Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
DIMVA
2011
2011
Escape from Monkey Island: Evading High-Interaction Honeyclients
Abstract. High-interaction honeyclients are the tools of choice to detect malicious web pages that launch drive-by-download attacks. Unfortunately, the approach used by these tools, which, in most cases, is to identify the side-effects of a successful attack rather than the attack itself, leaves open the possibility for malicious pages to perform evasion techniques that allow one to execute an attack without detection or to behave in a benign way when being analyzed. In this paper, we examine the security model that high-interaction honeyclients use and evaluate their weaknesses in practice. We introduce and discuss a number of possible attacks, and we test them against several popular, well-known highinteraction honeyclients. Our attacks evade the detection of these tools, while successfully attacking regular visitors of malicious web pages.
Real-time Traffic| Added | 27 Aug 2011 |
| Updated | 27 Aug 2011 |
| Type | Journal |
| Year | 2011 |
| Where | DIMVA |
| Authors | Alexandros Kapravelos, Marco Cova, Christopher Kruegel, Giovanni Vigna |
Comments (0)
Researcher Info
|
