Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ICICS
2007
Springer
2007
Springer
Collecting Autonomous Spreading Malware Using High-Interaction Honeypots
Autonomous spreading malware in the form of worms or bots has become a severe threat in today’s Internet. Collecting the sample as early as possible is a necessary precondition for the further treatment of the spreading malware, e.g., to develop antivirus signatures. In this paper, we present an integrated toolkit called HoneyBow, which is able to collect autonomous spreading malware in an automated manner using high-interaction honeypots. Compared to low-interaction honeypots, HoneyBow has several advantages due to a wider range of captured samples and the capability of collecting malware which propagates by exploiting new vulnerabilities. We validate the properties of HoneyBow with experimental data collected during a period of about nine months, in which we collected thousands of malware binaries. Furthermore, we demonstrate the capability of collecting new malware via a case study of a certain bot.
Real-time Traffic| Added | 08 Jun 2010 |
| Updated | 08 Jun 2010 |
| Type | Conference |
| Year | 2007 |
| Where | ICICS |
| Authors | Jianwei Zhuge, Thorsten Holz, Xinhui Han, Chengyu Song, Wei Zou |
Comments (0)
Researcher Info
|
