Samaneh Tajalizadehkhoob shortlisted for Dutch Cyber Security Research best Paper Award competition 2018

News - 11 April 2018

The paper of Samaneh Tajalizadehkhoob et al. titled ‘Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting’ was shortlisted for Dutch Cyber Security Research best Paper Award competition 2018. An international jury, consisting of Prof. Dr. Konrad RieckProf. Evangelos Markatos and Prof. Richard Clayton under technical chairmanship of Drs. Jan Piet Barthel (dcypher/NWO), selected the research paper top five out of fifteen papers submitted.

The research paper top five candidates for the DCSRP Award 2018 were (in alphabetical order): 

1.      Economic Factors of Vulnerability Trade and Exploitation Luca Allodi et al.
2.      ASLR on the Line: Practical Cache Attacks on the MMU Ben Gras and Kaveh Razavi, et al.
3.      Millions of targets under attack: a macroscopic characterization of the DoS ecosystem Mattijs Jonker et al.
4.      Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting Samaneh Tajalizadehkhoob et al.
5.      The Dynamics of Innocent Flesh on the Bone: Code Reuse Ten Years Later Victor van der Veen and Dennis Andriesse et al.

The award ceremony took place took place during the Cyber Security track of ICT.OPEN2018 in Amersfoort

The winner of the DCSRP Award 2018 was: "ASLR on the Line: Practical Cache Attacks on the MMU" by Ben Gras, Kaveh Razavi et al., presented by Ben Gras. See also the news item on the dcypher website.

Abstract & Link to the Samaneh’s et al. paper: https://dl.acm.org/citation.cfm?id=3133971

Hosting providers play a key role in fighting web compromise, but their ability to prevent abuse is constrained by the security practices of their own customers. Shared hosting, offers a unique perspective since customers operate under restricted privileges and providers retain more control over configurations. We present the first empirical analysis of the distribution of web security features and software patching practices in shared hosting providers, the influence of providers on these security practices, and their impact on web compromise rates. We construct provider-level features on the global market for shared hosting -- containing 1,259 providers -- by gathering indicators from 442,684 domains. Exploratory factor analysis of 15 indicators identifies four main latent factors that capture security efforts: content security, webmaster security, web infrastructure security and web application security. We confirm, via a fixed-effect regression model, that providers exert significant influence over the latter two factors, which are both related to the software stack in their hosting environment. Finally, by means of GLM regression analysis of these factors on phishing and malware abuse, we show that the four security and software patching factors explain between 10% and 19% of the variance in abuse at providers, after controlling for size. For web-application security for instance, we found that when a provider moves from the bottom 10% to the best-performing 10%, it would experience 4 times fewer phishing incidents. We show that providers have influence over patch levels--even higher in the stack, where CMSes can run as client-side software--and that this influence is tied to a substantial reduction in abuse levels.