Mozilla Security Research Summit 2025

March 1, 2025 9:00am - 6:00pm San Diego, California

The Mozilla Security Research summit will be hosted in San Diego as part of Mozilla's Security Engineering University Relationship Framework (SURF) initiative. This initiative aims to increase collaboration between Mozilla and the academic community, so as to leverage academic talent to help explore Mozilla-specific security and privacy engineering research problems, and to strengthen Mozilla's ties to the academic community.

The summit audience will consist of a mix of Mozilla engineers, academics, and PhD students. Our intention is for Mozilla engineers to "pitch" research problems to the academic community, so as to spark potential collaboration. Our engineers and researchers plan to deliver talks covering areas such as tracking protection, language-based security, cryptography, web measurement and machine learning.

The day will also include some high-caliber talks from security and privacy academics. The event will include ample time for discussion throughout the day and will conclude with a dinner.

Please join us to help improve the open web!

Agenda

8:30-09:00

Registration & Light Breakfast

09:00-09:15

Welcome & Agenda for the Day

Christoph Kerschbaumer(Mozilla)

09:15-10:00

Intro Session I

All Participants

10:00-10:15

Morning Coffee Break

10:15-11:00

Intro Session II

All Participants

11:00-12:00

Mozilla Talks

Open Data at MozillaAndrew Creskey (Mozilla)
CRLiteJohn Schanck (Mozilla)
What Bothers me about the WebBenjamin VanderSloot (Mozilla)

12:00-13:00

Lunch

13:00-13:30

Lightning Talk Session I

Rollout of ECHNick Sullivan (Cryptography Consulting LLC)
Who Drew on My Canvas? Characterizing Canvas Fingerprinting Across the WebElisa Luo (UCSD)
SnailLoadDaniel Gruss (TU Graz)

13:30-14:30

Breakout Session I

14:30-15:00

Afternoon Coffee Break

15:00-15:30

Lightning Talk Session II

GenAI in Web Browsers: The Future of Tracking and Tracking ProtectionZubair Shafiq, (UC Davis)
Private Web Search with TiptoeEmma Dauterman (Stanford)
When Certificate Transparency is Too TransparentRyan Lemkuhl (MIT)

15:30-16:30

Breakout Session II

16:30-17:00

Closing Remarks

17:00-18:00

Transfer to Dinner

18:00-21:00

Dinner

Participants

Frederik Braun (Mozilla)

Jerry Chai (Stanford University & UC Berkeley)

Kimberly Claffy (CAIDA)

Andrew Creskey (Mozilla)

Emma Dauterman (Stanford)

Lars Eggert (Mozilla)

Aurore Fass (CISPA)

Justus Fries (TU Munich)

Valentin Gosu (Mozilla)

Brian Grinstead (Mozilla)

Daniel Gruss (Technical University Graz)

Miro Haller (UCSD)

John Heidemann (USC)

Bobby Holley (Mozilla)

Maxime Huyghe (University of Rennes)

Umar Iqbal (Washington University)

Dennis Jackson (Mozilla)

Limin Jia (Carnegie Mellon)

Martin Johns (TU Braunschweig)

Alexandros Kapravelos (NSCU)

Dana Keeler (Mozilla)

Christoph Kerschbaumer (Mozilla)

Florian Kershbaum (Waterloo)

Engin Kirda (Northeastern University)

Christopher Kruegel (UC Santa Barbara)

Andy Leiserson (Mozilla)

Josh Lund (Signal)

Elisa Luo (UCSD)

Cristina Nita-Rotaru (Northeastern University)

Per Larsen (Immunant)

Veelasha Moonsamy (Ruhr University Bochum)

Ryan Lehmkuhl (MIT)

Shravan Narayan (UT Austin)

Nick Nikiforakis (Stony Brook University)

Giancarlo Pellegrino (CISPA)

Gayatri Priyadarsini (IIT Gandhinagar)

Walter Rudametkin (University of Rennes)

Sajin Sasy (CISPA)

John Schanck (Mozilla)

Zubair Shafiq (UC Davis)

Jackson Sippe (University of Colorado Boulder)

Naomi Smith (UCSD)

Dokyung Song (Yonsei University)

Nick Sullivan (Cryptography Consulting LLC)

Sid Stamm (Rose Hulman)

Deian Stefan (UC San Diego)

Marco Squarcina (TU Vienna)

Gene Tsudik (UC Irvine)

Sean Turner (Consultant)

Alisha Ukani (UCSD)

Benjamin VanderSloot (Mozilla)

Geoffrey M. Voelker (UCSD)

Keith Winstein (Stanford)

Eric Wustrow (University of Colorado Boulder)

Meng Xu (Waterloo)

Xiaochuan Yu (UCSD)