Back in November, the Honeynet Project announced the appointment of a new Chief Research Officer: Lukas Rist took the role after a long and successful tenure by David Watson. The research office will also be supported by Maximilian Hils and Cornelius Aschermann.
Lukas is a German living in Norway: after working on Symantec’s malware sandbox solution, he switched to the team running the back-end systems. Among others, he’s responsible for a system analyzing between 500k to one million potentially malicious samples per day, producing the behavioral data used by Symantec analysts for threat hunting.
UPDATE: the log data is posted here. A notification group about new log sharing is here.
This WASL 2009 workshop reminded me that I always used to bitch that some academic researchers use antediluvian data sets for their research (Lincoln labs 1998 set used in 2008 “security research” makes me want to just curse and kick people in the balls, then laugh, then cry, then cry more…).
However, why are they doing it?