About Canadian Threat Hunting

As an academic research project, we have created a network with the capability to capture and analyse traffic inside and outside of our firewall in real time. Using the Cowrie honeypot we are capturing attackers behaviour in real time. We are migrating to an online system with the capability to provide playback of this behaviour, allowing for novel, in-depth analysis of the techniques, tactics and procedures used by attackers. With this insight we hope to develop a classification system for the TTPs of attackers. Such a system would provide valuable information to security professionals when responding to threats, and attributing attacks.

  • Dr.Arash Habibi Lashkari - Project Leader
  • Hamidreza Talebi - System Administrator
  • Will Bartlett - Developer