Information Security News mailing list archives
Research lab extends host-based cyber sensor project to open source
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 18 Apr 2012 01:56:55 -0500 (CDT)
https://www.networkworld.com/news/2012/041612-hone-258296.html By Ellen Messmer Network World April 16, 2012A Department of Energy (DOE) lab is taking research done to develop a host-based security sensor and open-sourcing the software to encourage community feedback and participation.
"We'd love to have other people use this," says Glenn Fink, senior research scientist at Pacific Northwest National Laboratory, who invented Hone, a cyber-sensor that's currently available for the Linux operating system kernels 2.6.32 and later, with other versions in development for Windows 7 and XP, plus a Mac OX version planned. To encourage participation in development, PNNL has established the open-source Hone Project with the Linux version.
While there are other host-based sensors, PNNL believes Hone may represent a potential breakthrough in identifying suspicious communications between monitored computers and network activity, whether it be from the Internet or the internal network. Fink said Hone can identify relationships between programs and network activities. As such, it might not only be able to identity cyberattacks accurately, but could also be adapted to limit how processes can communicate to the network. Fink said Hone is potentially of use in monitoring wireless networks.
[...] _______________________________________________ LayerOne Security Conference May 26-27, Clarion Hotel, Anaheim, CA http://www.layerone.org
Current thread:
- Research lab extends host-based cyber sensor project to open source InfoSec News (Apr 17)