This webinar is an overview of text classification with machine learning to detect SQL injection attack attempts, a description of SQL injection attacks, and common defensive measures. Machine learning for facilitating system input validation in the cloud is also covered in this webinar. NIST Special Publication 800-53 (Rev. 4), Security and Privacy Controls for Federal Information Systems and Organizations, System and Information Integrity (SI-10) INFORMATION INPUT VALIDATION supplemental guidance calls for input validation to ensure accurate and correct inputs to prevent attacks of cross-site scripting and a variety of injection attacks.

In addition to input validation, SQL Injection attacks are preventable by using parameterized database queries with bound, typed parameters. Mr. Anthony (Tony) Leonard will explain parameterized database queries and how to prevent injection attempts. He will also explain the importance of detecting injection attack attempts when using parameterized database queries; standard detection methods; and demonstrate machine learning as a leveraged resource to improve detection beyond standard programming methods.

He will provide basic examples of SQL Injection attacks and a high-level overview of how machine learning with TensorFlow text classification with Recurrent Neural Networks (RNN) is used to detect SQL Injection attack attempts. The following is the webinar’s agenda:

• SQL Injection Attack Overview

• Defensive Measures

• Why Detection is Important

• Standard Detection Methods

• Machine Learning Detection

Tony Leonard is the Lead Solutions Architect for SBG Technology Solutions serving Federal Government clients with capabilities that include IT Modernization, Cyber Security, Professional Engineering, IT Governance, and Artificial Intelligence. Tony has more than 25 years of industry experience in information technology and program management in both the public and private sectors.

Tony’s research interests include the use of cloud technologies for continuous integration and continuous delivery, robotic process automation, and the use of artificial intelligence to solve meaningful problems. He first wrote about artificial intelligence in Gathering Requirements from Remote Users, Proceedings of the 9th International Conference on Tools with Artificial Intelligence, 1997, pp. 462-471 where he describes how to use algorithms to schedule software development tasks using developer defined implementation timelines.

Tony grew up in the Ohio Valley in McMechen, WV. He earned a B.S. in Business Administration from Glenville State College and an M.S. in Computer Science from the Naval Postgraduate School. He is a former Army Officer, former West Point Computer Science Assistant Professor, and Bronze Star recipient – Operation Iraqi Freedom.