honey monkey

According to Microsoft, who developed the concept, a honey monkey is an active client honey pot. The honey monkey behaves like a highly active and extremely unwary human Internet user, logging onto many suspect websites. The programs detect harmful coding that could jeopardize the security of human visitors.

Certain types of websites are more likely to contain malicious coding, whether by design or as a result of hacking. Favored targets include the home pages of celebrities, sites that offer downloadable music and videos (particularly those that operate in violation of copyright law), pornographic sites and gaming cheater sites. Sophisticated hackers operate according to the principle of "minimizing the effort and maximizing the results." Effective honey monkeys take advantage of the same paradigm, scanning the Web for URLs most likely to be compromised. In some cases, individual hackers can be personally identified.

Microsoft developed a Web patrol system called Strider HoneyMonkeys to detect Web sites that frequently install spyware, Trojans and viruses on the computers of Internet users. Microsoft's system consists of multiple monkey programs running on virtual machines (VMs). Host systems have a range of patch levels to detect specific types of exploits.

In addition to identifying and isolating uniform resource locators (URLs) that propagate malware, a program called Strider Tracer can detect configuration and file changes that occur following an exploit. Using this method, interconnected communities of Web sites have been discovered that use targeted URLs to exploit client-side vulnerabilities on unpatched computers. Once such a site and the nature of its activity has been identified, a patch is generated to counter the threat.

In the first month of activity, the HoneyMonkey project detected malicious coding on 752 unique URLs, hosted on 287 sites. Researchers were able to identify several "major players," each of whom is responsible for many exploit pages.

Read more about honey monkey: - Ryan Naraine interviewed Yi-Min Wang from Microsoft's Cybersecurity and Systems Management group. - Microsoft maintains a website for its Strider project. - Microsoft Research discusses how Strider HoneyMonkeys work.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

BROWSE BY TAG Application and Platform Security,   Web Security Tools and Best Practices,   Web Browser Security,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Security researchers develop browser-based darknet Called Veiled, the darknet only requires participants to use an HTML 5-based browser to connect and share data anonymously. Microsoft cracks down on click fraud ring Fraudsters used a click farm to simulate hundreds of thousands of clicks for specific advertisements. Experts say click fraud threatens the online... Mozilla patches 11 Firefox security flaws, JavaScript errors Mozilla patched 11 flaws including six critical vulnerabilities that could be exploited by an attacker to gain access to system files.

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary browser hijacker  (SearchSecurity.com) cache cramming  (SearchSecurity.com)