Upload File

automated web patrol with strider honeymonkeys: finding web sites that exploit browser...

  • Home
  • Documents
  • Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities Y.-M. Wang, D. Beck, X. Jiang in Proceedings of
9
Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities Y.-M. Wang, D. Beck, X. Jiang in Proceedings of the 13th Annual Network and Distributed Systems Security Symposium (NDSS 2006), The Internet Society, 2006. Presenter: Sangyup Lee

Upload: blake-nelson

Post on 18-Dec-2015

212 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities Y.-M. Wang, D. Beck, X. Jiang in Proceedings of

Automated Web Patrol with Strider HoneyMonkeys:Finding Web Sites That Exploit Browser Vulnerabilities

Y.-M. Wang, D. Beck, X. Jiangin Proceedings of the 13th Annual Network and Distributed Systems Security Symposium (NDSS 2006), The Internet

Society, 2006.

Presenter: Sangyup Lee

Page 2: Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities Y.-M. Wang, D. Beck, X. Jiang in Proceedings of

Summary Introduces the concept of Automated

Web PatrolBasic aim is at protecting Internet users

Design and Implementation of the system

Effectiveness of the system is demonstrated through a series of experiments

Page 3: Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities Y.-M. Wang, D. Beck, X. Jiang in Proceedings of

What is the Strider HoneyMonkey Exploit Detection System? A pipeline of VM-based honeypots

that run monkey programs which patrols the web automatically in an attempt to mimic human web browsing.Honeypot

A trap to catch malice Records attacker’s information

Page 4: Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities Y.-M. Wang, D. Beck, X. Jiang in Proceedings of

What is the Strider HoneyMonkey Exploit Detection System? (contd.)

Pipeline Consists of 3 stages

Stage 1: Exploit Site Detection on un-patched VMs

Stage 2: RecursiveRedirection Analysison un-patched VMs

Stage 3: Recursive Redirection Analysiswith partially and fully patched VMs

Exploit detection by detecting persistent-state changes

Page 5: Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities Y.-M. Wang, D. Beck, X. Jiang in Proceedings of

Appreciative Comment

A good way of approaching the solution to the growing problem of browser-based attacksConcept of preventionPossible developments in future

Page 6: Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities Y.-M. Wang, D. Beck, X. Jiang in Proceedings of

Critical Comments #1

Only one type of web browser used in the experiments – Internet Explorer 6.0Should have taken into account other

popular browsers such as Firefox

Page 7: Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities Y.-M. Wang, D. Beck, X. Jiang in Proceedings of

Critical Comments #2“…to seek out and classify web sites that exploit

browser vulnerabilities.” Ambiguous use of different Windows XP

Service Pack versions on the tested machines. Is it the OS or the browser that’s vulnerable?Other factors that might affect the vulnerability?

Number of Exploit-URLs Number of Exploit Sites

SP1 Unpatched (SP2-UP) 688 268

SP2 Unpatched (SP2-UP) 204 115

Page 8: Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities Y.-M. Wang, D. Beck, X. Jiang in Proceedings of

Further Analysis

“if I never visit those risky web sites that serve dangerous or questionable content, do I have to

worry about vulnerability exploits?”

Suspicious List Popular List

# URLs scanned 16,190 1,000,000

# Exploit URLs 206 (1.28%) 710 (0.071%)

“They don’t buy it because the danger is small and because security is a pain.” – B. Lampson

Page 9: Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities Y.-M. Wang, D. Beck, X. Jiang in Proceedings of

Discussion

Can you think of any other factors that might affect the vulnerability of your machine against browser-based attacks?


PROGRAMMABLE MAGNETIC ELLIPTICAL STRIDER · 2019. 10. 1. · 12 EXERRCCIISSEE R CI INNSSTTRUUCTTIOONNSS Using your PROGRAMMABLE MAGNETIC ELLIPTICAL STRIDER will provide you with several

STRIDER - Главная - UA-Marineua-marine.com/uploads/yachts/Yachts/Sacs/STRIDER... · The lifting shell shaped windshield re-veals the access to the bow sundeck 46 47 A real

Skill_Level_ Strider

Strider User Guide - AgTerra Technologies, Inc.help.agterra.com/wp-content/uploads/2017/02/Strider-User-Guide-2017-2.pdfThe Strider app must be downloaded in order to fill out forms

2013 Threat Report R3 - bluekarmasecurity.net · The first Angler Exploit Kit to integrate CVE-2013-0074/3896 • Silence Exploit Kit • Himan Exploit Kit • Private Exploit Kit

Strider Artbook

Air Strider wlaw55071

Strider: Architectures for Scalable Memory Centric ... · Strider: Architectures for Scalable Memory Centric Reduction of Sparse Data Streams Sriseshan Srikanth, Tom Conte, Erik DeBenedictis

Summary of “New Ways to Exploit Raw Data May Bring Surge of Innovation, a Study Says” Steve Lohr, New York Times, May 13th, 2011 Presented by: Zhe Jiang

Strider 12 Classic No-Pedal Balance Bike Review

STRIDER PLATINUM SERIES - SilverStone

Strider 25 Race and Strider 25 Club

d2ouvy59p0dg6k.cloudfront.net€¦  · Web viewINTRODUCTION. A “remarkable feat in the history of mankind to reshape and exploit the resources” was how Chinese President Jiang

Strider Bikes Media Kit 2014

Exploit Prediction Scoring System (EPSS) · We collect information about whether proof-of-concept exploit code or weaponized exploits exists. Exploit code was extracted from Exploit

Windows Kernel Shellcode Exploit - HITCON Pacific …hitcon.org/.../2005/Windows_Kernel_Shellcode_Exploit.pdfWindows Kernel shellcode Exploit • Ring3->Ring0 • Exploit Apc inject

The Strider Years: An Extension of the History of Colby College

Impulsive fluid forcing and water strider locomotion · Impulsive fluid forcing and water strider locomotion 3 varying wavetrain. The wave pulse contains a well defined momentum

Exploit Kit - IWSEC · Exploit Kit Drive-by Download Exploit Kit Exploit Kit MWS2015 Improving Cyber Attack Detection System To Adopt The Changing Of Exploit Kit ... Angler Exploit

Strider - Segaasia.sega.com/mdmini/cht/manual/pdf/m_asia_strider.pdfTitle Strider Author SEGA Games Co., Ltd. Created Date 6/13/2019 3:17:20 PM

Automated Web Patrol with Strider Honey Monkeys

STRIDER: Steric hindrance estimator - bioRxivFeb 07, 2020  · STRIDER also extends its application to estimate the metal ion coordination in the query structure. For instance, whenever

Strider 12 Classic No Pedal Balance Bike Review

The Ultimate BLM Resources With Damage Calculator by Puro Strider (Backup)

THE STRIDER

SEABED STRIDER - 7977

STRIDER NEWS - Stowmarketstowmarketstriders.org.uk/newsletter_uploads/Strider News... · 2015. 12. 17. · (1:17:28). Adam Howlett, Joe Carr and Darren Sheppard put in great displays

SUPPORT PROGRAM - Strider Balance Bikes...tool to utilize to increase balance, strength, and motor coordination for children.” Call the Strider Bikes Education Department (605) 342-0266

Strider: Manufacturing Processes

Exploit Research and Development Megaprimer: Unicode Based Exploit Development

2020 STRIDER CUP WORLDCHAMPIONSHIP...2020 STRIDER CUP WORLDCHAMPIONSHIP 開催概要 4 2020 STRIDER CUP WORLDCHAMPIONSHIP 日程 時間 会場 レース参加者 主催 協賛 協力

Strider CD - Deploy Contínuo com JavaScript

Manual Strider 2 - Game Gear

Ming Jiang · 2016. 4. 22. · Image Reconstruction Ming Jiang Image Reconstruction Ming Jiang School of Mathematical Sciences Peking University [email protected] March 21, 2011

Frank Jiang [email protected]. Wireless power module introduce