GSoC/GCI Archive
Google Summer of Code 2009 The Honeynet Project

Proposal for Project 1: Improving phoneyc

by Zhijie Chen for The Honeynet Project

Nowadays, the web-based malware(AKA:drive-by downloads) has threatened the Internet and web client security seriously. pHoneyC, as a low interactive honeyclient, has done well in the malscript deobfuscation and detection, however, it needs further enhancement. This proposal mainly discuss the main ideas about integrating the phoneyc and libemu library to enable the shellcode detection and emulation, and it also presents a way to collect the downloads downloaded by the shellcode or other scripts.