Home » About

About

At Duke, STINGAR has helped to increase the security team’s blocking capabilities from 10 million malicious connection attempts per day to 2 billion per day at the height of the Mirai botnet. The honeypot portion of STINGAR accounts for a significant chunk of these blocks and also has increased the fidelity of what we block, reducing  false positives.

We believe that honeypots provide an excellent source of local threat data with a high signal-to-noise ratio. To that end, we forked the ThreatStream Modern Honey Network (MHN) project to our Community Honey Network (CHN) project, and have been improving it into an easy-to-deploy, flexible, honeypot system.

We would love for other universities to join the STINGAR community. We’re looking for:

  • Feedback on the setup
  • Feedback on options for integrating STINGAR data with your current network blocking infrastructure
  • Interest and willingness to  sharing your honeypot data back to a larger community
We make CHN available on GitHub (https://communityhoneynetwork.readthedocs.io/) and have a mailing list and a Slack workspace set up for communications with the community of users.  Email the STINGAR team (team-stingar@duke.edu) to join the list or receive an invite to the Slack channel.

Join private STINGAR mailing list

Interested parties are encouraged to interact with the team via the project Github pages or in the Gitter IM community, which gives us a public space for quick questions.

Academic institutions can email Jesse Bowling at team-stingar@duke.edu to be added to the private STINGAR mailing list and Slack workspace.

Please include information about your organization’s interest in the STINGAR project in your request.