GSoC/GCI Archive
Google Summer of Code 2010 The Honeynet Project

Project 1 - Improve our low interaction client honeypot PHoneyC

by njain for The Honeynet Project

I propose to design an anomaly detection engine by wrapping the c++ library for anomaly detection system, libAnomaly in cython. This engine can then be utilized from phoneyC to detect unknown attacks with high degree of confidence and low false positive rate. Thus a lot of interesting things can be done like detecting previously unknown attacks, deobfuscated JS code, characterize exploit, generate exploit signature etc.