The Manuka project

Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004. Pub Date : 2004-06-10 DOI:10.1109/IAW.2004.1437833

B. Endicott-Popovsky, D. Dittrich, A. Phillips, D. Frincke, J. Chavez, W. J. Gibbons, D. Nguyen, C. Seifert, A. Shephard, C. Abate, S. Loveland

{"title":"The Manuka project","authors":"B. Endicott-Popovsky, D. Dittrich, A. Phillips, D. Frincke, J. Chavez, W. J. Gibbons, D. Nguyen, C. Seifert, A. Shephard, C. Abate, S. Loveland","doi":"10.1109/IAW.2004.1437833","DOIUrl":null,"url":null,"abstract":"During 2003-2004, the University of Washington (UW) and Seattle University (SU) collaborated to build a system for cataloging compromised system images under the auspices of the Pacific Northwest Honeynet (PNW-honeynet) which is a Honeynet Project Research Alliance member group. The idea grew from the Honeynet Project's 'Forensic Challenge', a project designed to raise awareness, teach and inform those tasked with responding to threats of malicious network intrusion. Since teaching from evidence of actual incidents is far more powerful than the traditional approach of using contrived workbook exercises, the Manuka project called for the creation of a database that would store compromised system images for use in incident response and computer forensic courses. This is a case study of that development process, identifying the unique challenges overcome in completing Manuka by June, 2004. As an open source product that will be made available to the research and teaching community, it is hoped that through this paper interest will be stimulated to provide these researchers further ideas for use and enhancement.","PeriodicalId":141403,"journal":{"name":"Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004.","volume":"09 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2004-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IAW.2004.1437833","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

During 2003-2004, the University of Washington (UW) and Seattle University (SU) collaborated to build a system for cataloging compromised system images under the auspices of the Pacific Northwest Honeynet (PNW-honeynet) which is a Honeynet Project Research Alliance member group. The idea grew from the Honeynet Project's 'Forensic Challenge', a project designed to raise awareness, teach and inform those tasked with responding to threats of malicious network intrusion. Since teaching from evidence of actual incidents is far more powerful than the traditional approach of using contrived workbook exercises, the Manuka project called for the creation of a database that would store compromised system images for use in incident response and computer forensic courses. This is a case study of that development process, identifying the unique challenges overcome in completing Manuka by June, 2004. As an open source product that will be made available to the research and teaching community, it is hoped that through this paper interest will be stimulated to provide these researchers further ideas for use and enhancement.

查看原文本刊更多论文

麦卢卡项目

在2003-2004年期间，华盛顿大学(UW)和西雅图大学(SU)在太平洋西北蜜网(PNW-honeynet)的支持下合作建立了一个对受损系统图像进行编目的系统，pnw -蜜网是蜜网项目研究联盟的成员组织。这个想法源于蜜网项目的“取证挑战”，这个项目旨在提高人们的意识，教育和告知那些负责应对恶意网络入侵威胁的人。由于从实际事件的证据中进行教学远比使用人工制作的练习册练习的传统方法强大得多，因此麦卢卡项目要求创建一个数据库，用于存储受损系统的图像，以供事件响应和计算机取证课程使用。这是该开发过程的一个案例研究，确定了在2004年6月之前完成麦卢卡的独特挑战。作为一个开放源代码的产品，将提供给研究和教学社区，希望通过这篇论文将激发兴趣，为这些研究人员提供进一步的使用和增强的想法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004.

自引率

0.00%

发文量