This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

AppSecEU08 PHPIDS Monitoring attack surface activity

Revision as of 17:55, 1 May 2008 by X00mario (talk | contribs) (The talk)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The talk

The presentation will be about the PHPIDS and how this system might be capable solving several security dilemmas of developers and site owners. Such as:

  • Complexity of the webapp security topic vs. time pressure
  • Diversity of attack patterns and techniques
  • Costs for nowadays security solutions
  • Obfuscated exploits vs. Blacklisting
  • Techniques to detect attacks based on algorithms
  • Massive usage of regular expressions vs. performance

The talk is potentially interesting for either security professionals, developers and project managers since the meaning and whereabouts of the PHPIDS will be introduced - as well as some regular expression black magic the system uses.

An important part of the presentation will be about possibilities to detect attacks without blacklists or other dictionary based techniques but by the plain buildup of the string.

The presentation is based on a white-paper about the PHPIDS - which can be found here [1]

The speaker

Mario Heiderich is a cologne based developer and CSO right now working for the performance marketing company [2]. He is active in several security related groups and organizations such as the PHPIDS Team [3], GNUCITIZEN [4] and several others. Please visit his website to receive more information about Mario [5].