{"668420":{"#nid":"668420","#data":{"type":"event","title":"PhD Defense by Dhruv Kuchhal","body":[{"value":"\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003E\u003Cstrong\u003ETitle:\u003C\/strong\u003E Building Trust In the Online Ecosystem through Empirical Evaluations of Web Security and Privacy Concerns.\u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003E\u003Cstrong\u003EDate:\u003C\/strong\u003E Monday, July 17, 2023.\u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003E\u003Cstrong\u003ETime:\u003C\/strong\u003E 11am \u2013 1pm EST.\u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003E\u003Cstrong\u003ELocation:\u003C\/strong\u003E MS Teams meeting: \u003Ca href=\u0022https:\/\/teams.microsoft.com\/l\/meetup-join\/19%3ameeting_NmU1NGM3Y2ItNzlmOC00OTM4LThhMmQtOWJmMzI3YmVhNjQ4%40thread.v2\/0?context=%7b%22Tid%22%3a%22482198bb-ae7b-4b25-8b7a-6d7f32faa083%22%2c%22Oid%22%3a%222f0ef42f-fa54-4a90-adfa-65d12aa2a24d%22%7d\u0022\u003Elink\u003C\/a\u003E (ID: 296 859 795 059, Passcode: 9UqRXg)\u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003E\u003Cstrong\u003EDhruv Kuchhal\u003C\/strong\u003E\u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003EPh.D. Candidate in Computer Science\u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003ESchool of Cybersecurity and Privacy\u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003EGeorgia Institute of Technology\u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003E\u003Cstrong\u003ECommittee:\u003C\/strong\u003E\u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003EDr. Frank Li (Advisor), School of Cybersecurity and Privacy, Georgia Institute of Technology\u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003EDr. Paul Pearce, School of Cybersecurity and Privacy, Georgia Institute of Technology\u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003EDr. Brendan Saltaformaggio, School of Cybersecurity and Privacy, Georgia Institute of Technology\u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003EDr. Alberto Dainotti, School of Computer Science, Georgia Institute of Technology\u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003EDr. Adam Oest, PayPal, Inc.\u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003E\u003Cstrong\u003EAbstract:\u003C\/strong\u003E\u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003ESecurity and privacy concerns for the web can manifest in practice due to inadvertent misconfigurations, or intentionally be considered an acceptable risk to promote better usability or compatibility. Our community needs to monitor when these concerns become realistic threats that erode trust in the ecosystem, so that appropriate defenses can be adopted to mitigate the threats while minimizing the decline in usability. To take a meaningful next step towards improving the state of trust and safety for users on the web, it is imperative to first bridge the gap between theory and practice by corroborating with evidence the extent to which such weaknesses exist on the web today. This dissertation demonstrates how large-scale empirical studies help uncover such gaps in real-world implementations. \u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003ETrust and safety go both ways between users and online platforms. To study the security and privacy concerns for platforms, we present measurement techniques to (i) analyze the practical security provided by passwordless authentication to securely authenticate users when deployed in the real world, and (ii) evaluate the efficacy of YouTube\u0027s anti-abuse measures to protect their content from manipulation by malicious actors in terms of organically produced fake engagement. On the other hand, for users to trust online services with their data, they too expect a certain level of privacy when online. To that end, our work explores the privacy implications of (i) local network communications by popular websites, and (ii) invasive access to a user\u0027s web activity by in-app browsers in popular Android apps.\u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003EThrough the studies presented in this dissertation, we find that measurement methods, such as the ones we present, are effective at highlighting the gaps between secure configurations that exist in theory, and real-world implementations which seldom follow best practices. Across various contexts, we learn that the gaps exist because web services optimize for lower user friction, without taking full cognizance of the risks involved. Ultimately, we demonstrate that for broader adoption of recommendations made by security practitioners in theory, we need increased operational insights of real-world systems.\u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n","summary":"","format":"limited_html"}],"field_subtitle":"","field_summary":[{"value":"\u003Cp\u003E\u003Cspan\u003E\u003Cspan\u003EBuilding Trust In the Online Ecosystem through Empirical Evaluations of Web Security and Privacy Concerns.\u003C\/span\u003E\u003C\/span\u003E\u003C\/p\u003E\r\n","format":"limited_html"}],"field_summary_sentence":[{"value":"Building Trust In the Online Ecosystem through Empirical Evaluations of Web Security and Privacy Concerns."}],"uid":"27707","created_gmt":"2023-07-10 19:08:59","changed_gmt":"2023-07-10 19:08:59","author":"Tatianna Richardson","boilerplate_text":"","field_publication":"","field_article_url":"","field_event_time":{"event_time_start":"2023-07-17T11:00:00-04:00","event_time_end":"2023-07-17T13:10:00-04:00","event_time_end_last":"2023-07-17T13:10:00-04:00","gmt_time_start":"2023-07-17 15:00:00","gmt_time_end":"2023-07-17 17:10:00","gmt_time_end_last":"2023-07-17 17:10:00","rrule":null,"timezone":"America\/New_York"},"location":"TEAMS","extras":[],"groups":[{"id":"221981","name":"Graduate Studies"}],"categories":[],"keywords":[{"id":"100811","name":"Phd Defense"}],"core_research_areas":[],"news_room_topics":[],"event_categories":[{"id":"1788","name":"Other\/Miscellaneous"}],"invited_audience":[{"id":"78771","name":"Public"}],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[],"email":[],"slides":[],"orientation":[],"userdata":""}}}