Hi,
The neural networks aren't very useful for the detection of polymorphic
shellcode (especially).
Indeed by having a good disassembly library it is possible to solve a
shellcode (polymorphic or not) and thus to detect it.
----- Original Message -----
From: "Stefano Zanero" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; "Focus-Ids Mailing List"
<[email protected]>
Sent: Thursday, August 17, 2006 2:12 PM
Subject: Re: A Neural Network to detect polymorphic shellcodes
[EMAIL PROTECTED] wrote:
Hello,
I am loking for project that implement Neural Networks and spectrum
analysis to detect polymorphic shellcodes such as those of ADMutate.
This seems like a bad case of "pushing a technique onto a problem" or
better "buzzword fascination problem".
Spectral analysis is useful on continuous variables. How would you
represent "a shellcode" as a continuous variable or multivariate series
of continuos variables ?
Neural networks themselves are more useful on metric variables than on
qualitative variables. And here again: on what metrics and features
would you train them ?
Stefano
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
Michael Vergoz
BinarySEC R&D
[EMAIL PROTECTED]
Try BinarySEC for Apache NOW !
Free download : http://www.binarysec.com
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
