> I am loking for project that implement Neural Networks and spectrum > analysis to detect polymorphic shellcodes such as those of ADMutate.
> Please if you have any links or if your ever workd on such projects I need > your help! > I especialy need to know what could be the imputs of the Neural Network and > how I can train it. Well training it would require a plentiful supply of real world shellcodes, and lots of mutated copies. A simpler strategy is to look for distinguishing features of the mutator. I wrote such a preprocessor to detect mutated NOP sleds for snort a while back. Search for "spp_fnord.c" in bugtraq archives and you should find it. cheers, --dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques Tokyo, Japan November 27-30 2006 http://pacsec.jp pgpkey http://dragos.com/ kyxpgp ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
