Natural Language Shellcode
Nice:
In this paper we revisit the assumption that shellcode need be fundamentally different in structure than non-executable data. Specifically, we elucidate how one can use natural language generation techniques to produce shellcode that is superficially similar to English prose. We argue that this new development poses significant challenges for inline payloadbased inspection (and emulation) as a defensive measure, and also highlights the need for designing more efficient techniques for preventing shellcode injection attacks altogether.
GreenSquirrel • March 25, 2010 8:00 AM
Interesting if hard (for me anyway) to follow at times.
I am unconvinced by their conclusion though. It doesnt seem to “conclude” anything from the material before it it just states an introduction.
However, my (weak, as mentioned) understanding of the paper supports the idea that there are significant challenges for inline inspection and there is a need for more efficient prevention techniques.
I just wish it had been written a touch better.