Using honeyclients to discover new attacks

People who are interested in maintaining situational awareness often deploy honeypots. However, there are whole classes of attacks for which honeypot devices are not very useful, due to their passive nature.

Honeyclients are client-based applications that actively seek malicious servers to gather data for further analysis. This talk will focus on honeyclients, how they can be used, and will share interesting data that has been gathered with a honeyclient. As part of this presentation, an open-source honeyclient application will be released.


Kathy Wang has a background ranging from blowing up Alpha chips at DEC to authoring Morph, an OS fingerprint cloaker tool. She has spoken at many security conferences and events in the past, including DEFCON, HOPE, Notacon, and ToorCon. In 2001, Kathy co-founded Syn Ack Labs research group. She graduated from The University of Michigan with a BS and MS in electrical engineering, and is currently based in the Washington, D.C. area.