When a client is connecting to a honeypot server, it is usually not legitimate traffic. However, as malware is always trying to be stealthy, the honeypot should make few assumptions about who it's talking with and how it should respond in order to keep the conversation going. This project would aim at creating a library to instruct a honeypot on how to proceed in such a situation by analyzing the traffic with different ways and coming up with the most likely protocol that could be used. This should help the honeypot gain deeper insight into the current landscape of malware on the internet.

Organization

Student

Nikolaos Filippakis

Mentors

  • Lukas Rist
  • Hugo Gascon
close

2017