• Home

  • Documents

  • Web Application Honeypot – Open Security Summit · 2020. 1. 17. · from honeypot devices. Test...
7
Web Application Honeypot – Open Security Summit Adrian Winckles OWASP Cambridge Chapter leader Anglia Ruskin University – Course Leader

Web Application Honeypot – Open Security Summit · 2020. 1. 17. · from honeypot devices. Test at least one honeypot device to communicate with the server and receive attack alarms

  • Upload
    others

  • View
    1

  • Download
    0

Embed Size (px)

Citation preview

  • WebApplicationHoneypot– OpenSecuritySummit

    AdrianWincklesOWASPCambridgeChapterleader

    AngliaRuskinUniversity– CourseLeader

  • Bio– AdrianWinckles

    • Adrian Winckles is Course Leader/Senior Lecturer for BSc(Hons)Information Security and Forensic Computing and SecurityResearcher at Anglia Ruskin University. He is OWASP CambridgeChapter Leader, OWASP Europe Board Member and is involved inrebooting the Cambridge Cluster of the UK Cyber Security Forum.

    • His security research programs include (in)security of softwaredefined networks/everything (SDN/Sdx), novel network botnetdetection techniques within cloud and virtual environments,distributed honeypots for threat intelligence, advanced educationaltechniques for teaching cybercrime investigation and virtual digitalcrimescene/incident simulation.

    • He has successfully competed a contribution to the European FP7English Centre of Excellence for Cybercrime training, research andeducation (ECENTRE). He is vice chair of the BCS Cyber ForensicsSpecial Interest Group.

  • OldProject

    • Oldwikientry-– OWASPWiki

    • ServerbackendremovedwhenRyanleftTrustwave• VM’sdisappearedfromWASC’sprojectsrepository• ExpertiseprobablywithinModSecCoreRuleSet(CRS)Project

  • Inthemeantime

    • DoesanyonehavetheoldhoneypotVM’s?• HaveinterncreatingnewprobeandbackendserveratPoC.

    • Willmakebackendserveravailabletocommunityashavesomecapacityinuniversitydatacentre.

  • ProjectReboot

    • Updatenewwiki• UpdatenewGithub• DesignanddocumentaProofofConceptSystem/NetworkArchitectureto

    actasatestbedforfutureexperimentation.• Developanddocumentaminimumofonevirtual/physicalhoneypot

    devicethatcanbedeployedremotelyeitherasaVMimage,DockercontainerorasmallfactordevicesuchasRaspberryPi(withappropriatedummywebapplication)

    • InstallandconfigureabackendservertoreceiveModSeccommunicationsfromhoneypotdevices.Testatleastonehoneypotdevicetocommunicatewiththeserverandreceiveattackalarms

    • MechanismtoupdateprobewithanyCRSchanges• DevelopmentofaPoCmechanismtodisplayhoneypotalarmsonbackend

    server.

  • Futures

    • Dockerbasedhoneypotprobe,smallcomputingprofilehoneypot

    • Providemechanismforprovidingopensourcethreatintelligencetothecommunity.

    • Providemechanismforcatchingspecificwebvulnerabilities

  • Questions/Volunteers…


Honeypot چیست

Honeypot چیست

Education
Honeypot on Android

Honeypot on Android

Documents
Firewall dan honeypot

Firewall dan honeypot

Documents
Honeypot Presentation - Using Honeyd

Honeypot Presentation - Using Honeyd

Documents
Seminar on Honeypot Technology

Seminar on Honeypot Technology

Documents
Honeypot ppt1

Honeypot ppt1

Technology
Honeypot - Defesa contra ataques

Honeypot - Defesa contra ataques

Documents
Honeypot seminar report

Honeypot seminar report

Engineering
Honeypot Documentation

Honeypot Documentation

Documents
HONEYPOT. Introduction to Honeypot Honeytoken Types of Honeypots Honeypot Implementation Advantages and Disadvantages Role of Honeypot in

HONEYPOT. Introduction to Honeypot Honeytoken Types of Honeypots Honeypot Implementation Advantages and Disadvantages Role of Honeypot in

Documents
one childhood, one journey Honeypot House The Honeypot Playbus

one childhood, one journey Honeypot House The Honeypot Playbus

Documents
Honeypot Main

Honeypot Main

Documents
what is honeypot

what is honeypot

Documents
Virtual honeypot

Virtual honeypot

Technology
Honeypot and Steganography

Honeypot and Steganography

Technology
Trabajo Final Honeypot

Trabajo Final Honeypot

Documents
Honeypot ss

Honeypot ss

Education
The Honeypot Project

The Honeypot Project

Documents
Honeypot Report

Honeypot Report

Documents
Honeypot 101 (slide share)

Honeypot 101 (slide share)

Technology
The easy guide to fire safety in hotels · pe all fire systems are maintained, e.g. smoke alarms, fire alarms etc, so they are Ensur all in working order p Communicate fire safety

The easy guide to fire safety in hotels · pe all fire systems are maintained, e.g. smoke alarms, fire alarms etc, so they are Ensur all in working order p Communicate fire safety

Documents
u05 Honeypot

u05 Honeypot

Documents
Database honeypot by design

Database honeypot by design

Technology
Lea Honeypot

Lea Honeypot

Documents
3.3. Database honeypot

3.3. Database honeypot

Internet
HONEYPOT - TRABALHO DE SEGURANÇA

HONEYPOT - TRABALHO DE SEGURANÇA

Documents
himani gaur honeypot

himani gaur honeypot

Documents
Heat seeking honeypot

Heat seeking honeypot

Technology
Honeypot Paso a Paso

Honeypot Paso a Paso

Documents
Rapport Honeypot

Rapport Honeypot

Documents