Advance SSH HoneypotDeception Research
We are an early-stage team looking to collaborate with academic researchers on attacker-behaviour modelling, decoy realism, and tamper-evident evidence for SSH honeypots.
Honeypot Deception Research Areas
The topics we want to explore with academic research partners
Attacker-Behaviour Modelling
Modelling how attackers move through SSH honeypots using Bayesian and Markov methods.
- Markov models of attacker session behaviour
- Bayesian inference over command sequences
- Anomaly detection in SSH session logs
- Clustering and profiling of attacker patterns
Deception & Decoy Design
Making SSH honeypot decoys realistic enough to keep attackers engaged without giving themselves away.
- Decoy realism and filesystem believability
- Honeypot fingerprinting and evasion resistance
- Adaptive responses to attacker commands
- Measuring engagement and dwell time
Tamper-Evident Evidence & Attribution
Recording honeypot activity as tamper-evident evidence using SHA-256 and keccak256 hashing.
- Tamper-evident evidence with SHA-256 / keccak256
- Hash-chained, append-only session logs
- Attribution signals from attacker behaviour
- Evidence integrity verification methods
Research Partners We Want to Engage
The kinds of European research groups we hope to collaborate with. These are profiles, not current partners.
Security Research Groups
University labs focused on
network and systems security
Data Science & ML Labs
Teams working on
Bayesian and Markov methods
Digital Evidence Researchers
Groups studying
integrity and attribution
EU Compliance & Policy Groups
Teams working on
GDPR and NIS2 questions
Research Collaboration Benefits
Comprehensive support for academic and industry research partnerships
For Academic Institutions
Research Funding
We hope to support honeypot deception research projects with funding in future, subject to our own funding.
Technology Access
Access to the platform and deception datasets for research use.
Publication Support
Co-authorship opportunities and support for conference presentations as the work develops.
Student Programs
We would like to offer student and postdoc collaboration with industry mentorship as we grow.
For PHANTAQSM
Applied Research Input
Access to current academic work on deception and attacker modelling to inform the platform.
Talent Pipeline
Early access to top PhD graduates and postdocs for recruitment.
Innovation Validation
Academic validation and peer review of new technologies and approaches.
Joint Development
Opportunities to develop new methods and approaches together, with IP terms agreed per project.
Research Program Tracks
Academic Collaboration
University research partnerships
- Joint research projects
- Student exchange programs
- Conference presentation support
- Publication co-authorship
Innovation Fellowship
Planned researcher positions
- Fixed-term research fellowship
- Access to the platform and deception datasets
- Industry mentorship
- Support for publishing results
Research Consortium
Multi-institutional partnerships
- Large-scale research initiatives
- Cross-institutional collaboration
- Government funding coordination
- Standards development participation
Research Outcomes We Are Working Toward
As an early-stage team, these are our goals, not results we have achieved yet
Published Research
We aim to publish honeypot deception findings with academic partners
New Methods
Developing better attacker-behaviour models and decoy techniques together
Student Collaboration
We hope to support students and postdocs working on deception research
Standards Input
Over time, we would like to contribute to relevant security standards work
Help Us Shape Honeypot Deception Research
We are early-stage and Brussels-based, and we would value academic partners in SSH honeypot deception, attacker-behaviour modelling, and tamper-evident evidence.