Seminar: A Data-driven Approach to Identifying Internet Security Challenges
Taejoong (Tijay) Chung
Assistant Professor, Rochester Institute of Technology
Thursday, February 13, 2020
9:30am - 10:30am
655 McBryde Hall
Public key infrastructures (PKIs) enable secure communication between different entities over an untrusted network. Due to this ability, PKIs are now central to security on the Internet: large-scale PKIs enable the security guarantees provided by protocols like HTTPS, DNSSEC, and the RPKI. Unfortunately, despite these guarantees, there have been numerous security failures involving these protocols; ultimately, most of these failures are rooted in discordance between how these protocols are designed and how they are actually used in practice.
In this talk, I will present an overview of my recent work that applies large-scale measurement and analysis to understand how security protocols are (mis)used in practice. I will first discuss how my measurements reveal widespread private key sharing between different entities in HTTPS ecosystem, breaking many security assumptions and making certain entities attractive attack targets. I will then describe how my large-scale study of the DNSSEC revealed that over 30% of domains that try to deploy DNSSEC fail to do so correctly, why it is currently so challenging for domain owners to do so, and how we can improve it. I conclude with a discussion of my on-going funded research and future research directions.
Taejoong (Tijay) Chung is an Assistant Professor at the Computer Science department in B. Thomas Golisano College of Computing and Information Sciences at the Rochester Institute of Technology. Before joining RIT, he spent 3 years at Northeastern University working as a postdoc. He received his Ph.D. in Computer Science and Engineering from Seoul National University in 2015. His work focuses on Internet security, privacy implications, and Internet measurement, which are supported by two NSF grants. He is a recipient of the IETF/IRTF Applied Networking Research Prize (2019), ACM IMC Distinguished Paper Award (2019), USENIX Security Distinguished Paper Award (2017), and Best Paper Award at IEEE Computer Society (ComSoc) Seoul Chapter (2010).