How NLP Can Help Us Understand Web Attackers - Applying Word2Vec to Web Application Security

Explore how Natural Language Processing (NLP) techniques can be applied to web application security in this conference talk from OWASP Global AppSec Tel Aviv. Dive into the application of Word2Vec to analyze malicious web requests, embedding attack vectors in Euclidean space for contextual analysis. Learn about practical applications, including modeling web scanning tools, assessing security rule effectiveness, and distinguishing targeted attacks from general web scans. Gain insights from cybersecurity experts Itsik Mantin and Ori Or Meir as they present their research on using NLP to better understand and defend against web attackers. Discover how this innovative approach can help identify related attack vectors, improve security rule accuracy, and isolate attacks from the same campaign.

Introduction
About the team
What is AI used for
Security Modeling and Attack Analytics
Malicious Request
Rules Selection
Wool Set
Eight Rules
Demo
Embedding of Rules
Finding False Negatives
Research Mode
Example
How we did it
Concrete example
More examples
Summary