2016年4月28日 星期四

HoneyCon 2016 Coming Soon.

 The Honeynet Project為誘捕技術與資安研究為主的非營利組織,由The Honeynet Project Taiwan Chapter在國內辦理的誘捕技術研討會,今年的HoneyCon已邁入第七年,自2013年之後成為每年超過400人參與的大型資安技術會議,同步辦理的資安實務課程(Workshop)頗受好評,透過實務的課程推廣誘捕技術的應用以及最新的資安技術;自2015年起開辦國內首次針對國小學生的兒童資安營隊(HoneyKids),以及國高中、大專生的鑑識科技偵測營(HoneyCSI:Cyber),前者希望將資安教育向下扎根,透過課程活動學習如何避免成為資訊安全事的主角,後者則從傳統犯罪偵察的角色出發,瞭解鑑識科技以及因應數位時代所帶來的改變。

  每年The Honeynet Project Annual Workshop都會發佈許多最新的誘捕系統與相關的資安技術,每年透過台灣年會的舉辦,將最新的訊息分享給與會人員,協助掌握最新與最熱門的資安研究議題;HoneyCon 2016規劃了相當精彩與豐富的活動,希望強化扮演資安教育的推手,除了整天的研討會議程之外,同步辦理了兩天超過十場次的HoneyCon Workshop實務課程、一場次的HoneyKids兒童資安營隊、一場次的HoneyCSI:Cyber鑑識科技偵探營以及首次辦理的HoneyCode兒童程式營隊,會議期間並舉行HoneyMe資安競賽(Wargame),提供與會人員透過資安技術的應用,發掘資通訊設備以及應用服務的弱點,相關活動內容請參考各活動詳細介紹。



2016國際資訊安全組織台灣高峰會
會議網站 http://2016.twcsa.org/

2015年8月12日 星期三

國際資安組織台灣高峰會,接軌國際資安社群

今年國內最重要的國際級資安會議,由Cloud Security Alliance Taiwan Chapter與The Honeynet Project Taiwan Chapter共同主辦,從當下的雲端安全議題開始,介紹雲端世代的資安防禦技術與新興的網路威脅,延續到誘捕技術的發展趨勢、進階資安技術研究、網路攻防實戰競賽,成為一涵蓋多個面向的大型資安高峰會。

由Cloud Security Alliance Taiwan Chapter與The Honeynet Project Taiwan Chapter共同主辦的國際資安組織臺灣高峰會,將於8/18~8/20一連舉行三天,從時下熱門的雲端安全議題開始,包括雲端世代的資安防禦技術與新興的網路威脅,延伸到誘捕技術的發展趨勢、進階資安技術研究、網路攻防實戰競賽,更為國小學童和國高中、大專院校學生設計營隊活動,為國內少見多面向同時也是最重要的國際資安會議。

本次將以Cloud Security Alliance Taiwan Congress 2015揭開大會序幕,聚焦在由台灣主導及啟動的全球行動APP安全工作小組、大數據與雲端服務安全等議題上,並以提升相關產業發展及競爭力為目標,推展全球一致的檢測和審驗標準;目前國內已有企業陸續取得雲端資安認證,例如今年宏碁電子化資訊管理中心(Acer e-Enabling Data Center,簡稱Acer eDC)便順利通過「雲端安全聯盟Cloud Security Alliance(CSA)」STAR Level 2認證。

而在8/18~8/20召開的HoneyCon 2015,將發佈今年於挪威舉辦的The Honeynet Project Annual Workshop中最新資安趨勢,並結合國內外產學研界專家的技術分享,加上實務導向的WorkShop設計,將帶給與會人員最多的收穫,進而共同推動國內資訊安全產業的發展。另外,為促進資安攻防技術和經驗的交流,主辦單位更擴大辦理了「HoneyCon CTF」挑戰賽,融合The Honeynet Project的挑戰賽模式以及現場網路攻防實戰的競賽模式,歡迎各界組隊參與,共同競逐總計價值8萬8千元的獎金獎品。

除了上述的會議活動外,鑑於資訊安全教育的需求與重要,本屆也規劃了研習營隊,首度將國外「Hack for Kids兒童資安營」引進國內,對象為國小學童,以深入淺出的方式介紹資訊安全相關的技術與原理,並透過互動式的課程學習資訊安全相關的知識,提昇資訊安全的意識與防護的概念;而「CSI:Cyber鑑識科技偵探營」則以國高中及大學生為主,解析網路犯罪證據,瞭解如何在刑案現場進行物證蒐集,其中包括「探索CSI鑑識科學的真相」、「調查與鑑識實務」、「熱門的3D列印技術與現場調查」、「網路犯罪與數位鑑識」等精彩的活動項目,將可一揭鑑識科學與網路犯罪偵察的面紗。

2015國際資安組織台灣高峰會,邀請國內外重要資安專家,涵蓋雲端安全、進階資安技術、資安人才培育、網路攻防競賽等活動,並結合Hack for Kids兒童資安營以及CSI:Cyber鑑識科技偵探營,以多樣化的內容,讓與會者認識資訊安全在未來將持續扮演的關鍵性角色,我們誠摯地邀請您參與這場難得的資安嘉年華。

2015國際資安組織台灣高峰會 活動官網: http://2015.twcsa.org/

2015年1月15日 星期四

2015 The Honeynet Project Annual Workshop

Each year the Honeynet Project annual workshop brings together top information security experts from around the globe to present their latest research efforts and discuss insights and strategies to combat new threats. The project workshop provides participants and sponsors with significant exposure to world-class professionals and a diverse range of information security topics. We invite you to be a partner of our Stavanger, Norway workshop in 2015!

 The Honeynet Project Workshop will offer briefings, trainings and a CxO strategic track especially designed for corporate CEOs, CFOs, COOs and CIOs as well as governmental policy makers and certain key military leadership roles. 

The 2015 Annual Honeynet Workshop presents an exciting line-up of speakers including Lance Spitzner (SANS), Anton Chuvakin (GARTNER), Raffael Marty (PixlCloud, previously Splunk), Lukas Rist (Blue Coat), Felix Leder, Brian Hay, Christian Seifert (Microsoft), and Mahmud Ab Rahman, and many others. Hands-on training opportunities will be offered in Big Data Visualization for Security, Virtualization Security, Network Analysis and Forensics, Malicious Document Analysis, Android Malware Analysis, Using Honeynet Technologies, and other important topics that can help strengthen your security posture.


 相關網站:http://stavanger2015.honeynet.org/

2014年5月2日 星期五

HoneyCon 2014 台灣誘捕網路技術研討會

HoneyCon 2014由The Honeynet Project Taiwan Chapter主辦,延續了今年於波蘭華沙所辦理的The Honeynet Project Annual Workshop重要資安議題,在第一天邀請了國內外包括了馬來西亞、香港、中國大陸、日本、新加坡等重量級的資訊安全研究人員,針對當今的資訊安全研究發展議題進行分享,內容涵蓋了最新的資訊安全威脅研究,國際資訊安全組織所發展的前瞻技術,以及真實資安全事件的剖析與研究;第二天辦理多場次的進階實務課程,在專業講師的帶領下,讓學員可能學習真正實用的資訊安全技術。

由於資安技能的培養需透過理論與實務的結合,HoneyCon 2014將舉辦第一次的真實網路攻防競賽,與會人員可以感受在真實網路環境中進行的資訊安全攻防,深深的體認到當駭客已經準備好了,而我們該如何因應隨之而來的資訊安全威脅。

今年邀請了國內外多名資安專家,為大家帶來超過十五場次的精彩演講,六門實用的資安課程,以及首次舉辦的大型網路攻防實戰,提供與會人員一個技術交流的絕佳平台,在攻擊與防守之間都能夠掌握其中的精髓,真正的進入資訊安全領域的專業殿堂。

日期:2014年7月7日至7月8日8:30~17:00
地點:集思台大國際會議中心(台北市羅斯福路四段85號B1)

HoneyCon 2014 會議網站: http://event.honeynet.org.tw/

2014年1月4日 星期六

2014 The Honeynet Project Workshop

The 2014 Honeynet Project Security Workshop brings together experts in the field of information security from around the world to share the latest advances and threats in information security research.

Organized by the The Honeynet Project this three-day workshop features a rare, outstanding line-up of international security professionals who will present on the latest research tools and findings in the field. This year's workshop will be held in Warsaw Poland on 12-14 May 2014.

 Presentation topics cover the latest honeynet/honeypot technology, android security and social network security from The Honeynet Project and Facebook. This year, we also offer several security training courses. If you're looking to attend a high quality and challenging workshop and to learn the practical security skills, then we encourage you to take advantage of this rare opportunity.



2013年6月6日 星期四

HoneyCon 2013台灣誘捕網路技術研討會


 
網際網路時代的來臨,資訊安全的問題一直環繞在我們的周遭,Honeycon 2013台灣誘捕網路技術研討會由The Honeynet Project Taiwan Chapter主辦,建立了國內與國際資安組織接軌的機會,能夠與資安專家面對面探討資安技術與分享彼此的經驗,目前全球資訊安全事件頻傳,大規模的網路 攻擊事件時有所聞,資訊化的程度越高,資訊安全的議題就更加重要,HoneyCon 2013提供了一個資訊技術交流的舞台,從誘捕技術、惡意程式解析到雲端安全等議題。 

今年度除了韓國資訊戰與台菲關係緊張外,國內也立即成立的資安應變小組,本次活動的主辦單位成員除了擔任國家重要資安顧問外也協助包含教育平台的惡意程式誘捕與解析等工作長達十多年,因此第一天除了會邀請國外The Honeynet Project 講師演講有關惡意快閃記憶體的問題外,也包含HoneyPi的分享與最新研究成果,最後也邀請到對APT研究非常精深的資安專家Birdman為第一天研討會畫下完美句點。 

第二天主要為上機課程,於06/11提早報名有原價5.3折優惠,課程內容包含Malicious Flash、Kali Linux、Vulnerability Exploiting與記憶體分析APT等熱門資安課程,歡迎所有對於資訊安全有志一同的朋友,共同參與每年一次的國際資安盛會。

日期:2013年6月27日至6月28日8:30~17:00
地點:集思台大國際會議中心(台北市羅斯福路四段85號B1)
場地資訊:集思官方網站

報名網站:http://event.honeynet.org.tw/activity.html

2012年12月27日 星期四

2013 Honeynet Project Workshop


2013年的The Honeynet Project Workshop將在杜拜舉行,2月10~12日的公開會議,將會辦理研討會以及教育訓練課程,歡迎有興趣的資安研究人員可一同前往。



The 2013 Honeynet Project Security Workshop brings together experts in the field of information security from around the world to share the latest advances and threats in information security research.

Organized by the The Honeynet Project this three-day workshop features a rare, outstanding line-up of international security professionals who will present on the latest research tools and findings in the field. This year's workshop will be held at the wonderful 5-star luxury hotel The Address Dubai Mall in Dubai UAE on 10-12 February 2013. The workshop includes one-day of briefings and two days of hands-on tutorial trainings.

Presentation topics cover the latest honeynet/honeypot technology, android security and social network security from The Honeynet Project and Facebook. This year, we also offer several security training courses. If you're looking to attend a high quality and challenging workshop and to learn the practical security skills, then we encourage you to take advantage of this rare opportunity.


會議網站  http://dubai2013.honeynet.org/
報名網址  http://dubai2013.honeynet.org/register.html

2012年12月6日 星期四

網站重生

為考量與全球誘捕技術以及The Honeynet Project官方網站的資料連結,目前網站的管理與資料正進行轉移,因此預計2013年1月1日後,台灣分會的網站會重新上線,敬請期待!

2012年10月31日 星期三

Taiwan Chapter Status Report for 2012

ORGANIZATION
The Honeynet Project Taiwan Chapter was founded in November 2008. Now we are an independent non-profit organization in Taiwan.
By cooperating with research institutes and regional network centers, hundreds of honetpots have been deployed around Taiwan Academic Network (TANet) and Taiwan Advanced Research and Education Network (TWAREN) for collecting malware samples and detecting network attack traffic.

GOALS
The mission of The Honeynet Project Taiwan Chapter is to fight against malware and raise public awareness of current network threats.

Chapter Member:
Yi-Lang Tsai, Chapter Leader
Yu-Chin Cheng, Board Of Director, Full Member
Po Huang, Contributor
Bo-Yil Lee, Contributor
Jack Hsu, Contributor
Jerry Huang, Contributor

Alumnus:
Eugene Yeh
Dan Chang
Pei-Hsuan Huang

This year we are expected to add more members and contributors in Taiwan. They are come from different university, organization or information security researcher.

The activities of the chapter include the following:
1. Malware behavior analysis and categorization
2. Network attack detection and analysis
3. Information security incident response.
4. A member of Taiwan Academic Information Sharing and Analysis Center
5. Big data indexing and information mining technology
6. Digital Forensics about system and network analysis
7. Botnet detection and behavior analysis

DEPLOYMENTS
1 Large-Scale Honeynet deployments
1.1 Get funding from National Science Council and Ministry of Education to establish large-scale honeynet in Taiwan Academic Network (TANet)
1.2 Build a lot of virtual honeynet in TANet and deployment of more than 6000 IP address.
1.3 Using Honeywall, Dionaea, Kippo, Capture-HPC, Cuckoo and security tools.
1.4 Using Splunk to analysis honeynet logs.
1.5 Information Integration System Design and Development(Security Dashboard)
2 Design malware analysis platform that is named TWMAN (TaiWan Malware Analysis Net) and release in Sourceforge (twman.sourceforge.net) and OpenFoundry (twman.openfoundry.org)
3 Cloud based Vulnerability Scanners and network forensics collecting evidence
4 Visualization framework for security analysis

RESEARCH AND DEVELOPMENT
Research
The main goal of our research focuses on honeynet deployment, malware collection, malware behavior analysis, botnet tracking, malware testbed and distributed data mining. The honeynet have collected a big data about automatic attack from malware. It is an important issue about botnet research in Taiwan. We are trying to analysis malware samples and development ontology researching.

Development
1. Taiwan Malware Analysis Net
The Project of Taiwan Malware Analysis Net (TWMAN) begins in 2010. The first phase of TWMAN project is to develop a platform for malware analysis. Unlike other dynamic analysis techniques which use virtual machines, TWMAN build experimental environment with physical operation system in order to fight against those malwares using anti-VM techniques. Instead of the development of malware analysis tool, TWMAN project is going to extend itself from a malware analyzer to a complete malware analysis net including three different components: malware collection, behavior analysis and knowledge management. With the new face of TWMAN, various sorts of malware information could be integrated into one single system. It would provide valuable data and materials for security researchers and IT specialists to defeat malware threat and contribute to advanced research.

2. Data mining technology development
According to our collection the big data from distributed honeynet. We are using Splunk solution to development search rules and reports. Our programmer and contributor have written some parser to analysis honeynet logs.

3. Visualization security data
We are testing DAVIX toolkit, Google earth API and Gephi for data visualization. Because, there are 50GB events log from honeynet. So we need to visualization for security data. That is based on our security dashboard to monitoring security threats in our security operation center.

FINDINGS
Threat List
Monitoring suspicious network traffic is a main work of Taiwan Chapter. 5240 different IP address of suspicious network attacker have been identified from January 2012 to September 2012 as the report is submitted. The threat list has been shared with the authority of Taiwan Academic Network (TANet) and other regional network centers in order to reduce the risk and threat from outer attackers.

Unique Malware Sample
5710 unique malware samples have been collected from January 2012 to September 2012 as the report is submitted. All the collected malware samples would be analyzed by three different malware analyzers. The analysis results would be centralized into a knowledge management system and share to Government Information Sharing and Analysis Center (G-ISAC) and Malware Exchange System (MES) in Taiwan.

PAPERS AND PRESENTATIONS
List of Publications:
1 Yi-Lang Tsai, Lo-Yao Yeh, Bo-Yil Lee, and Jee-Gong Chang, “Poster Abstract: Automated Malware Analysis Framework with Honeynet Technology in Taiwan Campus,” 18th IEEE International Conference on Parallel and Distributed System, Singapore, December 17-19, 2012.
2 Yi-Lang Tsai and Bo-Yil Lee, “TaiWan Malware Analysis Net”, TANet 2012, Taoyuan, Taiwan, Oct. 23-25, 2012.

Conference:
“Innovation Information Security Workshop in Taiwan 2012” hosted and organized by The Honeynet Project Taiwan Chapter. We have one day conference and one day honeynet technical workshop.

Presentations:
We are using Honeynet technology to detection botnet activity and invited to presentation or sharing our experience.

1. Talk by Yi-Lang Tsai on 2012/06/25 about "Security threaten: Cloud security and Botnet " organized by TAIS 2011(Taiwan Academic Information Security International Conference).
2. Talk by Bo-Yil Lee on 2012/07/06 about “Malware Analysis and TWMAN” organized by Multi-Level Information security Research Platform.
3. Talk by Yi-Lang Tsai on 2012/09/24 about "Ghost is in the Cloud" organized by WWSMC 2012 Taipei.
4. Talk by Yi-Lang Tsai on 2012/10/23 about "TaiWan Malware Analysis Net" organized by TANet 2012.

GOALS
The goal of our chapter is to develop honeynet in major campus in Taiwan and to deal with security incidents. In addition, we embark on the visualization for security data and the integration of information security analysis systems. The optimal vision is to reduce information security threats in the network environment of Taiwan.

MISC ACTIVITIES
We are planning co-work with the security research team in Taiwan to organize information security association.

2011年6月25日 星期六

Taiwan Chapter Status Report for 2010/2011

ORGANIZATION
Taiwan Honeynet Chapter is founded in November 2008. Our mission is to assist in addressing the threats of information security in Taiwan.

GOALS
The mission of The Honeynet Project Taiwan Chapter is to fight against malware and raise public awareness of current network threats.

Chapter Member:
Yi-Lang Tsai, Chapter Leader
Yu-Chin Cheng, Board Of Director, Full Member
Pei-Hsuan Huang

Alumnus:
Eugene Yeh
Dan Chang


In this year, we plan to add more members and contributors. These members come from different universities, organizations or information security researcher.

The following activities are made by our chapter:
1. Malware behavior analysis and categories
2. Abnormal traffic detection and analysis from network traffic flow
3. Security operation center for incident management and handling
4. Co-operation Taiwan academic information sharing and analysis center
5. Huge data indexing and information mining technology
6. Reverse engineering in malware analysis
7. Digital Forensics about system and network analysis
8. Collaboration with TWCERT/CC and leading honeynet working group to build Cyber Clean Center in Taiwan
9. Rainbow table generators and hash cracks based on cloud computing or high-performance computing
10. Botnet detection and behavior analysis

DEPLOYMENTS
1. Large-Scale Honeynet deployments
1.1Get funding from National Science Council and Ministry of Education to establish large-scale honeynet in Taiwan Academic Network(TANet)
1.2Build a lot of virtual honeynet in TANet and deployment of more than 3600 IP address.
1.3Using Honeywall, Nepenthes, Dionaea, Kippo, Capture-HPC, HIHAT and security tools.
1.4Using Splunk to analysis honeynet logs.
1.5Information integration system design and development (Security Dashboard)
2. Design malware analysis platform that is named TWMAN(TaiWan Malware Analysis Net) and release in 2.1Sourceforge(twman.sourceforge.net) and OpenFoundry(twman.openfoundry.org)
3. Cloud-based vulnerability scanners and the evidence collection by network forensics technology
4. Visualization framework for security analysis

RESEARCH AND DEVELOPMENT
Research
We are focused on honeynet deployments, malware collection, malware behavior analysis, botnet tracking, malware testbed and distributed data mining. The honeynet have collected a huge amount of data about automatic attack from malware. It is an important issue about botnet in Taiwan. We are trying to analysis malware samples and develop ontology inference for automatic malware analysis.

Development
1. TWMAN development
Malware is an important topic of security threat research. In this project, a behavioral malware analysis system TWMAN is presented. This project focuses on using real operation system environment to analysis malware behavioral. Many researchers try to use virtual machine systems to monitor the malware behaviors. Those malware samples will only compromise the virtual operating system or virtual machine, which cannot reflect in the real operating system or real environment. Therefore, some malware researchers suggest that the malware sample should not be analyzed in virtual machine environment since the analyzer cannot gain much useful information in virtual machine environment.
We developed a real operation system environment to analysis malware behavioral, named Taiwan Malware Analysis Net(TWMAN). In the following section, we explain how to use this real OS environment to analysis malware behavioral and describe the system structure of TWMAN briefly. In order to verify the correctness of analysis results obtained from TWMAN, we compare our analysis results with that from sandboxs, which are VM-based and real operation system analysis technique with CWSandbox of Sunbelt Software.

2. Malwre testbed development
The Taiwan Information Security Center(TWISC) was initiated as a research program in April 2005. Taiwan Information Security Center at National Cheng-Kung University (TWISC@NCKU) was officially founded on April 1st, 2006. We are using the testbed offered by TWISC@NCKU to develop malware testing platform in this year.

3. Data mining technology development
Based on our collection from our distributed honeynet, Splunk solution is used for generating search rules and reports. Some parsers are written by our programmers to analysis honeynet logs.

4. Visualization security data
We are testing DAVIX toolkit, Google earth API and Gephi for data visualization. Because the huge amount of data about 30 million events are captured by honeynet logs, we need to adopt the visualization technique for the presentation of security data. The source of security data is based on our security dashboard to daily record the security threats.

FINDINGS
Botnet Attack
In the last year, TANet had been attacked by botnet from internet about 12.5 billion times. We have discovered that several IP addresses could be infected by more than three botnet malwares.

Security threats
Botnet is the most serious security threat in Taiwan since tons of computers in Taiwan are infected.

Unique Malware Sample
We are collected over 6000 unique malware samples from internet in this year. Our researchers focus on behavior-based malware analysis and use CWSandbox and TWMAN to analysis the malware samples from honeynet. We are planning to establish a malware knowledge database about malware behaviors for our own research and share them with information security researchers. The information will be shared with Government Information Sharing and Analyis Center (G-ISAC) and Malware Exchange System (MES) in Taiwan.

PAPERS AND PRESENTATIONS
List of Publications:

  • C. H. Chang and Y. L. Tsai , "Design of Virtual Honeynet Collaboration System in Existing Security Research Networks" 10th IEEE International Symposium on Communications and Information Technologies 2010 (ISCIT 2010), Tokyo, Japan, Oct. 26-29, 2010.
  • H. D. Huang, T. Y. Chuang, Y. L. Tsai, C. S. Lee, "Ontology-based intelligent system for malware behavioral analysis," in Proceeding of the 2010 IEEE World Congress on Computational Intelligence (WCCI 2010), Barcelona, Spain, Jul. 18-23, 2010, pp. 1-6.
Presentations:
We are famous for using Honeynet technology to detect botnet activities and are invited to share our experience.

  • Talk by Yi-Lang Tsai on 2010/12/30 about "Honeynet deployment and Botnet Detection" organized by Da-Yeh University.
  • Talk by Yi-Lang Tsai on 2010/11/23 about "Digital Forensics and Botnet tracking" organized by State-owned Enterprise Commission in Taiwan.
  • Talk by Yi-Lang Tsai on 2010/11/22 about "Deployment Snort for Botnet Detection" organized by Ministry of Education in Taiwan.
  • Talk by Chun-Jun Huang on 2010/11/18 about "Network Abnormal traffic detection and analysis" organized by DigiTimes Application Forum 2010(DAF 2010).
  • Talk by Yi-Lang Tsai on 2010/11/10 about "Information Security and Botnet Detection Framework" organized by National Chung Hsing University.
  • Talk by Yi-Lang Tsai on 2010/10/29 about "System security and Forensics" organized by National Chiao Tung University.
  • Talk by Yi-Lang Tsai on 2010/10/28 about "Botnet Detection and Analysis in Taiwan" organized by TANet 2010.
  • Talk by Yi-Lang Tsai on 2010/09/23 about "TANet security defense and Botnet detection" organized by TWCERT/CC.
  • Talk by Yi-Lang Tsai on 2010/08/17 about "Honeynet deployment and malware analysis" organized by National Taiwan University.
  • Talk by Yi-Lang Tsai on 2010/08/13 about "Honeynet and Botnet detection" organized by National Center for High-performance Computing.
  • Talk by Yi-Lang Tsai on 2010/08/12 about "Honeynet and Information Security threats" organized by Tainan City Government.
  • Talk by Yi-Lang Tsai on 2010/07/17 about "Botnet and Malware behavior analysis" organized by Hacks In Taiwan Conference 2010(HIT 2010).
  • Talk by Yu-Chin Cheng on 2010/07/16 about "Inside the botnets based on open source methodology" organized by Workshop on Understanding Botnets of Taiwan(Bot 2010).
  • Talk by Yi-Lang Tsai on 2010/07/07 about "Honeynet and network attacking analysis" organized by National Cheng Kung University.
  • Talk by Yi-Lang Tsai on 2010/07/07 about "Botnet detection and malware analysis" organized by National Science Council Botnet and Anti-hacking deployment project.
  • Talk by Yi-Lang Tsai on 2010/05/13 about "Security monitoring and forensics investigation" organized by Splunk Live 2010 in HongKong.
  • Talk by Yi-Lang Tsai on 2010/05/11 about "Security monitoring and forensics investigation" organized by Splunk Live 2010 in Singapore.
  • Talk by Yi-Lang Tsai on 2010/03/02 about "Honeynet deployment and technical sharing" organized by National Communications Commission.
  • Talk by Yi-Lang Tsai on 2010/02/02 about "Large-Scale Honeynet Development and Botnet Detection" organized by Taiwan Academic Information Security International Conference 2010(TAIS 2010).

GOALS
The goal of our chapter is to develop honeynet in major campus in Taiwan and to deal with security incidents. In addition, we embark on the visualization for security data and the integration of information security analysis systems. The optimal vision is to reduce information security threats in the network environment of Taiwan.

MISC ACTIVITIES
We are planning to hold an international workshop of Honeynet Project on October, 2011 in Taiwan. The first day is scheduled for technical and research presentations, and the second day is for hands-on training.