ShirazOnline Netsa
نمایش نتایج: از شماره 1 تا 1 , از مجموع 1

موضوع: What Is Strider “HoneyMonkey”?

  1. #1
    RezaBehroozi admin آواتار ها
    تاریخ عضویت
    Jan 1970
    محل سکونت
    نوشته ها
    تشکرها / پسندها

    پیش فرض What Is Strider “HoneyMonkey”?

    What Is Strider “HoneyMonkey”?

    The development of an important new research technology permitting investigators to detect and analyze Web sites hosting malicious code—in particular, code that exploits browser vulnerabilities—was presented this week by Microsoft Research in a technical report and a subsequent presentation during the USENIX Security Symposium.
    The Strider HoneyMonkey Exploit Detection System, as the research project is code-named, was created to help detect attacks that use Web servers to exploit unpatched browser vulnerabilities and install malware on the PCs of unsuspecting users. Such attacks have become one of the most vexing issues confronting Internet security experts.
    Through their work, Strider HoneyMonkey’s creators, [فقط اعضا می توانند لینک ها را مشاهده کنند برای ثبت نام اینجا را کلیک کنید], [فقط اعضا می توانند لینک ها را مشاهده کنند برای ثبت نام اینجا را کلیک کنید], Xuxian Jiang, and Roussi Roussev, have introduced the concept of an Automated Web Patrol, designed to streamline the process of monitoring malicious Web sites to protect Internet users.
    A traditional method of inspecting attacks against computers has been to provide a “honeypot” server on the Internet. Such servers are intended to provide information about attackers by presenting themselves as targets.
    Manual analyses of exploit sites often provide useful, detailed information about which vulnerabilities are exploited and which malware programs are installed. But such analyses do not provide a big-picture view of the problem.
    The Strider HoneyMonkey project takes the static concept of a honeypot in a new direction. A “honeymonkey” is a computer or a virtual PC that actively mimics the actions of a user surfing the Web. A series of “monkey programs,” which drive a browser in a manner similar to that of a human user, run on virtual machines in order to detect exploit sites. The browsers can be configured to run with fully updated software, or without specific updates in order to look for exploit sites that target specific vulnerabilities. In this manner, the attacks more likely to impact customers can be analyzed and detected.
    At each Web site identified by Strider HoneyMonkey, however, follow-up work is required to identify what kind of exploit exists and how it operates. And much more work is needed to verify and understand the exploit vector.
    Microsoft’s Internet Safety Enforcement (ISE) Team, which investigates and pursues cybercriminals such as spammers and phishers across the globe, has begun to work with the Strider HoneyMonkey tool and is evaluating the resulting data for potential enforcement use. This includes ISE Team members using Strider HoneyMonkey data to assist in identifying persons responsible for distributing spyware in contravention of various laws.
    The Strider HoneyMonkey project can provide the Microsoft Security Response Center (MSRC) with information should exploitation of a new vulnerability occur. Such information already has enabled the MSRC to provide customers with a security advisory and a follow-up security bulletin.
    Because Strider HoneyMonkey is a Microsoft Research project designed to help provide Microsoft with information about attacks and the general ecosystem of the Internet, there are no current plans to provide this technology as a product, Instead, the project provides the MSRC with another technology in its ongoing work to protect customers.
    Microsoft considers the security of customers’ computers and networks a top priority and remains committed to building software and services that will protect customers and the industry. Microsoft’s efforts to address security are focused on innovation, prescriptive guidance, and industry partnership, and the company is investing in new solutions to security issues.
    Microsoft Research is actively exploring such new approaches, and the Strider HoneyMonkey project is just one example of the kind of innovative thinking that will help protect Microsoft customers.

  2. # ADS
    Circuit advertisement
    تاریخ عضویت
    محل سکونت
    Advertising world
    نوشته ها

اطلاعات موضوع

کاربرانی که در حال مشاهده این موضوع هستند

در حال حاضر 1 کاربر در حال مشاهده این موضوع است. (0 کاربران و 1 مهمان ها)

علاقه مندی ها (Bookmarks)

علاقه مندی ها (Bookmarks)

مجوز های ارسال و ویرایش

  • شما نمیتوانید موضوع جدیدی ارسال کنید
  • شما امکان ارسال پاسخ را ندارید
  • شما نمیتوانید فایل پیوست کنید.
  • شما نمیتوانید پست های خود را ویرایش کنید