8/7/2005

Microsoft Unwraps HoneyMonkey Detection Project

Filed under: — By Aviran Mordo @ 2:33 pm

Microsoft has officially lifted the wraps off its Strider HoneyMonkey research project, designed to trawl the dark side of the Internet looking for Web sites hosting malicious code.

Microsoft Corp. released a technical report, available here as a PDF, to introduce the concept of an Automated Web Patrol that uses multiple Windows XP machines, some unpatched and some fully updated, to streamline the process of finding zero-day Web-based exploits.

Yi-Min Wang, group manager of the Cybersecurity and Systems Management group in Microsoft Research, said a total of 752 unique URLs, hosted on 287 sites, were identified within the first month of launching the HoneyMonkey project.

From those URLs, the system was able to confirm that active exploits were infecting Windows XP machines, including one for a fully patched system running the company’s newly hardened XP SP2 (Service Pack 2).

Source: eWeek

 

Leave a Reply

You must have Javascript enabled in order to submit comments.

All fields are optional (except comment).
Some comments may be held for moderation (depends on spam filter) and not show up immediately.
Links will automatically get rel="nofollow" attribute to deter spammers.

Powered by WordPress