The subject of this course is to use the Honeynet/pot technologies as a tool to discover and learn existing and new threats to networked/distributed information system. The course includes a project to build a custom honeypot for security awareness to turn the theory into a practical approach to raise awareness about security issue.
Given by : Alexandre Dulaunoy
During the period of the course, there will be a specific project to realize. The project is fully integrated into the course sessions that means some topics covered will help to enhance or complete your work.
The project is done in group. A group is composed of two people (three if required). It preferred that the group is composed of at least one student having an (recent or old) experience with a computer programming language or computer/network structure. I also prefer that the group is working on distinct coverage. That means you must express the project description as soon as possible to all the class.
As the course is mainly covering the aspect of the honeynet/pot technologies, the group has to build a specific honeypot to raise awareness inside an organization or a specific group of people. The project consists of a high-level overview of the honeypot (how it works, how its integrated inside the organization, how it is raising awareness and why it is raising awareness... )
Date/Where | Topic | Support |
---|---|---|
Sat. 26 Apr 2008 (13:30->16:30)/CRP | Introduction to Honeynet/pot Technologies and network datacapture. Reminder regarding the legal status of Honeynet/pot and your ethical role. A high-level overview of various network capture to see the difficult task of network forensic analysis. |
Intro
and History - Honeynets Network Data Capture : Berkeley Packet Filter Legal framework of Honeynet/pots |
Sat. 10 May 2008 (13:30->16:30)/CRP | An attacker perspective to network and computer security. Software analysis. Review of the potential project. | How to perform reverse engineering on an unknown software? What have we learnt from the attackers ? |
Sat. 15 November 2008 (13:30->16:30)/CRP | Forensic Analysis, The Treachery of Images. Theory and Practices in Forensic Analysis. | Forensic Analysis - The Treachery of Images Supporting papers : Order of Volatility - Memory as Example,Password in memory,Flash and Forensic Analysis |
You may find that the subject is too experimental and not yet mature for real-life application. If you have any issue with the course (including the way I teach it), don't hesitate to talk about as soon as possible.