Ex-Google, Mozilla bods to outwit EVIL BOTS with 'polymorphic' defence

  • 22 January 2014
  • 1 reply
  • 1573 views

Userlevel 7
Badge +54
ShapeShifter will see off automated attacks on websites

Startup Shape Security is re-appropriating a favourite tactic of malware writers in developing a technology to protect websites against automated hacking attacks.

Trojan authors commonly obfuscate their code to frustrate reverse engineers at security firms. The former staffers from Google, VMWare and Mozilla (among others) have created a network security appliance which takes a similar approach (dubbed real-time polymorphism) towards defending websites against breaches - by hobbling the capability of malware, bots, and other scripted attacks to interact with web applications.

Polymorphic code was originally used by malicious software to rewrite its own code every time a new machine was infected. Shape has invented patent-pending technology that is able to implement "real-time polymorphism" - or dynamically changing code - on any website. By doing this, it removes the static elements which botnets and malware depend on for their attacks.

How it works

When a ShapeShifter appliance protects a website, instead of encountering an application with fixed elements that are trivial to program an attack against, cybercriminals now face the difficult task of getting their malware to interact with a web app that is a moving target, constantly rewriting itself. This is done while keeping all of the user interaction functionality intact for legitimate users. And it works better than earlier approaches such as IP reputation or throttling, the pitch goes.
 
Full Article

1 reply

Userlevel 7
Badge +13
I find the polymorphic defense approach quite interesting and think it will prove to be a valuable defense tool.I like the thinking here.The more tools in the defence arsenal the better.

Reply