2009
08.10

The Dorothy Project

Here is an abstract of the introduction chapter of  my laurea thesis “The Dorothy Project: inside the Storm” (Feb/2009)

The Dorothy Project is aimed at realizing a fully automated framework for botnet

analyses. The name Dorothy comes from the movie “Twister” directed by Jon de Bont

(1996). In the movie, dorothy is the device used for tracking tornados and for mitigating

their devastating effects. The meaning of the second part of the title “inside the Storm”

is twofold. As in the movie – i.e., the dorothy device must operate inside the tornados the

Dorothy tool must be operated by joining a botnet. Storm was the nickname of one

of the largest botnet discovered on September 2007. Dorothy is an open source software

whose main goal is to permit to increase and share information and knowledge about

botnet diffusion and features. It provides a web interface that permits to analyze data

acquired by Dorothy. Data visualization by means of statistics and graphs are other

important features of the Dorothy framework. Differently from other works, Dorothy

is meant to operate in real-time, always presenting fresh data. Operating in real-time is important

since botnets are a fast-developing technology that requires an equally fast-reporting of

modifications, variants and reconfigurations.

[..] the following step has been

to design the framework. Project requirements and specifications have been stated as the

guidelines for software production according to Dorothy Project goals. Next, the

development of Dorothy has been carried out following the principles of modularity,

simplicity, distributed architecture and platform neutrality. The development language

chosen has been the Unix Bash scripting language that offered a high level of

compatibility and allowed Dorothy to be executed on every POSIX shells.

Dorothy is a suite of nine different modules, each one with a specific task to accomplish

and completely independent from the others. This feature permit users to execute their

modules in different places and times, leveraging on the Dorothy distributed

architecture and design.

[..]

Nessun commento.

Aggiungi il tuo commento