ORGANIZATION:
OCERT Honeynet is Oman National CERT (OCERT). OCERT chapter was officially launched in April 2010 to analyze risks and security threats that may be present in Oman cyberspace. The members of OCERT Chapter are:
DEPLOYMENTS:
Low interaction honey pot technologies are deployed as follows:
RESEARCH AND DEVELOPMENT:
Cyber Threat Intelligence Gathering System – Phase.2: The Phase.2 of project aims to complete integration and automation of collecting, classifying the botnet information that are received from different feeds .The system has started last years and has complete integration with some of security feeds . There current Work is focusing in enhancing the integration and resolve the technical challenges that show up after completing the integration with security feeds .
PAPERS, PRESENTATIONS AND COMMUNITY ENGAGEMENTS:
FINDINGS:
We have detected numerous types of malware coming from 52 countries.
However based on BitDefender, Kaspersky and Microsoft definition the most frequent malware seen by our systems are:
We also noticed that there are some malware not detected by most of Antivirus system.
We also found out that most of compromised IP addresses are infected by one of the following:
The high level statics is shown in OCERT chapter website: http://cert.gov.om/honeynet
GOALS: