Collaborative Honeynet Threat Sharing Platform
Swiss German University
With the continuous rise of cyber security threats, monitoring security potential threats and attacks become essential to plan for cyber defense. Honeypot, a decoy system designed to lure attackers, has been used to track and learn attacker’s behavior.
Collecting attacker’s interactions with honeypot at different locations inside different organization’s premises provide useful and more complete picture of the landscape of current cyber security threats.
The log of the attacks to the honeypots become an essential cyber security threat information that could be shared to many of the security incident analysts at different organizations to provide relevant and contextual threat intelligence.
The goal of this project is to develop and implement a collaborative honeynet threat sharing platform that could collect, store, add contextual information pertaining to the threat and share these threat information to the relevant organization.
This project continues on the previous project with additional types of honeypots being added to the collection of honeypot sensors. In addition, new type of threat categories, threat purpose and threat phases are added to define more fine-grained secure shell (ssh) attacks seen in our honeypots. With the new public dashboard is now ready for public view, our hope is more organizations in Indonesia as well as organizations in ASEAN countries would be interested to participate in the project in a collaborative effort to share and exchange threat information, which potentially could be used as a cyber defense platform for each of the participating organizations.