Twitter spam paper at CCS 2010

Posted on June 2010 by admin

My paper about spam on Twitter has been accepted into ACM Conference on Computer and Communications Security in Oct 2010. It’s going to be a fun presentation in Chicago, and I’m looking forward to continuing the project now that we have the first part of our work out on it.

Overall it was an interesting project that’s goal was to understand spam on Twitter and what, if anything, is the difference between Twitter spam and email spam (besides that it’s shorter). More details on the results and analysis after the camera ready…

Official citation:

Chris Grier, Kurt Thomas, Vern Paxson and Michael Zhang, “@spam: The underground on 140 characters or less,” To appear in the Proceedings of the ACM Conference on Computer and Communications Security (CCS), October 2010.

Posted in research | Tagged , | Comments Off

New papers up – WWW, LEET, PETS

Posted on May 2010 by admin

I’ve put added recent publications to the research page including links to the PDFs. Shuo presented our paper on Alhambra at WWW, Cho presented our paper on MegaD infiltration at LEET, and Kurt will be presenting unFriendly at PETS this summer which is a project that examines multi-party privacy on Facebook. If we are lucky, I’ll be presenting a Twitter-related paper next Fall.

Short paper summaries:

Alhambra – a browser-based replay system to test client side security policies. Using replay and comparison metrics we can quickly and automatically determine if a particular browser security policy breaks web applications.

MegaD infiltration – Developed milkers to continually monitor and participate (in a safe manner) in the command and control network used by the MegaD spamming botnet. We present our analysis of four months of C&C infiltration.

unFriendly – Examined multi-party privacy on Facebook. Multi-party privacy conflicts exist when one user has more restrictive privacy settings than their friend and using simple data mining techniques, we are able to infer private profile attributes by examining the conflicts that exist for users on Facebook.

Posted in research | Comments Off

Moved to Berkeley: research and climbing

Posted on January 2010 by admin

Last fall I moved to Berkeley and started as a postdoc in the EECS department for Vern Paxson. I’ve been there now for about 4 months working on a number of different security topics ranging from web security to bot nets.

On the web front we just found out that we have a paper in WWW 2010 on a system named Alhambra, that was the third (and final) part of my dissertation.

On bots, I’ve taken some responsibility on the farming of bots, including testing new malware binaries, attempting to identify malware, and keeping bots running in an environment where we can monitor them.

Another interesting project has involved Twitter (with Steve and Kurt), and I’ve been doing a lot of infrastructure work to get our code running on the scale we need. Python, Amazon’s EC2, and the multiprocessing library seem to be the key so far to making things work the scale we are aiming for.

Finally, climbing – There’s been a lot of weekend trips since I moved here: Yosemite, Kings Canyon, Pinnacles national monument, Mount Diablo, Bishop, Owns River gorge, Castle Rock state park, and probably others. Climbing a lot at Berkeley Ironworks too.

Posted in research, vacation | Comments Off

Red Rocks and RRG climbing

Posted on September 2009 by admin

I have just about finished moving out to Berkeley, CA where I have started my position as a postdoc. Now that I almost have a computer setup, its about time to get pictures on here from Red River Gorge, KY and Red Rocks Canyon, NV, the two most recent climbing trips. The RRG trip was this last summer leaving from UIUC with Kurt, Mirella, Justin and Carolyn. The Red Rocks trip was during all our free time during DEFCON, about 4 trips each.

RRG – Climbed for two days, then it started raining. We hit Muir Valley (practice wall area) and the Natural Arch (roadside crag). There’s plenty of climbing all over, but unless you comfortably can climb 5.12 sport or trad, be prepared to drive around to find stuff that’s in your range.

Red Rocks – Mostly climbed at First and Second Pullout, at Black Corridor, the Gallery, and the Panty Wall. The Black Corridor was right in our range for climbing, not impossible, but a good range of routes to climb during the day (and in the shade). The panty wall was simply too easy, and would have been a good warmup if it wasn’t already 105 deg outside. The Gallery area was good but not as big as I expected and it took us a long time to find the right approach. It was our last day so we were tired from DEFCON and the other days of climbing, so a few hours in the morning shade climbing and we had done most of the routes we wanted to.

Posted in vacation | Comments Off

Gazelle press!

Posted on July 2009 by admin

The Gazelle web browser, which was my summer project in 2008 at MSR, has been getting a lot of press lately and even has a wikipedia page now. It’s interesting to read and see what different writers say and how people have been reacting.

There’s two official docs from MSR on Gazelle, a tech report and the USENIX Security 2009 publication. The publication is an improved version of the TR, so I’d stick with that. If there are more, let me know (grier@imchris.org). I’ve given a couple talks on Gazelle, one at Stanford for EE 380 that is online somewhere, and anyone can email me for my slides.

Posted in research | Comments Off

Gazelle – MSR project update

Posted on July 2009 by admin

The project that I designed and developed at MSR last summer is going to be at USENIX security (and was previously a tech report). It’s available as a PDF here.

Simply put, Gazelle is a browser with an OS architecture that provides greater strength against different types of attacks than other browsers. By adopting OS principles the browser is able to provide isolation for different-origin content, with additional control over display and user generated events. There’s a lot more to it and the full details are described in the paper.

Back to UIUC, we have adapted a couple of the ideas from the Gazelle paper into the OP web browser, such as the isolation of frames and the display security (and delegate-once policy), though it is a much different implementation than Gazelle.

Gazelle has been slashdotted a few times (first and second), and there’s a pretty good Arstechnica article on it.

Posted in research | Tagged | Comments Off

Climbing at Jackson and Cedar Bluff

Posted on June 2009 by admin

I have recently started climbing outdoors. As of June 2009 I’ve been to Jackson Falls and Cedar Bluff both in southern IL. I’ll try and post pictures of climbs here when I have them. There’s a lot of good resources already online for Jackson and other places in IL, so I’ll try and link those too.

Jackson directions and routes online.

Cedar Bluff directions and routes

Vertical Heartland, A Rock Climber’s Guide to Southern Illinois by Eric Ulner looks like the best resource for climbing in IL.

Cedar Bluff – Saturday May 30, we went to Cedar Bluff. I had never been there before. The directions found on the link above are right. Park by the church and hike up a short trail to the bluff. It was raining when we got there, but the first few climbs were dry. At the bluff we climbed:

Africa and detention

Africa (left side, 5.8) and Detention (right side, 5.10a) at Cedar Bluff

Detention (5.10a lead, right where the trail meets the bluff)
Africa (5.8 top rope, directly next to Detention)
Fear of Flying (5.9, off-width crack, coming up from the trail go to the left)
Dos Equis (5.9+ lead, coming up the trail go to the right.)

off width crack - Kurt

Fear of Flying (5.9, off-width crack) at Cedar Bluff

Jackson Falls – Sunday, may 31 we drove to Jackson. I had been there once before but for the most part climbed new routes. This was the second day of lead climbing outside for me so we took it easy and did some great routes.

Yosemite Slab area – Fun routes, good to get going. Two out of the four of us had never climbed outdoors before, so this was a fun start.

Pete’s Lead (5.7, top rope)
Smidgin (5.6, lead)
Tina’s Soul Food Kitchen (5.7, lead)
Easy Gully (5.6, top rope)

Royal Arch wall – I had climbed here the one time I had been to Jackson before, and done one of the routes next to Deetle Dumps (maybe Archangel, 5.10a, or The Meanest Flower, 5.9)

Deetle Dumps (5.8, lead)

Wave Wall – This route was difficult, either I was tired from the previous day and other climbs or something, but doing Fine Nine really made me tired for the day.

Fine Nine (5.9+, lead, right side picture)

pete's lead and rope

Pete's Lead (5.7, crack on left) and part of Smidgin (5.6 right side of the picture) at Jackson Falls

Fine Nine

Fine Nine (5.9+) at Jackson Falls

Mr. Jimmy – A  tall free standing boulder, the easy climb was fun and fairly long. The camera battery died before we got here, so there aren’t any pictures.

Big wall Greg’s Chicken Shack (5.6, lead)
Venom (5.10a, lead)

Posted in vacation | Tagged , , | Comments Off

more papers!

Posted on April 2009 by admin

Two more publications: The Gazelle paper is going to be at USENIX Security and a short paper at Web 2.0 Security and Privacy on plugin security. See my research page for more information! PDFs should be online as soon as I’ve finished the camera ready versions.

Also, I did a talk at Stanford for the Electrical Engineering Computer Systems Colloquium (EE 380), the video should be online here. There were some technical difficulties with the projector, but for the online version that might not be visible.

Posted in research | Comments Off

unFriendly – looking at personal information

Posted on March 2009 by admin

SigMIL participated in this year’s Engineering Open House with a project called unFriendly. The goal was originally to see if we could infer, with some degree of success, information about people on Facebook based on their friends’ profiles (we can).

After we had that, the goals changed some to a tool that creates profiles with different sources of information. We had Facebook data (from crawling), campus phone book data (also has a LDAP version), voter records (for Champaign County) and we put it all together in nice google-knockoff web site that lets people search and see what data we can gather and infer about someone. Right now our dataset is limited to people at UIUC, but it wouldn’t be difficult to extend it to larger groups.

Posted in research, school | Comments Off

Death Valley

Posted on December 2008 by admin

During Thanksgiving break I went to Death Valley National Park. Flew into Las Vegas and drove to the park. It’s an amazing place. I started to write a short page about the different things I ended up doing and there’s pictures on my flicker feed. I joined the pro flickr club so they won’t be disappearing. The trip was pretty long though a lot of fun.

The rest of the fall semester is going to be working on another project, my thesis propsal and setting up prelims. I might even have to start interviewing for jobs.

Posted in vacation | Comments Off