George Mason student project presents sticky situation for hackers

Body

When a cloud computing class at George Mason University called for a team project, master'sstudent Kevin Landry saw an opportunity to share what he knew and give classmates a taste of real-world cyber defense.

A seasoned cybersecurity enthusiast, Landry introduced his team to the concept of a honeypot-a decoy system designed to lure and monitor cyber attackers. As he put it, honeypots allow you to "reach out and touch actual attackers," bringing textbook concepts to life in a way few classroom exercises can match.

"You'll never look at the internet the same way again after running a honeypot," Landry said. "It's eye-opening to see how many bots are out there scanning for vulnerabilities."

For his teammates-many of whom had never built home labs-the project offered hands-on experience that mimicked an enterprise environment and bridged the gap between theory and practice. Honeypots aren't just academic tools; companies maintain them to study hacker activity, identify patterns, and share intelligence that helps reveal common vulnerabilities.

Kevin Landry. Photo provided.

"It's a low-investment, high-yield product that's passive," Landry explained. "You do all the coding and setup, then just let it run and watch attackers come in."

The team deployed Cowrie, an open-source honeypot that simulates a Linux shell. But Landry didn't settle for the default configuration.

"I changed every standard setting possible," he said. "Fake encryption keys, fake password files, fake directories-everything to make it look like a lazy or incompetent sysadmin left the doors open."

Those tweaks made the trap convincing enough to attract hundreds of attackers, from automated bots to human hackers.

Once customized, the honeypot started buzzing-logging intrusion attempts almost immediately. To make the experience even more interactive, the team integrated real-time alerts through Discord, receiving up to 500 notifications a day whenever an attacker engagedwith the system.

At one point, the attack volume was high enough that Discord temporarily rate-limited the alerts, thinking they were automated traffic. Landry resolved the issue by rotating through multiple webhooks and fine-tuning the alert frequency to keep everything running smoothly.

Over the course of 48 days, the honeypot captured an extensive dataset. Landry even created an interactive visualizationof the activity for the team's class presentation, showing where attacks originated and how they unfolded over time.

To make the project even more aligned with industry practices, Landry's team uploaded the attackers' IP addresses to Gray Noise Intelligence, a company that allowed him to use its enterprise-grade platform for the project. The software analyzes IP addresses and assigns confidence levels indicating how likely each one is malicious, giving students a window into professional threat intelligence workflows.

"It makes me feel good that I'm wasting hackers' time or bots' time," Landry said.

For Landry-who served ten years in the U.S. Coast Guard and earned a bachelor's degree in computer science from the University of Mary Washington before pursuing his master's in applied information technology at George Mason-the honeypot was both an academic milestone and a career-building moment. He believes projects like this are essential for breaking into cybersecurity.

"Cybersecurity jobs-even entry-level-want three years of experience, but you can't get experience without getting a job," he noted. "Home labs and projects like this help build a portfolio and show employers you can do the work."

As cyber threats grow more sophisticated, George Mason's applied approach to technology education ensures students are ready to meet them head-on. For Landry, the honeypot was not only a class assignment but also a chance to turn passion into practice-and to share that experience with others.

An image from the interactive visualization of the project. Full visualization available here: https://gemini.google.com/share/24b205428724.