light bulb

Did You Know?



Reply
Highlighted
Posts: 6,085
Topics: 4,025
Kudos: 7,802
Registered: ‎06-12-2013

Ex-Google, Mozilla bods to outwit EVIL BOTS with 'polymorphic' defence

ShapeShifter will see off automated attacks on websites

Startup Shape Security is re-appropriating a favourite tactic of malware writers in developing a technology to protect websites against automated hacking attacks.

Trojan authors commonly obfuscate their code to frustrate reverse engineers at security firms. The former staffers from Google, VMWare and Mozilla (among others) have created a network security appliance which takes a similar approach (dubbed real-time polymorphism) towards defending websites against breaches - by hobbling the capability of malware, bots, and other scripted attacks to interact with web applications.

Polymorphic code was originally used by malicious software to rewrite its own code every time a new machine was infected. Shape has invented patent-pending technology that is able to implement "real-time polymorphism" - or dynamically changing code - on any website. By doing this, it removes the static elements which botnets and malware depend on for their attacks.


How it works

When a ShapeShifter appliance protects a website, instead of encountering an application with fixed elements that are trivial to program an attack against, cybercriminals now face the difficult task of getting their malware to interact with a web app that is a moving target, constantly rewriting itself. This is done while keeping all of the user interaction functionality intact for legitimate users. And it works better than earlier approaches such as IP reputation or throttling, the pitch goes.

 

Full Article

Sr. Community Leader

Posts: 378
Topics: 43
Kudos: 351
Registered: ‎02-02-2012

Re: Ex-Google, Mozilla bods to outwit EVIL BOTS with 'polymorphic' defence

I find the polymorphic defense approach quite interesting and think it will prove to be a valuable defense tool.I like the thinking here.The more tools in the defence arsenal the better.

WSA-C 8.0.8.88

adblock plus IE all other browsers ublock origin
Windows 8.1 Pro X64

Always have a BACKUP plan!