The Honeynet Project

After another great year of Google Summer of Code 2015 and another 7 successful student projects, The Honeynet Project and students world-wide were eagerly waiting to hear if Google would decide to run GSoC again. Well the good news is that Google officially announced that Google Summer of Code 2016 would definitely be happening. Go Google!

The GSoC 2016 programme starts in February with the first major milestone being the deadline for Mentoring Organization applications by 19:00 UTC on Friday February 19th. We really enjoyed our experience as a successful mentoring organization (Org) in Google Summer of Code 2009, Google Summer of Code 2010, Google Summer of Code 2011, Google Summer of Code 2012, Google Summer of Code 2013 and Google Summer of Code 2015 so we are very happy to announce that we have once again applied to participate as a mentoring organization in GSoC 2016.

Google will be reviewing mentoring organization applications over the coming days then announcing the official list of participating mentoring Orgs for GSoC 2016 on their web site at 19:00 UTC on February 29th. Usually 300-500 potential mentoring organizations apply, with only 150-200 lucky Orgs being selected, so Org applications are highly competitive.

In the mean time, potential mentoring Orgs will be improving their public project ideas pages, preparing mentors, fielding student questions and keeping their collective fingers crossed in the hope of being selected. Potential GSoC students and other interested parties can view our still under development list of possible project ideas and potential mentors. As in previous years, this list of proposed project ideas is not definitive and (assuming we get selected to participate) will remain a work in progress until GSoC 2016 student applications officially start on March 14th. We are also still open to receiving and mentoring interesting, novel and relevant project ideas received from students, including informal contact before official student applications begin. We will also probably post a public survey link here and on our main blog to allow anyone interested to suggest project ideas too. So if there is a research topic you are interested in working on this summer, please suggest it, or get in touch to discuss it further.

The third and fourth GSoC 2016 milestones (after Org application and Org selection) will be student applications and acceptance. GSoC 2016 student applications begins on March 14th at 19:00 UTC and close on March 25th at 19:00 UTC. Please make sure you check the official GSoC 2016 timeline carefully if you plan on applying. To avoid disappointment and missed deadlines, if you are a student applying to GSoC this year, please make sure you submit your student application well in advance and don't leave it to the last minute! A good idea is to begin talking to us as soon as Google announces the official list of GSoC 2016 mentoring Orgs. The sooner is usually the better, although since GSoC is highly competitive for both students and Orgs, we obviously cannot guarantee we will be selected to participate this year. Please bear that in mind when making contact.

On April 22th Google will officially announce the list of approximately 1000 lucky students who will be accepted to participate in GSoC 2016. We very much hope that many of you reading this page will be among that number and about to start working for the summer on another exciting information security project with The Honeynet Project.

Project Ideas Past and Present

You can find our in progress GSoC 2016 ideas page here:

• GSoC 2016 Project Ideas

Often students ask us what kind of projects we are likely to be offering in a coming year. If you want to get an idea of the kind of projects ideas we proposed and the accepted projects we ran during GSoC 2009-2015, you can view these here:

• GSoC 2015 Project Ideas
• GSoC 2015 Accepted Projects
• GSoC 2014 Project Ideas
• GSoC 2013 Project Ideas
• GSoC 2013 Accepted Projects
• GSoC 2012 Project Ideas
• GSoC 2012 Accepted Projects
• GSoC 2011 Project Ideas
• GSoC 2011 Accepted Projects
• GSoC 2010 Project Ideas
• GSoC 2010 Accepted Projects
• GSoC 2009 Project Ideas
• GSoC 2009 Accepted Projects

Student Application Tips

If you are looking for tips for getting started with GSoC and the Honeynet Project, or want to maximize your chances of success, check out our Student GSoC Application Tips section written by ex-GSoC student and now mentor/org admin Max.

You could also watch previous students Sebastien Popleau present on his Ghost USB Honeypot, Claudio Guarnieri present on Cuckoo sandbox or Maximilian Hills talk on using his HoneyProxy for man-in-the-middle traffic analysis at recent public workshops.

Contacting Us

If you have any questions, please drop by in our #gsoc-honeynet IRC channel on irc.freenode.net and say "hi" (note you may need to idle there for a few hours before you get an answer to a specific question, as our members do have to sleep and come from timezones all over the world, so please be patient and wait a few hours before chasing a response).

We still have our public mailing list for interested prospective GSoC students to get in touch and discuss project ideas for GSoC with the Honeynet Project - see https://public.honeynet.org/mailman/listinfo/gsoc for details. Please sign up if you have any questions about getting involved with the Honeynet Project in GSoC 2016.

Organisational Administrators

Our GSoC 2016 organisational administrators this year are:

• David Watson (lead, UK)
• Lukas Rist (DE)
• Felix Leder (DE/NO)
• Jamie Riden (UK)
• Tan Kean Siong (MY)
• Maximilian Hils (DE)

So with the US, Europe and Asia covered we can hopefully offer students and mentors round the clock support again this year!

Background Information

You can find copies of past presentations by our Chief Research Officer David Watson on our achievements during GSoC 2009 to GSoC 2012 or GSoC 2009 and GSoC 2010, which hopefully provide a good introduction to the Honeynet Project and our collective activities from recent GSoCs.

You can also read/watch David's presentations from two of our recent annual workshops in the San Francisco Bay Area (2012) or Paris (2011) too.

To get a feel for how previous successful GSoC student projects are advancing our knowledge and capabilities and generating benefits in the read world, see:

• Threatpost: Android reverse engineering toolset
• SC Magazine: Cuckoo and Malwr.com open source sandbox
• Dark Reading: Simplifying Android malware analysis
• SANS: Forensic challenges and Android malware
• Dark Reading: Honeysink for sinkholing botnets
• Dark Reading: Studying stealthy attacks
• Dark Reading: Web vulnerability honeypots

Why get involved with the Honeynet Project?

1. We are an enthusiastic and passionate group of volunteers dedicated to the ideals of open source and sharing our security research and development knowledge with the community
2. For over ten years, we have pioneered research in the field of honeypots, releasing many freely available tools, challenges and Know Your Enemy whitepapers that are often considered groundbreaking when first published
3. We literally wrote the book on the topic, and regularly present on our R&D activities at conferences all over the world
4. We have active volunteer member chapters in many countries and from many different backgrounds, with a wide variety of skills and experience they are happy to share
5. We have always been committed to the concepts of open source software and freely share everything we do, including each chapter publishing regular public status reports on their recent activity
6. We maintain active public and private communities of developers and researchers who use and contribute to our tools each day (for public examples, see our projects page and public mailing lists).
7. We provide our members and the community with the public and private infrastructure necessary to support distributed collaborative remote working, such as IRC channels, mailing lists, subversion repositories, Trac instances for ticket management and wikis, content management systems, blogs, live deployments with real end users for testing and regular feedback, etc
8. We are hands on, supportive and keen to involve more talented people in projects we are really passionate about
9. We have a strong track history of mentoring new members and successfully delivering open source projects, tools and research that demonstrably benefit the community
10. All of our GSoC 2009, 2011, 2012 and 2015 projects and all but one of our GSoC 2010 and GSoC 2013 projects were delivered successfully and our students were happy, with a number of the tools created going on to become widely used within the security community
11. Students from GSoC 2009-2015 have gone on to become active members of the honeynet community, including proposing project ideas for future GSoCs or offering to be project mentors and Org administrators (so we can't be too unpleasant a bunch to get involved with!) ;-)
12. We have ex-GSoC students actively serving on our Board of Directors and in Executive Officer positions, so GSoC has definitely proven to be a great career path for students wanting to get more involved in open source and information security R&D.
13. Honeypots and honeynet technology, research and tools have filtered down benefits to many areas of IT, web development, operational service management, Internet education and computer security research

GSoC is not the only way you can become involved in the with honeynet technologies and open source software - check out our current or historic series of forensic challenges. Or learn more about the practical, real world application of honeynet technology in our popular series of "Know Your Enemy" whitepapers, which now include projects and tools output from previous GSoCs students or mentors such as PicViz, Glastopf, Qebek or Conficker.

Feel free to contact us at https://public.honeynet.org/mailman/listinfo/gsoc or [email protected] at any time.