ManaTI: Web Assistance for Threat Analysis with Domain Similarity

Explore a comprehensive conference talk on ManaTI, a web-based tool designed to assist threat analysts in detecting malware traffic. Learn about the challenges faced by security analysts when dealing with large volumes of HTTP traffic and how ManaTI addresses these issues. Discover the tool's two main goals: providing a web interface for efficient network traffic evaluation and implementing a machine learning algorithm for identifying related domains based on WHOIS information. Gain insights into the WHOIS Distance Algorithm (WDA) and its application in comparing domains. Understand ManaTI's development using the Django web framework and its various features, including dynamic weblog visualization, bulk labeling, integration with VirusTotal, and domain relation analysis. Delve into the tool's scalability, modularity, and API for custom script creation. Get to know the speaker, Raúl Benítez Netto, and his background in web development and cybersecurity research.