gsoc
Google Soc 2012 - Honeynet Project Accepted
Fri, 03/16/2012 - 21:19 — christian.seifertWe have just been notified by Google that the Honeynet Project has - once again - been accepted as one of the mentoring organization for Google Summer of Code 2012 (in total 180 organizations were selected). We are very excited and are looking forward to a great summer! Already a big thank you to Google for their continued support!
While student applications are not officially open yet, interested students are encouraged to check out our ideas page and get in contact with us via [email protected] and/or IRC (#gsoc2012-honeynet on irc.freenode.net) in the next few ideas to meet the mentors and discuss project ideas. Student applications officially open on March 26th 2012 and close on April 6th 2012.
We are looking forward to hearing from you!
Twitter
Facebook
LinkedInWireShnork - A Snort plugin for Wireshark
Thu, 11/17/2011 - 07:43 — guillaume.arcasGSoC 2011 #8 project's goal was to add forensics features to the popular Wireshark network analyzer.
Overview
Wireshark is an open source network analyzer widely used for network debugging as well as security analysis. Wireshark provides network
analyzer with graphical interface as well as command line tools.
Wireshark also provides network protocol decoders and support filters that allow to search through packets with keywords.
GSoC plugins extend Wireshark capabilities when Wireshark is used to analyze network traffic with security and forensic in mind. Read more »
HoneySink: Beta Release
The Beta version of HoneySink is out!
What is HoneySink?
HoneySink is an open source network sinkhole that provides a mechanism for detection and prevention of malicious traffic on a given network.
Able to be deployed both internally and externally it is designed to log and respond to incoming requests for a number of network protocols.
With configuration and scalability in mind, HoneySink was designed from the ground up with a non-blocking architecture to handle extremely large amounts of traffic while being able to perform customised interactions and logging. Read more »
Midterm Report: The sniffer and emulator for COM components
Fri, 07/08/2011 - 19:30 — youzhi.baoBy now, what I have done for Capture-HPC is: Read more »
GSoC2011-THP Project 1 - Improve our high interaction client honeypot Capture-HPC
Thu, 05/05/2011 - 05:31 — youzhi.baoProject Description:
Proposed Capture-HPC Description
Capture-HPC is a high-interaction client honeypot that is capable of seeking out and identifying client-side attacks. It identifies these attacks by driving a vulnerable client to open a file or interact with a potentially malicious server. As it processes the data, Capture-HPC monitors the system for unauthorized state changes that indicate a successful attack has occurred. It is regularly used in surveys of malicious websites that launch drive-by-download attacks. Read more »
GSoC 2010 Timeline announced and Honeynet Project will be applying
Thu, 02/25/2010 - 15:06 — david.watsonLast year the Honeynet Project entered Google Summer of Code (http://socghop.appspot.com/gsoc/program/home/google/gsoc2009) for the first time. We received 9 Google funded student places and also funded 3 more places of our own, all of whom successfully completed their projects in a wide range of areas of open source security R&D. You can find out more in our Google SoC 2009 section of our website (https://www.honeynet.org/gsoc). Read more »
What's new on PHoneyC (4): Try it out!
Hi all:
I have finished almost all the coding stuff of Project #1, now you can try out the new PHoneyC with shellcode/heapspray detection here:
http://code.google.com/p/phoneyc/source/browse/phoneyc#phoneyc/branches/phoneyc-honeyjs
Please feel free to report any bug or suggestion on shellcode/heapspray detection to me. Read more »
What's new on phoneyc (3)--- Mid-term Evaluation
Mid-term Report on PHoneyC GSoC project 1
| Info: | See <https://www.honeynet.org/gsoc/project1> for project details. |
|---|---|
| Author: | Zhijie Chen (Joyan) <[email protected]> |
| Mentor: | Jose Nazario |
| Description: | Mid-term Report on PHoneyC GSoC project 1. This report describes what I have done on the PHoneyC's libemu integration for shellcode and heapspray detection during the first half of the GSoC. Till now, the main ideas on this feature has been fast-implemented (actually I mean poor coding style) and the whole flow works well, with some code rewriting and performance optimization needed in the future. |
nebula - Client library and revised signature segment selection
One project mentored by the Honeynet Project during GSoC aims at improving nebula, an automated intrusion signature generator. There are two critical components in the signature generator: A clustering engine that groups similar attacks into classes, and a signature assembler that extracts common features and selects some of them for the actual signature. Read more »
What's new in phoneyc (2)--- Shellcode and Heapspray Dectection
Mon, 06/01/2009 - 15:37 — zhijie.chenHi folks:
I have done some basic shellcode and heapspray detection codes in the phoneyc's 'honeyjs' javascript engine (based on python-spidermonkey, with extra tracing and auditing works). And also I have made a presentation on the local honeynet chinese chapter last weeked. Details about my current approaches can be found on this slide: http://is.gd/J9QP
Z. Chen (Joyan) Read more »
We are a 501c3 non-profit, all volunteer organization. Consider donating to support our forensic challenges, tools development, and research.