Their strategy seems to be similar as that of 'HoneyNet Project's'.CyberTrust's application known as 'The Brain' tracks and monitors the activity of hackers and hacker groups who are involved in everything from virus writing to around 3,000 website defacements each day.
www.honeynet.org
There too some systems configured as honeypots are used to track down the attacker. The system uses well defined Data Control, Data Capture and Data Analysis tools. some of these tools are provided by the project co-ordination team to the individual honenet participants.. but participating agencies may develop their own tools too.. Their participating agencies are primarily university research houses, govenment funded security agencies etc. The participating parties have to stick to some guidlines like complete disclosure of the tools used, data captured and log details.
Please view the following link:
http://www.leurrecom.org/week_20050723-20050730.htm
which provides the related information about tracking of attackers/ unauthorised hackers. The complete statistics gathered by these projects/initiatives will be helpful in analysing the attacker behaviour (their technical skills and vulnerability explotaition) and attack patterns, which may be helpful in developing more advanced security tools.
Reply With Quote