This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Israel 2011 Presentations"
| Line 27: | Line 27: | ||
Amichai Shulman is Co-Founder and CTO of Imperva, where he heads the Application Defense Center (ADC), Imperva's internationally recognized research organization focused on security and compliance. Shulman regularly lectures at trade conferences and delivers monthly eSeminars. The press draws on Shulman's expertise to comment on breaking news, including security breaches, mitigation techniques, and related technologies. Under his direction, the ADC has been credited with the discovery of serious vulnerabilities in commercial Web application and database products, including Oracle, IBM, and Microsoft. Shulman has appeared on CNN, in the New York Times, USA Today, Washington Post, BBC and Sydney Morning Herald. Prior to Imperva, Shulman was founder and CTO of Edvice Security Services Ltd., a consulting group that provided application and database security services to major financial institutions, including Web and database penetration testing and security strategy, design and implementation. Shulman served in the Israel Defense Forces, where he led a team that identified new computer attack and defense techniques. He has B.Sc and Masters Degrees in Computer Science from the Technion, Israel Institute of Technology | Amichai Shulman is Co-Founder and CTO of Imperva, where he heads the Application Defense Center (ADC), Imperva's internationally recognized research organization focused on security and compliance. Shulman regularly lectures at trade conferences and delivers monthly eSeminars. The press draws on Shulman's expertise to comment on breaking news, including security breaches, mitigation techniques, and related technologies. Under his direction, the ADC has been credited with the discovery of serious vulnerabilities in commercial Web application and database products, including Oracle, IBM, and Microsoft. Shulman has appeared on CNN, in the New York Times, USA Today, Washington Post, BBC and Sydney Morning Herald. Prior to Imperva, Shulman was founder and CTO of Edvice Security Services Ltd., a consulting group that provided application and database security services to major financial institutions, including Web and database penetration testing and security strategy, design and implementation. Shulman served in the Israel Defense Forces, where he led a team that identified new computer attack and defense techniques. He has B.Sc and Masters Degrees in Computer Science from the Technion, Israel Institute of Technology | ||
| − | + | <br> | |
| Line 42: | Line 42: | ||
TBD | TBD | ||
| − | + | <br> | |
| Line 56: | Line 56: | ||
TBD | TBD | ||
| − | + | <br> | |
| Line 70: | Line 70: | ||
TBD | TBD | ||
| − | + | <br> | |
| Line 84: | Line 84: | ||
TBD | TBD | ||
| − | + | <br> | |
| Line 99: | Line 99: | ||
TBD | TBD | ||
| − | + | <br> | |
| Line 113: | Line 113: | ||
TBD | TBD | ||
| − | + | <br> | |
| Line 128: | Line 128: | ||
TBD | TBD | ||
| − | + | <br> | |
| Line 150: | Line 150: | ||
Yotam Harchol is a graduate student at the Hebrew University of Jerusalem. Currently he works with Dr. Anat Bremler-Barr (IDC) and Dr. David Hay (HUJI) on network algorithms and security, deep packet inspection and high performance computing. He received his bachelor degree in Computer Science from IDC Herzliya. | Yotam Harchol is a graduate student at the Hebrew University of Jerusalem. Currently he works with Dr. Anat Bremler-Barr (IDC) and Dr. David Hay (HUJI) on network algorithms and security, deep packet inspection and high performance computing. He received his bachelor degree in Computer Science from IDC Herzliya. | ||
| − | + | <br> | |
| Line 164: | Line 164: | ||
TBD | TBD | ||
| − | + | <br> | |
| Line 178: | Line 178: | ||
TBD | TBD | ||
| − | + | <br> | |
| Line 192: | Line 192: | ||
TBD | TBD | ||
| − | + | <br> | |
| Line 206: | Line 206: | ||
TBD | TBD | ||
| − | + | <br> | |
Revision as of 13:37, 4 August 2011
Keynote
Composite Applications Over Hybrid Clouds – Enterprise Security Challenges of the IT Supply Chain
Dr. Ethan Hadar, Senior Vice President Corporate Technical Strategy, CA
TBD
Speaker Bio
TBD
Track A
Finding Security in Misery of Others
Amichai Shulman, CTO, Imperva
We frequently read about different security incidents, including data breaches, attacks and other hacks. The details of these incidents enable us to learn from others. However, most of the news reports regarding security breaches are vague and nebulous. This session will explain how to "Read between the Lines" of press reports on security breaches. The presentation will demonstrate, using past security incident reports, how to understand the attack methods, the compromised services, and the different applied security policies at the attack location. The session will also describe mitigation techniques that might have been helpful in a specific incident. Examples breaches will focus on hacking techniques that span search engines, SQL injection and data theft.
This "Behind the Scenes" perspective, will illustrate the important failure points, how to find information regarding the detection process, and analyze the effectiveness of the audit trail in the incident. Finally, the presenter will suggest some preventive measures to avoid similar breaches. The attendees will learn how to diagnose the attack scenario in order to apply and test the correct security controls in their system to prevent a similar mishap at their site.
Speaker Bio
Amichai Shulman is Co-Founder and CTO of Imperva, where he heads the Application Defense Center (ADC), Imperva's internationally recognized research organization focused on security and compliance. Shulman regularly lectures at trade conferences and delivers monthly eSeminars. The press draws on Shulman's expertise to comment on breaking news, including security breaches, mitigation techniques, and related technologies. Under his direction, the ADC has been credited with the discovery of serious vulnerabilities in commercial Web application and database products, including Oracle, IBM, and Microsoft. Shulman has appeared on CNN, in the New York Times, USA Today, Washington Post, BBC and Sydney Morning Herald. Prior to Imperva, Shulman was founder and CTO of Edvice Security Services Ltd., a consulting group that provided application and database security services to major financial institutions, including Web and database penetration testing and security strategy, design and implementation. Shulman served in the Israel Defense Forces, where he led a team that identified new computer attack and defense techniques. He has B.Sc and Masters Degrees in Computer Science from the Technion, Israel Institute of Technology
Building an Effective SDLC Program - Case Study
Guy Bejerano, CSO, Liveperson Ofer Maor, CTO, Seeker Security
TBD
Speaker Bio
TBD
All Your Mobile Applications Are Belong to Us
Itzik Kotler, CTO, Security Art
TBD
Speaker Bio
TBD
CMS - The Nightmare of AppSec Testing
Irene Abezgauz, Product Manager, Seeker Security
TBD
Speaker Bio
TBD
When Crypto Goes Wrong
Erez Metula, CEO, AppSec Labs
TBD
Speaker Bio
TBD
Security Testing of RESTful Services
Ofer Shezaf, Head of AppSec Research, HP Eyal Fingold, Senior Security Developer, HP
TBD
Speaker Bio
TBD
The Bank Job
Adi Sharabani, Rational Security, IBM
TBD
Speaker Bio
TBD
Track B
Temporal Session Race Conditions
Shay Chen, CTO, Hacktics Advanced Security Center, Ernst & Young
TBD
Speaker Bio
TBD
Space-Time Tradeoffs in Software-Based Deep Packet Inspection
Yotam Harchol, IDC
Deep Packet Inspection (DPI) lies at the core of contemporary Network Intrusion Detection Systems (NIDS). DPI aims to identify various malware by inspecting both the header and the payload of each packet and comparing it to a known set of patterns. DPI is often performed on the critical path of the packet processing, thus the overall performance of the security tools is dominated by the speed of DPI.
The Aho-Corasick (AC) algorithm is the de-facto standard for pattern matching in NIDS. Basically, the AC algorithm constructs a Deterministic Finite Automaton (DFA) for detecting all occurrences of a given set of patterns by processing the input in a single pass. The input is inspected symbol by symbol, such that each symbol results in a state transition. Thus, in principle, the AC algorithm has deterministic performance, which does not depend on specific input and therefore is not vulnerable to algorithmic complexity attacks, making it very attractive.
In this talk I will show that, when implementing the AC algorithm in software, this property does not hold, due to the fact that contemporary pattern sets induce very large DFAs that cannot be stored entirely in cache. We propose a novel technique to compress the representation of the AC automaton, so it can fit in modern cache. We compare both the performance and the memory footprint of our technique to previously-proposed implementation, under various settings and pattern sets. Our results reveal the space-time tradeoffs of DPI. Specifically, we show that our compression technique reduces the memory footprint of the best prior-art algorithm by approximately 60%, while achieving comparable throughput.
Joint work with Anat Bremler-Barr (IDC) and David Hay (HUJI).
This work was presented in IEEE International Conference on High Speed Switching and Routing (HPSR), July 2011, Cartagena, Spain.
Speaker Bio
Yotam Harchol is a graduate student at the Hebrew University of Jerusalem. Currently he works with Dr. Anat Bremler-Barr (IDC) and Dr. David Hay (HUJI) on network algorithms and security, deep packet inspection and high performance computing. He received his bachelor degree in Computer Science from IDC Herzliya.
TITLE
SPEAKER
TBD
Speaker Bio
TBD
TITLE
SPEAKER
TBD
Speaker Bio
TBD
TITLE
SPEAKER
TBD
Speaker Bio
TBD
TITLE
SPEAKER
TBD
Speaker Bio
TBD
TITLE
SPEAKER
TBD
Speaker Bio
TBD
