Title: | HoneyNet: A platform for studying Hacker Behaviors and Computer Forensics |
Date: | 24th July 2003 |
Time: | 16:30 - 18:00 |
Venue: | Hong Kong Monetary Authority 31/F, 3 Garden Road, Hong Kong |
Speaker: | Alan S. H. Lam |
Abstract:
A Honeypot is an Internet-attached server designed
to detect and monitor the activities of computer hackers.
HoneyNet is a network of these honeypots with high interaction
design. CUHK has launched the HoneyNet project since June 2002.
This seminar reviews some findings from this HoneyNet project,
which include hacking techniques, hackers's activities after
break-ins, and some general hackers' behaviors. Some hackers'
activities will be described and illustrated with live
demonstrations through scene reconstruction. Forensic techniques
used to examine the data obtained from the HoneyNet will also
be discussed.
Seminar Outline:
Presentation Slides ([PPT|PDF])
Some hacking patterns from captured packets
Hackers' keystroke
Some hackers' startup scripts
Hacker conversation from IRC data capture