Category: Extrusion Detection

GeoIP and Geo-Targeting

Posted on 09/08/09 No Comments

Lately I have been busy with a web-based geo-targeting project.   For those of you not familiar with geo-targeting, the deeper you get into geo-targeting, the more you realize how important and interesting it is. Geo-targeting is used for fraud detection, personalization, ad-targeting, content-delivery, and more.   In addition, the same basic concept is used [...]

Read more

The Top Information Security Risks for 2008

Posted on 01/15/08 No Comments

Blogging has it’s rewards. I recently published a list of the Top Ten Cybersecurity Threats for 2008. This list motivated another collaborative list for 2008, organized by Dr. Gary Hinson, The Top Information Security Risks for 2008.

Read more

Complex Event Processing with Esphion Neural Agents

Posted on 12/19/07 No Comments

Detection-oriented technologies generally fall into two broad areas, signature-based detection and anomaly-based detection.    Complex event processing (CEP) is also a detection-oriented technology, so we can readily understand that CEP applications must also fall within the same two general areas. Signature-based detection is sometime referred to as static detection because the technology relies on pre-defined rules, filters, and signatures [...]

Read more

End Users Should Define the CEP Market.

Posted on 12/17/07 5 Comments

My friend Opher mistakenly thought I was thinking of him when I related the story of the fish, as he replied, CEP and the Story of the Captured Traveller. I must not have related the fish story very well, because to understood the story of the fish, is to know that we are all like the fish, in certain [...]

Read more

CEP Center of Excellence for Cybersecurity at Software Park Thailand

Posted on 12/16/07 No Comments

In July 2007, at InformationSecurityAsia2007,  I unveiled an idea to create a cybersecurity CEP Center of Excellence (COE) in Thailand.  Under the collaborative guidance of Dr. Rom Hiranpruk, Deputy Director, Technology Management Center, National Science and Technology Development Agency (NSTDA), Dr. Prinya Hom-anek, President and Founder, ACIS Professional Center, and Dr. Komain Pipulyarojana, Chief National Security Section, National Electronics [...]

Read more

The Asia Business Forum: Information Security Risk Assessment and Management (Day One)

Posted on 12/11/07 No Comments

Today is the opening day of the Information Security Risk Assessment and Management conference in Bangkok.   Mr. Charoon Boonsanong, Lecturer, Faculty of Economics, Chulalongkorn University, open the conference.   Dr. Komain Pipulyarojana, Chief National Security Section, National Electronics and Computer Technology Center, will lead off with a presentation on the Latest Trends, Standards and Threats for Information Security & [...]

Read more

The Top Ten Cybersecurity Threats for 2008 – Final Draft

Posted on 12/06/07 11 Comments

As promised, here is the final draft of my perspective on the top ten cybersecurity security threats for 2008.  I reviewed many prior “top ten” threat lists and noticed most of them accidentally confuse vulnerabilities and threats, listing vulnerabilities as threats.   In my review, I could not find any “top ten” threat lists which attempted to use, or follow, the [...]

Read more

The Top Ten Security Threats for 2008 (Part 15) – Insiders

Posted on 12/06/07 No Comments

Here is my final entry for the 2008 list of top ten cybersecurity threats:       — Sabotage, theft and other attacks by disgruntled employees and insiders. The Computer Security Institute and FBI conduct an annual CSI/FBI Computer Crime and Security Survey of U.S. corporations, government agencies, financial institutions, and universities. Eightly percent of the information security professionals who responded indicated [...]

Read more

The Top Ten Security Threats for 2008 (Part 14) – Vandalism

Posted on 12/06/07 No Comments

Here is my ninth entry on the top ten cybersecurity threats for 2008:       — Cyberspace vandalism. Cyberspace vandalism is the defacement or destruction of visible web sites or less visible computer systems (for example files).   Dangerous acts of vandalism are by often politically or antisocially motivated criminals who break into a web site, steal or destroy files if they can, and then [...]

Read more

Type I and Type II Errors – The Heart of Event Processing

Posted on 12/05/07 No Comments

Opher Etzion begins to discuss one of the topics I consider to be the heart of event processing in his post, On False Positives and False Negatives. Statistically speaking, false positives are called Type I errors (? errors) and false negatives are called Type II errors (? errors). If you are interested in “getting to [...]

Read more
Page 1 of 3123»