Logo: University of Southern California

Events Calendar

  • PhD Defense- You Kyu Lee

    Thu, Oct 19, 2017 @ 01:00 PM - 03:00 PM

    Thomas Lord Department of Computer Science

    University Calendar

    Date: Thu, Oct 19, 2017 @ 1:00 PM - 3:00 PM

    Location: Hedco Chemical Engineering (HED) - 103

    PhD Candidate: Youn Kyu Lee

    Committee: Nenad Medvidovic (CS, chair), William G.J. Halfond (CS), Sandeep Gupta (EE)

    Title: Reducing Inter-Component Communication Vulnerabilities in Event-Based Systems

    Event-based system (EBS) has become popular because of its high flexibility, scalability, and adaptability. These advantages are facilitated by its reliance on implicit invocation and implicit concurrency. Specifically, in EBS, components may not know the consumers of the events they publish, nor do they necessarily know the producers of events they consume. This communication mechanism is based on non-determinism in event processing, which can introduce inherent security vulnerabilities into a system referred to as event attacks. Event attack is a particular type of attack that can abuse, incapacitate, and damage a target system by exploiting the system\'s event-based communication model. Different types of event attacks have been identified in a range of domains to date. It is hard to prevent event attacks because they are administered in a way that does not differ from ordinary event-based communication in general. While a number of techniques have focused on security threats in EBS, they do not appropriately resolve the event attack problems or suffer from inaccuracy in detecting and preventing event attacks. Furthermore, fundamental security flaws, which can be exploited by event attacks, have not been clearly identified yet. In order to address the risk of event attacks, this dissertation presents four main approaches: (1) a new taxonomy for security flaws in EBS, which can serve as a basis for resolving event attack problems; (2) SEALANT (Security for End-users of Android via Light-weight ANalysis Techniques), a novel protection mechanism for Android, one of the most widely used event-based platforms; (3) SCUTUM (SeCUrity for evenT-based systems implemented Using MOM platforms), a novel vulnerability detection technique for EBSs that are implemented by using message-oriented middleware platforms; and (4) ViVA (Visualizer for eVent-based Architectures), a new visualization technique for monitoring and identifying security vulnerabilities in EBS.

    Location: 103

    Audiences: Everyone Is Invited

    Contact: Lizsl De Leon


Return to Calendar