Home » Story links » Param's story links

Presentation on Client-Side Honeypots

Link: http://honeyblog.org/junkyard/reports/diploma-CHP.pdf
Points: 741 views User: Param Comments: 0 Comments Tag:

The basic idea of this thesis is to combine a component that drives Internet Explorer or other client-side applications (Word, PowerPoint, Winamp, Photoshop, ...) with CWSandbox. CWSandbox monitors the application in real-time and detects suspicious activities like creation of files, new processes, new registry keys, or similar activities. That way, information about client-side exploits can be captured - something that is not possible with regular, server-based honeypots.


Email: Email this Story to a Friend

Post new comment

  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <h1> <quote> <img>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Copy the characters (respecting upper/lower case) from the image.