Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
USS
2008
2008
To Catch a Predator: A Natural Language Approach for Eliciting Malicious Payloads
We present an automated, scalable, method for crafting dynamic responses to real-time network requests. Specifically, we provide a flexible technique based on natural language processing and string alignment techniques for intelligently interacting with protocols trained directly from raw network traffic. We demonstrate the utility of our approach by creating a low-interaction webbased honeypot capable of luring attacks from search worms targeting hundreds of different web applications. In just over two months, we witnessed over 368, 000 attacks from more than 5, 600 botnets targeting several hundred distinct webapps. The observed attacks included several exploits detected the same day the vulnerabilities were publicly disclosed. Our analysis of the payloads of these attacks reveals the state of the art in search-worm based botnets, packed with surprisingly modular and diverse functionality.
Real-time TrafficLow-interaction Webbased Honeypot | Operating System | Real-time Network Requests | USS 2008 | Worms Targeting Hundreds |
| Added | 02 Oct 2010 |
| Updated | 02 Oct 2010 |
| Type | Conference |
| Year | 2008 |
| Where | USS |
| Authors | Sam Small, Joshua Mason, Fabian Monrose, Niels Provos, Adam Stubblefield |
Comments (0)
Researcher Info
|
