PPT-Predicting zero-day software vulnerabilities through data mining

Su Zhang Department of Computing and Information Science Kansas State University 1 Outline Motivation Related work Proposed approach Possible techniques Plan 2 Outline Motivation Related work. 1 miles Chapter. 15 : . Attacking. . Compiled. Applications. Alexis Kirat - International Student. Native . execution. . environment. Vs. . Compiled. . execution. . environment. The majority of web applications are now written using languages and platforms that run in a managed execution environment in which classic vulnerabilities . Reduce Risk and Cost. Jonathan . Trull. @. jonathantrull. CISO, . Qualys. Seth Corder . @. corderseth. Automation Specialist, BMC. The Great Divide. 2. DevOps. Security. 3. Attack-Defend Cycle (OODA Loop). Security. Jorina. van . Malsen. 1. FLAX: . Systematic. . Discovery. of . Client-Side. . Validation. . Vulnerabilities. in . Rich. Web . Applications. Client-Side. . Validation. (CSV) . Vulnerabilities. CS . 795/895. References. . Reference 1. Big List of Information Security Vulnerabilities, John . Spacey, 2011 . http://. simplicable.com/new/the-big-list-of-information-security-vulnerabilities. Reference 2. Top Ten Database Security Threats, . Concrete Vulnerability Demonstrations for Software Engineering Undergraduates. Andy Meneely . and Samuel . Lucidi. Department of Software Engineering. Rochester Institute of Technology. Software Must Be Secure!. Laura Guidry-Grimes, Georgetown University. Elizabeth Victor, USF & Georgetown University. FEMMSS Conference, 2012. Introduction. Vulnerabilities. Rejection of Kantian isolated ‘. willers. ’ account. . Kotian. . | Author, NSA IAM, CEH. Product . Line Manager | Next Generation Security Platforms. rohanrkotian. @hp.com. Next Generation Cyber Threats. Shining . the Light on the Industries' Best Kept. --Third Presentation. Su Zhang. 1. Outline. Quick Review.. Data Source – NVD.. Data Preprocessing.. Experimental Results.. An Essential Limitation.. An Alternative Feature.. Conclusion.. Future Work.. Criterion-Related Validation. Regression & Correlation. What’s the difference between the two?. Significance . Testing. Type I and type II errors. Statistical power to reject the null. . Chapter 6 Predicting Future Performance. Group 5:. Katie Hardman. Tom . Horley. Daniel Hyatt. Executive Summary. Data Description. Data Preparation and Exploration. Scatter Plots of Grade and Finished Area vs Sale Price. Decision Tree Rules to predict highest and lowest Sale Prices. a Vulnerability Management Program. Michael Zimmer. Information Security Analyst, Northern Arizona University. Grant Johnson. Technical Account Manager, Qualys. Who Are We. Why Vulnerability Management?. for . Austin Energy Conference. (A funny thing happened on the way to utopia). April 13, 2017. Alex Athey, PhD. Emerging Security and Technology Group. Applied Research Laboratories. The University of Texas at Austin. The Desired Brand Effect Stand Out in a Saturated Market with a Timeless Brand