The Honeynet Project

Organization

Created in November of 2009, the Chapter is conformed by highly motivated individuals focused on research of drive-by-downloads attacks and application of the deception theory on honeypot research. The Pacific Northwest Chapter is based in Seattle, Washington.

Members:

Chiraag Aval, M.S.

Areas of interest and research:
• Web-based attacks
• Reverse Engineering
• Advancements in the Client Honeypot Technology

Chuck Costarella

Areas of interest and research:
• Integration of secure coding into the traditional computer science curriculum
• Adding an attack aware capability to SCADA systems
• virtualization and secure cloud computing

David Dittrich

Areas of interest and research:
• Distributed Denial of Service Attacks
• Digital Forensics
• Active Response
• Ethical Principles

Barbara Endicott-Popovsky, Ph.D.

Areas of interest and research:
• Deception: next generation honeypots, reverse-engineering malware
• Forensic-ready networks: digital forensics records, NIST calibration project
• Compliance Frameworks: enterprise-wide information systems security and compliance management, forensic-ready networks

Dennis Charles Grant

Areas of interest and research:
• Rapid threat recognition and response
• Rootkit and zero-day exploit detection
• Resilient technology infrastructure design
• Risk reduction via enhanced authentication

Ashish Malviya

Areas of interest and research:
• Shell code analysis
• Web based attacks
• Honeypot technology
• Enterprise Information Security and Risk Management

Julia Narvaez

Areas of interest and research:
• Drive by downloads attacks
• Deception: study of the theory of deception to improve honeypot research, and development of a methodology to apply deception theory to empirical experiments.

Raymond Pompon

Areas of interest and research:
• Web application security
• Honey tokens
• Deception as part of a compliance framework

Lucas Reber

Areas of interest and research:
• Information visualization using map based metaphors
• Community networking
• Automated and adaptive infrastructure monitoring

Michael Schweiger

Areas of interest and research:
• Reverse engineering as it applies to malware discovery, identification, and classification
• Research based around the ideas of automated techniques and tools to perform malware analysis using static and dynamic approaches
• Application of machine learning and data mining (clustering/classification) techniques

Christian Seifert, Ph.D.

Areas of interest and research:
• Detection of malicious web pages that launch drive-by-download attacks with client honeypots
• Web application attacks
• Research techniques and trends used to conduct drive-by-downloads attacks.
• Development of tools to improve the analysis of the results of high interaction client honeypots.
• Formulate methodology incorporating the concepts of deception theory to improve detection of drive-by-downloads attacks.

Mike Simon

Areas of interest and research:
• Taxonomy and classification of malware and attack structure
• Class hierarchy of high level attack behaviors
• Generating research repositories for widespread distribution