Drive-by downloads planted on legitimate sites (e.g., via "structural" and other vulnerabilities in web applications) cause web sites to get blacklisted by Google, Yahoo, and other search engines and browsers. In this talk, I describe the technical architecture and implementation of mod_antimalware, a novel, open-source containment technology for web servers that can be used to 1) quarantine web-based malware infections before they impact users, 2) allow web pages to safely be served even while a site is infected, and 3) give webmasters time to recover from an attack before their web sites get blacklisted by popular search engines and browsers.
Dasient, Inc. Neil Daswani is a co-founder of Dasient, Inc., a security company backed by some of the most influential investors in Silicon Valley and New York. In the past, Neil has served in a variety of research, development, teaching, and managerial roles at Google, Stanford University, DoCoMo USA Labs, Yodlee, and Bellcore (now Telcordia Technologies). While at Stanford, Neil co-founded the Stanford Center Professional Development (SCPD) Security Certification Program (http://proed.stanford.edu/?security). He has published extensively, frequently gives talks at industry and academic conferences, and has been granted several U.S. patents. He received a Ph.D. and a master's in computer science from Stanford University, and earned a bachelor's in computer science with honors with distinction from Columbia University. Neil is also the lead author of "Foundations of Security:What Every Programmer Needs To Know" (published by Apress; ISBN 1590597842; http://tinyurl.com/33xs6g. More information about Neil is available at www.neildaswani.com