IDS mailing list archives
Re: A Neural Network to detect polymorphic shellcodes
From: Dragos Ruiu <dr () kyx net>
Date: Tue, 25 Jul 2006 16:39:52 -0700
I am loking for project that implement Neural Networks and spectrum analysis to detect polymorphic shellcodes such as those of ADMutate.
Please if you have any links or if your ever workd on such projects I need your help!
I especialy need to know what could be the imputs of the Neural Network and how I can train it.
Well training it would require a plentiful supply of real world shellcodes, and lots of mutated copies. A simpler strategy is to look for distinguishing features of the mutator. I wrote such a preprocessor to detect mutated NOP sleds for snort a while back. Search for "spp_fnord.c" in bugtraq archives and you should find it. cheers, --dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques Tokyo, Japan November 27-30 2006 http://pacsec.jp pgpkey http://dragos.com/ kyxpgp ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
Current thread:
- A Neural Network to detect polymorphic shellcodes mimanium (Jul 24)
- <Possible follow-ups>
- RE: A Neural Network to detect polymorphic shellcodes Víctor H . García Pichardo (Jul 25)
- Re: A Neural Network to detect polymorphic shellcodes Dragos Ruiu (Jul 26)
- Re: A Neural Network to detect polymorphic shellcodes Mina G (Jul 26)
- RE: A Neural Network to detect polymorphic shellcodes Mina G (Jul 26)
- Re: A Neural Network to detect polymorphic shellcodes Dragos Ruiu (Jul 26)