SlideShare a Scribd company logo

Icc2009

Download as PPT, PDF
Pluribus One
Pluribus One

Presentation of the paper "HMM-Web: a framework for the detection off attacks against Web Applications" at the IEEE International Conference on Communications, Dresden, Germany, June 14-18 2009

1 of 22
HMM-Web: a framework for the detection off attacks against Web Applications I. Corona, D. Ariu, G. Giacinto June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu Pattern Recognition and Applications Group Department of Electrical and Electronic Engineering University of Cagliari, Italy PRA Pattern Recognition and Applications Group Presenter Davide Ariu R A P
Motivations ,[object Object],June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
Motivations June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu Source: X-Force® 2008 Trend & Risk Report – January 2009
Protection of Web Applications ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
HMM-Web ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
An usage scenario June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
Request URI Modelling ,[object Object],[object Object],[object Object],[object Object],[object Object],June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
Request URI Modelling ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
Classifier Ensemble ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
IDS-Scheme June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
Noise in the training set ,[object Object],[object Object],[object Object],[object Object],June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
Noise in the training set ,[object Object],June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
Noise in the training set Countermeasure ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
Noise in the training set Countermeasure ,[object Object],[object Object],[object Object],June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
Attribute value codification ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
Experimental Setup ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
Experimental Results Effectiveness of attributes’ codification June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu The curve on the right has been obtained using the codification proposed by Kruegel et al. In “A multimodel approach to the detection of web-based attacks”, Computer Networks, 2005.
Experimental Result Effectiveness of the MCS Approach June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
Conclusions ,[object Object],[object Object],[object Object],[object Object],June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
Questions? June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
Motivations June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu Source: X-Force® 2008 Trend & Risk Report – January 2009
Outline ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu

Recommended

Cv
Cv Cv
Cv HaithamSalah13
 
HMM-Web: a framework for the detection of attacks against Web applications
HMM-Web: a framework for the detection of attacks against Web applicationsHMM-Web: a framework for the detection of attacks against Web applications
HMM-Web: a framework for the detection of attacks against Web applicationsPluribus One
 
Sparse Support Faces - Battista Biggio - Int'l Conf. Biometrics, ICB 2015, Ph...
Sparse Support Faces - Battista Biggio - Int'l Conf. Biometrics, ICB 2015, Ph...Sparse Support Faces - Battista Biggio - Int'l Conf. Biometrics, ICB 2015, Ph...
Sparse Support Faces - Battista Biggio - Int'l Conf. Biometrics, ICB 2015, Ph...Pluribus One
 
Battista Biggio @ MCS 2015, June 29 - July 1, Guenzburg, Germany: "1.5-class ...
Battista Biggio @ MCS 2015, June 29 - July 1, Guenzburg, Germany: "1.5-class ...Battista Biggio @ MCS 2015, June 29 - July 1, Guenzburg, Germany: "1.5-class ...
Battista Biggio @ MCS 2015, June 29 - July 1, Guenzburg, Germany: "1.5-class ...Pluribus One
 
Accessibility Means Business
Accessibility Means BusinessAccessibility Means Business
Accessibility Means BusinessIrene Walker
 
Battista Biggio, Invited Keynote @ AISec 2014 - On Learning and Recognition o...
Battista Biggio, Invited Keynote @ AISec 2014 - On Learning and Recognition o...Battista Biggio, Invited Keynote @ AISec 2014 - On Learning and Recognition o...
Battista Biggio, Invited Keynote @ AISec 2014 - On Learning and Recognition o...Pluribus One
 
Machine Learning under Attack: Vulnerability Exploitation and Security Measures
Machine Learning under Attack: Vulnerability Exploitation and Security MeasuresMachine Learning under Attack: Vulnerability Exploitation and Security Measures
Machine Learning under Attack: Vulnerability Exploitation and Security MeasuresPluribus One
 
Rational Unified Treatment for Web Application Vulnerability Assessment
Rational Unified Treatment for Web Application Vulnerability AssessmentRational Unified Treatment for Web Application Vulnerability Assessment
Rational Unified Treatment for Web Application Vulnerability AssessmentVESIT/University of Mumbai
 

Recommended

Cv
Cv Cv
Cv HaithamSalah13
 
HMM-Web: a framework for the detection of attacks against Web applications
HMM-Web: a framework for the detection of attacks against Web applicationsHMM-Web: a framework for the detection of attacks against Web applications
HMM-Web: a framework for the detection of attacks against Web applicationsPluribus One
 
Sparse Support Faces - Battista Biggio - Int'l Conf. Biometrics, ICB 2015, Ph...
Sparse Support Faces - Battista Biggio - Int'l Conf. Biometrics, ICB 2015, Ph...Sparse Support Faces - Battista Biggio - Int'l Conf. Biometrics, ICB 2015, Ph...
Sparse Support Faces - Battista Biggio - Int'l Conf. Biometrics, ICB 2015, Ph...Pluribus One
 
Battista Biggio @ MCS 2015, June 29 - July 1, Guenzburg, Germany: "1.5-class ...
Battista Biggio @ MCS 2015, June 29 - July 1, Guenzburg, Germany: "1.5-class ...Battista Biggio @ MCS 2015, June 29 - July 1, Guenzburg, Germany: "1.5-class ...
Battista Biggio @ MCS 2015, June 29 - July 1, Guenzburg, Germany: "1.5-class ...Pluribus One
 
Accessibility Means Business
Accessibility Means BusinessAccessibility Means Business
Accessibility Means BusinessIrene Walker
 
Battista Biggio, Invited Keynote @ AISec 2014 - On Learning and Recognition o...
Battista Biggio, Invited Keynote @ AISec 2014 - On Learning and Recognition o...Battista Biggio, Invited Keynote @ AISec 2014 - On Learning and Recognition o...
Battista Biggio, Invited Keynote @ AISec 2014 - On Learning and Recognition o...Pluribus One
 
Machine Learning under Attack: Vulnerability Exploitation and Security Measures
Machine Learning under Attack: Vulnerability Exploitation and Security MeasuresMachine Learning under Attack: Vulnerability Exploitation and Security Measures
Machine Learning under Attack: Vulnerability Exploitation and Security MeasuresPluribus One
 
Rational Unified Treatment for Web Application Vulnerability Assessment
Rational Unified Treatment for Web Application Vulnerability AssessmentRational Unified Treatment for Web Application Vulnerability Assessment
Rational Unified Treatment for Web Application Vulnerability AssessmentVESIT/University of Mumbai
 
A perspective on web testing.ppt
A perspective on web testing.pptA perspective on web testing.ppt
A perspective on web testing.pptsivaprasanth rentala
 
Ibm business partner connect 2015 long fong yee v1 (read-only)
Ibm business partner connect 2015 long fong yee v1 (read-only)Ibm business partner connect 2015 long fong yee v1 (read-only)
Ibm business partner connect 2015 long fong yee v1 (read-only)Fong Yee Long
 
2018 ibm agile engineering summit - spotlight presentation
2018 ibm agile engineering summit - spotlight presentation2018 ibm agile engineering summit - spotlight presentation
2018 ibm agile engineering summit - spotlight presentationM Kevin McHugh
 
IBM elm alm overview-software engineerin-lifecycle-management
IBM elm alm overview-software engineerin-lifecycle-managementIBM elm alm overview-software engineerin-lifecycle-management
IBM elm alm overview-software engineerin-lifecycle-managementImran Hashmi
 
Rational application-security-071411
Rational application-security-071411Rational application-security-071411
Rational application-security-071411Scott Althouse
 
Research challenges and issues in web security
Research challenges and issues in web securityResearch challenges and issues in web security
Research challenges and issues in web securityIAEME Publication
 
Web Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging ThreatsWeb Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging ThreatsAlan Kan
 
REPORT1 new
REPORT1 newREPORT1 new
REPORT1 newsowmya seles
 
IRJET- Machine Learning based Network Security
IRJET- Machine Learning based Network SecurityIRJET- Machine Learning based Network Security
IRJET- Machine Learning based Network SecurityIRJET Journal
 
Bank One App Sec Training
Bank One App Sec TrainingBank One App Sec Training
Bank One App Sec TrainingMike Spaulding
 
Cloud Intrusion and Autonomic Management in Autonomic Cloud Computing
Cloud Intrusion and Autonomic Management in Autonomic Cloud ComputingCloud Intrusion and Autonomic Management in Autonomic Cloud Computing
Cloud Intrusion and Autonomic Management in Autonomic Cloud Computingijtsrd
 
A perspective on web testing
A perspective on web testingA perspective on web testing
A perspective on web testingsivaprasanth rentala
 
A perspective on web testing
A perspective on web testingA perspective on web testing
A perspective on web testingsivaprasanth rentala
 
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App SecWhat the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App SecIBM Security
 
Flipping the Script & Changing the Game in Cyber
Flipping the Script & Changing the Game in CyberFlipping the Script & Changing the Game in Cyber
Flipping the Script & Changing the Game in Cyberscoopnewsgroup
 
Security Trends and Risk Mitigation for the Public Sector
Security Trends and Risk Mitigation for the Public SectorSecurity Trends and Risk Mitigation for the Public Sector
Security Trends and Risk Mitigation for the Public SectorIBMGovernmentCA
 
IBM Support for CIM and the Common Grid Model Exchange Standard
IBM Support for CIM and the Common Grid Model Exchange StandardIBM Support for CIM and the Common Grid Model Exchange Standard
IBM Support for CIM and the Common Grid Model Exchange StandardNada Reinprecht
 
Innovating FIPS crypto validation in the Cloud - SEP321 - AWS re:Inforce 2019
Innovating FIPS crypto validation in the Cloud - SEP321 - AWS re:Inforce 2019 Innovating FIPS crypto validation in the Cloud - SEP321 - AWS re:Inforce 2019
Innovating FIPS crypto validation in the Cloud - SEP321 - AWS re:Inforce 2019 Amazon Web Services
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application SecurityColin English
 
IRJET - A Joint Optimization Approach to Security and Insurance Managemen...
IRJET - A Joint Optimization Approach to Security and Insurance Managemen...IRJET - A Joint Optimization Approach to Security and Insurance Managemen...
IRJET - A Joint Optimization Approach to Security and Insurance Managemen...IRJET Journal
 
Smart Textiles - Prospettive di mercato - Davide Ariu
Smart Textiles - Prospettive di mercato - Davide Ariu Smart Textiles - Prospettive di mercato - Davide Ariu
Smart Textiles - Prospettive di mercato - Davide Ariu Pluribus One
 
Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning - 2019 Int...
Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning - 2019 Int...Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning - 2019 Int...
Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning - 2019 Int...Pluribus One
 

More Related Content

Similar to Icc2009

Ibm business partner connect 2015 long fong yee v1 (read-only)
Ibm business partner connect 2015 long fong yee v1 (read-only)Ibm business partner connect 2015 long fong yee v1 (read-only)
Ibm business partner connect 2015 long fong yee v1 (read-only)Fong Yee Long
 
2018 ibm agile engineering summit - spotlight presentation
2018 ibm agile engineering summit - spotlight presentation2018 ibm agile engineering summit - spotlight presentation
2018 ibm agile engineering summit - spotlight presentationM Kevin McHugh
 
IBM elm alm overview-software engineerin-lifecycle-management
IBM elm alm overview-software engineerin-lifecycle-managementIBM elm alm overview-software engineerin-lifecycle-management
IBM elm alm overview-software engineerin-lifecycle-managementImran Hashmi
 
Rational application-security-071411
Rational application-security-071411Rational application-security-071411
Rational application-security-071411Scott Althouse
 
Research challenges and issues in web security
Research challenges and issues in web securityResearch challenges and issues in web security
Research challenges and issues in web securityIAEME Publication
 
Web Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging ThreatsWeb Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging ThreatsAlan Kan
 
IRJET- Machine Learning based Network Security
IRJET- Machine Learning based Network SecurityIRJET- Machine Learning based Network Security
IRJET- Machine Learning based Network SecurityIRJET Journal
 
Bank One App Sec Training
Bank One App Sec TrainingBank One App Sec Training
Bank One App Sec TrainingMike Spaulding
 
Cloud Intrusion and Autonomic Management in Autonomic Cloud Computing
Cloud Intrusion and Autonomic Management in Autonomic Cloud ComputingCloud Intrusion and Autonomic Management in Autonomic Cloud Computing
Cloud Intrusion and Autonomic Management in Autonomic Cloud Computingijtsrd
 
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App SecWhat the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App SecIBM Security
 
Flipping the Script & Changing the Game in Cyber
Flipping the Script & Changing the Game in CyberFlipping the Script & Changing the Game in Cyber
Flipping the Script & Changing the Game in Cyberscoopnewsgroup
 
Security Trends and Risk Mitigation for the Public Sector
Security Trends and Risk Mitigation for the Public SectorSecurity Trends and Risk Mitigation for the Public Sector
Security Trends and Risk Mitigation for the Public SectorIBMGovernmentCA
 
IBM Support for CIM and the Common Grid Model Exchange Standard
IBM Support for CIM and the Common Grid Model Exchange StandardIBM Support for CIM and the Common Grid Model Exchange Standard
IBM Support for CIM and the Common Grid Model Exchange StandardNada Reinprecht
 
Innovating FIPS crypto validation in the Cloud - SEP321 - AWS re:Inforce 2019
Innovating FIPS crypto validation in the Cloud - SEP321 - AWS re:Inforce 2019 Innovating FIPS crypto validation in the Cloud - SEP321 - AWS re:Inforce 2019
Innovating FIPS crypto validation in the Cloud - SEP321 - AWS re:Inforce 2019 Amazon Web Services
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application SecurityColin English
 
IRJET - A Joint Optimization Approach to Security and Insurance Managemen...
IRJET - A Joint Optimization Approach to Security and Insurance Managemen...IRJET - A Joint Optimization Approach to Security and Insurance Managemen...
IRJET - A Joint Optimization Approach to Security and Insurance Managemen...IRJET Journal
 

Similar to Icc2009 (20)

A perspective on web testing.ppt
A perspective on web testing.pptA perspective on web testing.ppt
A perspective on web testing.ppt
 
Ibm business partner connect 2015 long fong yee v1 (read-only)
Ibm business partner connect 2015 long fong yee v1 (read-only)Ibm business partner connect 2015 long fong yee v1 (read-only)
Ibm business partner connect 2015 long fong yee v1 (read-only)
 
2018 ibm agile engineering summit - spotlight presentation
2018 ibm agile engineering summit - spotlight presentation2018 ibm agile engineering summit - spotlight presentation
2018 ibm agile engineering summit - spotlight presentation
 
IBM elm alm overview-software engineerin-lifecycle-management
IBM elm alm overview-software engineerin-lifecycle-managementIBM elm alm overview-software engineerin-lifecycle-management
IBM elm alm overview-software engineerin-lifecycle-management
 
Rational application-security-071411
Rational application-security-071411Rational application-security-071411
Rational application-security-071411
 
Research challenges and issues in web security
Research challenges and issues in web securityResearch challenges and issues in web security
Research challenges and issues in web security
 
Web Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging ThreatsWeb Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging Threats
 
REPORT1 new
REPORT1 newREPORT1 new
REPORT1 new
 
IRJET- Machine Learning based Network Security
IRJET- Machine Learning based Network SecurityIRJET- Machine Learning based Network Security
IRJET- Machine Learning based Network Security
 
Bank One App Sec Training
Bank One App Sec TrainingBank One App Sec Training
Bank One App Sec Training
 
Cloud Intrusion and Autonomic Management in Autonomic Cloud Computing
Cloud Intrusion and Autonomic Management in Autonomic Cloud ComputingCloud Intrusion and Autonomic Management in Autonomic Cloud Computing
Cloud Intrusion and Autonomic Management in Autonomic Cloud Computing
 
A perspective on web testing
A perspective on web testingA perspective on web testing
A perspective on web testing
 
A perspective on web testing
A perspective on web testingA perspective on web testing
A perspective on web testing
 
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App SecWhat the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
 
Flipping the Script & Changing the Game in Cyber
Flipping the Script & Changing the Game in CyberFlipping the Script & Changing the Game in Cyber
Flipping the Script & Changing the Game in Cyber
 
Security Trends and Risk Mitigation for the Public Sector
Security Trends and Risk Mitigation for the Public SectorSecurity Trends and Risk Mitigation for the Public Sector
Security Trends and Risk Mitigation for the Public Sector
 
IBM Support for CIM and the Common Grid Model Exchange Standard
IBM Support for CIM and the Common Grid Model Exchange StandardIBM Support for CIM and the Common Grid Model Exchange Standard
IBM Support for CIM and the Common Grid Model Exchange Standard
 
Innovating FIPS crypto validation in the Cloud - SEP321 - AWS re:Inforce 2019
Innovating FIPS crypto validation in the Cloud - SEP321 - AWS re:Inforce 2019 Innovating FIPS crypto validation in the Cloud - SEP321 - AWS re:Inforce 2019
Innovating FIPS crypto validation in the Cloud - SEP321 - AWS re:Inforce 2019
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
IRJET - A Joint Optimization Approach to Security and Insurance Managemen...
IRJET - A Joint Optimization Approach to Security and Insurance Managemen...IRJET - A Joint Optimization Approach to Security and Insurance Managemen...
IRJET - A Joint Optimization Approach to Security and Insurance Managemen...
 

More from Pluribus One

Smart Textiles - Prospettive di mercato - Davide Ariu
Smart Textiles - Prospettive di mercato - Davide Ariu Smart Textiles - Prospettive di mercato - Davide Ariu
Smart Textiles - Prospettive di mercato - Davide Ariu Pluribus One
 
Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning - 2019 Int...
Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning - 2019 Int...Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning - 2019 Int...
Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning - 2019 Int...Pluribus One
 
Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning. ICMLC 201...
Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning. ICMLC 201...Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning. ICMLC 201...
Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning. ICMLC 201...Pluribus One
 
Wild patterns - Ten years after the rise of Adversarial Machine Learning - Ne...
Wild patterns - Ten years after the rise of Adversarial Machine Learning - Ne...Wild patterns - Ten years after the rise of Adversarial Machine Learning - Ne...
Wild patterns - Ten years after the rise of Adversarial Machine Learning - Ne...Pluribus One
 
WILD PATTERNS - Introduction to Adversarial Machine Learning - ITASEC 2019
WILD PATTERNS - Introduction to Adversarial Machine Learning - ITASEC 2019WILD PATTERNS - Introduction to Adversarial Machine Learning - ITASEC 2019
WILD PATTERNS - Introduction to Adversarial Machine Learning - ITASEC 2019Pluribus One
 
Is Deep Learning Safe for Robot Vision? Adversarial Examples against the iCub...
Is Deep Learning Safe for Robot Vision? Adversarial Examples against the iCub...Is Deep Learning Safe for Robot Vision? Adversarial Examples against the iCub...
Is Deep Learning Safe for Robot Vision? Adversarial Examples against the iCub...Pluribus One
 
On Security and Sparsity of Linear Classifiers for Adversarial Settings
On Security and Sparsity of Linear Classifiers for Adversarial SettingsOn Security and Sparsity of Linear Classifiers for Adversarial Settings
On Security and Sparsity of Linear Classifiers for Adversarial SettingsPluribus One
 
Secure Kernel Machines against Evasion Attacks
Secure Kernel Machines against Evasion AttacksSecure Kernel Machines against Evasion Attacks
Secure Kernel Machines against Evasion AttacksPluribus One
 
Battista Biggio @ ICML 2015 - "Is Feature Selection Secure against Training D...
Battista Biggio @ ICML 2015 - "Is Feature Selection Secure against Training D...Battista Biggio @ ICML 2015 - "Is Feature Selection Secure against Training D...
Battista Biggio @ ICML 2015 - "Is Feature Selection Secure against Training D...Pluribus One
 
Battista Biggio @ AISec 2014 - Poisoning Behavioral Malware Clustering
Battista Biggio @ AISec 2014 - Poisoning Behavioral Malware ClusteringBattista Biggio @ AISec 2014 - Poisoning Behavioral Malware Clustering
Battista Biggio @ AISec 2014 - Poisoning Behavioral Malware ClusteringPluribus One
 
Battista Biggio @ S+SSPR2014, Joensuu, Finland -- Poisoning Complete-Linkage ...
Battista Biggio @ S+SSPR2014, Joensuu, Finland -- Poisoning Complete-Linkage ...Battista Biggio @ S+SSPR2014, Joensuu, Finland -- Poisoning Complete-Linkage ...
Battista Biggio @ S+SSPR2014, Joensuu, Finland -- Poisoning Complete-Linkage ...Pluribus One
 
Battista Biggio @ AISec 2013 - Is Data Clustering in Adversarial Settings Sec...
Battista Biggio @ AISec 2013 - Is Data Clustering in Adversarial Settings Sec...Battista Biggio @ AISec 2013 - Is Data Clustering in Adversarial Settings Sec...
Battista Biggio @ AISec 2013 - Is Data Clustering in Adversarial Settings Sec...Pluribus One
 
Battista Biggio @ ECML PKDD 2013 - Evasion attacks against machine learning a...
Battista Biggio @ ECML PKDD 2013 - Evasion attacks against machine learning a...Battista Biggio @ ECML PKDD 2013 - Evasion attacks against machine learning a...
Battista Biggio @ ECML PKDD 2013 - Evasion attacks against machine learning a...Pluribus One
 
Battista Biggio @ ICML2012: "Poisoning attacks against support vector machines"
Battista Biggio @ ICML2012: "Poisoning attacks against support vector machines"Battista Biggio @ ICML2012: "Poisoning attacks against support vector machines"
Battista Biggio @ ICML2012: "Poisoning attacks against support vector machines"Pluribus One
 
Zahid Akhtar - Ph.D. Defense Slides
Zahid Akhtar - Ph.D. Defense SlidesZahid Akhtar - Ph.D. Defense Slides
Zahid Akhtar - Ph.D. Defense SlidesPluribus One
 
Design of robust classifiers for adversarial environments - Systems, Man, and...
Design of robust classifiers for adversarial environments - Systems, Man, and...Design of robust classifiers for adversarial environments - Systems, Man, and...
Design of robust classifiers for adversarial environments - Systems, Man, and...Pluribus One
 
Robustness of multimodal biometric verification systems under realistic spoof...
Robustness of multimodal biometric verification systems under realistic spoof...Robustness of multimodal biometric verification systems under realistic spoof...
Robustness of multimodal biometric verification systems under realistic spoof...Pluribus One
 
Support Vector Machines Under Adversarial Label Noise (ACML 2011) - Battista ...
Support Vector Machines Under Adversarial Label Noise (ACML 2011) - Battista ...Support Vector Machines Under Adversarial Label Noise (ACML 2011) - Battista ...
Support Vector Machines Under Adversarial Label Noise (ACML 2011) - Battista ...Pluribus One
 
Understanding the risk factors of learning in adversarial environments
Understanding the risk factors of learning in adversarial environmentsUnderstanding the risk factors of learning in adversarial environments
Understanding the risk factors of learning in adversarial environmentsPluribus One
 
Amilab IJCB 2011 Poster
Amilab IJCB 2011 PosterAmilab IJCB 2011 Poster
Amilab IJCB 2011 PosterPluribus One
 

More from Pluribus One (20)

Smart Textiles - Prospettive di mercato - Davide Ariu
Smart Textiles - Prospettive di mercato - Davide Ariu Smart Textiles - Prospettive di mercato - Davide Ariu
Smart Textiles - Prospettive di mercato - Davide Ariu
 
Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning - 2019 Int...
Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning - 2019 Int...Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning - 2019 Int...
Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning - 2019 Int...
 
Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning. ICMLC 201...
Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning. ICMLC 201...Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning. ICMLC 201...
Wild Patterns: A Half-day Tutorial on Adversarial Machine Learning. ICMLC 201...
 
Wild patterns - Ten years after the rise of Adversarial Machine Learning - Ne...
Wild patterns - Ten years after the rise of Adversarial Machine Learning - Ne...Wild patterns - Ten years after the rise of Adversarial Machine Learning - Ne...
Wild patterns - Ten years after the rise of Adversarial Machine Learning - Ne...
 
WILD PATTERNS - Introduction to Adversarial Machine Learning - ITASEC 2019
WILD PATTERNS - Introduction to Adversarial Machine Learning - ITASEC 2019WILD PATTERNS - Introduction to Adversarial Machine Learning - ITASEC 2019
WILD PATTERNS - Introduction to Adversarial Machine Learning - ITASEC 2019
 
Is Deep Learning Safe for Robot Vision? Adversarial Examples against the iCub...
Is Deep Learning Safe for Robot Vision? Adversarial Examples against the iCub...Is Deep Learning Safe for Robot Vision? Adversarial Examples against the iCub...
Is Deep Learning Safe for Robot Vision? Adversarial Examples against the iCub...
 
On Security and Sparsity of Linear Classifiers for Adversarial Settings
On Security and Sparsity of Linear Classifiers for Adversarial SettingsOn Security and Sparsity of Linear Classifiers for Adversarial Settings
On Security and Sparsity of Linear Classifiers for Adversarial Settings
 
Secure Kernel Machines against Evasion Attacks
Secure Kernel Machines against Evasion AttacksSecure Kernel Machines against Evasion Attacks
Secure Kernel Machines against Evasion Attacks
 
Battista Biggio @ ICML 2015 - "Is Feature Selection Secure against Training D...
Battista Biggio @ ICML 2015 - "Is Feature Selection Secure against Training D...Battista Biggio @ ICML 2015 - "Is Feature Selection Secure against Training D...
Battista Biggio @ ICML 2015 - "Is Feature Selection Secure against Training D...
 
Battista Biggio @ AISec 2014 - Poisoning Behavioral Malware Clustering
Battista Biggio @ AISec 2014 - Poisoning Behavioral Malware ClusteringBattista Biggio @ AISec 2014 - Poisoning Behavioral Malware Clustering
Battista Biggio @ AISec 2014 - Poisoning Behavioral Malware Clustering
 
Battista Biggio @ S+SSPR2014, Joensuu, Finland -- Poisoning Complete-Linkage ...
Battista Biggio @ S+SSPR2014, Joensuu, Finland -- Poisoning Complete-Linkage ...Battista Biggio @ S+SSPR2014, Joensuu, Finland -- Poisoning Complete-Linkage ...
Battista Biggio @ S+SSPR2014, Joensuu, Finland -- Poisoning Complete-Linkage ...
 
Battista Biggio @ AISec 2013 - Is Data Clustering in Adversarial Settings Sec...
Battista Biggio @ AISec 2013 - Is Data Clustering in Adversarial Settings Sec...Battista Biggio @ AISec 2013 - Is Data Clustering in Adversarial Settings Sec...
Battista Biggio @ AISec 2013 - Is Data Clustering in Adversarial Settings Sec...
 
Battista Biggio @ ECML PKDD 2013 - Evasion attacks against machine learning a...
Battista Biggio @ ECML PKDD 2013 - Evasion attacks against machine learning a...Battista Biggio @ ECML PKDD 2013 - Evasion attacks against machine learning a...
Battista Biggio @ ECML PKDD 2013 - Evasion attacks against machine learning a...
 
Battista Biggio @ ICML2012: "Poisoning attacks against support vector machines"
Battista Biggio @ ICML2012: "Poisoning attacks against support vector machines"Battista Biggio @ ICML2012: "Poisoning attacks against support vector machines"
Battista Biggio @ ICML2012: "Poisoning attacks against support vector machines"
 
Zahid Akhtar - Ph.D. Defense Slides
Zahid Akhtar - Ph.D. Defense SlidesZahid Akhtar - Ph.D. Defense Slides
Zahid Akhtar - Ph.D. Defense Slides
 
Design of robust classifiers for adversarial environments - Systems, Man, and...
Design of robust classifiers for adversarial environments - Systems, Man, and...Design of robust classifiers for adversarial environments - Systems, Man, and...
Design of robust classifiers for adversarial environments - Systems, Man, and...
 
Robustness of multimodal biometric verification systems under realistic spoof...
Robustness of multimodal biometric verification systems under realistic spoof...Robustness of multimodal biometric verification systems under realistic spoof...
Robustness of multimodal biometric verification systems under realistic spoof...
 
Support Vector Machines Under Adversarial Label Noise (ACML 2011) - Battista ...
Support Vector Machines Under Adversarial Label Noise (ACML 2011) - Battista ...Support Vector Machines Under Adversarial Label Noise (ACML 2011) - Battista ...
Support Vector Machines Under Adversarial Label Noise (ACML 2011) - Battista ...
 
Understanding the risk factors of learning in adversarial environments
Understanding the risk factors of learning in adversarial environmentsUnderstanding the risk factors of learning in adversarial environments
Understanding the risk factors of learning in adversarial environments
 
Amilab IJCB 2011 Poster
Amilab IJCB 2011 PosterAmilab IJCB 2011 Poster
Amilab IJCB 2011 Poster
 

Icc2009

  • 1. HMM-Web: a framework for the detection off attacks against Web Applications I. Corona, D. Ariu, G. Giacinto June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu Pattern Recognition and Applications Group Department of Electrical and Electronic Engineering University of Cagliari, Italy PRA Pattern Recognition and Applications Group Presenter Davide Ariu R A P
  • 2.
  • 3. Motivations June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu Source: X-Force® 2008 Trend & Risk Report – January 2009
  • 4.
  • 5.
  • 6. An usage scenario June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
  • 7.
  • 8.
  • 9.
  • 10. IDS-Scheme June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17. Experimental Results Effectiveness of attributes’ codification June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu The curve on the right has been obtained using the codification proposed by Kruegel et al. In “A multimodel approach to the detection of web-based attacks”, Computer Networks, 2005.
  • 18. Experimental Result Effectiveness of the MCS Approach June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
  • 19.
  • 20. Questions? June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu
  • 21. Motivations June 17, 2009 ICC 2009 - HMMWeb - Davide Ariu Source: X-Force® 2008 Trend & Risk Report – January 2009
  • 22.