HosTaGe is a lightweight, low-interaction, portable, and generic honeypot for mobile devices that aims on the detection of malicious, wireless network environments. As most malware propagate over the network via specific protocols, a low-interaction honeypot located at a mobile device can check wireless networks for actively propagating malware. We envision such honeypots running on all kinds of mobile devices, e.g., smartphones and tablets, to provide a quick assessment on the potential security state of a network.
HosTaGe emulates the following protocols as of the latest version: AMQP, COAP, ECHO, FTP, HTTP, HTTPS, MySQL, MQTT, MODBUS, S7COMM, SNMP, SIP, SMB, SSH, SMTP and TELNET
Download from Play Store!
The research behind HosTaGe has been published and presented in a number of scientific and industrial conferences. Below you can find some selected papers: Emmanouil Vasilomanolakis, Shankar Karuppayah, Mathias Fischer, Mihai Plasoianu, Wulf Pfeiffer, Lars Pandikow, Max Mühlhäuser: This Network is Infected: HosTaGe – a Low-Interaction Honeypot for Mobile Devices. SPSM@CCS 2013:43-48  Emmanouil Vasilomanolakis, Shankar Karuppayah, Mathias Fischer, Max Mühlhäuser: HosTaGe: a Mobile Honeypot for Collaborative Defense. ACM SIN 2014:330-333  Emmanouil Vasilomanolakis, Shreyas Srinivasa, Max Mühlhäuser: Did you really hack a nuclear power plant? An industrial control mobile honeypot. IEEE CNS 2015:729-730  Emmanouil Vasilomanolakis, Shreyas Srinivasa, Carlos Garcia Cordero, Max Mühlhäuser: Multi-stage Attack Detection and Signature Generation with ICS Honeypots. IEEE/IFIP DISSECT@NOMS 2016:1227-1232
The Wiki provides information on getting started and using the app. Wiki for HosTaGe can be found here: Wiki.
Emmanouil Vasilomanolakis – idea, guidance and suggestions during development
Shreyas Srinivasa, lead developer, Aalborg University and Technische Universität Darmstadt (Github – @sastry17)
Eirini Lygerou, GSoC 2020 Developer (Github – @irinil)
Mihai Plasoianu, student developer, Technische Universität Darmstadt
Wulf Pfeiffer, student developer, Technische Universität Darmstadt
Lars Pandikow, student developer, Technische Universität Darmstadt
Shankar Karuppayah, mentoring, developer, Technische Universität Darmstadt
Mathias Fischer, mentoring, Universität Hamburg
Max Mühlhäuser, mentoring, Technische Universität Darmstadt
Carlos Garcia Cordero, mentoring, Technische Universität Darmstadt
Features of HoneyRJ were inspiration for this project. http://www.cse.wustl.edu/~jain/cse571-09/ftp/honey/manual.html
Encryption for the SSH protocol were taken from Ganymed SSH-2 and slightly modified. http://code.google.com/p/ganymed-ssh-2/
The project was actively developed with participation in Google Summer of Code 2020. More information about GSoC2020 is here
To access the hpfeeds from hostage please send an access request to [email protected] with your name and organization. Please note that access to the hpfeeds repository is provided only after an internal review.