HoneyBow:an automated malware collection tool based on the high-interaction honeypot principle

ZHUGE Jian-wei1; HAN Xin-hui1; ZHOU Yong-lin2; SONG Cheng-yu1; GUO Jin-peng1; ZOU Wei1

Tongxin xuebao (Jan 2007)

HoneyBow:an automated malware collection tool based on the high-interaction honeypot principle

ZHUGE Jian-wei1,
HAN Xin-hui1,
ZHOU Yong-lin2,
SONG Cheng-yu1,
GUO Jin-peng1,
ZOU Wei1

Affiliations

ZHUGE Jian-wei1
HAN Xin-hui1
ZHOU Yong-lin2
SONG Cheng-yu1
GUO Jin-peng1
ZOU Wei1

Abstract

Read online

Malware has become one of the severest threats to the public Internet.To deal with the malware breakout ef-fectively as early as possible,an automated malware collection solution must be implemented as a precondition.An automated malware collection tool was presented based on the high-interaction honeypot principle called HoneyBow.Comparing with the Nepenthes platform based on the low-interaction honeypot principle,HoneyBow has its advantages on wilder range of captured malware samples and the capability of collecting unknown malware samples,which are vali-dated by the experiment results from wild malware collection and the case of Mocbot dealment.

malware;malware collection;honeypot;honeynet

Published in Tongxin xuebao

ISSN: 1000-436X (Print)
Publisher: Editorial Department of Journal on Communications
Country of publisher: China
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Telecommunication
Website: http://www.infocomm-journal.com/txxb/EN/1000-436X/home.shtml

About the journal

Abstract

Keywords