Friday, February 14, 2014

DISM Final Year Project Sharing - Exposing Web-Based Attacks

Project Title: Exposing Web-Based Attacks
Categories: Honeypot, Apache, PHP, MYSQL, CentOS, VirtualBox.
Students:  Wong Jun Xiang, Joleen Chan, Ong Guan Wei and Dixon Soo.

(From L to R): Wong Jun Xiang, Joleen Chan, Ong Guan Wei and Dixon Soo.

It is now a rising trend for website administrators to use Content Management System (CMS) to run and manage their websites. CMS platforms rely heavily on databases to store sensitive information that is useful to attackers. Therefore CMS platforms have raised the interest of attackers in attacking CMS since it would mean getting hold of an enormous amount of confidential information.

RicePOT (HIHAT) allows to transform common Content Management System into web-based high-interaction Honeypots. It will capture CMS web attacks and to analyse them. In the end, the application will give a concluding statement on how much risk a CMS is exposed to, which may leads to its exploitation. Furthermore a graphical user interface is provided which supports the process of monitoring the Honeypot and analysing the acquired data.

Project website: dixonsoo.com/ricepot
Potential Opportunities
The project is fully open source therefore allows more CMS platforms to be supported by web developers.