Sign In

Communications of the ACM

ACM TechNews

Project Sonar Crowdsources a Better Bug Killer


An electronic

Project Sonar is a crowdsourced effort to improve security through the active analysis of public networks.

Credit: Reviewness.com

Rapid7 chief research officer HD Moore is developing ways of identifying vulnerable Internet-facing systems and devices through exhaustive scans of the Internet. At the recent DerbyCon 3.0 conference, he sought to crowdsource this effort by launching Project Sonar.

"Project Sonar is a community effort to improve security through the active analysis of public networks," Moore says. He reports that this will involve "running scans on Internet-facing systems, organizing the results, and sharing the data with the information security community."

Rapid7 recently released approximately 3 TB of data gathered from numerous scans, but Project Sonar invites researchers to not only comb through this data, but perform their own scans. Until very recently, exhaustive port scanning could take years and required the use of numerous devices, but new platforms including the open source ZMap network scanner and Errata Security's Masscan tool can carry out such scans in minutes. However, Moore notes that although obtaining such data is easier now, analyzing it requires a great deal of manpower--hence Project Sonar's call to crowdsource the effort.

From InformationWeek
View Full Article

 

Abstracts Copyright © 2013 Information Inc., Bethesda, Maryland, USA


 

No entries found

Comment on this article

Signed comments submitted to this site are moderated and will appear if they are relevant to the topic and not abusive. Your comment will appear with your username if published. View our policy on comments

(Please sign in or create an ACM Web Account to access this feature.)

Create an Account

Log in to Submit a Signed Comment

Sign In »

Sign In

Signed comments submitted to this site are moderated and will appear if they are relevant to the topic and not abusive. Your comment will appear with your username if published. View our policy on comments
Forgot Password?

Create a Web Account

An email verification has been sent to youremail@email.com
ACM veriřes that you are the owner of the email address you've provided by sending you a veriřcation message. The email message will contain a link that you must click to validate this account.
NEXT STEP: CHECK YOUR EMAIL
You must click the link within the message in order to complete the process of creating your account. You may click on the link embedded in the message, or copy the link and paste it into your browser.