Improving Unicode Attacks With Deep Learning

Explore how deep learning and transfer learning can enhance unicode character-based attacks in this 46-minute conference talk from the Hack In The Box Security Conference. Discover the process of creating an optimal dictionary of confusables using a VGG16 model, enabling the development of sophisticated offensive tools and new application testing procedures. Examine the limitations of countermeasures for unicode encoding attacks, including methods to bypass punycode. Learn about inadequate validation in popular applications such as WhatsApp, Signal, Telegram, Skype, OpenOffice, and plagiarism detection software. Gain insights into the upcoming release of the Deepconfusables tool and the associated dictionary of unicode confusables.