WP2-Analysis of State of the Art and Requirements: November 2008 Archives

WOMBAT Deliverable D05/D2.3 Requirements analysis

|
This document outlines the requirements for early warning systems built on technology provided by the WOMBAT project, setting out both: functional and non-functional requirements. The collected requirements reflect the identified user needs and the key directions to be followed within the research and development Work-packages (WP3-Data Collection and Distribution, WP4-Data Enrichment and Characterization, WP5-Threat Intelligence).

The document starts from an assessment of user requirements gathered from potential users including external participants in the Amsterdam Workshop and the WOMBAT development group. This part covers expectations of distinct classes of data users such as: security vendors, malware researchers, ISPs, CERT teams, Government, financial institutions and home users. It details the requirements for the system architecture, data and system functions, and specifies performance, availability and security features to provide sufficient functionality. It also defines user interface, testing and configuration management requirements.

FP7-ICT-216026-Wombat_WP2_D05_V01_Requirements.pdf

WOMBAT Deliverable D03/D2.2 Analysis of the state of the art

|
This document contains a detailed analysis of the state-of-the-art tools and research approaches for malware collection and analysis. We have reviewed high/medium/low-interaction honeypots and malware collection tools and worldwide initiatives. The analysis of the collected malware is covered by a comprehensive review of the most relevant research proposals, also including techniques that have been used to analyze running programs in general, to be adapted for the wombat purposes.

FP7-ICT-216026-Wombat-WP2_D03_V01_State_art.pdf.