SKALD: A scalable architecture for feature extraction, multi-user analysis, and real-time information sharing

George D. Webster, Zachary D. Hanif, Andre L.P. Ludwig, Tamas K. Lengyel, Apostolis Zarras, Claudia Eckert

Publikation: Beitrag in Buch/Bericht/KonferenzbandKonferenzbeitragBegutachtung

11 Zitate (Scopus)

Abstract

The inability of existing architectures to allow corporations to quickly process information at scale and share knowledge with peers makes it difficult for malware analysis researchers to present a clear pic- ture of criminal activity. Hence, analysis is limited in effectively and accurately identify the full scale of adversaries’ activities and develop effective mitigation strategies. In this paper, we present Skald: a novel architecture which guides the creation of analysis systems to support the research of malicious activities plaguing computer systems. Our design provides the scalability, flexibility, and robustness needed to process cur- rent and future volumes of data. We show that our prototype is able to process millions of samples in only few milliseconds per sample with zero critical errors. Additionally, Skald enables the development of new methodologies for information sharing, enabling analysis across collective knowledge. Consequently, defenders can perform accurate investigations and real-time discovery, while reducing mitigation time and infrastruc- ture cost.

OriginalspracheEnglisch
TitelInformation Security - 19th International Conference, ISC 2016, Proceedings
Redakteure/-innenMatt Bishop, Anderson C.A. Nascimento
Herausgeber (Verlag)Springer Verlag
Seiten231-249
Seitenumfang19
ISBN (Print)9783319458700
DOIs
PublikationsstatusVeröffentlicht - 2016
Veranstaltung19th Annual International Conference on Information Security, ISC 2016 - Honolulu, USA/Vereinigte Staaten
Dauer: 3 Sept. 20166 Sept. 2016

Publikationsreihe

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Band9866 LNCS
ISSN (Print)0302-9743
ISSN (elektronisch)1611-3349

Konferenz

Konferenz19th Annual International Conference on Information Security, ISC 2016
Land/GebietUSA/Vereinigte Staaten
OrtHonolulu
Zeitraum3/09/166/09/16

Fingerprint

Untersuchen Sie die Forschungsthemen von „SKALD: A scalable architecture for feature extraction, multi-user analysis, and real-time information sharing“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren