I just read a short article on vnunet.com titled “Hackers use AI to uncover vulnerabilities“. I seriously question this statement:
“Researchers at Secure Computing said that cyber-criminals are exploiting the ability of AI tools to use a methodology referred to as ‘fuzzing’ to test applications for bugs.”
Maybe it is just me but I do not consider fuzzing tools such as Spike or Peach to be Artificial Intelligence. Fuzzing tools grab an input and start throwing data at it hoping for a crash. Some tools do follow proper syntax / protocol when testing applications but many just use a pseudo-random number generator and throw garbage at the application. I just dont see it.
Am I missing something?
–Chris
Technorati Tags: Fuzzing, Secure Computing, Artificial Intelligence, hackers
July 25th, 2006 at 2:05 am
Interesting. I’ll add it to my toolkit.
Thanks for the information!