Presentation is loading. Please wait.

Presentation is loading. Please wait.

TRUST 2 nd Year Site Visit, March 19 th, 2007 ID Theft Knowledge Transfer.

Published byOphelia Higgins Modified over 9 years ago

Similar presentations

Presentation on theme: "TRUST 2 nd Year Site Visit, March 19 th, 2007 ID Theft Knowledge Transfer."— Presentation transcript:

1 TRUST 2 nd Year Site Visit, March 19 th, 2007 ID Theft Knowledge Transfer

2 TRUST 2 nd Year Site Visit, March 19 th, 2007KT-ID Theft2 Impact Phishing attacks growing in scale and sophistication – Main reason: phishers can steal real money. Research goal: – Make it harder for phishers to obtain user information that can lead to monetary theft Technology transfer – Freely distributed open-source software – Talks at conferences, industry meetings (ITTC, …) – Startups – Partnering arrangements

3 TRUST 2 nd Year Site Visit, March 19 th, 2007KT-ID Theft3

4 TRUST 2 nd Year Site Visit, March 19 th, 2007KT-ID Theft4 Technology Transition Plan PwdHash: RSA Security (www.pwdhash.com) – Initial integration completed fall 2006 – Hope to convince IE team to embed natively in IE SpyBlock deployment: – Available at http://getspyblock.com/ – Relevant companies: Mocha5, VMWare – Dialog with companies about transaction generators SafeHistory: Microsoft, Mozilla. – Available at www.safehistory.com

5 TRUST 2 nd Year Site Visit, March 19 th, 2007KT-ID Theft5 Public relations activities News articles on PwdHash: – Many articles in popular press, still appearing – Computerworld Horizon Award: August 2006 SafeHistory & SafeCache: – WWW ’06 paper Timing attacks – WWW ’07 paper SpyBlock and transaction generation – Report completed; conference paper in process

6 TRUST 2 nd Year Site Visit, March 19 th, 2007KT-ID Theft66

7 TRUST 2 nd Year Site Visit, March 19 th, 2007KT-ID Theft7"Title", J.Q. Speaker-Name7

8 TRUST 2 nd Year Site Visit, March 19 th, 2007KT-ID Theft8 PwdHash and RSA SecurID Tech transfer: available as IE and Firefox extensions – Working to convince MS to embed natively into IE Integration with RSA SecurID: – Motivation: “man in the middle” phishing attacks Defeats one-time password systems – Phase I: apply PwdHash to one-time passwords Requires updates to SecurID server and PwdHash – Phase II: authenticate server to client Planned for next year

Download ppt "TRUST 2 nd Year Site Visit, March 19 th, 2007 ID Theft Knowledge Transfer."

Similar presentations

Nick Feamster Research: Network security and operations –Helping network operators run the network better –Helping users help themselves Lab meetings:

Nick Feamster Research: Network security and operations –Helping network operators run the network better –Helping users help themselves Lab meetings:
Protecting Browser State from Web Privacy Attacks Collin Jackson, Andrew Bortz, Dan Boneh, John Mitchell Stanford University.

Protecting Browser State from Web Privacy Attacks Collin Jackson, Andrew Bortz, Dan Boneh, John Mitchell Stanford University.
The quest to replace passwords Evangelos Markatos Based on a paper by Joseph Bonneau,Cormac Herley, Paul C. van Oorschot, and Frank Stajanod.

The quest to replace passwords Evangelos Markatos Based on a paper by Joseph Bonneau,Cormac Herley, Paul C. van Oorschot, and Frank Stajanod.
Security Issues in Mobile Code Systems David M.Chess, High Integrity Computing Lab, IBM T.J. Watson Research Center Hawthorne, NY, USA Mobile code systems.

Security Issues in Mobile Code Systems David M.Chess, High Integrity Computing Lab, IBM T.J. Watson Research Center Hawthorne, NY, USA Mobile code systems.
Access and Overview. Login procedures and requirements. Creating and updating tickets. Understanding special ticket states. Adding an attachment to an.

Access and Overview. Login procedures and requirements. Creating and updating tickets. Understanding special ticket states. Adding an attachment to an.
SPEKE S imple Password-authenticated Exponential Key Exchange Robert Mol Phoenix Technologies.

SPEKE S imple Password-authenticated Exponential Key Exchange Robert Mol Phoenix Technologies.
Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.

Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.
Securing Online Transactions with a Trusted Digital Identity Dave Steeves - Security Software Engineer Microsoft’s.

Securing Online Transactions with a Trusted Digital Identity Dave Steeves - Security Software Engineer Microsoft’s.
2006 2 nd Joint Workshop between Security Research Labs in JAPAN and KOREA Anti-Phishing Scheme: Preventing Confidential Data from Posted to Spoofed Site.

nd Joint Workshop between Security Research Labs in JAPAN and KOREA Anti-Phishing Scheme: Preventing Confidential Data from Posted to Spoofed Site.
PETs and ID Management Privacy & Security Workshop JC Cannon Privacy Strategist Corporate Privacy Group Microsoft Corporation.

PETs and ID Management Privacy & Security Workshop JC Cannon Privacy Strategist Corporate Privacy Group Microsoft Corporation.
Dr. Sarbari Gupta Electrosoft Services Tel: (703)757-9096 Security Characteristics of Cryptographic.

Dr. Sarbari Gupta Electrosoft Services Tel: (703) Security Characteristics of Cryptographic.
1 CPSC156: The Internet Co-Evolution of Technology and Society Lecture 22: April 17, 2007 Browser-based Security and Privacy Tools.

1 CPSC156: The Internet Co-Evolution of Technology and Society Lecture 22: April 17, 2007 Browser-based Security and Privacy Tools.
Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University

Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University
Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?

Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?
Context-Aware Phishing Attacks and Client-Side Defenses Collin Jackson Stanford University.

Context-Aware Phishing Attacks and Client-Side Defenses Collin Jackson Stanford University.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
More on AuthenticationCS-4513 D-term 20081 More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.

More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.
Årskonference 2003 Theory and Practice of Personal Digital Signatures - The ITSCI project Ivan Damgård, University of Aarhus.

Årskonference 2003 Theory and Practice of Personal Digital Signatures - The ITSCI project Ivan Damgård, University of Aarhus.
Alcatel Identity Server Alcatel SEL AG. Alcatel Identity Server — 2 All rights reserved © 2004, Alcatel What is an Identity Provider?  

Alcatel Identity Server Alcatel SEL AG. Alcatel Identity Server — 2 All rights reserved © 2004, Alcatel What is an Identity Provider?  
PORTIA Project 1 Mitigating Online ID Theft: Phishing and Spyware Students:Blake Ross, Collin Jackson, Nick Miyake, Yuka Teraguchi, Robert Ladesma, Andrew.

PORTIA Project 1 Mitigating Online ID Theft: Phishing and Spyware Students:Blake Ross, Collin Jackson, Nick Miyake, Yuka Teraguchi, Robert Ladesma, Andrew.

Similar presentations

Ads by Google