Comprehensive Study and Protection of Web Threats
Igor Santos
http://paginaspersonales.deusto.es/isantos/
DeustoTech (www.deustotech.eu) is a private non-profit institution of the Faculty of Engineering at the University of Deusto for applied research in new technologies. Since 2005 DeustoTech mission is to support the ICT activity in business and society through research, the development of technologies, innovation and knowledge transfer. We focus our activity around TRLs 2-7 and articulate it into four applied fields: Industry, Mobility, Energy and Society, having a fifth, the Chair of Applied Mathematics, as a transversal activity and support for the previous four. We are characterized for working with data of heterogeneous nature, throughout its life cycle and in compliance with ethical principles and humanists who define the University of Deusto.
The research group which will host the IF candidate devotes to Cybersecurity as well. In particular, we have been working actively in two different areas: web security and code security. In the first one, we have devoted to the analysis of web privacy with works in web tracking with works in dark web privacy or browser attributes finger printability. In the area of code security, we have worked in malware detection and we are now working on vulnerability detection and sanitization.
The applicant should hold a PhD and have not stayed in the hosting institution country (Spain) for, at least, more than 12 months in the last 3 years previously to the MCSA-IF call deadline.
The applicant needs to be proficient in CyberSecurity with a desirable background on Web Security, with a strong record of early publications in these topics.
The applicant should also be willing to join a team that looks forward into major contributions in the field, to be published in top-tier venues (Oakland, Usenix Security, ACM CCS, ISOC NDDS).
- Information Sciences and Engineering (ENG)
The applicant is going to work in the Web Security topic. In particular, the applicant is supposed to pursue a research in Web Attacks and Web Privacy. The concrete issue that will be researched is the generalization of different web attacks. To this end, the applicant will explore different web ecosystems that are prone to misuse in order to find new threats and attack vectors. Afterwards, these new attacks and techniques will be generalized in order to build prevention methods able to detect these attacks. The major challenge of this research is that despite the fact that several studies has been performed in the area they are environment or technique specific. With this research, we will provide a comprehensive view to the whole web ecosystem, protecting users.
EXCELLENCE OF THE HOST RESEARCH UNIT
Iskander Sanchez-Rola, Matteo Dell’Amico, Platon Kotzias, Davide Balzarotti, Leyla Bilge, Pierre-Antoine Vervier, Igor Santos. Can I Opt Out Yet? GDPR and the Global Illusion of Cookie Control. Proceedings of the ACM Asia Conference on Computer and Communications Security (ASIACCS), Auckland, New Zealand, 2019 (acceptance rate: 17.0%)
Iskander Sanchez-Rola, Igor Santos, Davide Balzarotti. Clock Around the Clock: Time-Based Device Fingerprinting. Proceedings of the 25th ACM Conference on Computer and Communications Security (CCS), Toronto, Canada, 2018 (acceptance rate: 16.6%)
[Media coverage: New Scientist | Metro | TechNews | …]
Iskander Sanchez-Rola, Igor Santos, Davide Balzarotti. Extension Breakdown: Security Analysis of Browsers Extension Resources Control Policies. Proceedings of the 26th Usenix Security Symposium (Sec), Vancouver, Canada, 2017 (acceptance rate: 16.28%)
[Media coverage: SecurityWeek | BleepingComputer | Ghacks (1) | Ghacks (2) | FayerMayer |…]
Iskander Sanchez-Rola, Davide Balzarotti, Igor Santos. The Onions Have Eyes: A Comprehensive Structure and Privacy Analysis of Tor Hidden Services. Proceedings of the 26th International World Wide Web Conference (WWW), Perth, Australia, 2017 (acceptance rate: 17.0%)
[Media coverage: New Scientist | Daily Mail | DeepDotWeb | Jornal Ciência |…]
Tiago A. Almeida, Tiago P. Silva, Igor Santos, José María Gomez-Hidalgo- Text Normalization and Semantic Indexing to Enhance Instant Messaging and SMS Spam Filtering. Knowledge-Based Systems vol 108, pp. 25-32. 2016. ISSN (online): 1368-9894, ISSN (print): 1367-0751. DOI: 10.1016/j.knosys.2016.05.001
VESSEDIA: VERIFICATION ENGINEERING OF SAFETY AND SECURITY CRITICAL INDUSTRIAL APPLICATIONS. Funded by: H2020. 2016-DS-01 Ref: N/A. PI (University of Deusto): Igor Santos Budget (University of Deusto): 352125 Euros
SOCIAL SPAM: SEGUIMIENTO Y FILTRADO DE SPAM PERSONALIZADO EN MEDIOS SOCIALES MEDIANTE MODELOS DE DIFUSIÓN Y ANÁLISIS DE CONTENIDO. Funded by: Gobierno Vasco Research Ref: N/A. PI: Igor Santos Budget: 48300 Euros
VEMAS: SISTEMA INSTALADO “EN LA NUBE” PARA LA VERIFICACIÓN FORMAL DEL SOFTWARE
Y LA MEDIDA DE SU CALIDAD, DESDE LOS COMPILADORES E INTÉRPRETES QUE EJECUTAN EL CÓDIGO HASTA LAS APLICACIONES. Funded by: Consultoría Tecnológica para el comercio, SL (CONSULTEC), Avangroup Bussiness Solutions S.L. Research Contract. Ref: N/A. PI: Borja Sanz Urquijo. Budget: 44161 Euros
ACSAS – ANÁLISIS DE CAMPAÑAS Y SENSIBILIDAD A LA AMBIGÜEDAD LINGÜÍSTICA PARA LA MEJORA DEL FILTRADO DE SPAM. Funded by: AVANGROUP BUSINESS SOLUTIONS S.L. Research Contract. Ref: N/A. PI: Igor Santos. Budget: 8,000 Euros INTERDISCIPLINARY COLLABORATION
The project is within the security scope. However, the results will help commodity users to protect themselves against these web attacks.
Therefore, interdisciplinary collaboration with social studies is not discarded in order to present information to the users properly so they can understand the threats. INTERNATIONAL COLLABORATION
The applicant will join this MSCA action and it is possible that derived results can be used in other H2020 projects in the area of cybersecurity. INTERSECTORAL COLLABORATION
Our group has a important network of collaborators around the world that can provide additional insight to this project (e.g., CISCO, UCSB, CMU, Eurecom, Symantec Research Labs, amongst others). IMPACT
The results of the research can be exploited in several ways: (i) developing a tool for users to know the current threats of their browsing, (ii) devising a web service so developers and/or security analysts can measure the “danger” of a particular website.
Regarding dissemination, we plan to publish our results as scientific publications in top venues but also by performing several dissemination actions for the general public and also people in the field. INNOVATION
The problem with web security research is that it has been biased by the particular problem or ecosystem they analyze and there is no holistic view of the attacks and threats. In particular, we identify the following gaps that this offer will cope with: (i)There does not exist any research connecting the multiple web security issues. (ii) Existing crawlers are biased by the particular type of web or technique they study, potentially missing content in the retrieval. (iii) There is no full identification of all the problems or threats within a website. (iv) (v)The web threat landscape has not been explored because the lack of comprehensive techniques. The possibility of relations among different types of webs, techniques is an actual problem and there is no method to measure or prevent it. INCLUSION
One of the University of Deusto’s key duties is to be fully aware of problems within the institution itself and the society we live in. For this reason, it should take specific steps to boost integration and real equality of opportunity for people with specific support needs. Timely specific action is required to enable them to enter higher education in equal conditions and ensure their full integration in the university community. DeustoTech, as one of its institutions, is included into this service of social action and inclusion. The main aims consist of achieving full normalisation, equal opportunities and gradually adopting the steps needed to ensure that the University of Deusto is an inclusive educational institution. Furthermore, the University of Deusto provides them with guidance and support on the transition to the labour market jointly with special job centres and companies at large.
Iskander Sanchez-Rola, Matteo Dell’Amico, Platon Kotzias, Davide Balzarotti, Leyla Bilge, Pierre-Antoine Vervier, Igor Santos. Can I Opt Out Yet? GDPR and the Global Illusion of Cookie Control. Proceedings of the ACM Asia Conference on Computer and Communications Security (ASIACCS), Auckland, New Zealand, 2019 (acceptance rate: 17.0%)
Iskander Sanchez-Rola, Igor Santos, Davide Balzarotti. Clock Around the Clock: Time-Based Device Fingerprinting. Proceedings of the 25th ACM Conference on Computer and Communications Security (CCS), Toronto, Canada, 2018 (acceptance rate: 16.6%)
[Media coverage: New Scientist | Metro | TechNews | …]
Iskander Sanchez-Rola, Igor Santos, Davide Balzarotti. Extension Breakdown: Security Analysis of Browsers Extension Resources Control Policies. Proceedings of the 26th Usenix Security Symposium (Sec), Vancouver, Canada, 2017 (acceptance rate: 16.28%)
[Media coverage: SecurityWeek | BleepingComputer | Ghacks (1) | Ghacks (2) | FayerMayer |…]
Iskander Sanchez-Rola, Davide Balzarotti, Igor Santos. The Onions Have Eyes: A Comprehensive Structure and Privacy Analysis of Tor Hidden Services. Proceedings of the 26th International World Wide Web Conference (WWW), Perth, Australia, 2017 (acceptance rate: 17.0%)
[Media coverage: New Scientist | Daily Mail | DeepDotWeb | Jornal Ciência |…]
Tiago A. Almeida, Tiago P. Silva, Igor Santos, José María Gomez-Hidalgo- Text Normalization and Semantic Indexing to Enhance Instant Messaging and SMS Spam Filtering. Knowledge-Based Systems vol 108, pp. 25-32. 2016. ISSN (online): 1368-9894, ISSN (print): 1367-0751. DOI: 10.1016/j.knosys.2016.05.001
VESSEDIA: VERIFICATION ENGINEERING OF SAFETY AND SECURITY CRITICAL INDUSTRIAL APPLICATIONS. Funded by: H2020. 2016-DS-01 Ref: N/A. PI (University of Deusto): Igor Santos Budget (University of Deusto): 352125 Euros
SOCIAL SPAM: SEGUIMIENTO Y FILTRADO DE SPAM PERSONALIZADO EN MEDIOS SOCIALES MEDIANTE MODELOS DE DIFUSIÓN Y ANÁLISIS DE CONTENIDO. Funded by: Gobierno Vasco Research Ref: N/A. PI: Igor Santos Budget: 48300 Euros
VEMAS: SISTEMA INSTALADO “EN LA NUBE” PARA LA VERIFICACIÓN FORMAL DEL SOFTWARE
Y LA MEDIDA DE SU CALIDAD, DESDE LOS COMPILADORES E INTÉRPRETES QUE EJECUTAN EL CÓDIGO HASTA LAS APLICACIONES. Funded by: Consultoría Tecnológica para el comercio, SL (CONSULTEC), Avangroup Bussiness Solutions S.L. Research Contract. Ref: N/A. PI: Borja Sanz Urquijo. Budget: 44161 Euros
ACSAS – ANÁLISIS DE CAMPAÑAS Y SENSIBILIDAD A LA AMBIGÜEDAD LINGÜÍSTICA PARA LA MEJORA DEL FILTRADO DE SPAM. Funded by: AVANGROUP BUSINESS SOLUTIONS S.L. Research Contract. Ref: N/A. PI: Igor Santos. Budget: 8,000 Euros
The project is within the security scope. However, the results will help commodity users to protect themselves against these web attacks.
Therefore, interdisciplinary collaboration with social studies is not discarded in order to present information to the users properly so they can understand the threats.
INTERNATIONAL COLLABORATION
The applicant will join this MSCA action and it is possible that derived results can be used in other H2020 projects in the area of cybersecurity. INTERSECTORAL COLLABORATION
Our group has a important network of collaborators around the world that can provide additional insight to this project (e.g., CISCO, UCSB, CMU, Eurecom, Symantec Research Labs, amongst others). IMPACT
The results of the research can be exploited in several ways: (i) developing a tool for users to know the current threats of their browsing, (ii) devising a web service so developers and/or security analysts can measure the “danger” of a particular website.
Regarding dissemination, we plan to publish our results as scientific publications in top venues but also by performing several dissemination actions for the general public and also people in the field. INNOVATION
The problem with web security research is that it has been biased by the particular problem or ecosystem they analyze and there is no holistic view of the attacks and threats. In particular, we identify the following gaps that this offer will cope with: (i)There does not exist any research connecting the multiple web security issues. (ii) Existing crawlers are biased by the particular type of web or technique they study, potentially missing content in the retrieval. (iii) There is no full identification of all the problems or threats within a website. (iv) (v)The web threat landscape has not been explored because the lack of comprehensive techniques. The possibility of relations among different types of webs, techniques is an actual problem and there is no method to measure or prevent it. INCLUSION
One of the University of Deusto’s key duties is to be fully aware of problems within the institution itself and the society we live in. For this reason, it should take specific steps to boost integration and real equality of opportunity for people with specific support needs. Timely specific action is required to enable them to enter higher education in equal conditions and ensure their full integration in the university community. DeustoTech, as one of its institutions, is included into this service of social action and inclusion. The main aims consist of achieving full normalisation, equal opportunities and gradually adopting the steps needed to ensure that the University of Deusto is an inclusive educational institution. Furthermore, the University of Deusto provides them with guidance and support on the transition to the labour market jointly with special job centres and companies at large.
The applicant will join this MSCA action and it is possible that derived results can be used in other H2020 projects in the area of cybersecurity.
Our group has a important network of collaborators around the world that can provide additional insight to this project (e.g., CISCO, UCSB, CMU, Eurecom, Symantec Research Labs, amongst others).
IMPACT
The results of the research can be exploited in several ways: (i) developing a tool for users to know the current threats of their browsing, (ii) devising a web service so developers and/or security analysts can measure the “danger” of a particular website.
Regarding dissemination, we plan to publish our results as scientific publications in top venues but also by performing several dissemination actions for the general public and also people in the field. INNOVATION
The problem with web security research is that it has been biased by the particular problem or ecosystem they analyze and there is no holistic view of the attacks and threats. In particular, we identify the following gaps that this offer will cope with: (i)There does not exist any research connecting the multiple web security issues. (ii) Existing crawlers are biased by the particular type of web or technique they study, potentially missing content in the retrieval. (iii) There is no full identification of all the problems or threats within a website. (iv) (v)The web threat landscape has not been explored because the lack of comprehensive techniques. The possibility of relations among different types of webs, techniques is an actual problem and there is no method to measure or prevent it. INCLUSION
One of the University of Deusto’s key duties is to be fully aware of problems within the institution itself and the society we live in. For this reason, it should take specific steps to boost integration and real equality of opportunity for people with specific support needs. Timely specific action is required to enable them to enter higher education in equal conditions and ensure their full integration in the university community. DeustoTech, as one of its institutions, is included into this service of social action and inclusion. The main aims consist of achieving full normalisation, equal opportunities and gradually adopting the steps needed to ensure that the University of Deusto is an inclusive educational institution. Furthermore, the University of Deusto provides them with guidance and support on the transition to the labour market jointly with special job centres and companies at large.
The results of the research can be exploited in several ways: (i) developing a tool for users to know the current threats of their browsing, (ii) devising a web service so developers and/or security analysts can measure the “danger” of a particular website.
Regarding dissemination, we plan to publish our results as scientific publications in top venues but also by performing several dissemination actions for the general public and also people in the field.
The problem with web security research is that it has been biased by the particular problem or ecosystem they analyze and there is no holistic view of the attacks and threats. In particular, we identify the following gaps that this offer will cope with: (i)There does not exist any research connecting the multiple web security issues. (ii) Existing crawlers are biased by the particular type of web or technique they study, potentially missing content in the retrieval. (iii) There is no full identification of all the problems or threats within a website. (iv) (v)The web threat landscape has not been explored because the lack of comprehensive techniques. The possibility of relations among different types of webs, techniques is an actual problem and there is no method to measure or prevent it.
INCLUSION
One of the University of Deusto’s key duties is to be fully aware of problems within the institution itself and the society we live in. For this reason, it should take specific steps to boost integration and real equality of opportunity for people with specific support needs. Timely specific action is required to enable them to enter higher education in equal conditions and ensure their full integration in the university community. DeustoTech, as one of its institutions, is included into this service of social action and inclusion. The main aims consist of achieving full normalisation, equal opportunities and gradually adopting the steps needed to ensure that the University of Deusto is an inclusive educational institution. Furthermore, the University of Deusto provides them with guidance and support on the transition to the labour market jointly with special job centres and companies at large.
One of the University of Deusto’s key duties is to be fully aware of problems within the institution itself and the society we live in. For this reason, it should take specific steps to boost integration and real equality of opportunity for people with specific support needs. Timely specific action is required to enable them to enter higher education in equal conditions and ensure their full integration in the university community. DeustoTech, as one of its institutions, is included into this service of social action and inclusion. The main aims consist of achieving full normalisation, equal opportunities and gradually adopting the steps needed to ensure that the University of Deusto is an inclusive educational institution. Furthermore, the University of Deusto provides them with guidance and support on the transition to the labour market jointly with special job centres and companies at large.