The Strider HoneyMonkey Project

Strider HoneyMonkey Exploit Detection
Last Updated: January 20, 2010

The Strider Family: [Gatekeeper] [GhostBuster] [HoneyMonkey] [URL Tracer] [Search Ranger]
[Security Tracer] [Troubleshooter] [Flight Data Recorder] [Patch Impact Analyzer]
See Strider at Assembling an All-Star Team of Research Talent and Imagining What Comes Next
[[Home Networking]] [[ISRC]] [[Yi-Min Wang]] [[Strider Foundation]]

Strider HoneyMonkey is a Microsoft Research project to detect and analyze Web sites hosting malicious code. The intent is to help stop attacks that use Web servers to exploit unpatched browser vulnerabilities and install malware on the computers of unsuspecting users. Such attacks have become one of the most vexing issues confronting Internet security experts. Strider HoneyMonkey is a project of the Cybersecurity and Systems Management group in Microsoft Research (which has grown to become today's Internet Services Research Center - ISRC).

Presentations
- "Security Challenges in An Increasingly Connected World" [slide deck], Opening Keynote, SRDS 2009.
- Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities, Trust and Security Seminars, Information Trust Institute (ITI), University of Illinois at Urbana-Champaingn, October 19, 2005
- Strider HoneyMonkeys: Active Client-Side Honeypots for Finding Web Sites That Exploit Browser Vulnerabilities, Usenix Security Work-in-progress Presentation, Aug. 5, 2005
- Automated Web Patrol with Strider HoneyMonkeys, IEEE SSP Work-in-progress Presentation, May 9, 2005
News Articles
- Microsoft Files Patent for HoneyMonkey Exploit Finder, eWeek, December 26, 2007
- Bill Cheswick's comment on HoneyMonkeys, Security Focus, 2006
- Slashdot posting, August 12, 2005
- Microsoft's 'HoneyMonkey' effort could presage URL filtering bid," ComputerWorld, August 11, 2005
- "New Microsoft security system scours Web," ComputerWorld, August 10, 2005
- "Microsoft's "monkeys" find first zero-day exploit," SecurityFocus News, August 8, 2005; or "Flies swarm around MS Honeymonkey," TheRegister, August 9, 2005.
- "Microsoft's HoneyMonkeys Show Patching Windows Works," TechWeb News / InformationWeek, August 8, 2005
- "Microsoft Unwraps HoneyMonkey Detection Project," eWeek.com, August 5, 2005
- "Strider HoneyMonkey: Trawling for Windows Exploits," eWeek.com, May 19, 2005
- Slashdot posting, May 18, 2005
- "Microsoft looks to "monkeys" to find Web threats," SecurityFocus News, May 17, 2005; or "Microsoft hunts web nasties with honey monkeys," The Register, May 17, 2005.
Other Related Strider Cybersecurity Projects
- Strider Search Ranger Spam Detection
- Strider URL Tracer with Typo-Patrol
- Strider GhostBuster Rootkit Detection
- Strider Gatekeeper Spyware Detection
Other Related Security Projects
- "All Your iFRAMEs Point to Us," Google Technical Report provos-2008a.
- "The Ghost In The Browser Analysis of Web-based Malware," in Proc. HotBots 2007.
- "A Crawler-based Study of Spyware on the Web," in Proc. NDSS 2006.
- Ashlesha Joshi, Samuel T. King, George W. Dunlap, Peter M. Chen, "Detecting Past and Present Intrusions Through Vulnerability-Specific Predicates," in Proc. 20th ACM SOSP, 2005.
Other Monkey-related Links