The Honeynet Project recently appointed a new Chief Research Officer, Tamas Lengyel.  We want to thank again Lukas Rist for leading and growing our research over the past years, and welcome Tamas that accepted the role.

Tamas is Chapter Lead of Malware Analytics at Scale (MAS) and has been an active GSoC mentor over several years now with Honeynet. In his day job he is Senior Security Researcher at Intel, where he is focusing on low-level system security research, primarily working with hypervisors and firmware. He is a maintainer of the Xen Project Hypervisor, LibVMI and the DRAKVUF binary analysis system. Tamas received his PhD from the University of Connecticut and regularly publishes at top-tier academic conferences. He gave talks at conferences such as BlackHat, CCC and Microsoft Digital Crime Consortium.

This is a contribute by HoneyNED chapter from the Netherlands about all their 2017 activities.

As the end of the year has come, we from HoneyNED, the Dutch Honeynet chapter, want to share what has happened during the year. We have worked on several projects in the honey space and a few members represented our chapter at the annual Honeynet workshop hosted in Australia. In this post, we will discuss what honeypots have been deployed, what projects are in the pipeline and what will be the focus in 2018. But let’s start by thanking the Honeynet community for all knowledge sharing, collaboration and code-sharing.

ORGANIZATION

Active members: - Sébastien Tricaud - Guillaume Arcas - Anthony Desnos - Franck Guénichot - François-René Hamelin - Christophe Grenier

DEPLOYMENTS We have following technologies deployed:

- Kippo on honeycloud. Goal of this deployment is to provide a centralized instance of Kippo & share findings, logs, collected data. - HoneyProxy on honeycloud. - Honeeebox

RESEARCH AND DEVELOPMENT

* New tools => HoneyProxy as part of GSoC 2012. => FAUP (formerly furl) => OpenNormalizer => PhotoRec/TestDisk => A.R.E. / AndroGuard

The UK Chapter’s annual status report for 2011/2012 has been published at http://www.ukhoneynet.org/2012/12/04/uk-honeynet-project-chapter-annual-status-report-for-20112012/.

ORGANIZATION

• Faiz Ahmad Shuja is founder and chapter lead of Pakistan Chapter and an active member since 2003. He is responsible for the management and maintenance of HP infrastructure as Chief Infrastructure Officer.

• Muhammad Omar Khan is an active member and assists in various Honeynet deployment efforts.

• Rehan Ahmed is our active member. He assists in the management of Pakistan chapter and HP infrastructure.

• Omar Khan has been involved in attacks analyses and reporting.

ORGANIZATION
• Brian Hay (Chapter Lead, Full Member)
• Kara Nance (BoD Member, Full Member)
• Chris Hecker
• Clark Harshbarger
• Matt Bishop
• Wesley McGrew
• Lucas McDaniel

DEPLOYMENTS
• 1 Honeeebox in Alaska
• Purchased multiple other Honeeeboxes available for third party deployments
• Periodic Dionaea deployments in both public and private clouds for student and demonstration use.

RESEARCH AND DEVELOPMENT

1. Ongoing development of hypervisor-based honeypot monitoring using virtual machine introspection (VMI) on Xen and KVM platforms.
2. Tools for deployment and management of virtual machines

ORGANIZATION
Ahmad Alajail – Chapter Lead
Ahmad Hassan – Member
Anastasios Monachos - New Member
Andrew Marrington – New Member
Majid Al Ali - Member

DEPLOYMENTS
we have successfully change all of our distributed Honeypots from Nepenthes to Dionaea and upgrade our honeypharm with reporting mechanism and the additional information received from Dionaea.

RESEARCH AND DEVELOPMENT
As we reached end of 2012 we managed to upgrade our research lab with new hardware’s that can be used for the new projects. Currently we are looking into Glastop and Spampot and the changes that might be required to utilize the output result/findings.

ORGANIZATION Last year our chapter membership has gone through several changes: some members moved to new places and new positions and are no longer a part of the honeynet chapter, while others (Natalia Stakhanova) came back.

Our current members include Ali Ghorbani, Natalia Stakhanova, Hadi Shiravi (Unversity of New Brunswick) and Sami Guirguis (Toronto).

DEPLOYMENTS

We currently have deployed a cluster of server honeypots and SGNET sensor. Both are primarily used for capturing botnet network traffic.

Spartan Devils Chapter Status Report For 2012

ORGANIZATION

Our current membership includes: Gail Joon Ahn (Arizona State University) Tom Holt, (Michigan State University) Max Kilger, and Napoleon Paxton, We are also happy to report that we added Paul Neff to our roster in the last few months.

DEPLOYMENTS
In addition to all tools from honeynet site, we also installed Sandboxie on Vmware ESXi to automatically test malware and reset VMs.

We are excited to announce the latest chapter coming on Board, the United Arab Emirates Chapter, hosted and formed by aeCERT.  This is the very first Chapter to be joining from the middle-east, we are very excited to have them on board and expect great things from them!

Shucran!

lance