Hello, I originally created a tool that identified HTTP attacks using finite state machines and Forward Analysis. In later versions, I had incorporated fuzzy HTTP request analysis.
Look for strings and evasions. In this case fuzz shell names, exec*() calls and APIs, kernel execution gates (Linux and such), and such. Regards, -- Jason Muskat | GCUX - de VE3TSJ ____________________________ TechDude e. [EMAIL PROTECTED] m. 416 .414 .9934 http://TechDude.Ca/ > From: <[EMAIL PROTECTED]> > Date: 23 Jul 2006 14:00:27 -0000 > To: <[email protected]> > Subject: A Neural Network to detect polymorphic shellcodes > > Hello, > > I am loking for project that implement Neural Networks and spectrum analysis > to detect polymorphic shellcodes such as those of ADMutate. > > Please if you have any links or if your ever workd on such projects I need > your help! > > I especialy need to know what could be the imputs of the Neural Network and > how I can train it. > > Regards, > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 > to learn more. > ------------------------------------------------------------------------ > ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
