A honeymonkey is a computer or a virtual PC that actively mimics the actions of a user surfing the Web. A series of "monkey programs," which drive a browser in a manner similar to that of a human user, run on virtual machines in order to detect exploit sites. The browsers can be configured to run with fully updated software, or without specific updates in order to look for exploit sites that target specific vulnerabilities. In this manner, the attacks more likely to impact customers can be analyzed and detected.
The Strider HoneyMonkey Exploit Detection System, is a codename for a Microsoft Research project which permits investigators to detect and analyze Web sites hosting malicious code in particular, code that exploits browser vulnerabilities. At each Web site identified by Strider HoneyMonkey, however, follow-up work is required to identify what kind of exploit exists and how it operates.
[Source: Microsoft Research]
Featured Partners Sponsored
- Increase worker productivity, enhance data security, and enjoy greater energy savings. Find out how. Download the “Ultimate Desktop Simplicity Kit” now.»
- Find out which 10 hardware additions will help you maintain excellent service and outstanding security for you and your customers. »
- Server virtualization is growing in popularity, but the technology for securing it lags. To protect your virtual network.»
- Before you implement a private cloud, find out what you need to know about automated delivery, virtual sprawl, and more. »