[ISN] Research lab extends host-based cyber sensor project to open source

From: InfoSec News <alerts_at_private>
Date: Wed, 18 Apr 2012 01:56:55 -0500 (CDT)
https://www.networkworld.com/news/2012/041612-hone-258296.html

By Ellen Messmer
Network World
April 16, 2012

A Department of Energy (DOE) lab is taking research done to develop a 
host-based security sensor and open-sourcing the software to encourage 
community feedback and participation.

"We'd love to have other people use this," says Glenn Fink, senior 
research scientist at Pacific Northwest National Laboratory, who 
invented Hone, a cyber-sensor that's currently available for the Linux 
operating system kernels 2.6.32 and later, with other versions in 
development for Windows 7 and XP, plus a Mac OX version planned. To 
encourage participation in development, PNNL has established the 
open-source Hone Project with the Linux version.

While there are other host-based sensors, PNNL believes Hone may 
represent a potential breakthrough in identifying suspicious 
communications between monitored computers and network activity, whether 
it be from the Internet or the internal network. Fink said Hone can 
identify relationships between programs and network activities. As such, 
it might not only be able to identity cyberattacks accurately, but could 
also be adapted to limit how processes can communicate to the network. 
Fink said Hone is potentially of use in monitoring wireless networks.

[...]


_______________________________________________
LayerOne Security Conference
May 26-27, Clarion Hotel, Anaheim, CA
http://www.layerone.org
Received on Tue Apr 17 2012 - 23:56:55 PDT

This archive was generated by hypermail 2.2.0 : Tue Apr 17 2012 - 23:55:47 PDT