ABSTRACT: I will discuss our recent work trying to understand technology abuse and computer security's role in improving outcomes for victims. We've focused primarily on abuse in the context of intimate partner violence (IPV), a widespread social ill affecting about one in four women and one in ten men at some point in their lives. In interviews with survivors and the professionals that work with them in New York City, our research has provided the most granular view to date of technology abuse in IPV contexts. Abusers install spyware on mobile devices, compromise victim accounts, harass over messaging systems, and much more. We complemented this qualitative work with first-of-their-kind measurement studies that discovered a large ecosystem of online resources aimed at helping abusers, including a variety of apps usable as IPV spyware.
How do we provide better safety outcomes for abuse victims? We need to rethink the design of computer security tools to better address abuse threat models, as well as provide new socio-technical solutions to help victims of the most dangerous kinds of abuse navigate their situations. I'll discuss examples of our work along both fronts: building abuse moderation systems for encrypted messaging systems, extending anti-virus tools to handle IPV scenarios, and our new theory and practice of clinical computer security, in which trained technologists meet with victims to help diagnose digital insecurities and advise on potential remediations.
This is covering joint work with: Rahul Chatterjee, Nicola Dell, Peri Doerfler, Paul Grubbs, Sam Havron, Julia Len, Karen Levy, Damon McCoy, Ian Miers, Diana Minchala, Hadas Orgad, Jackeline Palmer, Kevin Roundy, Acar Tamersoy, and Nirvan Tyagi.
BIO: Thomas Ristenpart is an Associate Professor at Cornell Tech and a member of the Computer Science department at Cornell University. Before joining Cornell Tech in May, 2015, he spent four and a half years as an Assistant Professor at the University of Wisconsin-Madison. He completed his PhD at UC San Diego in 2010. His research spans a wide range of computer security topics, with recent focuses including digital privacy and safety in intimate partner violence, new threats to, and improved opportunities for, cloud computing security, confidentiality and privacy in machine learning, and topics in applied and theoretical cryptography. His work has been featured in the New York Times, the MIT Technology Review, ABC News, U.S. News and World Report, and elsewhere. His work has been recognized by the UC San Diego Computer Science and Engineering Department Dissertation Award, an NSF CAREER Award, Best Paper Award at USENIX Security 2014, Distinguished Student Paper Award at Oakland 2016, Best Paper Award at CHI 2018, and a Sloan Research Fellowship.