 - A honey monkey is a program that imitates a human user to lure, detect and identify malicious activity on the Internet.
According to Microsoft, who developed the concept, a honey monkey is an active client honey pot. The honey monkey behaves like a highly active and extremely unwary human Internet user, logging onto many suspect websites. The programs detect harmful coding that could jeopardize the security of human visitors.
Certain types of websites are more likely to contain malicious coding, whether by design or as a result of hacking. Favored targets include the home pages of celebrities, sites that offer downloadable music and videos (particularly those that operate in violation of copyright law), pornographic sites and gaming cheater sites. Sophisticated hackers operate according to the principle of "minimizing the effort and maximizing the results." Effective honey monkeys take advantage of the same paradigm, scanning the Web for URLs most likely to be compromised. In some cases, individual hackers can be personally identified.
Microsoft developed a Web patrol system called Strider HoneyMonkeys to detect Web sites that frequently install spyware, Trojans and viruses on the computers of Internet users. Microsoft's system consists of multiple monkey programs running on virtual machines (VMs). Host systems have a range of patch levels to detect specific types of exploits.
In addition to identifying and isolating uniform resource locators (URLs) that propagate malware, a program called Strider Tracer can detect configuration and file changes that occur following an exploit. Using this method, interconnected communities of Web sites have been discovered that use targeted URLs to exploit client-side vulnerabilities on unpatched computers. Once such a site and the nature of its activity has been identified, a patch is generated to counter the threat.
In the first month of activity, the HoneyMonkey project detected malicious coding on 752 unique URLs, hosted on 287 sites. Researchers were able to identify several "major players," each of whom is responsible for many exploit pages.
 |
Learn more about Web Browser Security |
| Spyware Protection and Removal Tutorial: This spyware protection and removal tutorial is a compilation of free resources that explain what spyware is, how it attacks and what you can to do to win the war on spyware. |
| Web Browser Security Learning Guide: Identify the inherent flaws of Internet Explorer and Mozilla Firefox, learn about viable Web browser alternatives, and how to maximize your Web browsing security. |
| State-based attacks: Session management: This excerpt reviews session management techniques developers can use to protect against session hijacking and other Web application attacks. |
| Security Wire Weekly: Get a brief recap of the week's top information security news as reported by SearchSecurity.com's award-winning news team. Listen from your PC or favorite MP3 player. |
| What if Firefox were the target?: What if the world suddenly switched to Firefox instead of Internet Explorer? Would it still be the more secure option? |
| LAST UPDATED: |
13 Aug 2008
|
 |
Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com
|
|
More resources from around the web:
|
|
Show me everything on 
