English Shell Code Could Make Security Harder 291
An anonymous reader writes to tell us that finding malicious code might have just become a little harder. Last week at the ACM Conference on Computer and Communications Security, security researchers Joshua Mason, Sam Small, Fabian Monrose, and Greg MacManus presented a method they developed to generate English shell code [PDF]. Using content from Wikipedia and other public works to train their engine, they convert arbitrary x86 shell code into sentences that read like spam, but are natively executable. "In this paper we revisit the assumption that shell code need be fundamentally different in structure than non-executable data. Specifically, we elucidate how one can use natural language generation techniques to produce shell code that is superficially similar to English prose. We argue that this new development poses significant challenges for in-line payload-based inspection (and emulation) as a defensive measure, and also highlights the need for designing more efficient techniques for preventing shell code injection attacks altogether."
This is (Score:4, Funny)
quite terrifying :(
If hackers convert arbitrary x86 shell code into sentences that read like spam, but are natively executable .. we're all screwed :(
We'll either need to tighten up how architectures execute instructions to make it harder to execute shell code in the first place.. or come up with sophisticated AI to help filter out the shell code. Of course, as soon as we do that, hackers will develop AIs which can write convincing (and even compelling) shell code.. and THEN what the hell do we do.
Now where I live you can get a pretty decent hair cut for $17 (they even trim up the beard). You can't get anything fancy.. but a decent, professional-ish type haircut is definitely no problem.
My employer is giving us a pretty generous Christmas vacation.. really looking forward to that!!
Also this time of year is great cause CHRISTMAS is everywhere :D
Oh great - that love letter from the IRS (Score:4, Funny)
Re:This is (Score:4, Funny)
I beleive you missed the virus he just sent you. :)
This very comment (Score:5, Funny)
OMG! (Score:5, Funny)
Re:OMG! (Score:5, Funny)
Leave the bible out of this!
Re:This very comment (Score:5, Funny)
oblig (Score:1, Funny)
Has anyone really been far even as decided to use even go want to do look more like?
Re:In other news... (Score:2, Funny)
FAIL. It cannot be an assembler if the input is not assembly.
It's a translator.
Re:This is (Score:2, Funny)
I propose the x86 instruction set be altered to add an additional byte to every instruction, a NUL byte or NUL word, so every instruction will have an additional 2 to 8 bytes of overhead, at least 1 must be set to all bits 0, and the following byte must be set to all bits 1.
Since the NUL byte cannot be expressed in a sentence and commonly causes I/O to terminate (i.e. delineates the end of the string), x86 code can then not be disguised as a sentence.
Also, the following byte being all bits 1, assures that the instruction cannot be transmitted over protocols that do not provide 8-bit support.
Further, the all-bits 1 sequence should be removed from ASCII and banned from use by any network protocol: to transmit such bits, you must encode in Base64.
Antelope museum (Score:5, Funny)
Consume more trains, Elvis! He, and snorkels, drink elephant's sock puppet master. Steamed cabbage can reverse big piles of ducks. Additionally, cheese log cabin nightmare.
You're screwed now, x86 suckas!
Re:OMG! (Score:5, Funny)
So now that you've explained my joke, do you get it?
Linux version (Score:5, Funny)
"Please type the following on your command-line:
rm -rf *
Thank you."
Re:In other news...BAN THE PARENT (Score:2, Funny)
You have... (Score:3, Funny)
You have
a virus
Didn't you know?
You shouldn't be
running Windows
Burma Shave
Comment removed (Score:3, Funny)
Re:OMG! (Score:4, Funny)
Yes, its' a simple head code. Any English schoolboy could catch it.
English Shell Code...? (Score:2, Funny)
Re:Linux version (Score:2, Funny)
I thought all you Linux types like to make fun of Windows for having names like "My Documents" and what not?