[langsec-discuss] WYSINWYG - a (mostly) langsec vulnerability category

Will Sargent will.sargent at gmail.com
Tue Dec 2 19:05:00 UTC 2014


On Tuesday, December 2, 2014 at 10:01 AM, travis+ml-langsec at subspacefield.org wrote:
> So what do these attacks have in common?
> 
> TOCTOU
> NIDS evasion (Ptacek's paper)
> IDN homograph attacks
> A/V evasion (e.g. Veil-evasion, executable packers)
> Double encoding (and other encoding attacks)
> Computationally-inequivalent endpoints
> Steganography
> 
> What I've been mulling over, and finally teased out, is that they are
> all related to a general pattern, namely:
> 
> What You See Is Not What You Get
> 
> Where the recognizer/enforcement point does not see the same semantic
> content as the processor.
> 
> 
> 


Would "parse tree differential attack" overlap with this category as well?

http://ieeexplore.ieee.org/xpls/icp.jsp?arnumber=6553401

Will.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.langsec.org/pipermail/langsec-discuss/attachments/20141202/33f6b816/attachment.html>


More information about the langsec-discuss mailing list