A study in Application Based Intrusion Detection

[kp () case edu]

I have created 3 web services with application vulnerabilities (modeled on popular internet applications - eBay, 
Facebook, and PokerStars). As part of my graduate work, I am trying to find an automated way to choose user executions 
to audit which have exploited a security vulnerability. Vulnerabilities are activated by exploiting faults that a 
software developer may commonly overlook.
To encourage user testing, I am sponsoring a contest, asking users to find these vulnerabilities. Find the most 
vulnerabilities, and win prizes, including 5 free tunes from iTunes and Apple T-Shirts.

Thanks in advance to anyone that tries out these web services. It's appreciated.

Ken

-------------------------------------------------------------------------
This List Sponsored by: SpiDynamics

ALERT: "How A Hacker Launches A Web Application Attack!" 
Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world 
examples of recent hacking methods such as: SQL Injection, Cross Site 
Scripting and Parameter Manipulation

https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl
--------------------------------------------------------------------------