HoneyBABES: Medium-interaction honeybrowser for malware gathering and analysis
Malware exponentially increases in complexity and in number through propagation via the web. These malware uses websites to exploit the end users. Addressing the propagation of malware via the web is done specifically through the detection of data or files being transferred from the Server to the cl...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Animo Repository
2013
|
| Subjects: | |
| Online Access: | https://animorepository.dlsu.edu.ph/etd_bachelors/17848 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | De La Salle University |
| Language: | English |
| Summary: | Malware exponentially increases in complexity and in number through propagation via the web. These malware uses websites to exploit the end users. Addressing the propagation of malware via the web is done specifically through the detection of data or files being transferred from the Server to the client in order to prevent the exploitation occurring. There are several tools for malware detection and prevention. One of the tools that can be used is a honeypot. A honeypot is a security technology that provides organizations with a way to catch malware of attackers by studying the malwares or attackers behavior through logs. The trend today suggests the use of hybrid honeypot systems as most effective in malware detection and prevention. Honeypots tend to be too heavy in terms of resources, gather too much data that cannot be turned into information, and sit-around waiting for malware to come wasting more resources. A sandbox is incorporated into the honeypot to alleviate issues concerning resources. The HoneyBABES is a honeybrowser, a web browser client honeypot that utilizes a sanbox for isolation and monitoring. It also utilizes a web crawler to address its passive state and filtering mechanisms to keep pertinent information needed for research. These information are the malware data used during analysis which may done manually or automatically. |
|---|