News and Events
Stony Brook's XSSFilt deployed on Pale Moon BrowserXSSFilt is an advanced, active cross-site scripting protection developed at Stony Brook University. It is fast and powerful, providing protection against not only traditional server-side XSS vulnerabilities but also the newer DOM-based client-side vulnerabilities. Moreover, its detection algorithm is more broadly effective as compared to those deployed on Chrome and IE/Edge. It was recently incorporated into the Pale Moon web browser, a Firefox fork that has been developed with the goal of efficiency, customizability, and security. In version 26.0, released January 26, 2016, Pale Moon debuted a new security feature: an active XSS (cross-site scripting) filter, XSSFilt. XSSFilt protects users by blocking injection of unauthorized scripts and related content into web pages. The focus is reflected XSS and DOM-based XSS, both of which arise from maliciously crafted requests to a web server. These requests may me made by a malicious web page visited by a user, or by a user tricked into clicking on a malicious URL, e.g., a URLs in a phishing e-mail.
Niranjan Hasabnis wins Silver in ACM Student Research CompetitionNiranjan Hasabnis, PhD student in Seclab, won the silver medal at the ACM Student Research Competition held in conjunction ACM Code Generation and Optimization conference held at San Francisco, Feb 7, 2015. Niranjan's work was titled Employing Code Generators as De-code Generators: A Novel Approach for Assembly to IR Translation
Seclab paper is Runner-up for Best Paper Award at SACMAT 2014!Our paper "Towards More Usable Information Flow Policies for Contemporary Operating Systems," authored by Wai-Kit Sze, Bhuvan Mital and R. Sekar finished runner-up in the Best paper contest at SACMAT 2014, winning a "Honorable mention for Best paper" award.
Seclab Receives the Best Paper Award at USENIX Security 2013!Mingwei Zhang's 'Control flow integrity for COTS Binaries' won the best paper award at USENIX Security Symposium 2013.