Regular Events


Events

WHO: Paridhi Jain, IIIT-Delhi
WHAT: CERC's second Ph.D. thesis defense
WHEN: 1730 - 1900hrs IST, April 25, 2016
WHERE: Board room, B Wing, 5th floor, IIIT-Delhi
Title: Automated Methods for Identity Resolution across Online Social Networks
Abstract: Today, more than two hundred Online Social Networks (OSNs) exist where each OSN extends to offer distinct services to its users such as eased access to news or better business opportunities. To enjoy each distinct service, a user innocuously registers herself on multiple OSNs. For each OSN, she defines her identity with a different set of attributes, genre of content and friends to suit the purpose of using that OSN. Thus, the quality, quantity and veracity of the identity varies with the OSN. This results in dissimilar identities of the same user, scattered across Internet, with no explicit links directing to one another. These disparate unlinked identities worry various stakeholders. For instance, security practitioners find it difficult to verify attributes across unlinked identities; enterprises fail to create a holistic overview of their customers.
Research that finds and links disconnected identities of a user across OSNs is termed as identity resolution. Accessibility to unique and private attributes of a user like ‘email’ makes the task trivial, however in absence of such attributes, identity resolution is challenging. In this dissertation, we make an effort to leverage intelligent cues and patterns extracted from partially overlapping list of public attributes of compared identities. These patterns emerge due to consistent user behavior like sharing same mobile number, content or profile picture across OSNs. Translating these patterns into features, we devise novel heuristic, unsupervised and supervised frameworks to search and link user identities across social networks. Proposed search methods use an exhaustive set of public attributes looking for consistent behavior patterns and fetch correct identity of the searched user in the candidate set for an additional 11% users. An improvement on the proposed search mechanisms further optimizes time and space complexity. Suggested linking method compares past attribute value sets and correctly connect identities of an additional 48% users, earlier missed by literature methods that compare only current values. Evaluations on popular OSNs like Twitter, Instagram and Facebook prove significance and generalizability of the linking method.
Proposed search and linking methods are applicable to users that exhibit evolutionary and consistent behavior on OSNs. To understand the dynamics and reasons for such behavior, we conduct two independent in-depth studies. For user evolutionary behavior, specifically for username, we observe that username evolution leads to broken link (404 page) to a user profile. Yet, 10% of 8.7 million tracked Twitter users changed their username in two months. Investigation reveals that reasons to change include malign intentions like fraudulent username promotion and benign ones like express support to events. We believe that Twitter can monitor frequent username changes, derive malign intentions and suspend accounts if needed. Study of sharing information consistently across OSNs, e.g. mobile number, highlights why users share a personally identifiable information online and how can it be used with auxiliary information sources to derive details of a user.
In summary, this dissertation encashes previously unused public user information available on a social network for identity resolution via novel methods. The thesis work makes following advancements: a) Propose search frameworks that aim to fetch correct identity of a user in the candidate set by searching with public and discriminative attributes, b) Propose a supervised classification framework for linking identities that compares respective attribute histories in situations where state-of-the-art methods fail to predict the link, c) Study username evolution on Twitter, and d) Study mobile number sharing behavior across OSNs. Proposed methods require no user authorization for data access, yet successfully leverage innocuous user public activity and details, find her accounts across OSNs and help stakeholders with better insights on user’s likings or her suspicious intentions.

Thesis Evaluation Committee:
  • Prof. Alan Mislove, NEU
  • Prof. Amitabha Bagchi, IIT Delhi
  • Dr. Sachin Lodha, TRDDC
  • PK (Chair), IIIT-Delhi

View it on Facebook!
WHO: Sonal Goel, IIIT-Delhi
WHAT: CERC's eighth Master's thesis defense
WHEN: 1600 - 1730 IST, April 25, 2016
WHERE: Board Room, 5th Floor, IIIT-Delhi
Title: Image Search for Improved Law and Order: Search, Analyze, Predict image spread on Twitter
Abstract:Social media is often used to spread images that can instigate anger among people, hurt their religious, political, caste, and other sentiments, this in return can create law and order situation in society. This results the need for law enforcement agencies to inspect the spread of images related to such events on social media in real time. To help the law enforcement agencies to analyse the image spread on microblogging websites, we developed an Open Source Real Time Image search system, where the user can give an image, and a supportive text related to image and the system finds the images that are similar to the input image and their count. The system proposed is robust to identify images that can be cropped, scaled (to a certain factor), images with text embedded, images stitched with other images, images with varied brightness, and some combination of all these. On the input text, the system runs a text mining algorithm to extract the keywords, retrieve images related to these keywords from Twitter, and use Image comparison methodology to extract similar images. The system can analyse the users who were propagating the content, the sentiments floating with them, and their retweet analysis. We found that Improved ORB (ORB + RANSAC) performs the best for image similarity and using it we are able to achieve an accuracy of above 85% in all the cases tested. The system developed is being used in one of the Government security agency. In addition to identifying the similar images, we also aim to predict the influence of such events on people as diffusion rate. In microblogging sites like Twitter, information provided by tweets diffuses over the users through retweets. Hence, to further enhance the understanding and controlling the diffusion of these kinds of images, we focus to predict the retweet count of such images by using visual cues from the images, content based information and structure-based features. For this, we build a random forest regression model that takes some tweet, image and structural features to predict the retweet count.

Thesis Evaluation Committee:
  • Dr. AV Subramanyam, IIIT-Delhi
  • Dr. Samarth Bharadwaj, IBM
  • Dr. PK (Chair), IIIT-Delhi

View it on Facebook!
WHO: All students, faculty, and researchers working in the area of security and privacy.
WHAT: Any average Internet user today has multiple online accounts-with Online Social media, with Third-party Cloud service providers, with On-line banking services etc. With such a lifestyle, it is always possible for an individual or a group to become vulnerable to various online security breaches and privacy threats. Researchers are constantly trying to find out solutions to these problems. Last year, we began this endeavor to bring all the topics related to security and privacy under one roof and build a close-knit community. With the Security & Privacy Symposium 2016, we continue this effort of strengthening our community of researchers, faculty, and students in security and privacy area in India.
WHEN: February 12 - 13, 2016
WHERE: Indraprastha Institute of Information Technology, Delhi
WHY: To be part of this growing community of security and privacy in India.

Visit website
WHO: School Teachers
WHAT: The program will discuss current usage of social media by teens in India, and opportunities and risks of using Online Social Media. It intends to enable teachers to evolve approaches to recognize and prevent cyber-bullying, and enable students to be safe on Online Social Media. The program will go in detail and let the teachers do various activities by themselves in the lab.
WHEN: 1000 - 1700 hrs IST
WHERE: Student Centre, IIIT-Delhi
Co-organized with Central Board of Secondary Education (CBSE)
WHO: Shobhita Saxena, IIIT-Delhi
WHAT: CERC's seventh Master's thesis defense
WHEN: 0900 - 1000 IST, July 29, 2015
WHERE: Director’s Meeting Room (5th Floor, A-wing), IIIT-Delhi
Title: Video Inpainting detection using inconsistencies in optical Flow
Abstract:In recent years due to advancement in video and image editing tools it has become increasingly easy to modify the multimedia content. The doctored videos are very difficult to identify through visual examination as artifacts left behind by processing steps are subtle and cannot be easily captured visually. Therefore, the integrity of digital videos can no longer be taken for granted and these are not readily acceptable as a proof-of-evidence in court-of-law. Hence, identifying the authenticity of videos has become an important field of information security.
In this thesis work, we present a novel approach to detect and temporally localize video inpainting forgery based on optical flow consistency. The proposed algorithm comprises of two stages. In the first step, we detect if the given video is inpainted or authentic and in the second step we perform temporal localization. Towards this, we first compute the optical flow between frames. Further, we analyze the goodness of fit of chi-square values obtained from optical flow histograms using a Guassian mixture model. A threshold is then applied to classify between authentic and inpainted videos. In the next step, we extract Transition Probability Matrices (TPMs) by modelling the optical flow as first order Markov process. SVM based classification is then applied on the obtained TPM features to decide whether a block of non-overlapping frames is authentic or inpainted thus obtaining temporal localization. In order to evaluate the robustness of the proposed algorithm, we perform the experiments against two popular and efficient inpainting techniques. We test our algorithm on public datasets like PETS and SULFA. The results show that the approach is effective against the inpainting techniques. In addition, it detects and localizes the inpainted frames in a video with high accuracy and low false positives

Thesis Evaluation Committee:
  • Sambuddho Chakravarty, IIIT-Delhi
  • Pradeep Atrey (University of Winnipeg)
  • A V Subramanyam (Chair), IIIT-Delhi
WHO: Rahul Kumar Singh, IIIT-Delhi
WHAT: CERC's sixth Master's thesis defense
WHEN: 1500 - 1600 IST, July 28, 2015
WHERE: Director’s Meeting Room (5th Floor, A-wing), IIIT-Delhi
Title: TASVEER : Tomography of India’s Internet Infrastructure
Abstract:With approximately 250 million Internet users, India stands amongst the top 5 Internet using nations of the world. India’s network space is made up of 789 Autonomous Systems (ASes), that route all the network traffic of India. On the other hand, US has approximately 300 million users, whose traffic is routed over 22K ASes. Thus, a relatively small network routes the traffic of large number of Indian users. Failures and attacks in such networks could impact large number of users. However, being a relatively small number, it becomes easy to generate maps presenting the connectivity of ASes in the networks and the routers that make up the ASes. Such information could be used for various purposes such as diagnosing network failures and attacks, large scale network surveillance and bypassing such surveillance, load balancing, efficient content distribution and delivery.
We present, a first effort to our knowledge, the topological information of India’s entire Internet space representing the connectivity between all 789 ASes and intra-domain routers. Our research presents information of routers and ASes that transport relatively large fraction of traffic for vital network installations like popular ISP users, important organizations like financial institutions, educational institutions, research organizations etc.

Thesis Evaluation Committee:
  • Vinayak Naik, IIIT-Delhi
  • Mohan Dhawan (IBM Research Lab, Delhi)
  • Sambuddho Chakravarty (Chair), IIIT-Delhi
WHO: Aditi Gupta, IIIT-Delhi
WHAT: CERC's first Ph.D. thesis defense
WHEN: 1630 - 1830hrs IST, July 6, 2015
WHERE: Board room, B Wing, 5th floor, IIIT-Delhi
Title: Designing and Evaluating Techniques to Mitigate Misinformation Spread on Microblogging Web Services
Abstract: Online social media is a powerful platform for dissemination of information during important real-world events. Beyond the challenges of volume, variety and velocity of content generated on online social media, veracity poses a much greater challenge for effective utilization of this content by citizens, organizations, and authorities. Veracity of information refers to the trustworthiness / credibility / accuracy / completeness of the content. Over last few years social media has also been used to disseminate misinformation in the form of rumors, hoaxes, fake images, and videos. We aim to address this challenge of veracity or trustworthiness of content posted on social media. The spread of such untrustworthy content online has caused the loss of money, infrastructure and threat to human lives in the offline world. We focus our work on Twitter, which is one of the most popular microblogging web service today. We provide an in-depth analysis of misinformation spread on Twitter during real-world events. We propose and evaluate automated techniques to mitigate misinformation spread in real-time.
The main contributions of this work are: (i) we analyzed how true versus false content is propagated through the Twitter network, with the purpose of assessing the reliability of Twitter as an information source during real-world events; (ii) we showed the effectiveness of automated techniques to detect misinformation on Twitter using a combination of content, meta-data, network, user profile and temporal features; (iii) we developed and deployed a novel framework for providing indication of trustworthiness / credibility of tweets posted during events. We evaluated the effectiveness of this real-time system with a live deployment used by real Twitter users. First, we analyzed Twitter data for 25+ global events from 2011-2014 for the spread of fake images, rumors, and untrustworthy content. Some of the prominent events analyzed by us are: Mumbai blasts (2011), England Riots (2011), Hurricane Sandy (2012), Boston Marathon Blasts (2013), Polar Vortex (2014). We identified tens of thousands of tweets containing fake images, rumors, fake websites, and by malicious user profiles for these events. We performed an in-depth characterization study of how this false versus the true data is introduced and disseminated in the Twitter network. Second, we showed how features of meta-data, network, event and temporal from user-generated content can be used effectively to detect misinformation and predict its propagation during real-world events. Third, we proposed and evaluated an automated methodology for assessing credibility of information in tweets using supervised machine learning and relevance feedback approach. We developed and deployed a real-time version in TweetCred, a system that assigns a credibility score to tweets. TweetCred, available as a browser plug-in, has been installed and used by 1,808 real Twitter users. During ten months of its deployment, the credibility score for about 12 million tweets was computed, allowing us to evaluate TweetCred in terms of accuracy, performance, effectiveness and usability. The system TweetCred built as part of this thesis work is used effectively by emergency responders, firefighters, journalists and general users to obtain credible content from Twitter. This thesis work has shown that measuring credibility of the Twitter content is possible using semi-automated techniques, and the results can be valuable to the real-world users. The insights obtained from this research and deployment provide a basis for building more sophisticated technology to tackle similar problems on different sourceial media.

Thesis Evaluation Committee:
  • Prof. Tim Finin, UMBC, USA
  • Prof. Jussara Almeida, UFMG, Brazil
  • Dr. L V Subramaniam, IBM-IRL, India
  • PK (Chair), IIIT-Delhi

View it on Facebook!
WHO: Vaishali Garg, IIIT-Delhi
WHAT: CERC's fifth Master's thesis defense
WHEN: 1100 - 1200 IST, June 19, 2015
WHERE: 4th Floor Conference Room (B-wing), IIIT-Delhi
Title: Novel Instruction Set Architecture Based Side Channels in popular SSL/TLS Implementations
Abstract: Various Open Source Cryptographic Libraries are being used these days to implement the general purpose cryptographic functions and to provide a secure communication channel over the Internet. These libraries, that implement SSL/TLS, have been targeted by various side channel attacks in the past that result in leakage of sensitive information flowing over the network. Side channel attacks rely on inadvertent leakage of information from devices through observable attributes of online communication. Some of the common side channel attacks discovered so far rely on packet arrival and departure times (Timing Attacks), power usage and packet sizes. Our research explores novel side channel attack that relies on CPU architecture and instruction sets. In this research, we explored such side channel vectors against popular SSL/TLS implementations which were previously believed to be patched against padding oracle attacks, like the POODLE attack. We were able to successfully extract the plaintext bits in the information exchanged using the APIs of two popular SSL/TLS libraries.

Thesis Evaluation Committee:
  • H. B. Acharya, IIIT-Delhi
  • Mohan Dhawan (IBM Research Lab, Delhi)
  • Sambuddho Chakravarty (Chair), IIIT-Delhi

Day 1: Slides
Day 2: Slides
Event
WHO: All students, faculty, and researchers working in the area of security and privacy.
WHAT: Any average Internet user today has multiple online accounts-with Online Social media, with Third-party Cloud service providers, with On-line banking services etc. With such a lifestyle, it is always possible for an individual or a group to become vulnerable to various online security breaches and privacy threats. Researchers are constantly trying to find out solutions to these problems. Last year, we began this endeavor to bring all the topics related to security and privacy under one roof and build a close-knit community. With the Security & Privacy Symposium 2015, we continue this effort of strengthening our community of researchers, faculty, and students in security and privacy area in India.
WHEN: February 13 - 14, 2015
WHERE: Indraprastha Institute of Information Technology, Delhi
WHY: To be part of this growing community of security and privacy in India.

Visit website
WHO: Aritra Dhar, M.Tech (Information Security), IIIT-Delhi
WHAT: CERC's fourth Master’s thesis defense
WHEN: 1500 - 1600hrs IST, November, 2014
WHERE: Board room, B Wing, 5th floor, IIIT-Delhi
WHY: CERCs put in a lot of effort in their work, you don't want to miss seeing it. There will be some free snacks too :-)
Title: Clotho: Saving Programs from Malformed Strings and Incorrect String-handling
Abstract: Programs are susceptible to malformed data coming from untrusted sources. Occasionally the programming logic or constructs used are inappropriate to handle all types of constraints that are imposed by legal and well-formed data. As a result programs produce unexpected results or even worse, they may crash. Program behavior in both of these cases would be highly undesirable. In this thesis work, we present a novel hybrid approach that saves programs from crashing when the failures originate from malformed strings or inappropriate handling of strings. Our approach statically analyses a program to identify statements that are vulnerable to failures related to associate string data. It then generates patches that are likely to satisfy constraints on the data, and in case of failures produce program behavior which would be close to the expected. The precision of the patches is improved with the help of a dynamic analysis. The patches are activated only after a failure is detected, and the technique incurs no runtime overhead during normal course of execution, and negligible overhead in case of failures. We have experimented with Java String API, and applied Clotho to several hugely popular open-source libraries to patch 30 bugs, several of them rated either critical or major. Our evaluation shows that Clotho is both practical and effective. The comparison of the patches generated by our technique with the actual patches developed by the programmers in the later versions shows that they are semantically similar.

Thesis Committee:
  • Sambuddho Chakravarty, IIIT-Delhi
  • Mohan Dhawan, IBM IRL
  • Rahul Purandare(Chair), IIIT-Delhi

View Slides   

View it on Facebook!
WHO: Government of India
WHAT: Using Online Social Media for Intelligence and Policing
WHEN: 1000 - 1700 hrs IST on all the 2 days
WHERE: Academic Building, IIIT Delhi
WHO: Anybody interested in Secure Programming
WHEN: 1600 - 1730 hrs IST, December 22, 2014
WHERE: Academic Building, IIIT Delhi
COST: Free
Keep an eye on Facebook!
5 day course on Secure Programming by Prof. Matt Bishop. Co-organized by CISO Academy and CERC. Flier
WHO: Senior police officers
WHAT: Online Social Media for Senior Law Enforcement Officers
WHEN: 1000 - 1700 hrs IST on both the days
WHERE: NICFS, Delhi
WHO: Government of India
WHAT: Various aspects of Information Security
WHEN: 1000 - 1700 hrs IST on all the 5 days
WHERE: Academic Building, IIIT Delhi
WHO: Government of India
WHAT: Various aspects of Information Security
WHEN: 1000 - 1700 hrs IST on all the 5 days
WHERE: Academic Building, IIIT Delhi
WHO: Exclusive for senior officers in Police of the rank DIG / IG
WHAT: Workshop on Online Social Media Policy for Police - Pitfalls, Challenges and Opportunities.
WHEN: 1000 - 1700 hrs IST, June 18, 2014
WHERE: Board Room, Academic Building, IIIT Delhi
WHO: Abhishek Bhola, M.Tech (Data Engineering), IIIT-Delhi
WHAT: CERC's third Master’s thesis defense
WHEN: 1100 - 1230hrs IST, June 06, 2014
WHERE: Board room, B Wing, 5th floor, IIIT-Delhi
WHY: CERCs put in a lot of effort in their work, you don't want to miss seeing it. There will be some free snacks too :-)
Title: Twitter and Polls: What Do 140 Characters Say About India General Elections 2014
Abstract: This year in the month of May, the tenure of the 15th Lok Sabha was to end and the elections to the 543 parliamentary seats were to be held. With 813 million registered voters, out of which a 100 million were first time voters, we are the world's largest democracy. A whooping $5 billion were spent on these elections, which made us stand second only to the US Presidential elections ($7 billion) in terms of money spent. The different phases of elections were held on 9 days spanning over the months of April and May, making it the most elaborate exercise to choose the Prime Minister of India. Swelling number of Internet users and Online Social Media (OSM) users turned these unconventional media platforms into key medium in these elections; that could effect 3-4% of urban population votes as per a report of IAMAI (Internet & Mobile Association of India). Political parties making use of Google+ Hangout to interact with people and party workers, posting campaigning photos on Instagram and videos on YouTube, debating on Twitter and Facebook were strong indicators of the impact of the OSM on the India General Elections 2014. With hardly any political leader or party not having his account on the micro blogging site Twitter and the surge in the political conversations on Twitter, inspired us to take the opportunity to study and analyze this huge ocean of elections data. Our count of tweets related to elections from September 2013 to May 2014, collected with the help of Twitter's Streaming API was close to 17.07 million. We analyzed the complete dataset to find interesting patterns in it and also to verify if the trivial things were also evident in the data collected. We found that the activity on Twitter peaked during important events related to elections. It was evident from our data that the political behavior of the politicians affected their followers count and thus popularity on Twitter. We analyzed our data to look out for the topics that were most discussed on Twitter during these elections. Yet another aim of our work was to find an efficient way to classify the political orientation of the users on Twitter. To accomplish this task, we used four different techniques: two were based on the content of the tweets made by the user, one on the user based features and another one based on community detection algorithm on the retweet and user mention networks. We found that the community detection algorithm worked best with an efficiency of more than 80%.With an aim to monitor the daily incoming data, we built a portal to show the analysis of the tweets of the last 24 hours. This portal analyzed the tweets to find the most trending topics, hashtags, the kind of sentiments received by the parties, location of the tweets and also monitored the popularity of various political leaders and their parties' accounts on Twitter. To the best of our knowledge, this is the first academic pursuit to analyze the elections data and classify the users in the India General Elections 2014.

Thesis Committee:
  • Dr. Vinayak Naik, IIITD
  • Dr. Anupama Mallik, IITD
  • Dr. PK (Chair), IIIT-Delhi

View Slides   

View it on Facebook!
WHO: Sudip Mittal, M.Tech (Information Security), IIIT-Delhi
WHAT: CERC's second Master’s thesis defense
WHEN: 0930 - 1100hrs IST, June 06, 2014
WHERE: Board room, B Wing, 5th floor, IIIT-Delhi
WHY: CERCs put in a lot of effort in their work, you don't want to miss seeing it. There will be some free snacks too :-)
Title: Broker Bots: Analyzing automated activity during High Impact Events on Twitter
Abstract: Twitter is now an established and a widely popular news medium. Be it normal banter or a discussion on high impact events like Boston marathon blasts, February 2014 US Icestorm, etc., people use Twitter to get updates and also broadcast their thoughts and views. Twitter bots have today become very common and acceptable. People are using them to get updates about emergencies like natural disasters, terrorist strikes, etc., users also use them for getting updates about different places and events, both local and global. Twitter bots provide these users a means to perform certain tasks on Twitter that are both simple and structurally repetitive, at a much higher rate than what would be possible for a human alone. During high impact events these Twitter bots tend to provide a time critical and a comprehensive information source with information aggregated form various different sources. In this study, we present how these bots participate in discussions and augment them during high impact events. We identify bots in 5 high impact events for 2013: Boston blasts, February 2014 US Icestorm, Washington Navy Yard Shooting, Oklahoma tornado, and Cyclone Phailin. We identify bots among top tweeters by getting all such accounts manually annotated. We then study their activity and present many important insights. We determine the impact bots have on information diffusion during these events and how they tend to aggregate and broker information from various sources to different users. We also analyzed their tweets, list down important differentiating features between bots and non bots (normal or human accounts) during high impact events. We also show how bots are slowly moving away from traditional API based posts towards web automation platforms like IFTTT, dlvr.it, etc. Using standard machine learning, we proposed a methodology to identify bots/non bots in real time during high impact events. This study also looks into how the bot scenario has changed by comparing data from high impact events from 2013 against data from similar type of events from 2011. Bots active in high impact events generally don't spread malicious content. Lastly, we also go through an in-depth analysis of Twitter bots who were active during 2013 Boston Marathon Blast. We show how bots because of their programming structure don't pick up rumors easily during these events and even if they do; they do it after a long time..

Thesis Committee:
  • Dr. Vinayak Naik, IIITD
  • Dr. Sundeep Oberoi, TCS
  • Dr. PK (Chair), IIIT-Delhi

View Slides   

View it on Facebook!
WHO: Neha Gupta, M.Tech (Information Security), IIIT-Delhi
WHAT: CERC's first Master’s thesis defense
WHEN: 1030 - 1200hrs IST, April 23, 2014
WHERE: Board room, Fifth floor, IIIT-Delhi
WHY: CERCs put in a lot of effort in their work, you don't want to miss seeing it. There will be some free snacks too :-)
Title: Exploration of gaps in Bitly's spam detection and relevant countermeasures
Abstract: Existence of spam URLs over emails and Online Social Media (OSM) has become a growing phenomenon. To counter the dissemination issues associated with long complex URLs in emails and character limit imposed on various OSM (like Twitter), the concept of URL shortening gained a lot of traction. URL shorteners take as input a long URL and give a short URL with the same landing page in return. With its immense popularity over time, it has become a prime target for the attackers giving them an advantage to conceal malicious content. Bitly, a leading service in this domain is being exploited heavily to carry out phishing attacks, work from home scams, pornographic content propagation, etc. This imposes additional performance pressure on Bitly and other URL shorteners to be able to detect and take a timely action against the illegitimate content. In this study, we analyzed a dataset marked as suspicious by Bitly in the month of October 2013 to highlight some ground issues in their spam detection mechanism. In addition, we identified some short URL based features and coupled them with two domain specific features to classify a Bitly URL as malicious / benign and achieved a maximum accuracy of 86.41%. To the best our knowledge, this is the first large scale study to highlight the issues with Bitly’s spam detection policies and proposing a suitable countermeasure.

Thesis Committee:
  • Mr. Sachin Gaur, MixORG
  • Dr. Vinayak Naik, IIITD
  • Dr. PK (Chair), IIIT-Delhi

View Slides    Watch Video

View it on Facebook!
WHO: Anybody interested in the topic.
WHAT:
  • Background & Basics of Web App Security, The HTTP Protocol, Web
  • Application Insecurities, OWASP Top 10 Vulnerabilities (XSS, SQL Injection, CSRF, etc.)
  • Web App Security Tools (Scanners, Fuzzers, etc), Remediation of Web App
  • Vulnerabilities, Web Application Audits and Risk Assessment
WHEN: 1100 - 1330hrs IST, April 20, 2014
WHERE: Library building, IIIT Delhi
Prerequisites: A Laptop is preferable. Prior knowledge of HTTP protocol and how web applications work is desired but not mandatory.
Post-Condition: After the session, the participant will be able to understand the various types of web application security vulnerabilities and attacks and their countermeasures. The participant will also know about the various tools and scanners involved in testing web applications and will get a hands on the same.
Fees: Rupees 400. Rupees 300 will be returned on successful completion of the Session, remaining rupees 100 is only for incidental expenses, including tea/coffee. You pay it at the door on 20th.
Registration: Click Here

View Slides

View it on Facebook!
WHO: Invitation to all students who are interested in doing BTP / MTP in Research / Engineering / Entrepreneurship in Cybersecurity. The session is mainly targeted at 2nd year / 3rd year B.Techs. and 1st year M.Techs. Both CS & ECE.
WHAT: We have identified some really nice problems that we would like some smart students (interested in cybersecurity related topics) in IIITD to work on. We will share the problem ideas during the session and seek applications from students who are interested in working on the topics. Some of these problems are derived from discussions with industry organizations, some of the industry collaborators will also join the Session. This is a great opportunity to work on some things that may be used by someone, somewhere, someday.
WHEN: 1300 - 1400hrs IST, March 27, 2014
WHERE: C21, Academic building, IIIT Delhi
WHY: We would like to work with some smart, sincere, and dedicated students. We will let you know how to apply to work with us. There will be free food too :-)
Registration: Click Here

WHO: All students, faculty, and researchers working in the area of security and privacy.
WHAT: Any average Internet user today has multiple online accounts-with Online Social media, with Third-party Cloud service providers, with On-line banking services etc. With such a lifestyle, it is always possible for an individual or a group to become vulnerable to various online security breaches and privacy threats. Researchers are constantly trying to find out solutions to these problems. Last year, we began this endeavor to bring all the topics related to security and privacy under one roof and build a close-knit community. With the Security & Privacy Symposium 2014, we continue this effort of strengthening our community of researchers, faculty, and students in security and privacy area in India.
WHEN: February 20 - 22, 2014
WHERE: Indian Institute of Technology, Kanpur
WHY: To be part of this growing community of security and privacy in India.

Visit website
WHAT: IIITD will have its first Centre of Excellence, Cybersecurity Education and Research Centre (CERC) inaugurated on Jan 23rd 2014. Cybersecurity Education and Research Centre (CERC). CERC's initial mission is to: Build systems and tools that are of direct interest to different stakeholders (Government, Industry, Citizens); Create a pipeline of Undergraduate, Masters, and Ph.D. students working in related areas; Conduct high-end technical training on cybersecurity for Government of India officials and corporations in topics such as secure coding, protecting critical infrastructure, privacy and security in online social media, and so on; and Create awareness among public about Cybersecurity and privacy in India.
WHEN: 1500 - 1700hrs IST, April 20, 2014
WHERE: Academic building, IIIT Delhi