DEVELOPING A MALWARE ANALYSIS SYSTEM ON DISTRIBUTED ENVIRONMENT

  • Khoi Tan Nguyen DaNang University

Abstract

Malware is one of the major threats on the Internet today. To protect from the rapid propagation of malware in the network, we need to focus on determining how malware can be analyzed, detected, and blocked analyze and detect. As distributed processing model have been recently developed due to the cloud computing platform and the cluster filesystem, they could be usefully applied to analyzing malware. In this paper, we propose a malware analysis method based on the MapReduce software framework of the distributed processing platform. The proposed solution allows to reduce the time of analyzing and identifying malware. The experimental results show that the MapReduce-based flow analysis method improves the performance when analyzing a large number of malware.

Downloads

Download data is not yet available.

References

[1] Alexis Galarza (2011), Automated Malware Analysis using MapReduce and Virtualization, Universidad del Turabo.
[2] Amol G. Kakade, Prashant K. Kharat, Anil Kumar Gupta, Tarun Batra (2014). Spam filtering techniques and MapReduce with SVM: A study. Computer Aided System Engineering (APCASE), 2014 Asia-Pacific Conference on
[3] Kyuseok Shim (2012), Map Reduce Algorithms for Big Data Analysis, Seoul National University, Korea.
[4] Peter Mell, Karen Kent, Joseph Nusbaum (2005), Guide to Malware Incident Prevention and Handling, America.
[5] Michael Sikorski, Andrew Honig (2012). Practical Malware Analysis: A Hands-On Guide to Dissecting Malicious Software, William Polock.
[6] Jeffrey Dean, Sanjay Ghemawat (2004) MapReduce: Simplified Data Processing on Large Clusters. OSDI'04: Sixth Symposium on Operating System Design and Implementation, San Francisco, CA, December, 2004.
[7] Sean Kilgallon, Leonardo De La Rosa, John Cavazos (2017). Improving the effectiveness and efficiency of dynamic malware analysis with machine learning. Resilience Week (RWS).
[8] White, T. (2010). Hadoop: The definitive guide (2nd ed). California: O’Reilly Media.
[9] Y.Lee, W.Kang, Y.Lee (2011). A Hadoop-based Packet Trace Processing Tool, Proceedings of Third International Workshop on Traffic Monitoring and Analysis,pp:51-63.
[10] Y.Lee, W.Kanf, H.Son (2010). An Internet Traffic Analysis Method with MapReduce,IEEE/IFIP Network Operations and Management Symposium Workshops,pp:357-361.
[11] https://www.virustotal.com/
[12] http://www.cuckoosandbox.org/
[13] http://www.bkav.com.vn/
[14] http://vncert.gov.vn/
[15] http://virussign.com/
Published
2017-12-31
How to Cite
NGUYEN, Khoi Tan. DEVELOPING A MALWARE ANALYSIS SYSTEM ON DISTRIBUTED ENVIRONMENT. Journal of Science and Technology: Issue on Information and Communications Technology, [S.l.], v. 3, n. 2, p. 41-45, dec. 2017. ISSN 1859-1531. Available at: <http://ict.jst.udn.vn/index.php/jst/article/view/52>. Date accessed: 29 mar. 2024. doi: https://doi.org/10.31130/jst.2017.52.