HomeBlogsben's blog

2010 Status Report

2 February 2011 - 10:39am — ben

Following is a brief summary of our activity and contributions during 2010:

Organisation
2010 saw the addition of David Zielezna as a contributor to the Project.
We are now:
- Shaun Vlassis, HP full member, Chapter lead.
- Ben Reardon. HP full member, member of the HP Public relations and membership committees
- David Zielezna. Contributor, and in charge of AHP infrastructure.

2010 Annual Honeynet project workshop, Mexico City
Shaun and Ben attended the 2010 Annual workshop and presented to the group on VOIP attacks and honeypots, development of malware data visualization techniques, and defacement tracking.

Forensic challenge 4
Development of Forensic challenge FC4, which dealt with VOIP attacks.

GSOC 2010
Participation as a co-admin and mentor for the Honeynet Project's Google funded GSOC 2010 initiative.

Conferences

  • The Australian High Tech Crime Conference, HTCC2010 8 September 2010
    Presentation: VOIP Honeypots
  • Melbourne Branch: Australian Information Security Association (AISA) 12 August 2010
    Presentation: The Honeynet project and Data Visualization for Security Purposes
  • Sydney Branch: Australian Information Security Association (AISA) 15 September 2010
    Presentation: HiTech Crime and Honeypots
  • Ballarat Innovation, Communication and Technology Cluster 15 June 2010
    Presentation : Honeynet Project
  • AusCERT Conference, Gold Coast Queensland. May 2010

    • References
    We were pleased to see work on VOIP attack analysis referenced in academic paper delivered at the Australian Digital Forensics Conference by Craig Valli "An Analysis of Malfeasant Activity Directed at VoIP Honeypots"

    Highlights of 2010

  • Sharing our work at the Annual workshop
  • Collaboration with the Norway Chapter on VOIP honeypots, and Forensic Challenge FC4
  • Collaboration with the many students and mentors during GSOC 2010
  • Developing new ways of understanding malicious activity by using data visualization tools
  • Collection and analysis of honeypot data indicating a substantial malicious activity against VOIP (SIP) servers.
  • Continued development of Honey Client system Trigona

    • Goals for 2011

  • Seek to identify and analyse NEW and less understood data sets and attack vectors
  • Attend and present at the first ever Public Honeynet Project workshop in March 2011
  • Continue development of data visualization techniques on data sets
  • Continue VOIP activity research
  • Continue development of Trigona and other tools