Rump et al., 2017 - Google Patents
Distributed and collaborative malware analysis with MASSRump et al., 2017
- Document ID
- 6359811527207831082
- Author
- Rump F
- Behner T
- Ernst R
- Publication year
- Publication venue
- 2017 IEEE 42nd Conference on Local Computer Networks (LCN)
External Links
Snippet
Malicious software poses a great risk to critical infrastructure. Researchers have proposed numerous ways to analyze malware behavior in order to understand and respond to this threat. However, only little attention has been paid to the organization of the malware …
- 238000004458 analytical method 0 title abstract description 106
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
- G06F17/30386—Retrieval requests
- G06F17/30424—Query processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30861—Retrieval from the Internet, e.g. browsers
- G06F17/30864—Retrieval from the Internet, e.g. browsers by querying, e.g. search engines or meta-search engines, crawling techniques, push systems
- G06F17/30867—Retrieval from the Internet, e.g. browsers by querying, e.g. search engines or meta-search engines, crawling techniques, push systems with filtering and personalisation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3409—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment for performance assessment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/46—Multiprogramming arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3466—Performance evaluation by tracing or monitoring
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/3061—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management, e.g. organising, planning, scheduling or allocating time, human or machine resources; Enterprise planning; Organisational models
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
- H04L67/10—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
- H04L67/02—Network-specific arrangements or communication protocols supporting networked applications involving the use of web-based technology, e.g. hyper text transfer protocol [HTTP]
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20230041672A1 (en) | Enterprise data processing | |
| US11546380B2 (en) | System and method for creation and implementation of data processing workflows using a distributed computational graph | |
| US11475024B2 (en) | Anomaly and outlier explanation generation for data ingested to a data intake and query system | |
| US10972493B2 (en) | Automatically grouping malware based on artifacts | |
| US12225049B2 (en) | System and methods for integrating datasets and automating transformation workflows using a distributed computational graph | |
| US11663219B1 (en) | Determining a set of parameter values for a processing pipeline | |
| US11715051B1 (en) | Service provider instance recommendations using machine-learned classifications and reconciliation | |
| CN109074454B (en) | Automatically group malware based on artifacts | |
| US12118334B1 (en) | Determination of schema compatibility between neighboring operators within a search query statement | |
| US11727007B1 (en) | Systems and methods for a unified analytics platform | |
| US12242892B1 (en) | Implementation of a data processing pipeline using assignable resources and pre-configured resources | |
| Kotenko et al. | Aggregation of elastic stack instruments for collecting, storing and processing of security information and events | |
| EP3104287A1 (en) | Systems and methods for indexing and aggregating data records | |
| US12174722B2 (en) | Characterizing operation of software applications having large number of components | |
| US11528294B2 (en) | Systems and methods for automated threat detection | |
| US12056169B1 (en) | Systems and methods for DNS text classification | |
| US12131233B1 (en) | Systems and methods for auto-deployment of a machine learning component within a pipelined search query | |
| Rump et al. | Distributed and collaborative malware analysis with MASS | |
| CN111078975A (en) | Multi-node incremental data acquisition system and acquisition method | |
| US12381892B1 (en) | Security rule matching over structurally deduplicated network data | |
| US12348536B1 (en) | Cloud integrated network security | |
| Nehe | Malware and Log file Analysis Using Hadoop and Map Reduce | |
| Galic | The Design and Experimental Use of CReB, a Container Registry Benchmark | |
| Svajcer | Building A Malware Lab In The Age of Big Data | |
| Shinde et al. | A Specialized Log Analysis Engine in Distributed Environment |