Forum latest

Making Web Users Botnet-Resistant
Security
Written by Daniel   
Thursday, 11 November 2010 18:54

From Dark Reading


HackMiami researchers create 'botnet-resistant code' to thwart botnets from stealing valuable data

WASHINGTON, D.C. -- OWASP AppSec DC 2010 -- What if you could outfit visitors to your website with a coat of anti-botnet armor? A pair of researchers has come up with coding techniques that they say ultimately renders infected user machines useless to botnet operators harvesting data.

Peter Greko and Fabian Rothschild, both members of the HackMiami hackerspace, here today showed how they studied samples of the Zeus and SpyEye Trojans as well as just how the cybercrime underground uses this code for botnets. They then used that intelligence to write code for Web servers that mitigates these botnets. Their premise is that most client machines are infected, anyway. "What we've done is make it really hard for botmasters to use any information they collect from client machines," Rothschild said.



Their hope is to convert these methods into software modules for the OWASP Enterprise Security API (ESAPI), an open source Web app security control library aimed at making secure code simpler to write. "We want to talk to the ESAPI project and see if we can come up with modules for them," Greko said.

The techniques they developed don't prevent a bot infection, but rather stymie the botmaster from ultimately gathering any useful information from the victim. Zeus, for instance, collects logins, passwords, cookies, VIEWSTATE parameters, and any other information passed via a POST request in HTTP. There are four different options, which range from obfuscating data to encrypting it. "What we've done is come up with ways to make it really hard for botmasters to use any information they collect from client machines," Rothschild says.

 

[More...] [Comments....]\

 

See also

None found.


Hardware | Windows | Linux | Security | Mobile Devices | Gaming
Tech Business | Editorial | General News | folding@home

Forum | Download Files

Copyright ©2001 - 2012, AOA Forums.  All rights reserved.

Alliance of Overclocking Arts

Links monetized by VigLink

Don't Click Here Don't Click Here Either