Invited Essayist

Honeypots: Catching the Insider Threat

In the past several years there has been extensive research into honeypot technologies, primarily for detection and information gathering. However, little research has been done for one of the most dangerous threats, the advance insider, the trusted individual who knows your internal organization. These individuals are not after your systems, they are after your information. This presentation discusses how honeypot technologies can be used to detect, identify, and gather information on these specific threats.


Lance Spitzner photo Lance Spitzner is the Invited Essayist for this year's ACSAC. He is a geek who constantly plays with computers, especially network security. He loves security because it is a constantly changing environment, your job is to do battle with the bad guys. This love for tactics first began in the Army, where he served for seven years, four as an Armor officer in the Army's Rapid Deployment Force. Following the military he received his M.B.A and became involved in the world of information security. Now he fights the bad guys with IPv4 packets as opposed to 120mm SABOT rounds. His passion is researching honeypot technologies and using them to learn more about the enemy. He is founder of the Honeynet Project, moderator of the honeypot maillist, author of Honeypots: Tracking Hackers, co-author of Know Your Enemy and author of several whitepapers. He has also spoken at various conferences and organizations, including SANS, Blackhat, FIRST, the Pentagon, NSA, CIA the FBI Academy, JTF-CNO, the President's Advisory Board, the Army War College, DOJ, West Point and Navy War College. When not actively leading the Honeynet Project, Lance consults for Honeypot Technologies Inc.

Lance Spitzner earned a B.A. History from the University of Illinois - Champaign and an MBA from the Univiversity of Illinois - Chicago.

When not involved in network security he attempts to have as much fun as possible. He developed a love for Scuba Diving, spending several months exploring dive sites in the remote islands of Indonesia. When not diving, he comes up with other excuses to get out, especially roller blading or hiking. He also loves military history, especially the tools and tactics of medieval warfare. This is where he gets his interest for network security, as there are many similarities between information security and combat tactics.


Read Paper Read Paper (in PDF)

View Slides View Slides (in PDF)


[ Wednesday ] [ Thursday ] [ Friday ]