Italian Chapter

The Italian Honeynet Project is a research group formed by
professionals and scholars having whose main interests and activity lay
in the information security field.
The Chapter has been officially constituted in May 2009 following
the agreement with the main Honeynet Project’s Board. It is the result
of the final development of The Dorothy Project, a research
work started by Marco Riccardi in September 2008 and presented to the
University of Milan as his Laurea Thesis in February 2009. Prof. Marco
Cremonini acted as his tutor for the thesis project.
The original Dorothy Project research focused on botnets and on tracking/discovering methodologies for their analysis. The Italian Honeynet Project
firstly inherits the same research goal with the important extension to
the tracking of fast flux domain. This extended aim is possible thanks
to the ongoing integration of the Dorothy infrastructure with the TIP tool developed by Angelo Dell’Aera that has joined in project in June 2009.
Currently the team is actively working on both tools, Dorothy and
TIP, constantly developing and tuning them and on their integration.
Botnets are a fast-developing technology that require an equally
fast development of defense strategies. The ultimate goal of our
project is to provide a free and open environment where botnets can be
analyzed and where professionals and researchers may acquire fresh
information about the most up-to-date threats that botnets may pose.
By aiming to offer to the community an open platform with all
information about the botnets that we are studying, we hope to improve
the security of Internet at no cost for the public, fully and
enthusiastically sharing the same goal of The Honeynet Project.

Italian Chapter Status Report 2013

ORGANIZATION
1. Changes in the structure of your organization.

Davide Cavalca left the Chapter due to inactivity.

2. List current chapter members and their activities

  • Marco Riccardi is the Chapter leader. He is mainly involved in the development/improvement of the Dorothy framework (dorothy2.), among mentoring all the graduating students of the University of Milan who decide to focus their final project Thesis on some of the Chapter's research areas.

Unveiling Dorothy2: a malware/botnet analysis framework written in Ruby.

Howdy all,
I've the pleasure to *finally* unveil the second version of Dorothy: a malware/botnet analysis framework written in Ruby.

Dorothy2 is a framework created for mass malware analysis. Currently, it is mainly based on analyzing the network behavior of a virtual machine where a suspicious executable was executed. However, static binary analysis and system behavior analysis will be shortly introduced in further versions.

The Italian Honeynet Chapter Status Report 2011

ORGANIZATION
1. Changes in the structure of your organization.
The Chapter was formed in May 2009 around a project called Dorothy which aims at designing and developing a botnnet monitoring and analysis open platform.

No changes since last year.

2. List current chapter members and their activities

  • Marco Riccardi is the Chapter leader and he is currently working as e-Crime researcher at Barcelona Digital. He is mainly involved in the development/improvement of the Dorothy framework.

Italian Chapter Status Report for 2010

ORGANIZATION
1. Changes in the structure of your organization.
The Chapter was formed in May 2009 around a project called Dorothy which aims at designing and developing a botnnet monitoring and analysis open platform.
Emanuele Goldoni, Pierluca Zangari and Angelo dell’Aera left the chapter during this year.

2. List current chapter members and their activities

  • Marco Riccardi is the Chapter leader and he is currently working as e-Crime researcher at Barcelona Digital. He is mainly involved in the development/improvement of the Dorothy framework.

Italian Chapter updates

Folks,

I would like to inform you all about our recent activities that we are attempting to achieve.

First of all, we have totally rebuilt our web site. This new ones aim to be a central repository of all the (external/internal) news concerning botnets (mainly) and malwares (secondary).
We will use the blog for posting about our project developments, and for commenting/reporting interesting news concerning the field that we are currently treating, so you can now add a new entry to your feeds reader :)

Tracking Intelligence Project

What is TIP? TIP stands for Tracking Intelligence Project. In my most beautiful dreams, TIP should be an information gathering
framework whose purpose is to autonomously collect Internet threat
trends. It's entirely written in Python using Twisted and bound to the Django framework in order to abstract the underlying database and to easily build a web interface to the data.

Syndicate content