[NRG] Notification: Shields Up! Defense for evading reconnaissance and JavaSc... @ Tue Feb 16, 2016 11am - 12pm (NRG at BU)

Google Calendar calendar-notification at google.com
Thu Feb 11 11:00:08 EST 2016

This is a notification for:

Title: Shields Up! Defense for evading reconnaissance and JavaScript driven  
L7 attacks (William Koch)
Title: Shields Up! Defense for evading reconnaissance and JavaScript driven  
L7 attacks
Authors: William Koch, Azer Bestavros

Cyber attacks can be categorized as opportunistic or targeted. In an  
opportunistic attack, the target is initially unknown. As a first step in  
identifying a potential target, the adversary will scan a network as part  
of their reconnaissance to find a candidate machine. While a targeted  
attack requires research and planning. As an example, JavaScript has been  
observed to perform application layer (L7) attacks such distributed denial  
of service (DDoS). Reverse proxies and web application firewalls (WAF) are  
the standard defense for the aforementioned threats, however deploying  
these defenses can be costly and cause additional overhead. In response, we  
develop Shields, a minimalist defense for evading reconnaissance and  
JavaScript driven L7 attacks. Shields are static HTML files used to block  
malicious JavaScript requests attempting to accesses unauthorized web  
resources. If a request is legitimate, the Shield uses port knocking to  
white list the client on the origin server thus keeping the origin server  
stealth to all other IPs. Shields provide an alternative defense to reduce  
a web servers attack surface, while keeping operating cost at a minimum.
When: Tue Feb 16, 2016 11am - 12pm Eastern Time
Where: MCS 148
Video call: https://plus.google.com/hangouts/_/bu.edu/shields-up  
Calendar: NRG at BU
     * doucette at bu.edu - creator

Event details:  

Invitation from Google Calendar: https://www.google.com/calendar/

You are receiving this email at the account nrg-l at cs.bu.edu because you are  
subscribed for notifications on calendar NRG at BU.

To stop receiving these emails, please log in to  
https://www.google.com/calendar/ and change your notification settings for  
this calendar.

Forwarding this invitation could allow any recipient to modify your RSVP  
response. Learn more at  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cs-mailman.bu.edu/pipermail/nrg-l/attachments/20160211/db8b5366/attachment.html>

More information about the NRG-L mailing list