Informatik, TU Wien

An Introduction to the WOMBAT Project

A Worldwide Observatory of Malicious Behaviors and Attack Threats

In this talk, I will introduce a recently funded European project entitled WOMBAT. This project aims at collecting, enriching and analysing attack related datasets in order to address the so called problem of attack attributions. To put this work in perspective, I will describe one of its component, the SGNET infrastructure, which consists of a worldwide istributed system of honeypots. The novel contributions of this approach will be utlined and rationales for building it will be provided by highlighting some of the lessons learned during the last 4 years with a preceding version of this system, namely the Leurrecom V1.0 project.