Stanford Security Lunch
Fall 2022

Get announcements:


September 28, 2022 A Discussion with Stanford's Information Security Office

Speaker:  Stanford's Information Security Office Staff

Abstract:  The Stanford Information Security Office Consulting team will share upcoming ISO initiatives/program, such as Bug Bounty, Cybersecurity & Privacy Festival, and best practices including ways to identify phishing emails and securely share files. There will be an open Q&A session and discussion.

October 05, 2022 Catching Modern Web Threats with Advanced URL Filtering

Speaker:  Alex Starov (Palo Alto Networks)

Abstract:  In this talk, we will discuss modern challenges in detecting malicious web pages (such as phishing, scam, malware delivery) and how we can detect sophisticated malicious campaigns. Alex will provide an overview of recent research projects and detection techniques that his team developed for the Advanced URL Filtering solution at Palo Alto Networks, which is one of the leading Web categorization products in the industry. We will touch on such topics as defeating malicious cloaking, methods to detect malicious JavaScript (in the very broad definition, i.e. JavaScript used by malicious web pages of different kinds), necessary data-driven and ML-powered solutions, and threat-agnostic detection techniques. Alex will talk about limitations of the reactive blocklists and static databases, and how we can detect malicious URLs that are being seen for the first time by deploying detectors inline for real-time analysis. Finally, Alex will be happy to share his experience of differences between academia and industry, lessons learned on his path from security PhD student, industry intern, security researcher, senior and principal researcher, to managing the research team.

October 12, 2022 TBA

Speaker:  Gautam Akiwate

Abstract: 

October 19, 2022 Attacking the Brain: Security and Privacy Case Studies in Online Advertising, Misinformation, and Augmented Reality

Speaker:  Franziska Roesner (University of Washington)

Abstract:  People who use modern technologies are inundated with content and information from many sources, including advertisements on the web, posts on social media, and (looking to the future) content in augmented or virtual reality. While these technologies are transforming our lives and communications in many positive ways, they also come with serious risks to users’ security, privacy, and the trustworthiness of content they see: the online advertising ecosystem tracks individual users and may serve misleading or deceptive ads, social media feeds are full of potential mis/disinformation, and emerging augmented reality technologies can directly modify users’ perceptions of the physical world in undesirable ways. In this talk, I will discuss several lines of research from our lab that explore these issues from a broad computer security and privacy perspective, leveraging methodologies ranging from qualitative user studies to systematic measurement studies to system design and evaluation. What unites these efforts is a key question: how are our brains "under attack" in today's and tomorrow's information environments, and how can we design platforms and ecosystems more robust to these risks?

October 26, 2022 TBA

Speaker:  Zhuolin Yang (University of Chicago)

Abstract: 

November 02, 2022 TBA

Speaker:  Alexander Viand (ETH Zurich)

Abstract: 

November 09, 2022 TBA

Speaker:  Emily Black

Abstract: 

November 16, 2022 TBA

Speaker:  Sarah Scheffler (Princeton University)

Abstract: 

November 23, 2022 Thanksgiving

November 30, 2022 TBA

Speaker:  Marco Vassena

Abstract: 

December 07, 2022 TBA

Speaker:  Stephan Somogyi (Google)

Abstract: 

December 14, 2022 TBA

Speaker:  Armin Namavari (Cornell University)

Abstract: