ECS Researchers Involved in Google Summer of Code
24 Mar 2009 - 09:56:50 in ResearchVictoria University security researchers are excited to be involved in Google Summer of Code (GSoC) this year. Peter Komisarczuk and Ian Welch currently lead the New Zealand chapter of the Honeynet Project which has been selected as a GSoC mentoring organisation and two of the projects are focused around work from Victoria University. Network Engineering Research Group at the School of Engineering and Computer Science that are researching and developing client honeypot technology to detect drive-by-downloads and determine web servers that are compromised. Drive-by-downloads have become one of the most used mechanisms through which Internet users machines are compromised. In a drive-by-download a user navigates to a web site, which responds with a web page that includes code that attempts to compromise their computer. For example this may install a key logger program that captures your user names and passwords, or recruits your machine to a botnet that can be used to send spam or launch distributed denial of service attacks against other users on the Internet. Growing out of Christian Seifert's PhD research, the team from Victoria, along with other volunteer developers, have created several open source systems (Capture-HPC, Capture-BAT and HoneyC) that are used worldwide by researchers and security professionals. The Google Summer of Code projects will develop this software further. The Honeynet proposed projects are available from the Honeynet project GSoC web site. Victoria University researchers also run a scan of the .nz domain to detect compromised web servers and attacks that are based on New Zealand web sites which is sponsored by InternetNZ. This work was recently reported in Computerworld. Potential students who would like to be part of GSoC and work on the development of client honeypot technology should look at the GSoC FAQs for more information. Applications are made through Google SoC 2009 and opens on the 23rd March and closes on the 3rd April. The Honeynet project is a largely volunteer run organisation that aims to “learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned”. The Honeynet Project is an international, non-profit research organization dedicated to improving the security of the Internet at no cost to the public. It was founded in 1999. The New Zealand chapter consists of researchers across New Zealand as well as some members based overseas.