Re: A Neural Network to detect polymorphic shellcodes

Hello,

I originally created a tool that identified HTTP attacks using finite state
machines and Forward Analysis. In later versions, I had incorporated fuzzy
HTTP request analysis.

Look for strings and evasions. In this case fuzz shell names, exec*() calls
and APIs, kernel execution gates (Linux and such), and such.

Regards,

-- 
Jason Muskat  | GCUX - de VE3TSJ
____________________________
TechDude
e. Jason_at_TechDude.Ca
m. 416 .414 .9934
http://TechDude.Ca/
> From: <mimanium_at_hotmail.com>
> Date: 23 Jul 2006 14:00:27 -0000
> To: <focus-ids_at_securityfocus.com>
> Subject: A Neural Network to detect polymorphic shellcodes
> 
> Hello,
> 
> I am loking for project that implement Neural Networks and spectrum analysis
> to detect polymorphic shellcodes such as those of ADMutate.
> 
> Please if you have any links or if your ever workd on such projects I need
> your help!
> 
> I especialy need to know what could be the imputs of the Neural Network and
> how I can train it.
> 
> Regards,
> 
> ------------------------------------------------------------------------
> Test Your IDS
> 
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it
> with real-world attacks from CORE IMPACT.
> Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
> to learn more.
> ------------------------------------------------------------------------
> 
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------