Penetration testing is a crucial defense against common web application security threats such as SQL injection and cross-site scripting attacks. A proposed web vulnerability scanner automatically generates test data with combinative evasion techniques, significantly expanding test coverage and revealing more vulnerabilities.
The dark data extraction or knowledge base construction (KBC) problem is to populate a relational database with information from unstructured data sources, such as emails, webpages, and PDFs. We describe DeepDive, a system that combines database and machine learning ideas to help to develop KBC systems. DeepDive leverages the effectiveness and efficiency of statistical inference and machine learning for difficult extraction tasks, whereas not requiring users to directly write any probabilistic inference algorithms. The goal of knowledge base construction (KBC) is to populate a structured relational database from unstructured input sources, such as text documents, PDFs, and diagrams.
The current area of Intrusion Detection is begging for Machine Learning to be applied to it. After reading Machine Learning and Data Mining for Computer Security, I feel Dr Maloof has hit the target dead centre. While much research has been done across Computer Security independently and Machine Learning independently, for some reason no one wanted to cross-breed the two topics. This book is a must read for anyone interested in how research can improve computer security It also provides insight into additional areas of research that can be pursued.
LQMS is a knowledge-based system that identifies and explains anomalies in data acquired from multiple sensors. The knowledge base was built by a sequence of domain experts. Its prototype performed with a high level of accuracy and that performance has been incrementally and significantly improved during development and field testing. Several points are developed in this paper.
The Knowledge-based approach allowed the system to be implemented as three separate modules: inference engine, knowledge base, and user interface. Initially required to run under MS-DOS on a PC AT equivalent with 640K of RAM, a second release to run under Windows 3.1 reused the inference engine and knowledge base, requiring only a revised user interface. Enhancements made to the inference engine and the knowledge base were immediately available to both environments.