|
ASSERT Honeypot Research
The Alaskan Honeynet Project, run by ASSERT, is a probationary member of the Honeynet Project, which has the goal of "bring[ing] together organizations actively involved in honeypot research...for the purpose of researching, developing and deploying honeypot related technologies and sharing the lessons learned".
-
Brian Hay is working with Ron Dodge (United States Military Academy at West Point) on the development of automated user interaction for high interaction honeypots. This work is expected to be the subject of publications in 2009. Links to the source code will be made available on this page.
-
Research is currently underway at ASSERT to develop methods by which
honeypots can be autonomously and dynamically deployed
in a manner which is appropriate for the OS and service profile
of a given existing network of hosts. As part of this work, Chris Hecker presented a paper
entitled "Dynamic
Honeypot Construction" at the 10th Colloquium
for Information Systems Security Education (CISSE).
-
The source code for the Honeyd Configuration Manager,
which automatically scans a given network and generates a Honeyd configuration
file based on the hosts and services discovered, is now
available
for download.
-
A VMware virtual machine in which the Honeyd Configuration
Manager and all of the tools on which it relies have been
installed is now available
for download. The virtual machine
can be operated using one of the VMware software products,
including the free VMware
Player.
-
A web-based utility which generates a honeyd configuration from a firewall log was written by UAF students during Fall 2008.
-
A high interaction honeypot configuration generator developed at UAF ASSERT is currently undergoing testing on several live networks. Results of these tests are expected to be published on this page during 2009.
For information about the honeypot research
underway at ASSERT, including how to get involved, contact
us via email (you can use this pgp
key if necessary)
|
