamestown Rd
Williamsburg, VA 23185Map this location
TITLE: Protecting Users in the Age of the Social Web


An ever-increasing part of our professional, social and personal life involves the Internet and online services.
This has exposed users to significant risk to their private information, as the constant stream of bad news in the media will attest.

In this talk I will focus on my research efforts to better understand and protect against such loss. I will start
with a focused review on the importance of online privacy, and highlight the privacy risks of location proximity, which has been adopted by major web services and mobile apps. This work demonstrated novel threats that can neutralize existing countermeasures used by the industry and pinpoint a user's location with high accuracy within seconds. To protect users, I developed a practical defense in the form of privacy-preserving proximity that obfuscates the user's location, which has been adopted by Facebook and Foursquare. I will demonstrate how user privacy also affects security mechanisms, and present my analysis of the threat surface of Facebook's social authentication system. I will then present a novel social authentication system that is robust against advanced targeted attacks and prevents
adversaries from compromising user accounts, and conclude by sharing my thoughts for future directions.


Jason Polakis is a postdoctoral research scientist at Columbia University. He earned his Ph.D. in 2014 from the Computer Science Department of the University of Crete, Greece, where he was supported by the Foundation of Research and Technology Hellas (FORTH). He is broadly interested in identifying the security and privacy limitations of Internet technologies, designing robust defenses and privacy-preserving techniques, and enhancing our understanding of the online ecosystem and its threats. His work has revealed significant flaws in popular services, and major vendors such as Google, Facebook and Foursquare have deployed his proposed defenses.