Image courtesy of Black in Hat
Researchers at the University of Illinois at Urbana-Champaign and University of Washington have developed Sodexo, an automated "honeybot" system that protects against social botnets.
To infiltrate a social botnet, Sodexo creates fake accounts and farms out a series of friend requests until it achieves a critical mass. When Sodexo finds a link connected to unblocked malware, it can follow the link and become a part of the social botnet. The honeypot then goes into exploitation mode, obtaining as much information as possible about the workings of the botnet. Sodexo uses a combination of data-mining and machine-learning techniques to infer the structure of the botnet and identify command and control channels.
Sodexo also can help spot spam and malware signatures to enhance the effectiveness of intrusion-detection systems and spam filters as well as notify users. "Deploying deception through honeybots significantly reduces the botnet population, even when the number of honeybots is small relative to the population size," the researchers say.
View Full Article
Abstracts Copyright © 2012 Information Inc., Bethesda, Maryland, USA
No entries found