Program
Developing DBFW from scratch
Authors: Denis Kolegov and Arseny Reutov
The talk describes technical aspects of developing a Database Firewall prototype from scratch, such as: what is required to develop DBFW; whether machine learning can be used for effective detection of SQL injection based on SQL requests; how to detect SQL injections using syntax analysis; and how to implement attribute and role-based access control. The speaker will also tell about prospective application protection mechanisms based on firewalls and static code analysis.
- Language
- Russian
- Info
- Video
- Presentation
Denis Kolegov PhD in Technical Sciences. An Associate Professor at the Tomsk State University (the information security and cryptography department). The lead of the application protection technics research team at Positive Technologies. Arseny Reutov Graduated from Mari State University in 2012. Head of the application protection research department at Positive Technologies. An author of various research papers on information security and the web security blog raz0r.name. Specializes in information security issues, penetration testing, and analysis of web applications and source code.
