light bulb

Did You Know?

Posts: 8,025
Topics: 5,474
Kudos: 11,321
Registered: ‎06-12-2013

Ex-Google, Mozilla bods to outwit EVIL BOTS with 'polymorphic' defence

ShapeShifter will see off automated attacks on websites

Startup Shape Security is re-appropriating a favourite tactic of malware writers in developing a technology to protect websites against automated hacking attacks.

Trojan authors commonly obfuscate their code to frustrate reverse engineers at security firms. The former staffers from Google, VMWare and Mozilla (among others) have created a network security appliance which takes a similar approach (dubbed real-time polymorphism) towards defending websites against breaches - by hobbling the capability of malware, bots, and other scripted attacks to interact with web applications.

Polymorphic code was originally used by malicious software to rewrite its own code every time a new machine was infected. Shape has invented patent-pending technology that is able to implement "real-time polymorphism" - or dynamically changing code - on any website. By doing this, it removes the static elements which botnets and malware depend on for their attacks.

How it works

When a ShapeShifter appliance protects a website, instead of encountering an application with fixed elements that are trivial to program an attack against, cybercriminals now face the difficult task of getting their malware to interact with a web app that is a moving target, constantly rewriting itself. This is done while keeping all of the user interaction functionality intact for legitimate users. And it works better than earlier approaches such as IP reputation or throttling, the pitch goes.


Full Article

Sr. Community Leader

Posts: 388
Topics: 43
Kudos: 372
Registered: ‎02-02-2012

Re: Ex-Google, Mozilla bods to outwit EVIL BOTS with 'polymorphic' defence

I find the polymorphic defense approach quite interesting and think it will prove to be a valuable defense tool.I like the thinking here.The more tools in the defence arsenal the better.

WSA-C Firewall
Windows 10 Pro X64
Ublock Origin Firefox and Chrome,adblock plus IE
Always have a BACKUP plan!