Client-Honeypots : Exploring Malicious Websites

Bok av Andreas Dewald
With the increasing resilience of operating systems towards automated attacks, the application layer has come into the focus of criminals. Specially prepared websites in the World Wide Web compromise visitors by exploiting vulnerabilities in web browsers, emails with attached files exploit common email applications, and embedded links in instant messenger or Twitter messages lead to malware contaminated sites. This book introduces a new weapon in computer warfare which helps to collect more information about malicious websites, client-side exploits, attackers, and their proceeding. Client honeypots are a new technique to study malware that targets user client applications, like web browsers, email clients, or instant messengers. We introduce some of the more well-known client honeypots, how they work, and how they can be used to secure a computer network. Furthermore, the authors show a few of the most frequently used client application exploits and how they can be examined to get more information about the underground economy.