Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Weaponizing Neural Networks. In your browser!

39 views

Published on

Andrei Cotaie and Tiberiu Boros in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.

The slides and other presentations can be found on https://def.camp/archive

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Weaponizing Neural Networks. In your browser!

  1. 1. Weaponizing Neural Networks <html>In your browser!</html> <p>Andrei Cotaie – Senior Security Engineer</p> <p>Tiberiu Boros - Computer Scientist</p> Or how to abuse neural networks in learning stupid stuff !
  2. 2. The opinions and views expressed in this presentation are based on our independent research and does not relate on our employer. The research presented in this presentation should only be used for educational purposes.
  3. 3. Do we trust machine learning ? Where are we going? Where do we come from? What are we?
  4. 4. Generative models • Handwriting • Audio • Video • Probably, you already saw the DeepFake Videos :D ;)
  5. 5. What we're going to talk about • JavaScript • Machine Learning • Neural networks • Hiding intelligence (overfitting) • Training of a NN • Executing NN in HTML pages • Reverse Engineering the NN JSON/JS • Natural and Embedded AntiForensic
  6. 6. A .js world Into the Browser: JavaScript is used by 94.9% of all the websites Out of the browser: Wscript.exe, Cscript.exe, node, jsc, rhino etc JS desktop applications frameworks: Electron
  7. 7. .js security concerns • Bad coding • XSS / CSRF • Authentication issues • Server-side Code injection • Vulnerable servers / Fake services • Exploit kits • Watering Holes • Droppers • Recon • MINING • Click Fraud • Third party compromise (British Airways hack)
  8. 8. .js obfuscation... • The GOOD, The BAD and The UGLY • Obfuscation != Encryption HOW TO obfuscate your life: • Dead Code insertion • Subroutine reordering • Code transposition • Instruction substitution • Code integration • Register reassignment
  9. 9. ML: Encoding, Encryption or Compression of data ?
  10. 10. ML to the !“rescue” • This is a single Long-Short- Term Memory Cell • It "learns" what it needs to "remember"
  11. 11. ML Overfitting Training set Test set Cats, obviously! What it sees
  12. 12. ML Libraries for JS • brain.js (Neural Networks) • Synaptic (Neural Networks) • Natural (Natural Language Processing) • ConvNetJS (Convolutional Neural Networks) • mljs (A set of sub-libraries with a variety of functions) • Neataptic (Neural Networks) • Webdnn (Deep Learning) • Tensorflow (google project)
  13. 13. .JS+ ML + PAYLOAD + HTML = </LOVE> Whole lotta love...
  14. 14. What is the definition of insanity ?
  15. 15. Demo 1. Let's start simple
  16. 16. One step back. Analyzing the NN itself
  17. 17. You don't like eval ? • document.body.appendChild • document.parentNode.insertBefore • document.write • $.load()
  18. 18. Demo 2. Any Request ?
  19. 19. Demo 3. POSTs ?
  20. 20. Debugging the JS
  21. 21. Antiforensic • Maybe delete or undefine the variables/objects ? (delete OR unset) • And maybe more legit cover channels might help • Make sure transitions between NN calls are made untraceable. Add some intelligence to that ?
  22. 22. Demo 4. Oops I Slacked it again
  23. 23. Take away • Do IT yourself! You can Float too! (using any ML package) • Statically reverting input data is almost impossible using just the latent representations • Whenever great minds create something innovative, lazy evil minds will abuse it • Do we trust neural networks to run in our browsers?
  24. 24. Q&A ?
  25. 25. Btw, fun fact!

×