Click here to receive your FREE subscription to Campus Technology
News
Victoria U Honeypot Tech Leads to Net Attack Study
9/13/2007
The international Honeynet Project, a research consortium formed to share computer threat information and solutions, is using a behavioral analysis tool developed at New Zealand's Victoria University to study Web-based security attacks.According to the Honeynet Project study, which used the Vicoria University's Capture HPC analysis tool, many Web addresses that appear to be safe are rife with attack code aiming at vulnerable clients. Moreover, attackers are increasingly turning to end-user systems as a way around antivirus and firewall systems that are blocking their access to traditional attack routes.
"The 'black hats' are turning to easier, unprotected attack paths to place their malware onto the end-user's machine," according to the study by the Honeynet researchers, titled, "Know Your Enemy: Malicious Web Servers."
The study used Capture HPC to analyze more than 300,000 addresses from around 150,000 hosts. It looked at various types of sites, including music and news sites, and concluded that while some categories were more likely to contain malicious addresses than others, all contained malicious addresses.
"As in real life, some 'neighbourhoods' are more risky than others, but even users that stay clear of these areas can be victimized," the report said. "Any user accessing the Web is at risk."
Victoria University researchers Ramon Steenson and Christian Seifert said Capture HPC analyzes the state of an operating system and applications running on it and generates reports for any events received. In stand-alone mode it also function as a behavioral analysis tool for software running on Win32 operating systems including the latest version of Windows Vista.
Read More:
Paul McCloskey is a contributing editor for the Campus Technology group of publications.
Cite this Site
copy text (above) for proper citation
Recommended Reading
- Sentrigo Offers Help for Database Patching Woes
Sentrigo Inc. released its new Hedgehog vPatch database security software product Tuesday. The product addresses patching inconsistencies that seem to affect busy Oracle database administrators (DBAs), who don't always have time to test and patch. However, users of Microsoft SQL Server database in the enterprise can take a lesson here too.
- Starfish Launches Higher Ed Retention Solution
Software provider Starfish Retention Solutions has announced the upcoming launch of its first product, Starfish Office Hours. The company said this will be the first in a series of products intended to help higher education institutions improve retention and graduation rates by aiding in the delivery of programs designed to help at-risk student populations.
- Unisys Offers Free Unified Communications Trial
Unisys announced Monday that it is offering companies a free 30-day unified communications trial using Microsoft solutions. The offer is currently available through Microsoft's sales personnel.
- New Mexico Launches Statewide eLearning Initiative
As part of its Innovative Digital Education and Learning initiative (IDEAL-NM), New Mexico is launching a statewide program to standardize on a single electronic learning platform--Blackboard--spanning K-12, higher education, adult education, and government. The initiative will also support a new statewide virtual high school.
- North Carolina Adopts Blackboard for Higher Ed
The University of North Carolina and the North Carolina Community College System have signed on with Blackboard to deploy that company's electronic learning platform across 68 individual campuses.
- Semantic Search: Could the Web Think?
Semantics is a sub-field of linguistics that focuses on meaning making in language. Therefore, the Semantic Web we're still reaching for will be based on a set of definitions, languages, and standards that can base a search on the detection of meaning and not just on a simple character string. The Semantic Web will at least be smarter than the current Web.
