Amun : a python honeypot


Göbel, Jan Gerrit


[img]
Preview
PDF
amunhoneypot2.pdf - Published

Download (676kB)

URL: https://ub-madoc.bib.uni-mannheim.de/2595
URN: urn:nbn:de:bsz:180-madoc-25959
Document Type: Working paper
Year of publication: 2009
The title of a journal, publication series: None
Place of publication: Mannheim
Publication language: English
Institution: School of Business Informatics and Mathematics > Sonstige - Fakultät für Wirtschaftsinformatik und Wirtschaftsmathematik
MADOC publication series: Veröffentlichungen der Fakultät für Mathematik und Informatik > Institut für Informatik > Technical Reports
Subject: 004 Computer science, internet
Classification: CCS: K.6.5 D.4.6 ,
Subject headings (SWD): Computersicherheit , Malware , Eindringerkennung
Individual keywords (German): Honigtopf
Keywords (English): Honeypot
Abstract: In this report we describe a low-interaction honeypot, which is capable of capturing autonomous spreading malware from the internet, named Amun. For this purpose, the software emulates a wide range of different vulnerabilities. As soon as an attacker exploits one of the emulated vulnerabilities the payload transmitted by the attacker is analyzed and any download URL found is extracted. Next, the honeypot tries to download the malicious software and store it on the local harddisc, for further analyses. As a result, we are able to collect at best unknown binaries of malware that automatically spreads across the network. The collected samples can for example be used to help anti-virus vendors improve their signatures.
Additional information:




Das Dokument wird vom Publikationsserver der Universitätsbibliothek Mannheim bereitgestellt.




Metadata export


Citation


+ Search Authors in

+ Download Statistics

Downloads per month over past year

View more statistics



You have found an error? Please let us know about your desired correction here: E-Mail


Actions (login required)

Show item Show item