Measuring and Defending Against Search-Result Poisoning

ECE Seminar: Measuring and Defending Against Search-Result Poisoning

Starts at: March 5, 2015 4:30 PM

Ends at: 6:00 PM

Location: Scaife 125

Speaker: Dr. Nicolas Christin

Affiliation: Carnegie Mellon University

Refreshments provided: Yes

Link to Poster

Link to Video (1)


Search-result poisoning---the technique of fraudulently manipulating web search results---has become over the past few years a primary means of advertisement for operators of questionable websites. I will first describe the evolution of search-result poisoning using data on over five million search results that we collected over nearly four years.
I will then discuss the design, implementation and evaluation of a novel classification system which predicts, whether a given, not yet compromised website will become malicious in the future. Such a system could be proactively used at scale to prevent compromises of vulnerable web servers, in turn making search-poisoning attacks far more difficult.

Nicolas Christin is an Assistant Research Professor in Electrical and Computer Engineering at Carnegie Mellon University, where he is also affiliated with CyLab, the computer and information security research center. In addition, he has courtesy faculty appointments in the Information Networking Institute and in Engineering and Public Policy.
He holds a Diplôme d'Ingénieur from École Centrale Lille, and M.S. and Ph.D. degrees in Computer Science from the University of Virginia. After a postdoc in the School of Information at the University of California, Berkeley, he joined Carnegie Mellon in 2005. He worked for three years as resident faculty at CMU CyLab Japan, before returning to Carnegie Mellon's main campus in 2008. He subsequently served as Associate Director of the Information Networking Institute between 2008 and 2013.
His research interests are in computer and information security, with a particular focus on large-scale measurements, and on problems with relevant public policy aspects. He has most recently focused on measuring online crime, security economics, and psychological aspects of computer security. He equally enjoys field measurements and mathematical modeling.