IRIS Institutional Research Information System - AIR Archivio Istituzionale della Ricerca

Botnets, networks of compromised machines remotely controlled and instructed to work in a coordinated fashion, have had an epidemic diffusion over the Internet and represent one of today's most insidious threat. In this paper, we present an open framework called Dorothy that permits to monitor the activity of a botnet. We propose to characterize a botnet behavior through a set of parameters and a graphical representation. In a case study, we infiltrated and monitored a botnet named siwa collecting information about its functional structure, geographical distribution, communication mechanisms, command language and operations.

The Dorothy project : an open botnet analysis framework for automatic tracking and activity visualization / M. Cremonini, M. Riccardi - In: EC2ND 2009 : European conference on computer network defense : 9-10 november 2009 Milano, Italy : proceedingsLos Alamitos : Institute of electrical and electronics engineers, 2010. - ISBN 9781424460496. - pp. 52-54 (( convegno European Conference on Computer Network Defense (EC2ND) tenutosi a Milano nel 2009 [10.1109/EC2ND.2009.15].

The Dorothy project : an open botnet analysis framework for automatic tracking and activity visualization

M. Cremonini
Primo
;
2010

Abstract

Botnets, networks of compromised machines remotely controlled and instructed to work in a coordinated fashion, have had an epidemic diffusion over the Internet and represent one of today's most insidious threat. In this paper, we present an open framework called Dorothy that permits to monitor the activity of a botnet. We propose to characterize a botnet behavior through a set of parameters and a graphical representation. In a case study, we infiltrated and monitored a botnet named siwa collecting information about its functional structure, geographical distribution, communication mechanisms, command language and operations.
Settore INF/01 - Informatica
2010
Book Part (author)
03 - Contributo in volume
File in questo prodotto:
File Dimensione Formato  
CREMONINI-Dorothy.pdf

accesso aperto

Tipologia: Pre-print (manoscritto inviato all'editore)
Dimensione 368.08 kB
Formato Adobe PDF
Visualizza/Apri
368.08 kB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/161506
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 16
  • ???jsp.display-item.citation.isi??? ND
social impact