File:2015 02 24-Aurelien-Francillon-Owasp leuven.pdf

An analysis of exploitation behaviors on the web and the role of web hosting providers in detecting them. (by prof. Aurélien Francillon, EURECOM)

Compromised websites are often used by attackers to deliver malicious content or to host phishing pages designed to steal private information from their victims. In a first part of the talk I will describe Eurecom's web honeypot, a set of deliberately vulnerable web applications that are regularly compromised by real attackers. In a second part of the talk, I will describe tests we performed on the ability of specialized monitoring services and web hosting providers to detect compromised websites and how they react to user complaints.