STINGAR: Automated Detection, Sharing, and Mitigation of Network Threats (separate registration is required)

Monday, May 13 | 8:30AM–12:00PM CT | Vevey 3, Second Floor Event Centre
Session Type: Additional Fee Program
Delivery Format: Preconference Workshop
Join this workshop to learn about the Shared Threat Intelligence for Network Gatekeeping and Automated Response (STINGAR) project and CommunityHoneyNetwork (CHN). We will provide an in-depth review of the project's overall goals and future directions, examine the architecture of the STINGAR ecosystem, and demo installation processes. In a final lab, you'll be given access to AWS virtual machines to deploy your own instances of CHN, which will be kept running during the conference; data summaries will be shared postconference. As time and interest allows, internals of the project development processes and future roadmap will be discussed. The goal of the STINGAR project led by Duke University (https://stingar.security.duke.edu/) is to enable low-friction generation of threat intelligence, data sharing, and action on threat intelligence for the higher ed community. Through the use of the CHN (https://communityhoneynetwork.readthedocs.io) honeypot system (a fork of Threatstream/Anomali Modern Honey Network), institutions are able to quickly deploy a central console and multiple honeypots to gather information about attacks on their networks. CHN also supports easy integration with CIF (Collective Intelligence Framework) to summarize and share this attack information with others in the community. Using CIF or CHN APIs, it is trivial to generate feeds of malicious IP addresses that can be loaded directly into an organization's protective or detective devices.

Outcomes: Understand the broad goals of the STINGAR project * Learn the key requirements for building an automated response capability based on threat intelligence * Learn how to deploy the CHN honeypot system and integrate with CIF * Influence future features of STINGAR technology

Presenters

  • Jesse Bowling

    Security Architect & CSIRT Program Manager, Duke University
  • Anthony Miracle

    IT Security Analyst, Duke University

Resources & Downloads

  • STINGAR Workshop PowerPoint

    Updated on 5/27/2022