CyberSecurity Malaysia Chapter Report for 2014

ORGANIZATION
 
The CyberSecurity Malaysia Chapter right now consisting of three new faces and currently consists of the following members who are full time staffs with Malaysia CERT (MyCERT), a department of CyberSecurity Malaysia:
 
1. Fathi Kamil Bin Mohad Zainuddin (Fatah) - Chapter Lead
2. Megat Muazzam Bin Abdul Mutallib
3. Mohd Hafiz Bin Mat Tabrani
4. Nur Mohammad Kamil Bin Mohammad Alta
5. Ahmad Ramadhan Bin Amizudin
6. Syed Muhamad Fadhil Bin Syed Aluwi
7. Ahmad Aizuddin Aizat Bin Tajul Arif
8. Wira Zanoramy Ansiry Bin Zakaria
 
New members in our chapter are Syed Muhamad Fadhil Bin Syed Aluwi, Ahmad Aizuddin Aizat Bin Tajul Arif and Wira Zanoramy Ansiry Bin Zakaria.
 
 
DEPLOYMENTS
 
Listed here are the deployment of tools related to Honeynet project and information security in general:

1. Elastic Search Honeypot (ESPot) - https://github.com/mycert/ESPot
2. Android Sandbox - http://andbox.honeynet.org.my/
 
 
RESEARCH & DEVELOPMENT
 
The Chapter members are interested in research projects covering the following topics and welcome any expert opinions and knowledge sharing regarding:

1. Exploit Kit / Web based malware.
2. Mobile (Android/iOS) Malware.
3. Embedded device malware (router, cctv, etc.).
3. Data Analytics (processing metadata for trending threats & visualization).
4. Machine Learning techniques (automated malware/threat classification and clustering).
 
We are currently revising all previous research & development from previous chapter members, with a few additions by our new members:

1. Lebahnet Project - Honeypot based distributed system consisted of Dionaea, Glasstopf, Kippo, ESPot, & other commercial tools.
2. Android Sandbox - Emulator-based Dynamic Analysis for APK. URL: http://andbox.honeynet.org.my/
3. Skynet - Distributed Binary Analysis and Metadata Aggregation Framework.
4. MyKotakPasir - Binary Analysis Sandbox. URL: http://mykotakpasir.honeynet.org.my/
5. DontExploitMe - Browser Based IPS (Snort rules based).

 
Existing Projects:

1. pKaji - PHP Analyzer. URL: https://pkaji.honeynet.org.my/
2. Gallus - PDF Analyzer. URL: https://gallus.honeynet.org.my/
3. Web Analyzer - Useful tool to breakdown HTML into components of Javascript, CSS, Java applets, Flash objects, Fonts.
4. MyPHPIPSv2 - Source Code level Web Application IPS. URL: https://code.google.com/p/myphpips/
5. G-Decoder - Javascript Deobfuscator. URL: https://gdecoder.honeynet.org.my/
6. Malshare - Malware Sharing. URL: https://malshare.honeynet.org.my/
 
 
PAPERS, PRESENTATIONS AND COMMUNITY ENGAGEMENTS
 
1. Conducting Cyber Crisis Exercise, OIC-CERT DRILL 2014 event with participation from 6 OIC-CERT countries and agency from banking and finance. Simulating web vulnerabilities, malware & Mobile APT attack, security awareness talk, & workshop.
 
 
GOALS
 
In 2015 we would like to improve and to produce new tools and to contribute to any security related projects.
 
 
CONTACT
 
For any inquiries and comments, we can be reached Honeynet IRC server and lebahnet[-at-]cybersecurity.my.