The Internet Defense Prize recognizes research that that safeguards peoples’ security and privacy on the Internet. At Facebook, we value defensive work that mitigates attacks or prevents classes of attack entirely.

2017 Internet Defense Prize winners

Today, Facebook awarded $100,000 in its fourth iteration of the Internet Defense Prize at the USENIX Security Symposium in Vancouver, BC. The prize recognizes winning paper Detecting Credential Spearphishing Attacks in Enterprise Settings authored by Grant Ho, University of California, Berkeley; Aashish Sharma, Lawrence Berkeley National Laboratory; Mobin Javed, University of California, Berkeley; Vern Paxson, University of California, Berkeley and International Computer Science Institute; and David Wagner, University of California, Berkeley, for their work in detecting spearphishing attacks.

The authors proposed and evaluated a methodology for effectively detecting spearphishing attacks in corporate networks while achieving a very small number of false positives. This research is important for two reasons.

Facebook security researcher, Nektarios Leontiadis presents Grant Ho, Vern Paxson and David Wagner with the 2017 Internet Defense Prize.

First, in recent history, successful spearphishing attacks have led to a number of prominent information leaks. Every time the community improves the detection or prevention of compromise from a technical standpoint, the human factor becomes an even stronger focal point of adversaries. Helping protect people from social engineering attacks becomes even more important. This research can help reduce the potential of such compromises happening in the future. Secondly, the authors acknowledge and account for the cost of false positives in their detection methodology. This is significant because it factors into the overhead cost and response time for incident response teams.

Honorable mention

Facebook also recognizes two Internet Defense Prize finalists at this year’s USENIX Security Symposium who earned honorable mentions for their research:

Oscar: A Practical Page-Permissions-Based Scheme for Thwarting Dangling Pointers
Thurston H.Y. Dang, University of California, Berkeley; Petros Maniatis, Google Brain; David Wagner, University of California, Berkeley

The authors presented an efficient approach for preventing specific classes of vulnerabilities in low-level code. The work shows that, contrary to conventional wisdom, the use of page permissions for this purpose can be made to perform with limited overhead.

DR. CHECKER: A Soundy Analysis for Linux Kernel Drivers
Aravind Machiry, Chad Spensky, Jake Corina, Nick Stephens, Christopher Kruegel, and Giovanni Vigna, University of California, Santa BarbaraThe authors used existing static analysis techniques to find a large number of vulnerabilities in Linux kernel drivers.

The work further demonstrates that relatively well-studied techniques (e.g. taint analysis), when used in the right combination and the right context, can effectively detect security vulnerabilities that affect a wide range of devices.

For more information about the Internet Defense Prize, please visit: https://internetdefenseprize.org/