Client Honeypot - Papers

Papers

• M. Egele, P. Wurzinger, C. Kruegel, and E. Kirda, Defending Browsers against Drive-by Downloads: Mitigating Heap-spraying Code Injection Attacks, Secure Systems Lab, 2009, p. Available from http://www.iseclab.org/papers/driveby.pdf; accessed on 15 May 2009.
• Feinstein, Ben. Caffeine Monkey: Automated Collection, Detection and Analysis of JavaScript. BlackHat USA. Las Vegas, 2007.
• Ikinci, A, Holz, T., Freiling, F.C. : Monkey-Spider: Detecting Malicious Websites with Low-Interaction Honeyclients. Sicherheit 2008: 407-421,
• Moshchuk, A., Bragin, T., Gribble, S.D. and Levy, H.M. A Crawler-based Study of Spyware on the Web. In 13th Annual Network and Distributed System Security Symposium (NDSS). San Diego, 2006. The Internet Society.
• Provos, N., Holz, T. Virtual Honeypots: From Botnet Tracking to Intrusion Detection. Addison-Wesley. Boston, 2007.
• Provos, N., Mavrommatis, P., Abu Rajab, M., Monrose, F. All Your iFRAMEs Point to Us. Google Technical Report. Google, Inc., 2008.
• Provos, N., McNamee, D., Mavrommatis, P., Wang, K., Modadugu, N. The Ghost In The Browser: Analysis of Web-based Malware. Proceedings of the 2007 HotBots. Cambridge, April 2007. USENIX.
• Seifert, C., Endicott-Popovsky, B., Frincke, D., Komisarczuk, P., Muschevici, R. and Welch, I., Justifying the Need for Forensically Ready Protocols: A Case Study of Identifying Malicious Web Servers Using Client Honeypots. in 4th Annual IFIP WG 11.9 International Conference on Digital Forensics, Kyoto, 2008.
• Seifert, C. Know Your Enemy: Behind The Scenes Of Malicious Web Servers. The Honeynet Project. 2007.
• Seifert, C., Komisarczuk, P. and Welch, I. Application of divide-and-conquer algorithm paradigm to improve the detection speed of high interaction client honeypots. 23rd Annual ACM Symposium on Applied Computing. Ceara, Brazil, 2008.
• Seifert, C., Steenson, R., Holz, T., Yuan, B., Davis, M. A. Know Your Enemy: Malicious Web Servers. The Honeynet Project. 2007. (available at http://www.honeynet.org/papers/mws/index.html)
• Seifert, C., Welch, I. and Komisarczuk, P. HoneyC: The Low-Interaction Client Honeypot. Proceedings of the 2007 NZCSRCS. University of Waikato, Hamilton, New Zealand. April 2007.
• C. Seifert, V. Delwadia, P. Komisarczuk, D. Stirling, and I. Welch, Measurement Study on Malicious Web Servers in the.nz Domain, in 14th Australasian Conference on Information Security and Privacy (ACISP), Brisbane, 2009.
• C. Seifert, P. Komisarczuk, and I. Welch, True Positive Cost Curve: A Cost-Based Evaluation Method for High-Interaction Client Honeypots, in SECURWARE, Athens, 2009.
• C. Seifert, P. Komisarczuk, and I. Welch, Identification of Malicious Web Pages with Static Heuristics, in Austalasian Telecommunication Networks and Applications Conference, Adelaide, 2008.
• Stuurman, Thijs, Verduin, Alex. Honeyclients - Low interaction detection method. Technical Report. University of Amsterdam. February 2008.
• Wang, Y.-M., Beck, D., Jiang, X., Roussev, R., Verbowski, C., Chen, S. and King, S. Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities. In 13th Annual Network and Distributed System Security Symposium (NDSS). San Diego, 2006. The Internet Society.
• Zhuge, Jianwei, Holz, Thorsten, Guo, Jinpeng, Han, Xinhui, Zou, Wei. Studying Malicious Websites and the Underground Economy on the Chinese Web. Proceedings of the 2008 Workshop on the Economics of Information Security. Hanover, June 2008.