The Honeynet Project recently appointed a new Chief Research Officer, Tamas Lengyel. We want to thank again Lukas Rist for leading and growing our research over the past years, and welcome Tamas that accepted the role.
Tamas is Chapter Lead of Malware Analytics at Scale (MAS) and has been an active GSoC mentor over several years now with Honeynet. In his day job he is Senior Security Researcher at Intel, where he is focusing on low-level system security research, primarily working with hypervisors and firmware. He is a maintainer of the Xen Project Hypervisor, LibVMI and the DRAKVUF binary analysis system. Tamas received his PhD from the University of Connecticut and regularly publishes at top-tier academic conferences. He gave talks at conferences such as BlackHat, CCC and Microsoft Digital Crime Consortium.
Here’s the vision he’ll bring to Honeynet research, in his own words.
“I’m really excited to accept the CRO position at Honeynet. Over the years I received a lot of value from Honeynet and I’m hoping to give more back to the community. When I started my graduate studies in 2009, I wasn’t entirely sure what I wanted to research. While bouncing around on different projects active at the university I had by chance stumbled upon the Honeynet Project. It immediately caught my attention as the tools and techniques that were being developed were very practical and the concept of honeypots just made sense. And there were so many cool projects being actively developed! Shortly after I started deploying honeypots at the university, collecting data, and also interacting with the community. Asking questions and proposing new features, submitting fixes for small issues. It has been an excellent learning opportunity and the feedback I got from the developers helped figure out where the problem areas are, what the limitations of some of these techniques were, what I could improve. It was instrumental in helping to figure out what research to focus on.
After many years of working with Honeynet projects, we eventually formed a new Honeynet chapter with coworkers. In the years since we found even more value in being members of Honeynet, particularly by running GSoC projects. The influx of new people with new ideas on how to approach the issues we propose as projects have been immensely helpful in pushing our malware analysis tools ahead.
Yet in the years since the list of projects on Honeynet has not been kept up-to-date very well. It is difficult for any newcomer to see which projects are still under active development, or what problem areas they have, what they could improve, or what ideas are floating around in the group that just need someone to spend some time digging into it.
As CRO I’ll aim to change that. After a successful workshop this year (thanks to Max for being an awesome host) it is still clear that there are plenty of ideas and research directions that the Honeynet Project’s community is still pursuing. We need to do a better job highlighting these for people who are not active members of Honeynet, but just as I have many years ago, simply stumble upon the project in search of guidance and ideas. Our yearly GSoC application has been a good foundation to lay out some of these ideas, but as it requires a commitment to mentor the students over the summer, it may not be the best route for everyone. So I propose that we augment our yearly GSoC application process with a new, yearly Honeynet Project Census: what do you see as a future problem space that Honeynet should be engaged with? What ideas do you have that you wish someone would pick up and look at? What tools are missing? What tools need improvement and how?
As CRO I’m not here to tell you the answer to these questions. But I strongly believe having such an up-to-date list would be transformational for Honeynet by making it more transparent and by helping newcomers to find the area of interest to them. So let’s put our heads together once a year and compile this list! I hope you are with me and will bring your own ideas to the table when it’s time!”