Slashdot Mirror

← Back to Stories (view on slashdot.org)

English Shell Code Could Make Security Harder

Posted by ScuttleMonkey on from the little-bobby-tables-takes-up-writing dept.

An anonymous reader writes to tell us that finding malicious code might have just become a little harder. Last week at the ACM Conference on Computer and Communications Security, security researchers Joshua Mason, Sam Small, Fabian Monrose, and Greg MacManus presented a method they developed to generate English shell code [PDF]. Using content from Wikipedia and other public works to train their engine, they convert arbitrary x86 shell code into sentences that read like spam, but are natively executable. "In this paper we revisit the assumption that shell code need be fundamentally different in structure than non-executable data. Specifically, we elucidate how one can use natural language generation techniques to produce shell code that is superficially similar to English prose. We argue that this new development poses significant challenges for in-line payload-based inspection (and emulation) as a defensive measure, and also highlights the need for designing more efficient techniques for preventing shell code injection attacks altogether."

10 of 291 comments (clear)

  1. haha by Anonymous Coward · · Score: -1, Offtopic

    first. närå.

  2. The syntax should not matter.. by Wovel · · Score: -1, Offtopic

    This is no different than adding any other shell...If your security is relying on an inline inspection for commands specific to a particular shell, you have already lost.

    1. Re:The syntax should not matter.. by tjstork · · Score: 0, Offtopic

      you can't just see something for what it is,

      Kinda tough with all the hype.

      --
      This is my sig.
    2. Re:The syntax should not matter.. by tjstork · · Score: 0, Offtopic

      it's a very useful skill to have if you're interested in reality

      See, I'm not really all that interested in it. Our obsession with reality is overrated because it is culturally acidic. Reality is all about looking down and sometimes humanity needs to be looking up.

      --
      This is my sig.
    3. Re:The syntax should not matter.. by tjstork · · Score: 0, Offtopic

      In your non-reality world that may be true, but in reality it's not.In your non-reality world that may be true, but in reality it's not.

      No, in the objective world, I'm right, and I can prove it by pointing at any number of reduced human aspirations in recent generations. Ever since the 1960s, humanity has gone south.

      --
      This is my sig.
  3. Re:This is by StuartHankins · · Score: 0, Offtopic

    Did I miss something or did you just totally change topics twice in your post? Haircut? Vacation?

    Go outside, you need some fresh air!

  4. Re:In other news... by Anonymous Coward · · Score: -1, Offtopic

    Dude, you won, here's you trophy.

    Now please excuse the rest of us while we laugh at you for being such a pedantic ass.

  5. Re:In other news... by QuantumG · · Score: -1, Offtopic

    Whoever modded this up is a retard.

    Let this post stand as an example of all that is wrong with the Slashdot moderation system.

    Idiots.

    --
    How we know is more important than what we know.
  6. Re:In other news... by omeomi · · Score: -1, Offtopic

    You're right. If I had any mod points, I would mod you down for being offtopic and excessively confrontational.

    --
    ZuluPad, the wiki notepad on crack
  7. This Is For Niggers And Spics Especially by Anonymous Coward · · Score: -1, Offtopic

    The law should require that anyone who receives welfare or food stamps for any length of time should undergo mandatory permanent surgical sterilization, because if there's anything ghetto rats are good at doing it's breeding. These are people who can't figure out that when you're in the ghetto and can barely scrape by and can't even do that without being a burden to society, you should NOT be having children. That make this a great idea. WHO'S WITH ME?!

    incase anyone is wondering... no its not an accident i picked that particular post to add this response to. like another AC said, dude you're wrong, let it go.