1. Introduction

About This Presentation
Title:

1. Introduction

Description:

Modify wireless Linksys router. Add authentication capability to router ... Modify Linksys BIOS (10/22 11/30) ... Flashing the BIOS of the linksys router. ... – PowerPoint PPT presentation

Number of Views:49
Avg rating:3.0/5.0
Slides: 26
Provided by: Dip3
Learn more at: http://plaza.ufl.edu

less

Transcript and Presenter's Notes

Title: 1. Introduction


1
1. Introduction
  • Goal of this Presentation
  • To give a better understanding of the overview
    of our project. Such as
  • Researches
  • Project Plans
  • Customer Expectations
  • Business Case
  • Cost Budget
  • Unsolved Issues, etc

2
2.0 Project Assumptions and Objectives
  • Project Explanation
  • Track attacks and log their paths
  • Create a complete package
  • Background
  • 1990, first concepts of Honeypot by Clifford
    Stolls
  • 1997, first toolkit released Fred Cohens
    Deception Toolkit
  • Other releases CyberCop, Back Officer Friendly
    and Honeynet Project
  • Know Your Enemy, publications

3
2.0 Project Assumptions and Objectives
  • Scope
  • Raytheon allows a great deal of freedom
  • Add, modify and combine individual components
  • Wireless Linksys router
  • Honeypot software
  • Logging station
  • Create automatic script for setup

4
2.0 Project Assumptions and Objectives
  • Major Objectives
  • Modify wireless Linksys router
  • Add authentication capability to router
  • Modify honeypot open source
  • Add unique element to open source
  • Add logging station
  • Separate logging from the honeypot to eliminate
    the chance of logging being compromised
  • Hack our system
  • Try hack our system and then fix and upgrade
    features throughout the process

Project Assumptions and Objectives
5
2.0 Project Assumptions and Objectives
  • Expectations
  • Unique modification to honeypot open source code
  • Slow down attacks in real-time to limit their
    bandwidth
  • Provide a quick and easy setup
  • Annual Quantity
  • Raytheon may possibly continue this project in
    house and sell it as a package to customters

6
3.0 Customer Expectations
  • Wants and Needs of the customer
  • The wants and needs of the customer are exactly
    the results of the effort that our team puts in.
  • Not usually the norm, but its Raytheons only
    expectation that we create a working honeypot
    that shows off our teams imagination and
    innovation.
  • Relative importance
  • Strong research and development into creating a
    unique honeypot (priority 1)
  • Creating a bundled software and hardware product
    that reflects our R D. (priority 2)

7
3.0 Customer Expectations
  • Product Specifications
  • Technical
  • Creating a functioning honeypot, that can be used
    on an infrastructure network and can effectively
    log and divert intruders from the production
    network.
  • Performance
  • Emulation of all the traffic directed through the
    router as though it was traveling through the
    actual production network.
  • Quality
  • An effective logging system to monitor which
    parts of the production network are being
    attacked.
  • Overall Goal
  • Provide a product that slows down an attacker by
    creating a simulated network environment,
    applicable in real world scenarios, which can log
    an attackers intentions and paths, with the
    potential for collecting materials able to be
    admissible in a court of law .

8
3.0 Customer Expectations
  • Measurable Engineering Characteristics based on
    customer expectations
  • Accuracy of logging software
  • Speed of packet-sniffing algorithm
  • Size of logged information storage
  • Speed Accuracy of IDS (Intrusion Detection
    System)
  • Reliability of logged information (Spoofing
    detection)

Project Assumptions and Objectives
9
3.0 Customer Expectations
  • Relationship of product specifications to
    customers wants and needs
  • Difficult to define since the customer in this
    case is allowing the product specifications to be
    their wants and needs.
  • Specifics
  • Technical aspect of our product specification is
    the creation of a functioning honeypot. (high
    priority)
  • The performance of our system should be similar
    to existing honeypot and honeynet systems, but
    different in that ours adds some innovative and
    unique designs (which our ad-hoc application
    should provide). (medium priority)
  • The product being created, although not
    explicitly manufactured for future retail value,
    should be a finished product complete with
    bundled hardware and software. While this is not
    a need of the customer, it could potentially be
    a want. (low priority)

10
4.0 Analysis of Competitive Products
  • To our knowledge, there are no products that are
    similar enough to ours to be considered
    competitors. our system is in its own class
    because of the features that will be implemented
    with it.

11
4.0 Analysis of Competitive Products
  • However, we have looked at other products that
    have some of our products functionalities, such
    as
  • Symantec Mantrap
  • monitor intrusions instantly
  • look and act exactly like full-function servers
  • Snort
  • traffic analysis and packet logging on IP networks

12
5.0 Concept Selection and Description
  • Slow down an attack
  • the honeypot will act as a diversion to provide
    time to take the appropriate measures and keep
    harmful traffic away from the production
    network
  • Simulate a real network environment
  • create the illusion of a real network so
    outsiders are none the wiser
  • Log incoming and outgoing data
  • determine vulnerabilities in our own network
    and prevent future attacks
  • Do not interfere with production network
  • keep honeypot separate to avoid complications
    with production network in case the honeypot is
    compromised

13
5.0 Concept Selection and Description
Setup Of A Honeypot
14
6.0 Project Plan, Resources, Schedules
  • Major Check Points and Deliverables
  • Setup Network (10/4 - 10/11)
  • Comprehensive Plan (10/22 - 11/2)
  • Prototypes Plan (10/12 10/27)
  • Modify Linksys BIOS (10/22 11/30)
  • Configure dedicated machines for specific use
    (11/15 12/09)
  • Project Plan Review (01/3 01/10)
  • Prototype Results (01/3 01/10)

15
6.0 Project Plan, Resources, Schedules
  • Major Check Points and Deliverables (con.)
  • Stimulate Real World Attacks (01/5 02/16)
  • Code integration and test/build (02/07 02/14)
  • Modification to system (02/07 02/14)
  • Final Packaging and Documentation (02/23 03/29)

16
6.0 Project Plan, Resources, Schedules
  • Responsibilities for each member
  • We are at the point that we feel its better to
    work as a team
  • More specific tasks will be assigned later in the
    project to pairs of members as needed.

17
7.0 Business Case
  • With industrial espionage and particularly,
    computer based industrial espionage on the rise,
    companies are all going many steps further to
    protect their information. The most commonly
    seen threat to a companys computer network is
    something as simple as a virus or worm. While
    these scripts do cause slow downs in production
    and monetary loss, another threat that is not as
    often thought about is theft of intellectual
    property. The wireless honeypot appliance is
    part of a solution to curb the efforts of
    outsiders wanting to gain access to our corporate
    network, be it for malicious or theft reasons.

18
7.0 Business Case
  • Assumptions
  • Internal use only Not for sale
  • Still has (positive) financial impact by
    preventing unauthorized information from being
    stolen from Raytheon.

19
Estimated Product Cost
  • 20,000.00 in RD
  • Approximately 100.00 to replicate
  • All software either developed in-house or under
    the GPL license

20
Support Costs
  • Low support costs
  • Setup and Go
  • Costs may increase if threat is found as a matter
    of protection

21
Return on Investment
  • As stated before, no actual dollar amount can be
    assigned to the value of this project, however
    the liability that Raytheon employees assume will
    be greatly decreased.

22
8. Issues
  • list of areas in the design that are not too
    well understood
  • parts, components, subsystem sourcing for
    prototypes
  • prototype testing

23
List of areas in the design that are not too
well understood
  • - Flashing the BIOS of the linksys router.
  • - General knowledge of hacking to simulate an
    attack on the honeypot
  • - Adding to the kernel of a linux operating
    system
  • - Using IDS and logging tools to record
    information from attacks
  • - An understanding of networking in general
    (packets, ports, protocols, etc)
  • - Legal Issues regarding honeypots

24
Parts, Components, Subsystem sourcing for
prototypes
  • - Linkysys Wireless Router with Speedbooster
    WRT54GS (Speedbooster model provides double flash
    memory)
  • - 3 Computers
  • 1-Running Honeypot "Usermode Linux, Honeyd"
  • 2-Running Snort "Logs Activity from Router",
  • 3-Running System logger "Logs activity in
    honeypot
  • A wireless network to implement our honeypot
    system
  • Other Computers to simulate attacks on the
    honeypot

25
Prototype testing
  • Evolutionary Prototyping
  • Build a bicycle first, then build a car
  • Start with barebone honeypot system
  • Test
  • Implement additions one by one from a list of
    prioritized features
  • Repeat until features or time run out
Write a Comment
User Comments (0)
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "1. Introduction" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!