Marfcat is in the early stages of development and several reports were
submitted late. We did not analyze Marfcat warnings.

Note that we did not include the log files due to their large size.

Below is a brief excerpt of the description (as of Aug 16, 2010) by the
tool author. More details can be found in the README.txt files in the
subdirectories. Note that Marfcat learned from the CVE-selected test
cases.

Note. Marfcat's SATE 2010 results are presented in "The use of machine
learning with signal- and NLP processing of source code to fingerprint,
detect, and classify vulnerabilities and weaknesses with MARFCAT," by
Serguei A. Mokhov, included in the NIST Special Publication 500-283.

I am using signal processing techniques, i.e. presently I do not parse
or otherwise work on a syntax level. I treat the source code as a "signal",
equivalent to binary, where each n-gram (n is 2 presently, i.e. two  
consecutive characters or, more generally, bytes) are used to  
construct a sample amplitude value.

I show the system examples of files with weaknesses and it learns
by computing spectral signatures using signal processing techniques.
When these are applied (e.g. filters, silence/noise removal, other
preprocessing and feature extraction techniques), the line information
is lost as a part of this process. When I test, I compute how similar
or distant each file is from the known trained weakness-laden files.
In part it can approx. be seen as some signature-based antiviruses and IDSes
detect stuff, but with lots of machine learning and signal processing
algorithms with me trying to find out which combination gives me highest
precision and best run-time, but I am looking at the files overall
from above instead of parsing the fine-grained details.

