Skip to main content
Atul Prakash: CSE Colloquium Series | Michigan State University

From online banking to social networks: analyzing security in real-world systems

Fall 2008 CSE Colloquium Series

Dr. Atul Prakash

Professor
Department of Electrical Engineering and Computer Science
University of Michigan

November 21
10:00 AM - 11:00 AM
3105 Engineering Building

Host: Alex Liu

Abstract

 

In this talk, I summarize results from our two recent studies on security – one for online banking systems and another for social networks. Both systems have the characteristic that security or privacy concerns should be high. In both cases, we found serious security-related gaps when analyzing the systems from the perspective of sophisticated users who care about their security or privacy. In the case of banks, we found a number of user-visible, security-related design flaws at a majority of banks’ web sites that may lead users to make bad security decisions, even if they are knowledgeable about security and maintain their operating system or browser properly. In the case of social networks, we analyzed one network, Facebook, to help analyze if users on the network could be vulnerable to context-aware spam. We found that approximately 85% of users in a large university Facebook network could be potentially targeted with context-aware spam by using simple tools. To compound the seriousness of the problem, our analysis shows that even careful people with private profiles may be vulnerable to a subset of attacks. Both results indicate a need for better tools and models to help system designers analyze security and privacy risks in systems, factoring in user view of systems, before they are widely deployed.

 

Biography

Atul Prakash is a Professor in Computer Science and Engineering at the University of Michigan with research interests in computer security and privacy. He received a Bachelor of Technology in Electrical Engineering from IIT, Delhi, India and a Ph.D. in Computer Science from the University of California, Berkeley. His recent research on online web security was widely quoted, including Business Week, Barron's, and BBC Digital Planet. He has also examined the problem of privacy and security risks in emerging pervasive systems, such as online social networks. Dr. Prakash received an award for the best undergraduate project at IIT Delhi and the research excellence award at the University of Michigan. Among his earlier research work, he was one of the designers of the Upper Atmospheric Research Collaboratory (UARC) project, which was perhaps the first scientific collaboratory system and was recognized by the Smithsonian-Computerworld for its contributions to science. He advises several security-related companies, including Compubahn, which specializes in bank security and Web Tap Security, a Michigan-based startup specializing in designing tools to detect information leakage.