Comments on: Language Model Generated Injection Attacks: Cool/Disturbing LingPipe Application http://lingpipe-blog.com/2010/03/09/language-model-generated-injection-attacks-cooldisturbing-lingpipe-application/ Natural Language Processing and Text Analytics Wed, 08 Feb 2012 17:47:08 +0000 hourly 1 http://wordpress.com/ By: Breck http://lingpipe-blog.com/2010/03/09/language-model-generated-injection-attacks-cooldisturbing-lingpipe-application/#comment-6524 Wed, 10 Mar 2010 21:03:31 +0000 http://lingpipe-blog.com/?p=3820#comment-6524 The key to the high quality of the output is that there is a bunch of conditional jump n-bytes commands in ASCII (p through z). Josh said in an email that he would not have even tried the approach without that flexibility. About 40% of the English attack text is being executed.

Josh also said that the filters for the unsophisticated version do not exist currently so there is no reason to go to the English generation step. That is depressing, At least I know if a firewall vendor comes calling about filtering for the simpler attack that more will need to be done.

Cool paper in any case.

]]> By: Dave Lewis http://lingpipe-blog.com/2010/03/09/language-model-generated-injection-attacks-cooldisturbing-lingpipe-application/#comment-6519 Tue, 09 Mar 2010 21:58:01 +0000 http://lingpipe-blog.com/?p=3820#comment-6519 I too wouldn’t have guessed that it was possible to make code look this English-like. The authors suggest that considering syntactic or semantic information might help, but I’m inclined to think that any advances in that direction would be more useful for generating attacks than preventing them. They do finish by saying that the real need is to avoid externally controlled inputs from being executed in the first place. Indeed!

]]>