Saturday, August 06, 2005

Microsoft Unwraps HoneyMonkey Detection Project

Ryan Naraine writes in eWeek:

Microsoft has officially lifted the wraps off its Strider HoneyMonkey research project, designed to trawl the dark side of the Internet looking for Web sites hosting malicious code.

Microsoft Corp. released a technical report, available here as a PDF, to introduce the concept of an Automated Web Patrol that uses multiple Windows XP machines, some unpatched and some fully updated, to streamline the process of finding zero-day Web-based exploits.

Yi-Min Wang, group manager of the Cybersecurity and Systems Management group in Microsoft Research, said a total of 752 unique URLs, hosted on 287 sites, were identified within the first month of launching the HoneyMonkey project.

From those URLs, the system was able to confirm that active exploits were infecting Windows XP machines, including one for a fully patched system running the company's newly hardened XP SP2 (Service Pack 2).

0 Comments:

Post a Comment

<< Home