SlideShare a Scribd company logo

Charles Lim - Honeynet Indonesia Chapter

Indonesia Honeynet Chapter
Indonesia Honeynet Chapter

The document outlines an agenda for a Honeynet Seminar & Workshop held in Jakarta, Indonesia on June 18, 2013. It introduces the global Honeynet Project and the Indonesia Honeynet Chapter, which was established in 2011. The workshop included tracks on honeypots, malware analysis, memory forensics, botnets, and mobile/application security. Past works involved capturing malware using honeypots at universities, and future plans include improving statistical reporting and expanding the honeypot network using Raspberry Pi devices. The goal is to improve cybersecurity in Indonesia through collaboration between universities, industry and government.

1 of 46
Download to read offline
Honeynet Indonesia ChapterHoneynet – Indonesia Chapter Honeynet Seminar & WorkshopHoneynet Seminar & Workshop Jakarta, 18 June 2013
Agenda • Introduction to HoneynetIntroduction to Honeynet • Introduction to Honeynet - Indonesia ChapterChapter • What’s Up? Wh t’ N t?• What’s Next? • About the Workshop • Conclusion
THANK YOU – SOLD OUT
THANK YOU • To the Ministry of Communication and Informatics, especially Directorate Information SecuritySecurity • To Swiss German University team, support toTo Swiss German University team, support to organize and make this event possible • To all the speakers and sponsors T ll d h f h• To all attendees that come for these events
Introduction to The HoneynetIntroduction to The Honeynet Project • Volunteer open source computer security research organization since 1999 (US 501c3 fit)non-profit) Mi i ¨l th t l t ti d ti• Mission: ¨learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned¨ -share the lessons learned - http://www.honeynet.org
Introduction to The HoneynetIntroduction to The Honeynet Project
Introduction to The HoneynetIntroduction to The Honeynet Project • Goal: Improve security of Internet at no cost to the public • Awareness: Raise awareness of the threats th t i tthat exist • Information: For those already aware, teach and inform about latest threatsand inform about latest threats • Research: Give organizations the capabilities to learn more on their own
Introduction to The HoneynetIntroduction to The Honeynet Project • Global membership of volunteers with diverse• Global membership of volunteers with diverse skills and experiences • Deploys networks of computer systems around thep y p y world with the explicit intention of being hacked • Share all of our tools, research and findings, at no t t th blicost to the public • Members release regular activity status reports ¨K Y E ¨ (KYE) hit l l• Know Your Enemy (KYE) white papers regularly published on current research topics • Committed to open source and creative commonsCommitted to open source and creative commons • Partially funded by sponsors, nothing to sell!
Introduction to The HoneynetIntroduction to The Honeynet Project
Brief Introduction to TheBrief Introduction to The Honeynet Project 46 Chapters and 28 countries
Brief Introduction to The Honeynet Project Honeynet Workshop 2013 @ The Address Dubai
Brief Introduction to The Honeynet Project Honeynet Workshop 2012 @ Facebook HQ
Indonesia Chapter • 25 November 2011, about 15 people from academia, security professionals and government made the declaration duringmade the declaration during our yearly malware workshop at SGU (Swiss German University)University) • 19 January 2012 accepted as part of Honeynet Chapterp y p • Members: 70 (today)
Indonesia Chapter • Indonesia Honeynet Project • Id_honeynet • http://www.honeynet.or.id htt // l / /id h t• http://groups.google.com/group/id-honeynet
Introduction to The HoneynetIntroduction to The Honeynet Project
Introduction to The HoneynetIntroduction to The Honeynet Project
Indonesia Honeynet ProjectIndonesia Honeynet Project Seminar & Workshop Honeynet Workshop 5-6 Juni 2012, Jakarta
Indonesia Honeynet ProjectIndonesia Honeynet Project Seminar & Workshop Honeynet Workshop 20 Nop 2012, Surabaya
How we start? • Four students of SGU in 2010 wanted to• Four students of SGU in 2010 wanted to explore how to use Data Mining to understand Cyber Security Threats:y y • 2 students focusing on Malware Threats • 2 students focusing on Cyber Terrorismg y • 1 Student SGU focused on capturing malware using Honeypots (Nepenthes) • We also invited Malware Expert, Pak Aat to share his experience
Road Mapp 20 Randy Anthony -SGU- Amien H Rosyandino -ID SIRTII- Michael -SGU- Stewart -SGU- Glenn -SGU- Mario -SGU-
Road Mapp Mario -SGU- Andrew -SGU- Tommy -SGU- 21 Michael -SGU- Stewart -SGU- Glenn -SGU-
SGU Honeypots • SGU Honeypot Network Designyp g
Live Demo SGU HoneypotSGU Honeypot
Live Demo
National Malware Monitoring • Central Repository for Malware captured by all• Central Repository for Malware captured by all universities sensors in Indonesia that participatep p
Previous Works • Nano PC with Atom processors• Nano PC with Atom processors • Price Rp 3 million
Work in Progress • Raspberry PI• Raspberry PI • ARM processor • RAM 512 MB 8 GB SD Card• RAM 512 MB, 8 GB SD Card • Push Protocol
What’s Next? • Call for more participation from universities• Call for more participation from universities, industry and government • Requirements: • A commitment from the top management • At least 1 public IP address to start • Willing to submit malware samples to central repositoryrepository • You will get:g • 1 Nano PC to be installed in your infra
Our Previous Dashboard
W b I t f (2013)Web Interface (2013) Thanks to Jonathan & Tommy (SGU IT Batch 2011)
Web Interface (2013) Thanks to Jonathan & Tommy (SGU IT Batch 2011)
Web Interface (2013) Thanks to Jonathan & Tommy (SGU IT Batch 2011)
Web Interface (2013)Web Interface (2013) Thanks to Jonathan & Tommy (SGU IT Batch 2011)
Web Interface (2013)Web Interface (2013) Thanks to Jonathan & Tommy (SGU IT Batch 2011)
Web Interface (2013)Web Interface (2013) Thanks to Jonathan & Tommy (SGU IT Batch 2011)
What’s Next? • Improving Stats Reporting• Improving Stats Reporting • Sharing malware and stats• Sharing malware and stats Adding more honeypots such as honeytrap• Adding more honeypots such as honeytrap, Glastopf, Kippo, etc. • All raspberry honeypots • Data Cleansing and Clustering Data Mining
Last Year Workshop • We have one track with morning session and• We have one track with morning session and afternoon session • Morning Session – Dionaea & Malware Analysis • Afternoon Session – Capture The Flag
This Year Workshop Waktu Track #1 Track #2 Track #3 08:15 – 08:30 Registrasi & Persiapan Seminar 08:30 – 09:00 Kata Sambutan (Kementerian KOMINFO) 09:05 – 10:00 Honeypot – Dionaea (Charles & Mario) Malware Analysis (Ricky) Memory Forensic (Mada) 10:00 – 10:15 Break 10:15 – 12:30 Honeypot Back End (Mario) Malware Analysis (Ricky) Memory Forensic (Mada) 12:30 – 13:15 ISOMA 13:15 – 14:45 Honeypot – Glastopf, Kippo (Amien) Botnet (Charles) ACAD-CSIRT (Mantra & Greg) 14:45 – 15:00 Break 15:00 – 16:30 Developing Malware Lab (Digit) Botnet (Charles) Android Forensic (Feri)
Track #1 • Morning Session – Dionaeag • Speaker: Charles Lim and Mario Marcello • How to setup and configure Dionaea • How to create stats report for the captured traffic • Afternoon Session I • Speaker: Amien Harisen • How to setup and configure Kippo and Glastopf • Afternoon Session II • Speaker: Digit Oktavianto • How to setup your own Malware Lab
Track #2 • Morning Session – Malware Analysis • Speaker: Ricky Prajoyo • How to perform Reverse Engineering • How to perform Analysis of executable malware samples • Afternoon Session – Botnet S k Ch l Li• Speaker: Charles Lim • Understanding Botnets • Analyzing Botnet activities• Analyzing Botnet activities
Track #3 • Morning Session – Memory Forensics • Speaker: Mada R. Perdhana • How to perform Memory Forensics • Forensic Stuxnet Malware samples• Forensic Stuxnet Malware samples • Afternoon Session I – Java SecurityAfternoon Session I Java Security • Speaker: Gregorius Hendy • Secure Coding using Java • Afternoon Session II – Android Forensics • Speaker: Feri Lauw • How to Perform Android Forensics
Further Information • The Honeynet Project (http://www.honeynet.org) • Indonesia Honeynet Project (http://www.honeynet.or.id)( p y ) • Swiss German University (http://www.sgu.ac.id)( p g ) • My Blog (http://people.sgu.ac.id/charleslim)( p //peop e sgu ac d/c a es )
Honeynet - Indonesia Chapter • Indonesia Honeynet Project • Id_honeynet • http://www.honeynet.or.id htt // l / /id h t• http://groups.google.com/group/id-honeynet
Questions ???

Recommended

Monitoring indonesia darknets - Revealing the unseen security intrusion
Monitoring indonesia darknets - Revealing the unseen security intrusionMonitoring indonesia darknets - Revealing the unseen security intrusion
Monitoring indonesia darknets - Revealing the unseen security intrusion
Charles Lim
 
Toward revealing Advanced Persistence Threats in your organization - Public
Toward revealing Advanced Persistence Threats in your organization - PublicToward revealing Advanced Persistence Threats in your organization - Public
Toward revealing Advanced Persistence Threats in your organization - PublicCharles Lim
 
Mengenal ZEUS Botnet Lebih Dekat
Mengenal ZEUS Botnet Lebih DekatMengenal ZEUS Botnet Lebih Dekat
Mengenal ZEUS Botnet Lebih DekatCharles Lim
 
How To Develop Secure Software
How To Develop Secure SoftwareHow To Develop Secure Software
How To Develop Secure Software
Apps with love
 
Security Aspects in IoT - A Review
Security Aspects in IoT - A Review Security Aspects in IoT - A Review
Security Aspects in IoT - A Review
Asiri Hewage
 
IoT Security
IoT SecurityIoT Security
IoT Security
Narudom Roongsiriwong, CISSP
 
Fixing the Last Missing Piece in Securing IoT
Fixing the Last Missing Piece in Securing IoTFixing the Last Missing Piece in Securing IoT
Fixing the Last Missing Piece in Securing IoT
NUS-ISS
 
Internet of things security challenges
Internet of things security challengesInternet of things security challenges
Internet of things security challenges
Hadi Fadlallah
 

Recommended

Monitoring indonesia darknets - Revealing the unseen security intrusion
Monitoring indonesia darknets - Revealing the unseen security intrusionMonitoring indonesia darknets - Revealing the unseen security intrusion
Monitoring indonesia darknets - Revealing the unseen security intrusion
Charles Lim
 
Toward revealing Advanced Persistence Threats in your organization - Public
Toward revealing Advanced Persistence Threats in your organization - PublicToward revealing Advanced Persistence Threats in your organization - Public
Toward revealing Advanced Persistence Threats in your organization - PublicCharles Lim
 
Mengenal ZEUS Botnet Lebih Dekat
Mengenal ZEUS Botnet Lebih DekatMengenal ZEUS Botnet Lebih Dekat
Mengenal ZEUS Botnet Lebih DekatCharles Lim
 
How To Develop Secure Software
How To Develop Secure SoftwareHow To Develop Secure Software
How To Develop Secure Software
Apps with love
 
Security Aspects in IoT - A Review
Security Aspects in IoT - A Review Security Aspects in IoT - A Review
Security Aspects in IoT - A Review
Asiri Hewage
 
IoT Security
IoT SecurityIoT Security
IoT Security
Narudom Roongsiriwong, CISSP
 
Fixing the Last Missing Piece in Securing IoT
Fixing the Last Missing Piece in Securing IoTFixing the Last Missing Piece in Securing IoT
Fixing the Last Missing Piece in Securing IoT
NUS-ISS
 
Internet of things security challenges
Internet of things security challengesInternet of things security challenges
Internet of things security challenges
Hadi Fadlallah
 
TECTECO V3.20160526.key (2)
TECTECO V3.20160526.key (2)TECTECO V3.20160526.key (2)
TECTECO V3.20160526.key (2)Mark De Simone
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
Koenig Solutions Ltd.
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of Things
Bryan Len
 
APrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of ThingsAPrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of Things
APNIC
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
Security Innovation
 
Iot security amar prusty
Iot security amar prustyIot security amar prusty
Iot security amar prusty
amarprusty
 
IoT security patterns
IoT security patterns IoT security patterns
IoT security patterns
Exosite
 
IoT security
IoT securityIoT security
IoT security
YashKesharwani2
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOT
University of Ontario Institute of Technology (UOIT)
 
IOT Security
IOT SecurityIOT Security
IOT Security
Sylvain Martinez
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy Considerations
Kenny Huang Ph.D.
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
Shreya Pohekar
 
Cybersecurity by the numbers
Cybersecurity by the numbersCybersecurity by the numbers
Cybersecurity by the numbers
APNIC
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Stanford School of Engineering
 
Integrating Multi-Agent Systems and Internet of Things To Support Ambient Int...
Integrating Multi-Agent Systems and Internet of Things To Support Ambient Int...Integrating Multi-Agent Systems and Internet of Things To Support Ambient Int...
Integrating Multi-Agent Systems and Internet of Things To Support Ambient Int...
Carlos Eduardo Pantoja
 
IoT Security Awareness Training : Tonex Training
IoT Security Awareness Training : Tonex TrainingIoT Security Awareness Training : Tonex Training
IoT Security Awareness Training : Tonex Training
Bryan Len
 
ION Belfast - Opening Slides - Chris Grundemann
ION Belfast - Opening Slides - Chris GrundemannION Belfast - Opening Slides - Chris Grundemann
ION Belfast - Opening Slides - Chris Grundemann
Deploy360 Programme (Internet Society)
 
ION Trinidad and Tobago - Opening Slides
ION Trinidad and Tobago - Opening SlidesION Trinidad and Tobago - Opening Slides
ION Trinidad and Tobago - Opening Slides
Deploy360 Programme (Internet Society)
 
The Honeynet Project Introduction
The Honeynet Project IntroductionThe Honeynet Project Introduction
The Honeynet Project Introduction
Julia Yu-Chin Cheng
 
ION Hangzhou - Opening Remarks
ION Hangzhou - Opening RemarksION Hangzhou - Opening Remarks
ION Hangzhou - Opening Remarks
Deploy360 Programme (Internet Society)
 
ION Santiago: Opening Slides
ION Santiago: Opening SlidesION Santiago: Opening Slides
ION Santiago: Opening Slides
Deploy360 Programme (Internet Society)
 
ION Tokyo: Opening Slides, Chris Grundemann
ION Tokyo: Opening Slides, Chris GrundemannION Tokyo: Opening Slides, Chris Grundemann
ION Tokyo: Opening Slides, Chris GrundemannDeploy360 Programme (Internet Society)
 

More Related Content

What's hot

TECTECO V3.20160526.key (2)
TECTECO V3.20160526.key (2)TECTECO V3.20160526.key (2)
TECTECO V3.20160526.key (2)Mark De Simone
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
Koenig Solutions Ltd.
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of Things
Bryan Len
 
APrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of ThingsAPrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of Things
APNIC
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
Security Innovation
 
Iot security amar prusty
Iot security amar prustyIot security amar prusty
Iot security amar prusty
amarprusty
 
IoT security patterns
IoT security patterns IoT security patterns
IoT security patterns
Exosite
 
IoT security
IoT securityIoT security
IoT security
YashKesharwani2
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOT
University of Ontario Institute of Technology (UOIT)
 
IOT Security
IOT SecurityIOT Security
IOT Security
Sylvain Martinez
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy Considerations
Kenny Huang Ph.D.
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
Shreya Pohekar
 
Cybersecurity by the numbers
Cybersecurity by the numbersCybersecurity by the numbers
Cybersecurity by the numbers
APNIC
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Stanford School of Engineering
 
Integrating Multi-Agent Systems and Internet of Things To Support Ambient Int...
Integrating Multi-Agent Systems and Internet of Things To Support Ambient Int...Integrating Multi-Agent Systems and Internet of Things To Support Ambient Int...
Integrating Multi-Agent Systems and Internet of Things To Support Ambient Int...
Carlos Eduardo Pantoja
 
IoT Security Awareness Training : Tonex Training
IoT Security Awareness Training : Tonex TrainingIoT Security Awareness Training : Tonex Training
IoT Security Awareness Training : Tonex Training
Bryan Len
 

What's hot (16)

TECTECO V3.20160526.key (2)
TECTECO V3.20160526.key (2)TECTECO V3.20160526.key (2)
TECTECO V3.20160526.key (2)
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of Things
 
APrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of ThingsAPrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of Things
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
 
Iot security amar prusty
Iot security amar prustyIot security amar prusty
Iot security amar prusty
 
IoT security patterns
IoT security patterns IoT security patterns
IoT security patterns
 
IoT security
IoT securityIoT security
IoT security
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOT
 
IOT Security
IOT SecurityIOT Security
IOT Security
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy Considerations
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
 
Cybersecurity by the numbers
Cybersecurity by the numbersCybersecurity by the numbers
Cybersecurity by the numbers
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
 
Integrating Multi-Agent Systems and Internet of Things To Support Ambient Int...
Integrating Multi-Agent Systems and Internet of Things To Support Ambient Int...Integrating Multi-Agent Systems and Internet of Things To Support Ambient Int...
Integrating Multi-Agent Systems and Internet of Things To Support Ambient Int...
 
IoT Security Awareness Training : Tonex Training
IoT Security Awareness Training : Tonex TrainingIoT Security Awareness Training : Tonex Training
IoT Security Awareness Training : Tonex Training
 

Similar to Charles Lim - Honeynet Indonesia Chapter

ION Belfast - Opening Slides - Chris Grundemann
ION Belfast - Opening Slides - Chris GrundemannION Belfast - Opening Slides - Chris Grundemann
ION Belfast - Opening Slides - Chris Grundemann
Deploy360 Programme (Internet Society)
 
ION Trinidad and Tobago - Opening Slides
ION Trinidad and Tobago - Opening SlidesION Trinidad and Tobago - Opening Slides
ION Trinidad and Tobago - Opening Slides
Deploy360 Programme (Internet Society)
 
The Honeynet Project Introduction
The Honeynet Project IntroductionThe Honeynet Project Introduction
The Honeynet Project Introduction
Julia Yu-Chin Cheng
 
ION Hangzhou - Opening Remarks
ION Hangzhou - Opening RemarksION Hangzhou - Opening Remarks
ION Hangzhou - Opening Remarks
Deploy360 Programme (Internet Society)
 
ION Santiago: Opening Slides
ION Santiago: Opening SlidesION Santiago: Opening Slides
ION Santiago: Opening Slides
Deploy360 Programme (Internet Society)
 
Collaboration Between Infosec Community and CERT Teams : Project Sonar case
Collaboration Between Infosec Community and CERT Teams : Project Sonar caseCollaboration Between Infosec Community and CERT Teams : Project Sonar case
Collaboration Between Infosec Community and CERT Teams : Project Sonar case
Valdes Nzalli
 
ICE2009 - An Architecture for a Extended/Virtual Enterprise
ICE2009 - An Architecture for a Extended/Virtual EnterpriseICE2009 - An Architecture for a Extended/Virtual Enterprise
ICE2009 - An Architecture for a Extended/Virtual Enterprise
phermar
 
Architecture for a Extended/Virtual Enterprise
Architecture for a Extended/Virtual EnterpriseArchitecture for a Extended/Virtual Enterprise
Architecture for a Extended/Virtual Enterprise
phermar
 
Pistoia Alliance Sequence Services Phase 2 Overview
Pistoia Alliance Sequence Services Phase 2 OverviewPistoia Alliance Sequence Services Phase 2 Overview
Pistoia Alliance Sequence Services Phase 2 Overview
Pistoia Alliance
 
TFI2014 Conference Opening - ISOC Deployment & Operationalization
TFI2014 Conference Opening - ISOC Deployment & OperationalizationTFI2014 Conference Opening - ISOC Deployment & Operationalization
TFI2014 Conference Opening - ISOC Deployment & Operationalization
Colorado Internet Society (CO ISOC)
 
Cyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contributeCyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contribute
APNIC
 
Python and BIG Data analytics | Python Fundamentals | Python Architecture
Python and BIG Data analytics | Python Fundamentals | Python ArchitecturePython and BIG Data analytics | Python Fundamentals | Python Architecture
Python and BIG Data analytics | Python Fundamentals | Python Architecture
Skillspeed
 
Strengthening Cybersecurity Collaborations: Outcomes from missions to Singapo...
Strengthening Cybersecurity Collaborations: Outcomes from missions to Singapo...Strengthening Cybersecurity Collaborations: Outcomes from missions to Singapo...
Strengthening Cybersecurity Collaborations: Outcomes from missions to Singapo...
KTN
 
IPv6 Predictions for 2014
IPv6 Predictions for 2014IPv6 Predictions for 2014
IPv6 Predictions for 2014
Internet Technology Matters (Internet Society)
 
IWST 2013: Intro
IWST 2013: IntroIWST 2013: Intro
IWST 2013: Intro
ESUG
 
ION Cape Town - Opening Remarks
ION Cape Town - Opening RemarksION Cape Town - Opening Remarks
ION Cape Town - Opening Remarks
Deploy360 Programme (Internet Society)
 
About the IETF: Presentation for the University of Botswana
About the IETF: Presentation for the University of BotswanaAbout the IETF: Presentation for the University of Botswana
About the IETF: Presentation for the University of Botswana
Internet Society
 
Eyes of things
Eyes of thingsEyes of things
Eyes of things
Eyes of Things
 
Nct emedia
Nct emediaNct emedia
Nct emedialaurajoy
 

Similar to Charles Lim - Honeynet Indonesia Chapter (20)

ION Belfast - Opening Slides - Chris Grundemann
ION Belfast - Opening Slides - Chris GrundemannION Belfast - Opening Slides - Chris Grundemann
ION Belfast - Opening Slides - Chris Grundemann
 
ION Trinidad and Tobago - Opening Slides
ION Trinidad and Tobago - Opening SlidesION Trinidad and Tobago - Opening Slides
ION Trinidad and Tobago - Opening Slides
 
The Honeynet Project Introduction
The Honeynet Project IntroductionThe Honeynet Project Introduction
The Honeynet Project Introduction
 
ION Hangzhou - Opening Remarks
ION Hangzhou - Opening RemarksION Hangzhou - Opening Remarks
ION Hangzhou - Opening Remarks
 
ION Santiago: Opening Slides
ION Santiago: Opening SlidesION Santiago: Opening Slides
ION Santiago: Opening Slides
 
ION Tokyo: Opening Slides, Chris Grundemann
ION Tokyo: Opening Slides, Chris GrundemannION Tokyo: Opening Slides, Chris Grundemann
ION Tokyo: Opening Slides, Chris Grundemann
 
Collaboration Between Infosec Community and CERT Teams : Project Sonar case
Collaboration Between Infosec Community and CERT Teams : Project Sonar caseCollaboration Between Infosec Community and CERT Teams : Project Sonar case
Collaboration Between Infosec Community and CERT Teams : Project Sonar case
 
ICE2009 - An Architecture for a Extended/Virtual Enterprise
ICE2009 - An Architecture for a Extended/Virtual EnterpriseICE2009 - An Architecture for a Extended/Virtual Enterprise
ICE2009 - An Architecture for a Extended/Virtual Enterprise
 
Architecture for a Extended/Virtual Enterprise
Architecture for a Extended/Virtual EnterpriseArchitecture for a Extended/Virtual Enterprise
Architecture for a Extended/Virtual Enterprise
 
Pistoia Alliance Sequence Services Phase 2 Overview
Pistoia Alliance Sequence Services Phase 2 OverviewPistoia Alliance Sequence Services Phase 2 Overview
Pistoia Alliance Sequence Services Phase 2 Overview
 
TFI2014 Conference Opening - ISOC Deployment & Operationalization
TFI2014 Conference Opening - ISOC Deployment & OperationalizationTFI2014 Conference Opening - ISOC Deployment & Operationalization
TFI2014 Conference Opening - ISOC Deployment & Operationalization
 
Cyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contributeCyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contribute
 
Python and BIG Data analytics | Python Fundamentals | Python Architecture
Python and BIG Data analytics | Python Fundamentals | Python ArchitecturePython and BIG Data analytics | Python Fundamentals | Python Architecture
Python and BIG Data analytics | Python Fundamentals | Python Architecture
 
Strengthening Cybersecurity Collaborations: Outcomes from missions to Singapo...
Strengthening Cybersecurity Collaborations: Outcomes from missions to Singapo...Strengthening Cybersecurity Collaborations: Outcomes from missions to Singapo...
Strengthening Cybersecurity Collaborations: Outcomes from missions to Singapo...
 
IPv6 Predictions for 2014
IPv6 Predictions for 2014IPv6 Predictions for 2014
IPv6 Predictions for 2014
 
IWST 2013: Intro
IWST 2013: IntroIWST 2013: Intro
IWST 2013: Intro
 
ION Cape Town - Opening Remarks
ION Cape Town - Opening RemarksION Cape Town - Opening Remarks
ION Cape Town - Opening Remarks
 
About the IETF: Presentation for the University of Botswana
About the IETF: Presentation for the University of BotswanaAbout the IETF: Presentation for the University of Botswana
About the IETF: Presentation for the University of Botswana
 
Eyes of things
Eyes of thingsEyes of things
Eyes of things
 
Nct emedia
Nct emediaNct emedia
Nct emedia
 

More from Indonesia Honeynet Chapter

Lukas - Ancaman E-Health Security
Lukas - Ancaman E-Health SecurityLukas - Ancaman E-Health Security
Lukas - Ancaman E-Health Security
Indonesia Honeynet Chapter
 
Karunia Wijaya - Proactive Incident Handling
Karunia Wijaya - Proactive Incident HandlingKarunia Wijaya - Proactive Incident Handling
Karunia Wijaya - Proactive Incident Handling
Indonesia Honeynet Chapter
 
Iwan Sumantri - Cyber Threat Indonesia 2013
Iwan Sumantri - Cyber Threat Indonesia 2013Iwan Sumantri - Cyber Threat Indonesia 2013
Iwan Sumantri - Cyber Threat Indonesia 2013
Indonesia Honeynet Chapter
 
I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and CountermeasureI.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
Indonesia Honeynet Chapter
 
Hogan Kusnadi - Cloud Computing Secutity
Hogan Kusnadi - Cloud Computing SecutityHogan Kusnadi - Cloud Computing Secutity
Hogan Kusnadi - Cloud Computing Secutity
Indonesia Honeynet Chapter
 
Gildas Deograt - Effective Honeynet in High Grade Security Strategy
Gildas Deograt - Effective Honeynet in High Grade Security StrategyGildas Deograt - Effective Honeynet in High Grade Security Strategy
Gildas Deograt - Effective Honeynet in High Grade Security Strategy
Indonesia Honeynet Chapter
 
Amien Harisen - APT1 Attack
Amien Harisen - APT1 AttackAmien Harisen - APT1 Attack
Amien Harisen - APT1 Attack
Indonesia Honeynet Chapter
 
Ahmad Alkazimy - Indonesia Malware Incident Updates
Ahmad Alkazimy - Indonesia Malware Incident UpdatesAhmad Alkazimy - Indonesia Malware Incident Updates
Ahmad Alkazimy - Indonesia Malware Incident Updates
Indonesia Honeynet Chapter
 

More from Indonesia Honeynet Chapter (8)

Lukas - Ancaman E-Health Security
Lukas - Ancaman E-Health SecurityLukas - Ancaman E-Health Security
Lukas - Ancaman E-Health Security
 
Karunia Wijaya - Proactive Incident Handling
Karunia Wijaya - Proactive Incident HandlingKarunia Wijaya - Proactive Incident Handling
Karunia Wijaya - Proactive Incident Handling
 
Iwan Sumantri - Cyber Threat Indonesia 2013
Iwan Sumantri - Cyber Threat Indonesia 2013Iwan Sumantri - Cyber Threat Indonesia 2013
Iwan Sumantri - Cyber Threat Indonesia 2013
 
I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and CountermeasureI.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
 
Hogan Kusnadi - Cloud Computing Secutity
Hogan Kusnadi - Cloud Computing SecutityHogan Kusnadi - Cloud Computing Secutity
Hogan Kusnadi - Cloud Computing Secutity
 
Gildas Deograt - Effective Honeynet in High Grade Security Strategy
Gildas Deograt - Effective Honeynet in High Grade Security StrategyGildas Deograt - Effective Honeynet in High Grade Security Strategy
Gildas Deograt - Effective Honeynet in High Grade Security Strategy
 
Amien Harisen - APT1 Attack
Amien Harisen - APT1 AttackAmien Harisen - APT1 Attack
Amien Harisen - APT1 Attack
 
Ahmad Alkazimy - Indonesia Malware Incident Updates
Ahmad Alkazimy - Indonesia Malware Incident UpdatesAhmad Alkazimy - Indonesia Malware Incident Updates
Ahmad Alkazimy - Indonesia Malware Incident Updates
 

Recently uploaded

Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Alex Pruden
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
Jen Stirrup
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 

Recently uploaded (20)

Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 

Charles Lim - Honeynet Indonesia Chapter

  • 1. Honeynet Indonesia ChapterHoneynet – Indonesia Chapter Honeynet Seminar & WorkshopHoneynet Seminar & Workshop Jakarta, 18 June 2013
  • 2. Agenda • Introduction to HoneynetIntroduction to Honeynet • Introduction to Honeynet - Indonesia ChapterChapter • What’s Up? Wh t’ N t?• What’s Next? • About the Workshop • Conclusion
  • 3. THANK YOU – SOLD OUT
  • 4. THANK YOU • To the Ministry of Communication and Informatics, especially Directorate Information SecuritySecurity • To Swiss German University team, support toTo Swiss German University team, support to organize and make this event possible • To all the speakers and sponsors T ll d h f h• To all attendees that come for these events
  • 5. Introduction to The HoneynetIntroduction to The Honeynet Project • Volunteer open source computer security research organization since 1999 (US 501c3 fit)non-profit) Mi i ¨l th t l t ti d ti• Mission: ¨learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned¨ -share the lessons learned - http://www.honeynet.org
  • 6. Introduction to The HoneynetIntroduction to The Honeynet Project
  • 7. Introduction to The HoneynetIntroduction to The Honeynet Project • Goal: Improve security of Internet at no cost to the public • Awareness: Raise awareness of the threats th t i tthat exist • Information: For those already aware, teach and inform about latest threatsand inform about latest threats • Research: Give organizations the capabilities to learn more on their own
  • 8. Introduction to The HoneynetIntroduction to The Honeynet Project • Global membership of volunteers with diverse• Global membership of volunteers with diverse skills and experiences • Deploys networks of computer systems around thep y p y world with the explicit intention of being hacked • Share all of our tools, research and findings, at no t t th blicost to the public • Members release regular activity status reports ¨K Y E ¨ (KYE) hit l l• Know Your Enemy (KYE) white papers regularly published on current research topics • Committed to open source and creative commonsCommitted to open source and creative commons • Partially funded by sponsors, nothing to sell!
  • 9. Introduction to The HoneynetIntroduction to The Honeynet Project
  • 10. Brief Introduction to TheBrief Introduction to The Honeynet Project 46 Chapters and 28 countries
  • 11. Brief Introduction to The Honeynet Project Honeynet Workshop 2013 @ The Address Dubai
  • 12. Brief Introduction to The Honeynet Project Honeynet Workshop 2012 @ Facebook HQ
  • 13. Indonesia Chapter • 25 November 2011, about 15 people from academia, security professionals and government made the declaration duringmade the declaration during our yearly malware workshop at SGU (Swiss German University)University) • 19 January 2012 accepted as part of Honeynet Chapterp y p • Members: 70 (today)
  • 14. Indonesia Chapter • Indonesia Honeynet Project • Id_honeynet • http://www.honeynet.or.id htt // l / /id h t• http://groups.google.com/group/id-honeynet
  • 15. Introduction to The HoneynetIntroduction to The Honeynet Project
  • 16. Introduction to The HoneynetIntroduction to The Honeynet Project
  • 17. Indonesia Honeynet ProjectIndonesia Honeynet Project Seminar & Workshop Honeynet Workshop 5-6 Juni 2012, Jakarta
  • 18. Indonesia Honeynet ProjectIndonesia Honeynet Project Seminar & Workshop Honeynet Workshop 20 Nop 2012, Surabaya
  • 19. How we start? • Four students of SGU in 2010 wanted to• Four students of SGU in 2010 wanted to explore how to use Data Mining to understand Cyber Security Threats:y y • 2 students focusing on Malware Threats • 2 students focusing on Cyber Terrorismg y • 1 Student SGU focused on capturing malware using Honeypots (Nepenthes) • We also invited Malware Expert, Pak Aat to share his experience
  • 20. Road Mapp 20 Randy Anthony -SGU- Amien H Rosyandino -ID SIRTII- Michael -SGU- Stewart -SGU- Glenn -SGU- Mario -SGU-
  • 22. SGU Honeypots • SGU Honeypot Network Designyp g
  • 25. National Malware Monitoring • Central Repository for Malware captured by all• Central Repository for Malware captured by all universities sensors in Indonesia that participatep p
  • 26. Previous Works • Nano PC with Atom processors• Nano PC with Atom processors • Price Rp 3 million
  • 27. Work in Progress • Raspberry PI• Raspberry PI • ARM processor • RAM 512 MB 8 GB SD Card• RAM 512 MB, 8 GB SD Card • Push Protocol
  • 28. What’s Next? • Call for more participation from universities• Call for more participation from universities, industry and government • Requirements: • A commitment from the top management • At least 1 public IP address to start • Willing to submit malware samples to central repositoryrepository • You will get:g • 1 Nano PC to be installed in your infra
  • 30. W b I t f (2013)Web Interface (2013) Thanks to Jonathan & Tommy (SGU IT Batch 2011)
  • 31. Web Interface (2013) Thanks to Jonathan & Tommy (SGU IT Batch 2011)
  • 32. Web Interface (2013) Thanks to Jonathan & Tommy (SGU IT Batch 2011)
  • 33. Web Interface (2013)Web Interface (2013) Thanks to Jonathan & Tommy (SGU IT Batch 2011)
  • 34. Web Interface (2013)Web Interface (2013) Thanks to Jonathan & Tommy (SGU IT Batch 2011)
  • 35. Web Interface (2013)Web Interface (2013) Thanks to Jonathan & Tommy (SGU IT Batch 2011)
  • 36. What’s Next? • Improving Stats Reporting• Improving Stats Reporting • Sharing malware and stats• Sharing malware and stats Adding more honeypots such as honeytrap• Adding more honeypots such as honeytrap, Glastopf, Kippo, etc. • All raspberry honeypots • Data Cleansing and Clustering Data Mining
  • 37.
  • 38.
  • 39. Last Year Workshop • We have one track with morning session and• We have one track with morning session and afternoon session • Morning Session – Dionaea & Malware Analysis • Afternoon Session – Capture The Flag
  • 40. This Year Workshop Waktu Track #1 Track #2 Track #3 08:15 – 08:30 Registrasi & Persiapan Seminar 08:30 – 09:00 Kata Sambutan (Kementerian KOMINFO) 09:05 – 10:00 Honeypot – Dionaea (Charles & Mario) Malware Analysis (Ricky) Memory Forensic (Mada) 10:00 – 10:15 Break 10:15 – 12:30 Honeypot Back End (Mario) Malware Analysis (Ricky) Memory Forensic (Mada) 12:30 – 13:15 ISOMA 13:15 – 14:45 Honeypot – Glastopf, Kippo (Amien) Botnet (Charles) ACAD-CSIRT (Mantra & Greg) 14:45 – 15:00 Break 15:00 – 16:30 Developing Malware Lab (Digit) Botnet (Charles) Android Forensic (Feri)
  • 41. Track #1 • Morning Session – Dionaeag • Speaker: Charles Lim and Mario Marcello • How to setup and configure Dionaea • How to create stats report for the captured traffic • Afternoon Session I • Speaker: Amien Harisen • How to setup and configure Kippo and Glastopf • Afternoon Session II • Speaker: Digit Oktavianto • How to setup your own Malware Lab
  • 42. Track #2 • Morning Session – Malware Analysis • Speaker: Ricky Prajoyo • How to perform Reverse Engineering • How to perform Analysis of executable malware samples • Afternoon Session – Botnet S k Ch l Li• Speaker: Charles Lim • Understanding Botnets • Analyzing Botnet activities• Analyzing Botnet activities
  • 43. Track #3 • Morning Session – Memory Forensics • Speaker: Mada R. Perdhana • How to perform Memory Forensics • Forensic Stuxnet Malware samples• Forensic Stuxnet Malware samples • Afternoon Session I – Java SecurityAfternoon Session I Java Security • Speaker: Gregorius Hendy • Secure Coding using Java • Afternoon Session II – Android Forensics • Speaker: Feri Lauw • How to Perform Android Forensics
  • 44. Further Information • The Honeynet Project (http://www.honeynet.org) • Indonesia Honeynet Project (http://www.honeynet.or.id)( p y ) • Swiss German University (http://www.sgu.ac.id)( p g ) • My Blog (http://people.sgu.ac.id/charleslim)( p //peop e sgu ac d/c a es )
  • 45. Honeynet - Indonesia Chapter • Indonesia Honeynet Project • Id_honeynet • http://www.honeynet.or.id htt // l / /id h t• http://groups.google.com/group/id-honeynet