[NRG] Notification: Shields Up! Defense for evading reconnaissance and JavaSc... @ Tue Feb 16, 2016 11am - 12pm (NRG at BU)

Cody Doucette doucette at bu.edu
Tue Feb 16 10:07:06 EST 2016

Hey everyone,

Just a reminder that this NRG seminar is today at 11:00 AM. Different day,
same time.

See you then!
On Feb 15, 2016 11:00 AM, "Google Calendar" <
calendar-notification at google.com> wrote:

> more details »
> <https://www.google.com/calendar/event?action=VIEW&eid=MDFpbDExY2NrZnVucmFjc2R2azV1NjAwdTggNTYwam42bnQ1aGo0b2YzcnNyaWNoZnB0aW9AZw>
> Shields Up! Defense for evading reconnaissance and JavaScript driven L7
> attacks (William Koch)
> Title: Shields Up! Defense for evading reconnaissance and JavaScript
> driven L7 attacks
> Authors: William Koch, Azer Bestavros
> Abstract:
> Cyber attacks can be categorized as opportunistic or targeted. In an
> opportunistic attack, the target is initially unknown. As a first step in
> identifying a potential target, the adversary will scan a network as part
> of their reconnaissance to find a candidate machine. While a targeted
> attack requires research and planning. As an example, JavaScript has been
> observed to perform application layer (L7) attacks such distributed denial
> of service (DDoS). Reverse proxies and web application firewalls (WAF) are
> the standard defense for the aforementioned threats, however deploying
> these defenses can be costly and cause additional overhead. In response, we
> develop Shields, a minimalist defense for evading reconnaissance and
> JavaScript driven L7 attacks. Shields are static HTML files used to block
> malicious JavaScript requests attempting to accesses unauthorized web
> resources. If a request is legitimate, the Shield uses port knocking to
> white list the client on the origin server thus keeping the origin server
> stealth to all other IPs. Shields provide an alternative defense to reduce
> a web servers attack surface, while keeping operating cost at a minimum.
> *When*
> Tue Feb 16, 2016 11am – 12pm Eastern Time
> *Where*
> MCS 148 (map <https://maps.google.com/maps?q=MCS+148&hl=en>)
> *Video call*
> https://plus.google.com/hangouts/_/bu.edu/shields-up
> <https://plus.google.com/hangouts/_/bu.edu/shields-up?hceid=NTYwam42bnQ1aGo0b2YzcnNyaWNoZnB0aW9AZ3JvdXAuY2FsZW5kYXIuZ29vZ2xlLmNvbQ.01il11cckfunracsdvk5u600u8>
> *Calendar*
> NRG at BU
> *Who*
>> doucette at bu.edu - creator
> Invitation from Google Calendar <https://www.google.com/calendar/>
> You are receiving this email at the account nrg-l at cs.bu.edu because you
> are subscribed for notifications on calendar NRG at BU.
> To stop receiving these emails, please log in to
> https://www.google.com/calendar/ and change your notification settings
> for this calendar.
> Forwarding this invitation could allow any recipient to modify your RSVP
> response. Learn More
> <https://support.google.com/calendar/answer/37135#forwarding>.
> _______________________________________________
> NRG-L mailing list
> NRG-L at cs.bu.edu
> http://cs-mailman.bu.edu/mailman/listinfo/nrg-l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cs-mailman.bu.edu/pipermail/nrg-l/attachments/20160216/4e1b41f0/attachment.html>

More information about the NRG-L mailing list