Intelligent Honeynet Threat Sharing Platform (grant)
Swiss German University
With the continuous rise of cyber security threats, monitoring security potential threats and attacks become essential to plan for cyber defense. Honeypot, a decoy system designed to lure attackers, has been used to track and learn attacker’s behavior.
The project recently completed the design and implementation of the honeynet threat sharing, funded by ISIF Asia 2020 research grant, across three organizations: Government (BSSN), Community (Indonesia Honeynet Project), and Academic (Swiss German University). Four different types of honeypots, i.e. Cowrie (SSH honeypot) and Dionaea (Multi-Service Honeypot), Elastichoney and Conpot (Industrial Control Honeypot) have been implemented, the public dashboard can be viewed at https://public.cscisac.org.
The objective of this research is to take the current honeynet-based threat sharing platform and bring it to the next level to support organizations not only in ASEAN but also in Asia Pacific countries to share security threats information collected using honeypots in the relevant organization. Once the platform reaches its stable state, organizations from different provinces in Indonesia, or from different countries in ASEAN or the Asia Pacific will be able to participate and start to exchange their security threats.
The main objective of the research for the year 2021 is to fully extend the design of the existing Honeynet Threat Sharing Platform to provide a broader range of honeypot support, with intelligently categorized and correlated threat data, enabling organizations to share and exchange the threat information to other organizations with a consistent format and at ease. A few Asia Pacific, as well as ASEAN countries, are expected to be involved in implementing the enhanced platform in the 2021 project.