Presented at
The Fifth HOPE (2004),
July 11, 2004, 10 a.m.
(60 minutes).
Most of the time a honeypot is considered to be a security resource whose value lies in being probed, attacked, or compromised. The purpose of this talk is to explain how honeypots might be deployed not only to use passive defense technologies, but also active defense ones. As a specific example, think about what might happen the day honeypots are able to automatically strike back at an aggressor or a worm! Different technical possibilities offered to honeypots on the cyberwarfare field will be explored, such as playing with or even hacking back an usual aggressor (scanner, worm, exploit, client of a trojan, etc.), improving traceback capabilities to find the real source of an attack, etc. This will open up all kinds of legal implications which will also be discussed.
Presenters:
-
Laurent Oudot
As a security engineer and researcher, Laurent Oudot has been a security expert for the past seven years, working for the French equivalent of the U.S. Department of Energy. He is also an instructor in French high schools on computer security. He cofounded the French Honeynet Project which is part of the Honeynet Alliance. He has also written many security articles in places like securityfocus.com. He has been a presenter at numerous international computer security and academic conferences as well. His research focuses on defensive technologies like honeypots, intrusion prevention, intrusion detection, firewalls, sandboxes, mandatory access control, etc. In his spare time, he is a member of a weird security team called Rstack (http://www.rstack.org/oudot/).
Links:
Similar Presentations: