Indonesia Chapter Status Report For 2012

ORGANIZATION

Current Members and their activities:
Charles Lim – Chapter Lead, Honeypot Deployment, Research
IGN Mantra – Early Warning System, Research
Tita Latifah – Malware Analyst, Research
Dwi Ade Handayani Capah – Malware Analyst, Research
Amien Harisen Rosyandino – Honeypot Deployment, Research
Hadi Syahrial – Honeypot Deployment, Research
Mustafa – Honeypot Deployment, Research
Lukas – Honeypot Deployment, Research
Erwin Adi – Honeynet Deployment, Research
Stewart – Honeypot Deployment, Developer
Ammar Fuad – Honeypot Deployment, Developer
New active members include:
Digit Oktavianto – Honeypot Deployment, Research
Rio Indra Maulana – Honeypot Deployment, Research
Total active and non-active members are 35

DEPLOYMENTS

2 HoneeBoxes received from David Watson during Honeynet Workshop 2013 in SF, USA
1 Dionaea Sensor deployed in Swiss German University
1 Dionaea Sensor deployed in Binus International University
1 Dionaea Sensor deployed in Institut Teknologi Sepuluh Nopember
Following deployments which are still experimental:
* USB Honeypot
* Glastopf
* Thug
* spampots

RESEARCH AND DEVELOPMENT

Currently, Central repository for malware collected at the universities are being developed using XMPP
Cloud-based Learning System for teaching honeypot deployment, malware analysis and other honeynet project
Early warning System that integrate various honeypot logs to better understand current attacks

FINDINGS

We found that none of the source of the malware samples detected from honeypot deployed originated from Indonesia, on the other hand, Indonesia has been used by many attackers as the basis to attack other infrastructure. New Indonesia malware binaries have been decreasing significantly since brontok malware (Indonesia unique malware).

PAPERS, PRESENTATIONS AND COMMUNITY ENGAGEMENTS

Randy Anthony completed his bachelor thesis in 2010, entitled “Design and Implementation of Honeynets to Capture Autonomous Spreading Malwares for Swiss German University’s Malware Lab”

Ivan Firdausi, Charles Lim, Alva Erwin, Anto Satriyo Nugroho, “Analysis of Machine learning Techniques Used in Behavior-Based Malware Detection,” 2010 Second International Conference on Advances in Computing, Control, and Telecommunication Technologies, Jakarta, Indonesia, 2010.

Rocky Christian, Charles Lim, Anto Satrio Nugroho, Marsudi Kisworo, “Integrating Dynamic Analysis Using Clustering Techniques for local Malware in Indonesia,” 2010 Second International Conference on Advances in Computing, Control, and Telecommunication Technologies, Jakarta, Indonesia, 2010.

Indonesia Honeynet Project participation in various events:
1. Lukas presented Honeynet in Academy CSIRT (Computer Security Incident Response Team)
2. Charles Lim presented Honeynet Indonesia Chapter Research Update in Binus International University Research Forum
3. Digit Oktavianto presented Setup your own Malware Lab in Binus International University Research Forum
4. Charles Lim presented The Honeynet Project – Fighting Against Malicious Hacking Attacks in ISACA Indonesia Chapter member forum
5. Lukas presented Indonesia Honeynet Project update in Indonesia Information Security forum meeting, organized by Indonesia Incident Response Team on Indonesia Critical Infrastructure (IDSIRTII)
6. Amien presented Honeynet Tools at TELKOM TLC H&F and conducted Honeynet workshop at TELKOM POLITECNIC

Indonesia Honeynet Seminar and Workshop, supported by Ministry of Communication and Informatics on 5 and 6 June 2012
1. Charles Lim presented Honeynet – Indonesia Chapter during Indonesia Honeynet Seminar on 5 June 2012
2. Charles Lim presented Honeypot and Malware Analysis during Indonesia Honeynet Workshop on 6 June 2012
3. Lukas presented Capture The Flag during Indonesia Honeynet Workshop on 6 June 2012

Our Indonesia Honeynet Project portal (www.honeynet.or.id) is maintained by Charles Lim, Lukas dan Digit Oktavianto.

GOALS

Following are our chapter goals this year:
* To create information security awareness for the public and community of interest
* To build a community of information security research that supports various needs of Industry, Government and Education
Following are our chapter goals for the next year:
* To expand more research collaboration with other information security communities in Indonesia such Cloud Security Alliance – Indonesia Chapter, IDSIRTII, ID-CERT, Academy CSIRT, etc.
* To involve more members’ participation in building public awareness, deployment, and research.

MISC ACTIVITIES

Honeynet Indonesia Chapter was formed on 25 November 2011 by more than 15 attendees from Industry, University and Government
Indonesia Honeynet Project was formally accepted as one of the Honeynet Chapter on 19 January 2012 and formal Indonesia Honeynet Project portal (www.honeynet.or.id) is created.
Charles Lim often provided various information security workshops to high school students to create awareness and interest in information security

Charles Lim maintained his own blog http://keamananinternet.blogspot.com
and http://indonesiacloud.blogspot.com to create information security awareness and cloud issues in Indonesia

Digit Oktavianto maintained his own blog (http://digitoktavianto.web.id) on various technical information security issues, including honeypot installation