The Monkey-Spider project


The Monkey-Spider is a crawler based low-interaction client honeypot. It is not only restricted to this use but it is developed as such. The Monkey-Spider crawles Web sites to expose their threats to Web clients.

It is based on my diploma thesis finished on May 2007. The following is the abstract for the thesis. The system itself has obviously changed during this time and updated documentation will be added over time.

"Abstract: Client side attacks are on the rise. Malicious Web sites are posing a serious threat to client security. There is neither a freely available comprehensive database of threats on the Web nor sufficient freely available tools to build such. This work will introduce the Monkey-Spider Internet analysis framework. Utilizing it as a client honeypot we portray the challenge in such an approach and evaluate our system as a high-speed Internet scale analysis tool to build a database of threats found in the wild. Furthermore, the evaluation of this system in the analysis of different crawls over two month is presented along with the lessons learned. Additionally, alternative use cases for our framework are presented."

Please consider contributing in any way. Your feedback is appreciated.

The final presentation and the thesis.

A paper at the Sicherheit2008 conference in April 2008 about the the Monkey-Spider has won the best paper award which shows the importance of this matter. The paper can be downloaded from my website.

Ali Ikinci
(ali at ikinci dot info)