Kevin Borgolte is a Ph.D. Candidate in Computer Science in the SecLab at the University of California, Santa Barbara.
In his research, he advances methods and builds systems to better understand, detect, and prevent large-scale Internet
abuse. Prior to his Ph.D. studies, Kevin received a M.Sc. from ETH Zurich and a B.Sc. from the University of Bonn, Germany.
He is a member of the Shellphish Capture the Flag team and he won 3rd place at the DARPA Cyber Grand Challenge with
Shellphish. Kevin's research has been covered by CNN, The Guardian, WIRED, The Christian Science Monitor, as well as
Schneier on Security, and Krebs on Security.
The widespread access to the Internet and the ubiquity of web-based services make it easy to communicate and
interact globally. Unfortunately, the software implementing the functionality of these services is often vulnerable to
attacks. In turn, an attacker can exploit them to compromise and abuse the services for nefarious purposes. In my
research, I aim to better understand, detect, and prevent these attacks.
In this talk, we first look at detecting website defacements, which can inflict significant harm on a website's owner
or operator through the loss of sales, the loss in reputation, or because of legal ramifications. Then, we dive into
how to automatically identify malware distribution campaigns, which has become a major challenge in today's
Internet. Next, we look at how to mitigate the dangers of domain takeover attacks, which give attackers the same
capabilities to spread misinformation or malware as vulnerabilities do, but without the actual need for a vulnerability
in the affected service. Last, I will conclude by sketching interesting future directions on how to better understand,
detect, and prevent Internet abuse.