The Italian Honeynet Chapter Status Report. Agenda The Italian HP chapter Goals achieved Ongoing progress Expected goals 3D-Problems Conclusion.

Slides:



Advertisements
Similar presentations
CRM project. Agenda Introduction About Project Modules.
Advertisements

WEB AND WIRELESS AUTOMATION connecting people and processes InduSoft Web Solution Welcome.
MIGRATION MIGR-09. How to Run Your Next Implementation... Don't Let It Run You! Patricia Johnson Senior Systems Consultant Strategic Systems Group, Inc.
This project is funded by the EUAnd implemented by a consortium led by MWH Amman – 23 April 2012 RCBI ‘handover’ meeting Jordan.
BalaBit Shell Control Box
A COMMON AGENDA FOR INTEGRATION
SmartER Semantic Cloud Sevices Karuna P Joshi University of Maryland, Baltimore County Advisors: Dr. Tim Finin, Dr. Yelena Yesha.
ICT and Civil ProtectionSenigallia, June 2007 A Service-Oriented Middleware for EU Civil Protection cooperation Regione Marche.
Assessing Vulnerabilities ISA 4220 Server Systems Security James A. Edge Jr., CISSP, CISM, CISA, CPTE, MCSE Sr. Security Analyst Cincinnati Bell Technology.
Chapter 9: Moving to Design
IN THE NEW PARADIGMS OF BUSINESS MANAGEMENT. ENTERPRISE RESOURCE PLANNING What is ERP? Business Challenges Today Why purchase an ERP solution ? Intway.
Esri UC2013. Technical Workshop. Technical Workshop 2013 Esri International User Conference July 8–12, 2013 | San Diego, California Administering Your.
ESSnet on SDMX phase II Dario Camol
1 Lal Shanker Ghimire Joint Secretary FACD, Ministry of Finance Joint Evaluation in Nepal: Experience Sharing from the Paris Declaration Evaluation.
Web Project Methodology Move It Up Marketing Web Project Methodology in six steps to ensure quality and efficient projects.
“”Capacity and services to road users” Task descriptions Paul van der Kroon, Paris November 2005.
Introduction to Honeypot, Botnet, and Security Measurement
Systems Design. Systems Design Skills People skill (25%) - Listening, understanding others, understanding between two lines, conflict resolution, handling.
EPM Live – Positioning for Enterprise Project Management Presented by: Sasha Lomas, PMP ASL InfoTech inc. March 3, 2010.
Lixin Tao, Li-Chiou Chen & Chienting Lin Pace University
Status Report External Communication Task Group Eric Zimmerman Antwerp, BE, 12 May 2004 This presentation will probably involve audience discussion, which.
Mobile Based Security System Group 11 Awantha S.A.T. Darshana S.A.T. Kumara M.D.B.J.B. Sandakalum H.K.L.S.
CAA/CFA Review | Andrea Laruelo | ESTEC | May CFA Development Status CAA/CFA Review ESTEC, May 19 th 2011 European Space AgencyAndrea Laruelo.
National Workshop on ANSN Capacity Building IT modules OAP, Thailand 25 th – 27 th June 2013 KUNJEER Sameer B History of centralized ANSN website as well.
HPDC 2007 / Grid Infrastructure Monitoring System Based on Nagios Grid Infrastructure Monitoring System Based on Nagios E. Imamagic, D. Dobrenic SRCE HPDC.
Bringing power of simulation to the public.
Company Logo Add Your Company Slogan Web Service Architecture (JAVA Web Service) Using Netbeans NetDesign Version 22/10/2011 By Pornpan P.
Update on Database Issues Peter Chochula DCS Workshop, June 21, 2004 Colmar.
A Multifaceted Approach to Understanding the Botnet Phenomenon Authors : Moheeb Abu Rajab, Jay Zarfoss, Fabian Monrose, Andreas Terzis Computer Science.
2 Why do we need a “data revolution”? What do we want to achieve? How will we do it? Who should be involved? When will it be done?
T Project Review Tetrastone [Iteration 2]
Presented by Spiros Antonatos Distributed Computing Systems Lab Institute of Computer Science FORTH.
Professionalizing Penetration Tests CORE SECURITY TECHNOLOGIES © 2002  Professionalizing Penetration Testing.
Aesop project: a new architectural approach to change management.
HCL PeopleSoft Capabilities Date:21 st May, 2014.
CoBrow Collaborative Browsing A Virtual Presence Service RE 1003 RE 4003.
SmartNets Results Overview SmartNets SmartNets Methods.
OWASP ESAPI SwingSet An introduction by Fabio Cerullo.
CRM in Education: Raising Standards. Saving Time. Presented by: Daniel Petersen Director of Business Solutions Applied Tech.
T Iteration Demo Team 13 I1 Iteration
In the Labs… X-Bot 2003 by Overtech Technologies.
DGC Paris WP2 Summary of Discussions and Plans Peter Z. Kunszt And the WP2 team.
T Sprint Demo Team Tarantino Iteration 1 / Sprint
The implementation programme for the 2008 SNA and supporting statistics UNECE special session on National Accounts for economies in transition Geneva,
Achievements Work Package 1 Achievements Work Package 6: Support the Commission with the overall coordination of the programme.
2012 Objectives for CernVM. PH/SFT Technical Group Meeting CernVM/Subprojects The R&D phase of the project has finished and we continue to work as part.
Action Plan e Europe 2005: Information Society for all E. Filos Ljubljana, Slovenia 24 October 2002 E. Filos Ljubljana, Slovenia 24 October 2002.
T Iteration Demo Vitamin B I1 Iteration
Let the flakes fly!. Kenton County Public Works Expressed interest Discussions ensued $$$ is an object Determined course of action.
Speaker: Hom-Jay Hom Date:2009/10/20 Botnet Research Survey Zhaosheng Zhu. et al July 28-August
T Project Review Magnificent Seven Final demonstration
Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna Proceedings.
EUROPEAN SECURITY POLICY A SNAPSHOT ON SURVEILLANCE AND PRIVACY DESSI WORKSHOP, CPH 24 JUNE 2014 Birgitte Kofod Olsen, Chair Danish Council for Digital.
CIW Lesson 10 Part A NAME:____________________________.
ATUL PATANKAR [ ASUG INSTALLATION MEMBER MEMBER SINCE: 2000 LINDA WILSON [ ASUG INSTALLATION MEMBER MEMBER SINCE: 1999 JUERGEN LINDNER [ SAP POINT OF CONTACT.
AMICI WP1 – Management, coordination and dissemination
Professionalizing Penetration Testing
Your Guide to VMware Channel Marketing Partner Programs
Yourtutor.US The School of the Future!.
SMS Roundtable Discussion NAFEMS Americas 2016, Seattle, WA, USA
Partner Logo Veropath Offers a Next-Gen Expense Management SaaS Technology Solution, Built Specifically to Harness Big Data Analytics Capabilities in Azure.
Tools and Services Workshop Overview of Atmosphere
Workshop Kick-Off & ITS Updates Garret T
Microsoft Azure Platform Powers New Elements Constellation Software Suite to Deliver Invaluable Insights From Your Data for Marketing and Sales MICROSOFT.
IAQG Communication M. Allen, UTC A. Gros, AECMA Kyoto General Assembly
Security for Distributed Computer Systems
Agile Application Lifecycle Management
TEMPLATE NOTES Our datasheet and mini-case study templates are formatted specifically for consistency of branding at Microsoft. Please do not alter font.
High level seminar on the implementation of the
Project objectives and benefits
Presentation transcript:

The Italian Honeynet Chapter Status Report

Agenda The Italian HP chapter Goals achieved Ongoing progress Expected goals 3D-Problems Conclusion

The Italian HP Chapter Founded in 2009 Built around the Dorothy project – A framework for tracking botnets Currently composed by 4 volounteers – Marco Riccardi : R&D Barcelona Digital – Marco Cremonini : Assistant University of Milan – Davide Cavalca : Information Security Advisor, Freelancer – Luigi D’Amato : Partner Security Lab / Zone-H

Goals achieved during 2010

Goals achieved 1/3 Java Dorothy Drone Improvement (JDrone) – Tool for (IRC) botnet infiltration – Totally rewritten in Java totally multiplatform – yes, even on windows! – Distribuited infrastructure Distribuited drone instances One central Log Server One Authentication server

The JDrone how does it work?

C&C #1 C&C #2 JD-Drone Authentication Server JDDrone Log Server C&CIP: :666 6 Command#1 Command#2 Command#3 C&CIP: :666 6 Command#1 Command#2 Command#3 C&CIP: :666 6 Command#1 Command#2 Command#3 C&CIP: :666 6 Command#1 Command#2 Command#3 JD-Drone Dorthy Web GUI

Goals achieved 2/3 Relationship formed – Telecom Italia, Security Lab (Honeypot implementation, knoledge sharing) – Barcelona Digital (Server hosting, knowledge sharing) Graduating student support – Five graduating students of the University of Milan (DTI) are currently doing their final Thesis on Dorothy related sub-projects. The JDrone Project - Patrizia Martemucci, Andrea Cavenago Botnet Protocol Analysis - Marco Addario – 04/2011 Zeus analysis/detection module - Giampaolo Dedola – 02/2011 Low-Interaction Honeypot Implementation - Stefano Fornara – Stage in Telecom Italia Labs – 04/2011

Goals achieved 3/3 Attended confereces – Italian Security Summit 2010, Milan, IT – inBot 2010, Bonn, DE – APWG 2010, Dallas, USA* (paper presented) Two IEEE publications – “The Dorothy Project: An Open Botnet Analysis Framework for Automatic Tracking and Activity Visualization” - Cremonini M., Riccardi M. – “A framework for financial botnet analysis” - Riccardi M., Cremonini M., Oro D.,Vilanova M., Luna J. Awards: Second placed at “Best italian thesis on information security” Clusit 2010 “IEEE eCrime Fighters Scholarship Award”, APWG 2010* *Paper presented by Barcelona Digital. However the proposed system heavly relies on a customized version of Dorothy.

Ongoing progress

Ongoing progress 1/2 Porting to Ruby – (+ Rails...I wish..) Porting the virtualization module to VMWare ESXi Testing the first beta of the JDrone – any volounteers for betatesting? Compatibility with HTTP botnets (Zeus+SpyEye as first) – For Zeus 1.x almost done

Ongoing progress 2/2 Database migration to Postgres - almost done Improving visualization techniques (FlashCharts) – almost done Improving the Web GUI – Improving “real time” data visualization (AJAX) – Improving its interactiveness –...still waiting to kick off this task 

Future Goals “ What are we going to do tonight, Brain?”

Tactical goals Tool improvements – Implement the new Dorothy framework Finish the database implementation Finish the ruby porting phase Finish the new visualization module Execute Dorothy 24hx7d – Relase the first beta of the JDRONE Honeypot Implementation – Implement at least 10 new low interaction honeypots (dionaea+mwcollectd) among USA, EU, ASIA

Strategic goals Presentations 2011 – Honeynet Project Annual workshop – Paris (Done! ) Presentation about the JDRone as soon as a stable version is relased …as more than possible! Publications One about data gathered from the new version of the framework (JDrone included) ….others will depend on the development progress Improve relationships Italian/Spanish universities Italian/Spanish CERTS Italian/Spanish LEAs

3D-Problems

– Resources($) Dorothy needs a big server for its malware analysis module – After 3 years, finally we found it! – Time (dT) The big majority of the people involved are currently working for private companies (even the graduating students)... The whole project is totally developed during spare time (very low!)  – Space (dS) 4 members, 4 cities, 4 companies, 3 countries Coordination lack Slow development 

Conclusion Almost two years of development – So far so good… Ongoing work – Dorothy improvement, second version close to be relased Expectations – Clear and concrete goals Problems – Our 3D problem vision

Lets - Demo! The Dorothy WGUI The JDRone

Questions?

Thank you marco riccardi – – – skype: m4rco- Website: –

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.