Aggressive Malware Reconnaisance
I think, the following ideas are illegal (well, not the ideas but the usage of the methods described), so check before you use them! If you would want to at all.
Idea for a new way of „honeypotting“:
The basis of the idea, is the storm botnet. As you may guess, Agressive Malware Reconnaisance (AMR) is a distributed method: One could create a botnet, that is not intendet for spamming or DDOS-Attacks but for tracking new malware and their update routines (if any). By that one’s monitor (honeypots) is quite larger and can discover new malware earlier than traditional honeypots. Furthermore it should be possible, to distribute the analysis of code to this botnet-cloud as well.