Abstract:

For far too long, computer science has approached security in an ad hoc and reactionary manner. If we are to make meaningful progress, we need to fundamentally shift our approach to securing systems to be data-driven and epidemiological.

Over the course of my Ph.D., I have built systems to facilitate a data-driven approach to security, and I have applied this methodology to tackle some of the most pressing real-world security problems.

In this talk, I first will highlight how Internet-wide scanning has enabled us to identify weaknesses in how the Diffie-Hellman protocol has been deployed, uncover real-world attacks against email delivery, and guide users in patching vulnerabilities. Next, I will present how, by instrumenting web servers at major service providers, we found that current TLS interception practices are drastically reducing the security of HTTPS. I will conclude by discussing how, in the future, I want to elevate data-driven security beyond individual systems and tools to make it a fundamental part of the Internet ecosystem.

Bio:

Zakir Durumeric is a Ph.D. Candidate in the Computer Science and Engineering program at the University of Michigan and a Google Research Fellow.

His research focuses on systems and network security, and his work has received the IRTF Applied Networking Research Prize and best paper awards from USENIX Security, ACM CCS, and ACM IMC.

He was named one of MIT Technology Review’s 35 Innovators under 35 in 2015.