The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Client Honeypots on ReAssure

Download

Download PDF Document
PDF

Author

Jason D. Ortiz, Pascal Meunier

Tech report number

CERIAS TR 2009-09

Entry type

techreport

Abstract

Client honeypots are typically implemented using some form of virtualization to contain malware encountered by the client machine. However, current virtual environments can be detected in multiple ways by malware. The malware can be executed from within a browser or require escaping from the browser to detect the virtualization. In many cases, detection is accomplished by a simple test. Malware can then modify its behavior based on this information. Thus, an implementation of client honeypots which does not depend on virtualization is needed to fully study malware.

Download

PDF

Date

2009 – 5 – 12

Key alpha

Ortiz

Publication Date

2009-05-12

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.