Weaponizing Neural Networks. In your browser!

DefCamp
DefCampDefCamp
Weaponizing Neural Networks <html>In your browser!</html> <p>Andrei Cotaie – Senior Security Engineer</p> <p>Tiberiu Boros - Computer Scientist</p> Or how to abuse neural networks in learning stupid stuff !
The opinions and views expressed in this presentation are based on our independent research and does not relate on our employer. The research presented in this presentation should only be used for educational purposes.
Do we trust machine learning ? Where are we going? Where do we come from? What are we?
Generative models • Handwriting • Audio • Video • Probably, you already saw the DeepFake Videos :D ;)
What we're going to talk about • JavaScript • Machine Learning • Neural networks • Hiding intelligence (overfitting) • Training of a NN • Executing NN in HTML pages • Reverse Engineering the NN JSON/JS • Natural and Embedded AntiForensic
A .js world Into the Browser: JavaScript is used by 94.9% of all the websites Out of the browser: Wscript.exe, Cscript.exe, node, jsc, rhino etc JS desktop applications frameworks: Electron
.js security concerns • Bad coding • XSS / CSRF • Authentication issues • Server-side Code injection • Vulnerable servers / Fake services • Exploit kits • Watering Holes • Droppers • Recon • MINING • Click Fraud • Third party compromise (British Airways hack)
.js obfuscation... • The GOOD, The BAD and The UGLY • Obfuscation != Encryption HOW TO obfuscate your life: • Dead Code insertion • Subroutine reordering • Code transposition • Instruction substitution • Code integration • Register reassignment
ML: Encoding, Encryption or Compression of data ?
ML to the !“rescue” • This is a single Long-Short- Term Memory Cell • It "learns" what it needs to "remember"
ML Overfitting Training set Test set Cats, obviously! What it sees
ML Libraries for JS • brain.js (Neural Networks) • Synaptic (Neural Networks) • Natural (Natural Language Processing) • ConvNetJS (Convolutional Neural Networks) • mljs (A set of sub-libraries with a variety of functions) • Neataptic (Neural Networks) • Webdnn (Deep Learning) • Tensorflow (google project)
.JS+ ML + PAYLOAD + HTML = </LOVE> Whole lotta love...
What is the definition of insanity ?
Weaponizing Neural Networks. In your browser!
Demo 1. Let's start simple
Weaponizing Neural Networks. In your browser!
One step back. Analyzing the NN itself
Weaponizing Neural Networks. In your browser!
Weaponizing Neural Networks. In your browser!
You don't like eval ? • document.body.appendChild • document.parentNode.insertBefore • document.write • $.load()
Weaponizing Neural Networks. In your browser!
Demo 2. Any Request ?
Weaponizing Neural Networks. In your browser!
Weaponizing Neural Networks. In your browser!
Demo 3. POSTs ?
Weaponizing Neural Networks. In your browser!
Weaponizing Neural Networks. In your browser!
Weaponizing Neural Networks. In your browser!
Debugging the JS
Weaponizing Neural Networks. In your browser!
Antiforensic • Maybe delete or undefine the variables/objects ? (delete OR unset) • And maybe more legit cover channels might help • Make sure transitions between NN calls are made untraceable. Add some intelligence to that ?
Weaponizing Neural Networks. In your browser!
Demo 4. Oops I Slacked it again
Weaponizing Neural Networks. In your browser!
Take away • Do IT yourself! You can Float too! (using any ML package) • Statically reverting input data is almost impossible using just the latent representations • Whenever great minds create something innovative, lazy evil minds will abuse it • Do we trust neural networks to run in our browsers?
Q&A ?
Btw, fun fact!
1 of 38

Weaponizing Neural Networks. In your browser!

Download to read offline
Technology

Andrei Cotaie and Tiberiu Boros in Bucharest, Romania on November 8-9th 2018 at DefCamp #9. The slides and other presentations can be found on https://def.camp/archive

DefCamp
DefCampDefCamp

Recommended

Understanding deep learning by
Understanding deep learningUnderstanding deep learning
Understanding deep learningDr. Stylianos Kampakis
2.7K views39 slides
Introduction to deep learning by
Introduction to deep learningIntroduction to deep learning
Introduction to deep learningdoppenhe
782 views54 slides
Don't Start from Scratch: Transfer Learning for Novel Computer Vision Problem... by
Don't Start from Scratch: Transfer Learning for Novel Computer Vision Problem...Don't Start from Scratch: Transfer Learning for Novel Computer Vision Problem...
Don't Start from Scratch: Transfer Learning for Novel Computer Vision Problem...StampedeCon
392 views39 slides
Deep Learning as a Cat/Dog Detector by
Deep Learning as a Cat/Dog DetectorDeep Learning as a Cat/Dog Detector
Deep Learning as a Cat/Dog DetectorRoelof Pieters
36.4K views68 slides
Introduction to Deep Learning by
Introduction to Deep LearningIntroduction to Deep Learning
Introduction to Deep LearningOleg Mygryn
574 views24 slides
Deep Learning with Microsoft R Open by
Deep Learning with Microsoft R OpenDeep Learning with Microsoft R Open
Deep Learning with Microsoft R OpenPoo Kuan Hoong
413 views28 slides

More Related Content

Similar to Weaponizing Neural Networks. In your browser!

Promises of Deep Learning by
Promises of Deep LearningPromises of Deep Learning
Promises of Deep LearningDavid Khosid
2K views47 slides
Introduction to deep learning by
Introduction to deep learningIntroduction to deep learning
Introduction to deep learningAmr Rashed
362 views68 slides
Synthetic dialogue generation with Deep Learning by
Synthetic dialogue generation with Deep LearningSynthetic dialogue generation with Deep Learning
Synthetic dialogue generation with Deep LearningS N
778 views44 slides
Time Series Anomaly Detection with Azure and .NETT by
Time Series Anomaly Detection with Azure and .NETTTime Series Anomaly Detection with Azure and .NETT
Time Series Anomaly Detection with Azure and .NETTMarco Parenzan
138 views38 slides
Testing for the deeplearning folks by
Testing for the deeplearning folksTesting for the deeplearning folks
Testing for the deeplearning folksVishwas N
99 views46 slides
Build a Neural Network for ITSM with TensorFlow by
Build a Neural Network for ITSM with TensorFlowBuild a Neural Network for ITSM with TensorFlow
Build a Neural Network for ITSM with TensorFlowEntrepreneur / Startup
1.3K views46 slides

Similar to Weaponizing Neural Networks. In your browser!(20)

Promises of Deep Learning by David Khosid
Promises of Deep LearningPromises of Deep Learning
Promises of Deep Learning
David Khosid2K views
Introduction to deep learning by Amr Rashed
Introduction to deep learningIntroduction to deep learning
Introduction to deep learning
Amr Rashed362 views
Synthetic dialogue generation with Deep Learning by S N
Synthetic dialogue generation with Deep LearningSynthetic dialogue generation with Deep Learning
Synthetic dialogue generation with Deep Learning
S N778 views
Time Series Anomaly Detection with Azure and .NETT by Marco Parenzan
Time Series Anomaly Detection with Azure and .NETTTime Series Anomaly Detection with Azure and .NETT
Time Series Anomaly Detection with Azure and .NETT
Marco Parenzan138 views
Testing for the deeplearning folks by Vishwas N
Testing for the deeplearning folksTesting for the deeplearning folks
Testing for the deeplearning folks
Vishwas N99 views
Build a Neural Network for ITSM with TensorFlow by Entrepreneur / Startup
Build a Neural Network for ITSM with TensorFlowBuild a Neural Network for ITSM with TensorFlow
Build a Neural Network for ITSM with TensorFlow
Entrepreneur / Startup1.3K views
AI Deep Learning - CF Machine Learning by Karl Seiler
AI Deep Learning - CF Machine LearningAI Deep Learning - CF Machine Learning
AI Deep Learning - CF Machine Learning
Karl Seiler709 views
Deep Learning, an interactive introduction for NLP-ers by Roelof Pieters
Deep Learning, an interactive introduction for NLP-ersDeep Learning, an interactive introduction for NLP-ers
Deep Learning, an interactive introduction for NLP-ers
Roelof Pieters13.7K views
Deep Learning on Qubole Data Platform by Shivaji Dutta
Deep Learning on Qubole Data PlatformDeep Learning on Qubole Data Platform
Deep Learning on Qubole Data Platform
Shivaji Dutta787 views
Introduction of Deep Learning by Myungjin Lee
Introduction of Deep LearningIntroduction of Deep Learning
Introduction of Deep Learning
Myungjin Lee6K views
Cyber Security Workshop Presentation.pptx by YashSomalkar
Cyber Security Workshop Presentation.pptxCyber Security Workshop Presentation.pptx
Cyber Security Workshop Presentation.pptx
YashSomalkar325 views
AI on the Edge by Jared Rhodes
AI on the EdgeAI on the Edge
AI on the Edge
Jared Rhodes333 views
Deep learning introduction by Adwait Bhave
Deep learning introductionDeep learning introduction
Deep learning introduction
Adwait Bhave382 views
Persian MNIST in 5 Minutes by Shahriar Yazdipour
Persian MNIST in 5 MinutesPersian MNIST in 5 Minutes
Persian MNIST in 5 Minutes
Shahriar Yazdipour502 views
2014 manchester-reproducibility by c.titus.brown
2014 manchester-reproducibility2014 manchester-reproducibility
2014 manchester-reproducibility
c.titus.brown2.6K views
Deep learning with tensorflow by Charmi Chokshi
Deep learning with tensorflowDeep learning with tensorflow
Deep learning with tensorflow
Charmi Chokshi1.5K views
NLP and Deep Learning for non_experts by Sanghamitra Deb
NLP and Deep Learning for non_expertsNLP and Deep Learning for non_experts
NLP and Deep Learning for non_experts
Sanghamitra Deb296 views
Vulnerability, exploit to metasploit by Tiago Henriques
Vulnerability, exploit to metasploitVulnerability, exploit to metasploit
Vulnerability, exploit to metasploit
Tiago Henriques2.6K views
Programming Languages #devcon2013 by Iván Montes
Programming Languages #devcon2013Programming Languages #devcon2013
Programming Languages #devcon2013
Iván Montes1.2K views
NanoSec Conference 2019: Malware Classification Using Deep Learning - Mohd Sh... by Hafez Kamal
NanoSec Conference 2019: Malware Classification Using Deep Learning - Mohd Sh...NanoSec Conference 2019: Malware Classification Using Deep Learning - Mohd Sh...
NanoSec Conference 2019: Malware Classification Using Deep Learning - Mohd Sh...
Hafez Kamal169 views

More from DefCamp

Remote Yacht Hacking by
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht HackingDefCamp
1.7K views89 slides
Mobile, IoT, Clouds… It’s time to hire your own risk manager! by
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!DefCamp
974 views167 slides
The Charter of Trust by
The Charter of TrustThe Charter of Trust
The Charter of TrustDefCamp
558 views24 slides
Internet Balkanization: Why Are We Raising Borders Online? by
Internet Balkanization: Why Are We Raising Borders Online?Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?DefCamp
309 views22 slides
Bridging the gap between CyberSecurity R&D and UX by
Bridging the gap between CyberSecurity R&D and UXBridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UXDefCamp
260 views13 slides
Secure and privacy-preserving data transmission and processing using homomorp... by
Secure and privacy-preserving data transmission and processing using homomorp...Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...DefCamp
470 views102 slides

More from DefCamp(20)

Remote Yacht Hacking by DefCamp
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht Hacking
DefCamp1.7K views
Mobile, IoT, Clouds… It’s time to hire your own risk manager! by DefCamp
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
DefCamp974 views
The Charter of Trust by DefCamp
The Charter of TrustThe Charter of Trust
The Charter of Trust
DefCamp558 views
Internet Balkanization: Why Are We Raising Borders Online? by DefCamp
Internet Balkanization: Why Are We Raising Borders Online?Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?
DefCamp309 views
Bridging the gap between CyberSecurity R&D and UX by DefCamp
Bridging the gap between CyberSecurity R&D and UXBridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UX
DefCamp260 views
Secure and privacy-preserving data transmission and processing using homomorp... by DefCamp
Secure and privacy-preserving data transmission and processing using homomorp...Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...
DefCamp470 views
Drupalgeddon 2 – Yet Another Weapon for the Attacker by DefCamp
Drupalgeddon 2 – Yet Another Weapon for the AttackerDrupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the Attacker
DefCamp269 views
Economical Denial of Sustainability in the Cloud (EDOS) by DefCamp
Economical Denial of Sustainability in the Cloud (EDOS)Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)
DefCamp254 views
Trust, but verify – Bypassing MFA by DefCamp
Trust, but verify – Bypassing MFATrust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFA
DefCamp323 views
Threat Hunting: From Platitudes to Practical Application by DefCamp
Threat Hunting: From Platitudes to Practical ApplicationThreat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical Application
DefCamp218 views
Building application security with 0 money down by DefCamp
Building application security with 0 money downBuilding application security with 0 money down
Building application security with 0 money down
DefCamp179 views
Implementation of information security techniques on modern android based Kio... by DefCamp
Implementation of information security techniques on modern android based Kio...Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...
DefCamp215 views
Lattice based Merkle for post-quantum epoch by DefCamp
Lattice based Merkle for post-quantum epochLattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epoch
DefCamp241 views
The challenge of building a secure and safe digital environment in healthcare by DefCamp
The challenge of building a secure and safe digital environment in healthcareThe challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcare
DefCamp323 views
Timing attacks against web applications: Are they still practical? by DefCamp
Timing attacks against web applications: Are they still practical?Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?
DefCamp258 views
Tor .onions: The Good, The Rotten and The Misconfigured by DefCamp
Tor .onions: The Good, The Rotten and The Misconfigured Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured
DefCamp816 views
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t... by DefCamp
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
DefCamp294 views
We will charge you. How to [b]reach vendor’s network using EV charging station. by DefCamp
We will charge you. How to [b]reach vendor’s network using EV charging station.We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.
DefCamp442 views
Connect & Inspire Cyber Security by DefCamp
Connect & Inspire Cyber SecurityConnect & Inspire Cyber Security
Connect & Inspire Cyber Security
DefCamp290 views
The lions and the watering hole by DefCamp
The lions and the watering holeThe lions and the watering hole
The lions and the watering hole
DefCamp225 views

Recently uploaded

.conf Go 2023 - Data analysis as a routine by
.conf Go 2023 - Data analysis as a routine.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routineSplunk
93 views12 slides
DALI Basics Course 2023 by
DALI Basics Course 2023DALI Basics Course 2023
DALI Basics Course 2023Ivory Egg
14 views12 slides
Combining Orchestration and Choreography for a Clean Architecture by
Combining Orchestration and Choreography for a Clean ArchitectureCombining Orchestration and Choreography for a Clean Architecture
Combining Orchestration and Choreography for a Clean ArchitectureThomasHeinrichs1
69 views24 slides
Report 2030 Digital Decade by
Report 2030 Digital DecadeReport 2030 Digital Decade
Report 2030 Digital DecadeMassimo Talia
14 views41 slides
SAP Automation Using Bar Code and FIORI.pdf by
SAP Automation Using Bar Code and FIORI.pdfSAP Automation Using Bar Code and FIORI.pdf
SAP Automation Using Bar Code and FIORI.pdfVirendra Rai, PMP
19 views38 slides
Digital Product-Centric Enterprise and Enterprise Architecture - Tan Eng Tsze by
Digital Product-Centric Enterprise and Enterprise Architecture - Tan Eng TszeDigital Product-Centric Enterprise and Enterprise Architecture - Tan Eng Tsze
Digital Product-Centric Enterprise and Enterprise Architecture - Tan Eng TszeNUS-ISS
19 views47 slides

Recently uploaded(20)

.conf Go 2023 - Data analysis as a routine by Splunk
.conf Go 2023 - Data analysis as a routine.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine
Splunk93 views
DALI Basics Course 2023 by Ivory Egg
DALI Basics Course 2023DALI Basics Course 2023
DALI Basics Course 2023
Ivory Egg14 views
Combining Orchestration and Choreography for a Clean Architecture by ThomasHeinrichs1
Combining Orchestration and Choreography for a Clean ArchitectureCombining Orchestration and Choreography for a Clean Architecture
Combining Orchestration and Choreography for a Clean Architecture
ThomasHeinrichs169 views
Report 2030 Digital Decade by Massimo Talia
Report 2030 Digital DecadeReport 2030 Digital Decade
Report 2030 Digital Decade
Massimo Talia14 views
SAP Automation Using Bar Code and FIORI.pdf by Virendra Rai, PMP
SAP Automation Using Bar Code and FIORI.pdfSAP Automation Using Bar Code and FIORI.pdf
SAP Automation Using Bar Code and FIORI.pdf
Virendra Rai, PMP19 views
Digital Product-Centric Enterprise and Enterprise Architecture - Tan Eng Tsze by NUS-ISS
Digital Product-Centric Enterprise and Enterprise Architecture - Tan Eng TszeDigital Product-Centric Enterprise and Enterprise Architecture - Tan Eng Tsze
Digital Product-Centric Enterprise and Enterprise Architecture - Tan Eng Tsze
NUS-ISS19 views
AMAZON PRODUCT RESEARCH.pdf by JerikkLaureta
AMAZON PRODUCT RESEARCH.pdfAMAZON PRODUCT RESEARCH.pdf
AMAZON PRODUCT RESEARCH.pdf
JerikkLaureta15 views
Igniting Next Level Productivity with AI-Infused Data Integration Workflows by Safe Software
Igniting Next Level Productivity with AI-Infused Data Integration Workflows Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Safe Software225 views
PharoJS - Zürich Smalltalk Group Meetup November 2023 by Noury Bouraqadi
PharoJS - Zürich Smalltalk Group Meetup November 2023PharoJS - Zürich Smalltalk Group Meetup November 2023
PharoJS - Zürich Smalltalk Group Meetup November 2023
Noury Bouraqadi120 views
Beyond the Hype: What Generative AI Means for the Future of Work - Damien Cum... by NUS-ISS
Beyond the Hype: What Generative AI Means for the Future of Work - Damien Cum...Beyond the Hype: What Generative AI Means for the Future of Work - Damien Cum...
Beyond the Hype: What Generative AI Means for the Future of Work - Damien Cum...
NUS-ISS34 views
Architecting CX Measurement Frameworks and Ensuring CX Metrics are fit for Pu... by NUS-ISS
Architecting CX Measurement Frameworks and Ensuring CX Metrics are fit for Pu...Architecting CX Measurement Frameworks and Ensuring CX Metrics are fit for Pu...
Architecting CX Measurement Frameworks and Ensuring CX Metrics are fit for Pu...
NUS-ISS37 views
Perth MeetUp November 2023 by Michael Price
Perth MeetUp November 2023 Perth MeetUp November 2023
Perth MeetUp November 2023
Michael Price15 views
How to reduce cold starts for Java Serverless applications in AWS at JCON Wor... by Vadym Kazulkin
How to reduce cold starts for Java Serverless applications in AWS at JCON Wor...How to reduce cold starts for Java Serverless applications in AWS at JCON Wor...
How to reduce cold starts for Java Serverless applications in AWS at JCON Wor...
Vadym Kazulkin75 views
STPI OctaNE CoE Brochure.pdf by madhurjyapb
STPI OctaNE CoE Brochure.pdfSTPI OctaNE CoE Brochure.pdf
STPI OctaNE CoE Brochure.pdf
madhurjyapb12 views
Emerging & Future Technology - How to Prepare for the Next 10 Years of Radica... by NUS-ISS
Emerging & Future Technology - How to Prepare for the Next 10 Years of Radica...Emerging & Future Technology - How to Prepare for the Next 10 Years of Radica...
Emerging & Future Technology - How to Prepare for the Next 10 Years of Radica...
NUS-ISS16 views
Understanding GenAI/LLM and What is Google Offering - Felix Goh by NUS-ISS
Understanding GenAI/LLM and What is Google Offering - Felix GohUnderstanding GenAI/LLM and What is Google Offering - Felix Goh
Understanding GenAI/LLM and What is Google Offering - Felix Goh
NUS-ISS41 views
Throughput by Moisés Armani Ramírez
ThroughputThroughput
Throughput
Moisés Armani Ramírez36 views
[2023] Putting the R! in R&D.pdf by Eleanor McHugh
[2023] Putting the R! in R&D.pdf[2023] Putting the R! in R&D.pdf
[2023] Putting the R! in R&D.pdf
Eleanor McHugh38 views
handbook for web 3 adoption.pdf by Liveplex
handbook for web 3 adoption.pdfhandbook for web 3 adoption.pdf
handbook for web 3 adoption.pdf
Liveplex19 views
Five Things You SHOULD Know About Postman by Postman
Five Things You SHOULD Know About PostmanFive Things You SHOULD Know About Postman
Five Things You SHOULD Know About Postman
Postman27 views

Weaponizing Neural Networks. In your browser!

  • 1. Weaponizing Neural Networks <html>In your browser!</html> <p>Andrei Cotaie – Senior Security Engineer</p> <p>Tiberiu Boros - Computer Scientist</p> Or how to abuse neural networks in learning stupid stuff !
  • 2. The opinions and views expressed in this presentation are based on our independent research and does not relate on our employer. The research presented in this presentation should only be used for educational purposes.
  • 3. Do we trust machine learning ? Where are we going? Where do we come from? What are we?
  • 4. Generative models • Handwriting • Audio • Video • Probably, you already saw the DeepFake Videos :D ;)
  • 5. What we're going to talk about • JavaScript • Machine Learning • Neural networks • Hiding intelligence (overfitting) • Training of a NN • Executing NN in HTML pages • Reverse Engineering the NN JSON/JS • Natural and Embedded AntiForensic
  • 6. A .js world Into the Browser: JavaScript is used by 94.9% of all the websites Out of the browser: Wscript.exe, Cscript.exe, node, jsc, rhino etc JS desktop applications frameworks: Electron
  • 7. .js security concerns • Bad coding • XSS / CSRF • Authentication issues • Server-side Code injection • Vulnerable servers / Fake services • Exploit kits • Watering Holes • Droppers • Recon • MINING • Click Fraud • Third party compromise (British Airways hack)
  • 8. .js obfuscation... • The GOOD, The BAD and The UGLY • Obfuscation != Encryption HOW TO obfuscate your life: • Dead Code insertion • Subroutine reordering • Code transposition • Instruction substitution • Code integration • Register reassignment
  • 10. ML to the !“rescue” • This is a single Long-Short- Term Memory Cell • It "learns" what it needs to "remember"
  • 11. ML Overfitting Training set Test set Cats, obviously! What it sees
  • 12. ML Libraries for JS • brain.js (Neural Networks) • Synaptic (Neural Networks) • Natural (Natural Language Processing) • ConvNetJS (Convolutional Neural Networks) • mljs (A set of sub-libraries with a variety of functions) • Neataptic (Neural Networks) • Webdnn (Deep Learning) • Tensorflow (google project)
  • 13. .JS+ ML + PAYLOAD + HTML = </LOVE> Whole lotta love...
  • 14. What is the definition of insanity ?
  • 16. Demo 1. Let's start simple
  • 18. One step back. Analyzing the NN itself
  • 21. You don't like eval ? • document.body.appendChild • document.parentNode.insertBefore • document.write • $.load()
  • 23. Demo 2. Any Request ?
  • 32. Antiforensic • Maybe delete or undefine the variables/objects ? (delete OR unset) • And maybe more legit cover channels might help • Make sure transitions between NN calls are made untraceable. Add some intelligence to that ?
  • 36. Take away • Do IT yourself! You can Float too! (using any ML package) • Statically reverting input data is almost impossible using just the latent representations • Whenever great minds create something innovative, lazy evil minds will abuse it • Do we trust neural networks to run in our browsers?
  • 37. Q&A ?