The attack dynamics had significantly changed since DShield went into service 8 years ago. Web attacks are becoming more popular these days. The SANS ISC is releasing an alpha version of the DShield Web Honeypot today to extend DShield's visibility into this traffic. The intention of the web honeypot project is to harness multiple capture points run by volunteers for the collection of potentially harmful traffic on the web.
The goal of the Web honeypot project is inline with the original DShield project, the data collected through the sensors feed the Dshield web database where human volunteers as well as machines pour through the data looking for abnormal trends and behavior. In addition, we would like to use the honeypot data to measure web attack prevelance and find objective metrics to recommend protective measures. The data collected will also be shared with the research community upon request later this year and be made available in aggregated form via the DShield website.
The goal of the Web honeypot project is inline with the original DShield project, the data collected through the sensors feed the Dshield web database where human volunteers as well as machines pour through the data looking for abnormal trends and behavior. In addition, we would like to use the honeypot data to measure web attack prevelance and find objective metrics to recommend protective measures. The data collected will also be shared with the research community upon request later this year and be made available in aggregated form via the DShield website.
Read the full article
http://isc.sans.org/diary.html?storyid=5881
No comments:
Post a Comment