Using Bayesian Classifiers to Detect Fuzzing

Tim Bass
Sun, 04 Nov 2007 10:34:48 +0000
Fuzzing, from a securityperspective, is when an automatedprogram searchesfor ITvulnerabilities by sending random input to an application.** Fuzzers aresometimes referred to as fault injector andare used by hackers tofind buffer overflows and otherapplication flawssuch as SQL injection, XSS, and format string vulnerabilities.
In the past few years fuzzing is being increasing used by criminals to search for on-line vulnerabilities that can be exploited; and for this reason, fuzzing is a serious threat to ecommerce and other online business applications.
How would an organization detect fuzzing?
Bayesian classifiers are used to detect spam, denial of service attacks, fraud, and other complex data sets; so it makes perfect sense to use Bayesian techniques to detect fuzzing.
However, I have searched the network have not yet found an implementation of a Bayesian classifier specificallyto detect fuzzing in*real-time.
If anyone knows of a (Java-based) Bayesian classifer that would be a good starting point for the real-time detection of fuzzing, please let me know.* Thanks!

Source...