SSH Honeypot Deception: A Practical Primer
A planned explainer on how managed SSH honeypots engage attackers and capture session telemetry for analysis...
Early-stage research into SSH honeypot deception, attacker-behaviour modelling, and tamper-evident evidence for European deployments.
Research combining SSH honeypot deception, statistical attacker-behaviour modelling, and EU regulatory-aware design.
Developing Bayesian and Markov models to characterise attacker behaviour from SSH honeypot sessions.
Methods for producing tamper-evident session evidence using SHA-256 and keccak256 hashing.
Design of convincing decoy SSH environments for attacker engagement and session capture.
Approaches to handling captured telemetry under EU-region hosting and GDPR-aware design.
Methodology write-ups we intend to publish. None are published yet.
Intended work documenting how Bayesian scoring is applied to attacker session behaviour captured in SSH honeypots. Not yet published.
Intended work on modelling attack progression as state transitions over honeypot session events. Not yet published.
Intended work on producing tamper-evident (not court-admissible) session evidence through hash chaining. Not yet published.
Intended work on building decoy SSH environments that engage attackers without exposing production systems. Not yet published.
Analysis and commentary on emerging cybersecurity trends and policy developments
A planned explainer on how managed SSH honeypots engage attackers and capture session telemetry for analysis...
A planned piece on inferring attacker intent from command sequences captured in SSH honeypots...
A planned overview of how SSH honeypot deception can support NIS2-aware detection and monitoring...
We are seeking collaboration with European universities and research groups. None are established yet.
Partner with us to advance SSH honeypot deception and statistical attacker-behaviour modelling for European deployments.