Did You Know?

Community Leader
Posts: 1,093
Registered: ‎06-12-2013

Ex-Google, Mozilla bods to outwit EVIL BOTS with 'polymorphic' defence

ShapeShifter will see off automated attacks on websites

Startup Shape Security is re-appropriating a favourite tactic of malware writers in developing a technology to protect websites against automated hacking attacks.

Trojan authors commonly obfuscate their code to frustrate reverse engineers at security firms. The former staffers from Google, VMWare and Mozilla (among others) have created a network security appliance which takes a similar approach (dubbed real-time polymorphism) towards defending websites against breaches - by hobbling the capability of malware, bots, and other scripted attacks to interact with web applications.

Polymorphic code was originally used by malicious software to rewrite its own code every time a new machine was infected. Shape has invented patent-pending technology that is able to implement "real-time polymorphism" - or dynamically changing code - on any website. By doing this, it removes the static elements which botnets and malware depend on for their attacks.

How it works

When a ShapeShifter appliance protects a website, instead of encountering an application with fixed elements that are trivial to program an attack against, cybercriminals now face the difficult task of getting their malware to interact with a web app that is a moving target, constantly rewriting itself. This is done while keeping all of the user interaction functionality intact for legitimate users. And it works better than earlier approaches such as IP reputation or throttling, the pitch goes.


Full Article

Community Leader

Please use plain text.
Community Guide
Posts: 292
Registered: ‎02-02-2012

Re: Ex-Google, Mozilla bods to outwit EVIL BOTS with 'polymorphic' defence

I find the polymorphic defense approach quite interesting and think it will prove to be a valuable defense tool.I like the thinking here.The more tools in the defence arsenal the better.

All Pcs now:WSA with ESET Smart Security 7.0.302.26
Adguard 5.9
Acronis True Image 2014
CCleaner 4.10.4570/JV Powertools 2014
Diskeeper Pro 16.0.1017.0
Windows 8.1 PRO X64 8gig memory Core i5 3.2ghz
Please use plain text.