The cyber threat landscape is constantly evolving with new attacks and techniques. As many security people will tell you, it takes a community of people dedicated to researching, developing and maintaining security tools, systems and services to be able to combat it. One such community is The Honeynet Project.
Founded in 1999, The Honeynet Project is an international, non-profit, security research organization dedicated to investigating the latest attacks, developing open source security tools to improve Internet security and learning how hackers behave.
With Chapters around the world, its volunteers have contributed to and shared lessons learned from fighting against latest attacks as well as creating security tools used by businesses, research institutes and government agencies worldwide.
Last month, the Project held its annual workshop for the first time in Australia. Project members and security folk from around the world gathered in Canberra for the three-day event that started with a full day of security briefings followed by two days of hands-on tutorials and training sessions.
The lineup was full of amazing international speakers, including the creators and developers of many of the most popular honeypot and cyber deception tools.
Popular themes discussed included the:
- Latest developments of cyber deception technology and practical use cases to detect recent cyber threats with honeypots at large scale.
- Different deception strategies and techniques to effectively mislead attackers with creative and machine-learning approaches.
- In-depth malware analysis and ways to conduct incident responses.
As a volunteer-based, open-source community, there is always the challenge to keep up the pace.
Each year The Honeynet Project invites students who have successfully completed a Honeynet Project sponsored Google Summer of Code (GSoC) program to join the annual workshop.
Sponsored GSoC students have created a wide range of very successful open source security projects, many of which have gone on to become the industry standard open source tools in their respective fields, including:
- Cuckoo Sandbox
- Thug Client Honeypot
- DroidBox Android Sandbox
- ConPot ICS/SCADA Honeypot
- Glastopf Web Application Honeypot
In Canberra, five students from Asia and Europe spent the week with Honeynet Project members and presented their GSoC results to the community.
The Honeynet Project welcomes anyone with a suitable and interesting computer security and honeynet-related R&D project to apply for future GSoC sponsored opportunities. Even if you aren’t an eligible GSoC student, we are also always looking for general volunteers who are enthusiastic and interested in getting involved in honeynet R&D as well as joining The Honeynet Project community as a member.
Many thanks to APNIC and all of the other sponsors for supporting the 2017 Honeynet Project Workshop in Canberra and for helping to promote advanced security technologies!
Tan Kean Siong is an independent security researcher and a member of The Honeynet Project.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.