Evasion-Resilient Detection of DNS-Over-HTTPS Data Exfiltration: A Practical Evaluation and Toolkit

The purpose of this project is to assess how well defenders can detect DNS-over-HTTPS DoH file exfiltration, and which evasion strategies can be used by attackers. While providing a reproducible toolkit to generate, intercept and analyze DoH exfiltration, and comparing Machine Learning vs...

EUVD-2007-2726

Malware in sbrugna...

EUVD-2021-32108

Malicious code in bioql PyPI...

A Practical Adversarial Attack against Sequence-Based Deep Learning Malware Classifiers

Sequence-based deep learning models e.g., RNNs, can detect malware by analyzing its behavioral sequences. Meanwhile, these models are susceptible to adversarial attacks. Attackers can create adversarial samples that alter the sequence characteristics of behavior sequences to deceive malware...

ISS Security Alert: Multiple Vendor IDS Unicode Bypass Vulnerability

Internet Security Systems Security Alert September 5, 2001 Multiple Vendor IDS Unicode Bypass Vulnerability Synopsis: ISS X-Force is aware of a vulnerability in many commercial and open- source IDS Intrusion Detection System products that may allow attackers to evade detection. Microsoft Web serv...