ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Yuan Fan: Advance SQL Injection Detection by Join Force of Database Auditing and Anomaly Intrusion Detection"
Episode Synopsis
This topic will present the proposal/idea/work from the author's master graduate project about effective detection of SQL Injection exploits while lowering the number of false positives. It gives detail analysis example of how database auditing could help this case, and also presents the challenge with anomaly detection for this attack and how the author tried to solve them. Finally a correlation between the two will be presented.
Yuan Fan, CISSP, has worked in the network security area for more than 7 years. He currently works for ArcSight as a Software Engineer. He holds a Master of Computer Engineering degree from San Jose State University. The tool he is writing for master graduate research project related to this topic is a Java-based, multilayer anomaly intrusion detection system.
Yuan Fan, CISSP, has worked in the network security area for more than 7 years. He currently works for ArcSight as a Software Engineer. He holds a Master of Computer Engineering degree from San Jose State University. The tool he is writing for master graduate research project related to this topic is a Java-based, multilayer anomaly intrusion detection system.
More episodes of the podcast Black Hat Briefings, Las Vegas 2005 [Video] Presentations from the security conference
Akshay Aggarwal: Rapid Threat Modeling
04/06/2006
Panel: The Future of Personal Information
04/06/2006
Darrin Barrall: Shakespearean Shellcode
04/06/2006
Renaud Bidou: A Dirty BlackMail DoS Story
04/06/2006
In God we trust