Title :
Client honeypots: Approaches and challenges
Author :
Qassrawi, Mahmoud T. ; Zhang, HongLi
Author_Institution :
Sch. of Comput. Sci. & Technol., Harbin Inst. of Technol., Harbin, China
Abstract :
In recent years, client user has become the main target for attacks, as the adversary believe that the end user is the weakest link in the security chain. Traditional honeypots and security tools are not effective against these new attacks. Therefore, client honeypot has appeared as new technology to supplement the existing protection tools. Client honeypot is a honeypot actively searches for malicious sites on the web. In this paper, we will show and analyze the main approaches used by client honeypots to detect client-side attacks. We will also address how attacker can evade and hide from client honeypots. Moreover, we discuss and analyze various issues relates to client honeypot: detection problems, invisibility of honeypots, and integrity issues. By analyzing characteristics of client honeypots, we will introduce factors to define and measure client honeypots effectiveness.
Keywords :
Internet; invasive software; Web; client honeypots; client-side attacks; malicious sites; malware; protection tools; security chain; Computer crime; Computer science; Control systems; Electronic mail; Face detection; Intrusion detection; Protection; Streaming media; Target tracking; Web pages; 0day Attacks; Client Honeypots; Client-Side Attacks; False Negative; False Positve; Honeypots; Malwar; Obfuscation;
Conference_Titel :
New Trends in Information Science and Service Science (NISS), 2010 4th International Conference on
Conference_Location :
Gyeongju
Print_ISBN :
978-1-4244-6982-6
Electronic_ISBN :
978-89-88678-17-6
