Swedish Chapter - Chapter Status Report for 2014

ORGANIZATION: The Swedish Chapter was founded in February 2013 and currently consists of the following people:

  • Mikael Keri
  • Matthias Gutehall
  • Are Hansen
  • Ioannis Koniaris
  • Thomas Nicholson

The Chapter members are interested in research projects covering the following topics:

  • High and low-interaction honeypots
  • Intrusion detection
  • Automated and manual malware analysis
  • Visualization
  • Log analysis

DEPLOYMENTS:


We have several honeypots deployed mainly low-interaction, like Glastopf that submit data to HPFriends. As members are involved in developing HonSSH/Bifrozt we have these running as well, collecting attack data.
RESEARCH AND DEVELOPMENT:
 
We are currently developing HonSSH a high interaction Honeypot solution. In the pipeline is an effort to make it multi-honeypot aware. With the aim to allow you to choose a honeypot based on countries, users etc
 
We are currently developing Bifrozt a high interaction honeypot solution built around HonSSH. A new version is just around the corner.
 
We are currently developing HoneyDrive a honeypot bundle distro. Next in line is to create a Amazon Machine Image (AMI) for even easier deployments.
 
We have made some minor contribution to Glastopf
 
We tried out and generate reports on data collected via Hpfriends. We hope to make a new effort doing this in a more sustainable and continues way
 
PAPERS, PRESENTATIONS AND COMMUNITY ENGAGEMENTS:
 
Ioannis held a workshop at the BsidesLV conference
 
GOALS:
 
Our goals for last year was mostly meet. We had hopped to engage more with others during year in the form of presenting at security meet-up.
 
We were lucky enough to attract new and engaged members to the chapter, so by the looks of it 2015 will be a productive year for our chapter
 
During this year (2015) we will also continue to improve the tools we develop and contribute to other tools developed by members of The Honeynet Project. We also aim to put more honeypots into production so we can benefit from the data collected.