Google Summer of Code 2009 Accepted Projects

Please note that GSoC 2011 has now successfully completed. This content is being retained for reference only.

The results for Google Summer of Code 2009 are out and the Honeynet Project is very excited to have been allocated 9 official slots. Congratulations to all the students accepted for GSoC 2009, and commiserations to those who didn't make it this time. We had many more applicants than slots, making the final selection very tough, so we hope everyone who applied will still consider getting involved in open source software and honeynet research. Even if you didn't get an allocated slot, please get in touch if you would still like get involved. Project mentors and Honeynet Project members may well still be interested in mentoring your project ideas, plus as a volunteer organisation we always welcome new input.  In addition to the nine slots allocated by Google, the Honeynet Project will be funding three additional projects on its own.  As such, we are coordinating the research and development of twelve new projects.  You can learn more about each of these below.

1. Develop and Improve PhoneyC:  PhoneyC is a low-interaction client honeypot designed to allow researcher to quickly and easily identify and analyze malicious websites and their malware. We hope to be adding DOM emulation and automated shellcode detection using LibEmu this summer, amongst other features, to help improve detection and performance.
Student: Zhijie Chen
Primary Mentor: Jose Nazario

2. Develop and Improve PhoneyC:  PhoneyC is a low-interaction client honeypot designed to allow researcher to quickly and easily identify and analyze malicious websites and their malware. We hope to be adding DOM emulation and automated shellcode detection using LibEmu this summer, amongst other features, to help improve detection and performance..
Student: Geng Wang
Primary Mentor: Jose Nazario

3. Qebek: QEMU Based Sebek: Advanced new data capture technique for virtualized environments, looking to extend our existing work on Sebek for high interaction honeypot I/O capture to the hypervizor layer, for increased stealth and performance.
Student: Chengyu Song
Primary Mentor: Brian Hay

4. Sebek Data Visualization:  Develop and improve the ability to read and visualize Sebek data from high interaction honeypots.
Student: Kevin Galloway
Primary Mentor: Kara Nance

5. Improve High Interaction Honeypots:  Improve our Capture-HPC and Capture-BAT high interaction client honeypots, including bug fixing, improved performance, new functionality and simplified use.
Student: Van Lam Le
Primary Mentor: Peter Komisarczuk

6. Develop Hybrid Honeypot Architecture:  Combine the functionalities and advantages of low and high interaction honeypots into a single solution by intelligently switching the recipients of known and unknown attacks at the network flow level.
Student: Robin Berthier
Primary Mentor: Georg Wicherski

7. Improving PicVIZ  PicViz is a dynamic tool used to visualize log and honeypot data via parallel coordinate charts.
Student: Victor Amaducci
Primary Mentor: Sebastien Tricaud

8. Web Application Honeypot:  Many of today's most advanced attacks now happen at the web application layer.  This solution is designed to capture information on the latest web application attacks using scalable and easy to deploy low interaction server honeypots.
Student: Lukas Rist
Primary Mentor: Thorsten Holz

9. Managing Honeypot Client:  Adapting to some of the challenges presented by attempting to operate larger, longer running deployments of client honeypots (both high and low interaction) by simplifying and improving our ability to deploy and manage large client honeypot farms.
Student: Thibaut Gadiolet
Primary Mentor: Ian Welch

NOTE: The three following projects are sponsored by the Honeynet Project, not Google. While not officially part of GSoC, these three projects will be managed with the same processes, timeline and expected deliverables as an official GSoC project.

10. Develop and Improve Nepenthes:  Nepenthes is one of the leading low-interaction honeypots designed to automate the capture and analysis of malware, and this project will be a next generation development of low interaction server honeypots able to automatically and scalably detect known and unknown malware.
Student: Markus Koetter & Mark Schloesser
Primary Mentor: Paul Baecher

11. Develop and Improve Nebula:  Nebula is a distributed system, fed by honeypots, that automates the generation of IDS signatures to detect and identify attacks. Goals are to improve nebula so that the quality of generated signatures gets better. Also, more and different types of sensors should be able to contribute to a distributed signature generation setup.
Student: Tillmann Werner
Primary Mentor: Felix Leder