Over 20 Years of SQL Injection Attacks - Refining Web Attack Detection Using Data Mining Techniques

Explore a 25-minute conference talk that delves into the evolution of SQL injection attacks over the past two decades and introduces innovative data mining techniques for enhancing web attack detection. Learn how Content Delivery Network (CDN) logs can be leveraged to refine and optimize security rules, improve detection of future attacks, and identify emerging threats targeting new vulnerabilities. Discover the application of Natural Language Processing (NLP) elements in analyzing SQL injection payloads, including cleaning, curating, and breaking them down into keywords to uncover valuable insights. Follow a comprehensive five-step process for collecting data, choosing keywords, creating matrices, establishing relationships, and clustering information. Gain practical knowledge through a real-world example that demonstrates the effectiveness of these advanced techniques in combating SQL injection attacks.

Intro
Background
Theory
Denial of Service
New Skills
Five Step Process
Step 1 Collecting Data
Step 2 Choosing Keywords
Step 3 The Matrix
Step 4 The Relationship
Step 5 Clustering
Step 6 Real World Example