Speaker: Dr. Benjamin Livshits, Microsoft Research
Title: Finding Malware at Web Scale
A number of these projects have been successfully deployed within Bing and have been used daily to find and block malicious web sites, constituting one of the largest-scale deployments of static and runtime analysis techniques to date.
These systems all share two characteristics that are key to their deployability: they are fast and extremely precise. For example, Zozzle's false positive rate is about one in a million, while Nozzle's is nearly one in a billion.
Dr. Benjamin Livshits is a Senior Researcher at Microsoft Research and an affiliate professor at the University of Washington. He received a bachelor's degree in Computer Science and Math from Cornell University in 1999, and M.S. and Ph.D. degrees in Computer Science from Stanford University in 2002 and 2006, respectively. His research interests include application of sophisticated static and dynamic analysis techniques to finding errors in programs.
Dr. Livshits has published over 100 papers at venues such as PLDI, POPL, Oakland Security, Usenix Security, CCS, SOSP, CHI, ICSE, FSE, and many others. He is known for his work in software reliability, especially tools to improve software security and privacy. As part of his dissertation at Stanford, he worked on issues, ranging from preventing buffer overruns in C programs to detecting security vulnerabilities (cross-site scripting, SQL injections, etc.) in Web-based applications. He is the author of several dozen patents. Lately, he has been focusing on topics ranging from security and privacy, to static and runtime analysis, to crowd-sourcing, and augmented reality. Ben generally does not speak of himself in the third person.