Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Honeypots: Research

Research

From: Christos Vasilakis <cvasilak_at_gmail.com>
Date: Wed, 25 Oct 2006 19:00:51 +0300

Hi there,

I read with great interest the paper "Towards a Third Generation Data
Capture Architecture for Honeynets" by Edward Balas and Camilo Viecco.
Two years ago I proposed an MSc thesis with the title "Effectiveness
of an Integrated approach for the analysis of Honeynet data". Some
people may remember my question in the lists. Unfortunately, for
pesonal reasons I had to postpone it. Central part of my thesis was
about developing a tool that will better support the analysis phase of
honeynet data. The basic idea was to integrate the different data
sources (sebek, syslog etc) in a central database and using a kind of
a plugin mechanism (aka. predefined and user defined sql queries) to
provide a better view of the attack.

As I understand from the paper, the alliance is spending all its
efforts in improving the analysis phase of Honeynet data. As a
consequence, I believe that my MSc topic becomes kind of obsolete
because there is an ongoing work on this area. So I would like to ask
the list for any research ideas in Honeynet technology and in
particular its analysis phase.

Regards,
Christos
Received on Oct 25 2006

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos