Detecting Malicious Web Servers with Honeyclients
|
| Title | Detecting Malicious Web Servers with Honeyclients |
| Authors | |
| Abstract | Using malicious sites to launch attacks against client user applications is a growing threat in recent years. This led to emergence of new technologies to counter and detect attacks against end user. One of these technologies is honeyclient (aka client honeypot). Honeyclients crawl the Internet to find and identify web servers that exploit client-side vulnerabilities. In this paper, we address honeyclients by studying and analyzing low-interaction and high-interaction honeyclients. We introduce a comparison attributes to evaluate honeyclients by comparing between the two types. Moreover, we present techniques can be used by malicious websites to evade and fingerprint honeyclients, and we make recommendations to overcome these evasion techniques. By analyzing characteristics of honeyclients, we introduce factors to define and measure honeyclients effectiveness. |
| Publisher | ACADEMY PUBLISHER |
| Date | 2011-01-01 |
| Source | Journal of Networks Vol 6, No 1 (2011): Special Issue: Selected Papers of the IEEE International Conference on Computer |
| Rights | Copyright © ACADEMY PUBLISHER - All Rights Reserved.To request permission, please check out URL: http://www.academypublisher.com/copyrightpermission.html. |