New Red Herring Honeypot Fights Heartbleed

Posted by:

red herring honeypotWASHINGTON: US cybersecurity researchers have developed a technique that fights the ‘Heartbleed’ virus, and detects and entraps hackers who might be using it to steal sensitive data.

The Heartbleed bug, which became public last week, has set alarm bells ringing across the globe, including in India, for fear of exposing millions of passwords, credit card numbers and other sensitive information to hackers.

Researchers at The University of Texas at Dallas created the sophisticated technique, dubbed Red Herring, which automates the process of creating decoy servers, making hackers believe they have gained access to confidential, secure information, when in fact their deeds are being monitored, analyzed and traced back to the source.

“Our automated honeypot creates a fixed Web server that looks and acts exactly like the original – but it’s a trap,” said Dr. Kevin Hamlen, an associate professor of computer science in the Erik Jonsson School of Computer Science and Engineering, who led the team which created the technique.

“The attackers think they are winning, but Red Herring basically keeps them on the hook longer so the server owner can track them and their activities.

This is a way to discover what these nefarious individuals are trying to do, instead of just blocking what they are doing,” Hamlen, a member of the UT Dallas Cyber Security Research and Education Institute ( CSI).

The Heartbleed bug affects about two-thirds of websites previously believed to be secure.

OpenSSL Heartbeat (Heartbleed) Vulnerability (CVE-2014-0160) and its High-Level Mechanics from Elastica Inc on Vimeo.

These are websites that use the computer code library called OpenSSL to encrypt supposedly secure Internet connections that are used for sensitive purposes such asonline banking and purchasing, sending and receiving emails, and remotely accessing work networks.

Even though Heartbleed is now in the process of being fixed, victims face the challenge of not knowing who may already be exploiting it to steal the information, and what information they may be going after, researchers said.

0
  Related Posts
})
SEC Cybersecurity Exams