• Approx 9 days of casual activity, from a volunteer using an Apple 13 inch laptop, using the inbuilt "trackpad" device
• The user is experienced with computers
• Computer was left on, never rebooted
• The majority of usage is Internet browsing/twitter etc
• Small amount of document creation, email, word documents, spreadsheets
• Small amount of photo browsing
• Main apps are Web browser, email client, Twitter client "Tweetdeck" with approx 10 columns, and a Internet Chat client
• itunes running

• The top right is the screen lock "hot corner" where the user moves the mouse to lock the screen while away from the keyboard
• There is a horizontal band towards the bottom right. This was due to the Tweetdeck framework not supporting horizontal two finger scrolling
• The grouping at the bottom is the application dock, where user went to swap between applications
• The clusters at the top and the middle are mostly email checking, and pushing "favourite" buttons inside the web browser (eg news)

• The Australian High Tech Crime Conference HTCC2010, 8 September 2010
  Presentation: VOIP Honeypots
  The High Tech Crime Conference was hosted in Sydney by the High Tech Crime Operations portfolio, within the Australian Federal Police (AFP) in conjunction with the University of Technology Sydney. The HTCC brings together domestic and international experts and thought leaders from the Judiciary, legal fraternity, government, law enforcement agencies, academia and the private sector.


• Melbourne Branch: Australian Information Security Association (AISA), 12 August 2010
  Presentation: The Honeynet project and Data Visualisation for Security Purposes


• Sydney Branch: Australian Information Security Association (AISA), 15 September 2010
  Presentation: HiTech Crime and Honeypots


• Ballarat Innovation, Communication and Technology Cluster, 15 June 2010
  Presentation : Honeynet Project

• Engagement with CERT Australia (Australian Federal Attorney General's Department)
  
  
• Engagement with BHP Billiton (worlds largest diversified miner)
  
  
• "ATM Voyager": Development of an interactive ATM performance data visualization tool suite as part of wider "Bank Voyager" product
  
  
• Piloting of ATM Voyager with a major Australian bank
  
  
• Preparation for NSW Fraud squad, and the NSW crime commission "ID Theft taskforce" on employing data visualization to identify credit card fraud/skimming
  
  
• Honeynet Project: Administering and mentoring students in Google funded program "Summer of Code 2010"
  
  
• Honeynet Project: Forensic Challenge on VOIP
  
  
• Honeynet Project: VOIP internet attack research
  
  
• Presentations at the AFP's High Tech Crime Conference, AISA Sydney and Melbourne branches, and the Ballarat Innovation ICT Cluster on data visualization and security.
  

The idea of this project was simply to provide some ideas as to ways to represent their massive datasets visually. There's lot of work to go, however here are few early ideas. My favourite is a light-hearted time series visualization in the theme of an old favourite arcade game originally released in 1972 "Pong".

As part of my contribution to the Honeynet Project, we have released the forth instalment in the "Forensic challenge" series. This challenge is focused in the world of VOIP telephony, which is a burgeoning area and one that is unfortunately often neglected when it comes to security treatment, and in particular in the study of the threat/incident environment. I've been studying the threat environment for over 18 months, working closely with the Norwegian chapter - you can read about some of this work in my honeynet blog.

The "VOIP forensic challenge" consists of real world attack data, and poses some technical and reflective questions which challenge participants to piece together the clues, and discover some hidden attributes of the attacks. Participants will learn much about VOIP along the way, and as a result they will be better armed to mitigate the risk of attacks to VOIP systems.

For the first time, we have translated the challenge into Chinese - both Traditional and Simplified versions. This will make the challenge accessible to an additional billion people. We are very excited about this, and are hoping for unprecedented participation. In designing the challenge, we formed a team with members from Norway, Hong Kong, China, Taiwan, Singapore, France and the US. I'm continually impressed by the collaborative global environment that exsists at the Honeynet project.

If you are in a position to advertise the challenge to students or security teams - please feel free to do so. Remember the goal is to participate, enjoy and learn!

Ben Reardon

Our first month has been extremely busy and quite productive.

In particular, we've been working on two new and interesting projects. One being a consultancy in the cybercrime field for the Federal Attorney General's "CERT Australia", and the other being an innovative data visualization project involving a recent high profile incident. While this work cannot be shown publicly, if you have a need to know, and come from a Law enforcement or other appropriate security agency, please contact us to discuss.

For three of the visuals produced for this project, we used a tool called "protovis" which is a relatively new javascript library of visualization tools. Using this tool, we produced an interactive piece where items of interest could be searched, filtered and drilled down on. We also used word frequency analysis techniques to describe some attributes of this incident in a high level, but easy to understand visual.

We continue to receive interesting from several parties, particularly in the Finance and IT sectors. In relation to data visualization, in the months ahead we hope to develop our exposure into the sales and marketing space, where clearly data visualization can provide a great deal of environmental intelligence to decision makers.

We've spent much of our first week taking feedback from supporters, which has been overwhelming. Interest in the initiative has been very encouraging, and so far this week we've had the following successes:

• We've secured a new client for an exciting consultancy project in the cybercrime field (government sector)
  
• We've had over 300 visitors to this website, almost half of them on our opening day, which was great to see.
• We've had web traffic from 20 countries, the top 10 countries in order were Australia, United States, France, United Kingdom , Netherlands, Germany, Singapore, South Africa, Greece and Switzerland.
• We've had constructive feedback from over 30 friends and supporters - thank you all!
• We've made an agreement with one new organization for whom we will doing probono work

We are proud to announce that we are open for business today !
Please view our gallery to get a sense of the work we produce and the potential uses in your environment.