Strider HoneyMonkey Exploit Detection Last Updated: January 20, 2010
The Strider Family:
Flight Data Recorder
Patch Impact Analyzer
See Strider at
Assembling an All-Star Team of Research Talent
Imagining What Comes Next
Strider HoneyMonkey is a Microsoft Research project to detect and analyze Web sites
hosting malicious code. The intent is to help stop attacks that use Web servers to
exploit unpatched browser vulnerabilities and install malware on the computers of
unsuspecting users. Such attacks have become one of the most vexing issues confronting
Internet security experts. Strider HoneyMonkey is a project of the Cybersecurity and
Systems Management group in Microsoft Research (which has grown to become today's Internet
Services Research Center - ISRC).
"Security Challenges in An Increasingly Connected World"
[slide deck], Opening Keynote,
Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities,
Trust and Security Seminars, Information Trust Institute (ITI),
University of Illinois at Urbana-Champaingn, October 19, 2005
Strider HoneyMonkeys: Active Client-Side Honeypots for Finding Web Sites
That Exploit Browser Vulnerabilities,
Usenix Security Work-in-progress Presentation, Aug. 5, 2005
Automated Web Patrol with Strider HoneyMonkeys,
IEEE SSP Work-in-progress Presentation, May 9, 2005
Files Patent for HoneyMonkey Exploit Finder, eWeek, December 26, 2007
Bill Cheswick's comment on
HoneyMonkeys, Security Focus, 2006
August 12, 2005
Microsoft's 'HoneyMonkey' effort could presage URL filtering bid,"
ComputerWorld, August 11, 2005
"New Microsoft security system scours Web," ComputerWorld, August 10, 2005
"Microsoft's "monkeys" find first zero-day exploit," SecurityFocus News, August 8, 2005; or "Flies swarm around MS Honeymonkey," TheRegister, August 9, 2005.
"Microsoft's HoneyMonkeys Show Patching Windows Works," TechWeb News / InformationWeek, August 8, 2005
"Microsoft Unwraps HoneyMonkey Detection Project," eWeek.com, August 5, 2005
"Strider HoneyMonkey: Trawling for Windows Exploits," eWeek.com, May 19, 2005
Slashdot posting, May 18, 2005
"Microsoft looks to "monkeys" to find Web threats," SecurityFocus News, May 17, 2005; or
"Microsoft hunts web nasties with honey monkeys,"
The Register, May 17, 2005.
Other Related Strider Cybersecurity Projects
Other Related Security Projects
Other Monkey-related Links