Botnets, networks of compromised machines remotely controlled and instructed to work in a coordinated fashion, have had an epidemic diffusion over the Internet and represent one of today's most insidious threat. In this paper, we present an open framework called Dorothy that permits to monitor the activity of a botnet. We propose to characterize a botnet behavior through a set of parameters and a graphical representation. In a case study, we infiltrated and monitored a botnet named siwa collecting information about its functional structure, geographical distribution, communication mechanisms, command language and operations.
The Dorothy project : an open botnet analysis framework for automatic tracking and activity visualization / M. Cremonini, M. Riccardi - In: EC2ND 2009 : European conference on computer network defense : 9-10 november 2009 Milano, Italy : proceedingsLos Alamitos : Institute of electrical and electronics engineers, 2010. - ISBN 9781424460496. - pp. 52-54 (( convegno European Conference on Computer Network Defense (EC2ND) tenutosi a Milano nel 2009 [10.1109/EC2ND.2009.15].
The Dorothy project : an open botnet analysis framework for automatic tracking and activity visualization
M. CremoniniPrimo
;
2010
Abstract
Botnets, networks of compromised machines remotely controlled and instructed to work in a coordinated fashion, have had an epidemic diffusion over the Internet and represent one of today's most insidious threat. In this paper, we present an open framework called Dorothy that permits to monitor the activity of a botnet. We propose to characterize a botnet behavior through a set of parameters and a graphical representation. In a case study, we infiltrated and monitored a botnet named siwa collecting information about its functional structure, geographical distribution, communication mechanisms, command language and operations.File | Dimensione | Formato | |
---|---|---|---|
CREMONINI-Dorothy.pdf
accesso aperto
Tipologia:
Pre-print (manoscritto inviato all'editore)
Dimensione
368.08 kB
Formato
Adobe PDF
|
368.08 kB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.