In the modern cyber space, botnets are still a major threat to companies and institutions alike, from various fields of expertise. Be it for financial gains or political motives, their destructive and rapidly-evolving nature cannot be ignored. Thus, researchers and industry professionals have adopted the idea of studying such malware within controlled environments. This method proved useful in terms of achieving a venture point of understanding the threat. The results of doing so could lead to developing best practices in terms of defence techniques.

Project DAMOCLES aims to develop a dynamic environment for botnet analysis. By combining a real topology with the emulation capabilities of GNS3, this project presents a heterogeneous testbed, which strives to create realistic scenarios. With an objective of studying both the botnet infrastructure and the malware capabilities, DAMOCLES explores various technologies for implementing such a system, as well as monitoring and logging methodologies for analysing the behaviour of the botnet. The contribution of this project is to present a comprehensive, step-by-step process of deploying such an environment, including all its benefits and challenges.