This Paper is Submitted by
V.Kavya and
B.RINI RACHEL (CBIT).
Paper Presentation on Automated Web Patrol with Strider Honeymonkeys ( Paper Presentation )
Abstract: Internet attacks that use Web servers to exploit browser vulnerabilities to
install malware programs are on
the rise. Such malicious web content poses a serious threat to the Internet, organizations and users. The attacks allow web servers that host compromised URLs to install malcode on visiting client machines without requiring any user interaction beyond visitation. In reverberation to these attacks, an automated web patrol system has been developed which makes use of the strider honey monkey programs which consist of the monkey programs to perform large-scale, systematic and automated web patrol. The Honey Monkey system uses monkey programs that run within virtual machines of various patch levels to drive web
browsers in an attempt to simulate human web browsing. The system automatically constructs topology graphs that capture the
connections between the exploit sites based on traffic redirection, which leads to the identification of several major players who are responsible for a large number of exploit pages. By scanning the most popular one million URLs as
classified by a search engine, over seven hundred exploit-URLs have been found, many of which serve popular content related to celebrities, song lyrics, wallpapers, video game cheats, and wrestling. We demonstrate the effectiveness of our method by discovering a large community of malicious
web sites that host exploit pages and by deriving the redirection
relationships among them. We describe a real-world experience with identifying a zero-day exploit2 using this system. We show the existence of hundreds of malicious web pages amongst many popular web sites. Finally, we propose a comprehensive anti-exploit process based on this
monitoring system in order
to improve Internet safety.
