Title :
Collecting Internet Malware Based on Client-side Honeypot
Author :
Sun, Xiaoyan ; Wang, Yang ; Ren, Jie ; Zhu, Yuefei ; Liu, Shengli
Author_Institution :
Zhengzhou Inf. Sci. & Technol. Inst., Zhengzhou
Abstract :
With the improvement of software security, attacks based on RPC vulnerabilities declined, however, attacks based on client application software vulnerabilities have increased. Such client application software includes Web browsers, email client and office. The spread of malware using these software vulnerabilities has become a severe threat to todaypsilas Internet. In allusion to this kind of threat, this paper designed an Internet malware collecting system based on client-side honeypot. This system can not only collect malware but also detect malicious Web site. It uses a unique network crawler based on client-side attack techniques to collect source of URL, and it collects URL and attachments from emails, then it creates software processes to open URL or files, and uses a device-drive monitor to detect malicious behaviors. It gives an alarm and locates the malicious file, and sends the malware coming through the Internet to the collecting server. We introduce the design and implement of this system and give the results.
Keywords :
Internet; device drivers; invasive software; system monitoring; Internet malware collecting system; RPC; Web browser; client-side honeypot; device-drive monitor; email client; malicious Web site detection; network crawler; software security; Application software; Crawlers; Electronic mail; File servers; Internet; Monitoring; Open source software; Security; Uniform resource locators; Web server; Malware; client-side honeypot; crawler; device-drive monitor;
Conference_Titel :
Young Computer Scientists, 2008. ICYCS 2008. The 9th International Conference for
Conference_Location :
Hunan
Print_ISBN :
978-0-7695-3398-8
Electronic_ISBN :
978-0-7695-3398-8
DOI :
10.1109/ICYCS.2008.257
