SKALD: A scalable architecture for feature extraction, multi-user analysis, and real-time information sharing

George D. Webster, Zachary D. Hanif, Andre L.P. Ludwig, Tamas K. Lengyel, Apostolis Zarras, Claudia Eckert

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

11 Scopus citations

Abstract

The inability of existing architectures to allow corporations to quickly process information at scale and share knowledge with peers makes it difficult for malware analysis researchers to present a clear pic- ture of criminal activity. Hence, analysis is limited in effectively and accurately identify the full scale of adversaries’ activities and develop effective mitigation strategies. In this paper, we present Skald: a novel architecture which guides the creation of analysis systems to support the research of malicious activities plaguing computer systems. Our design provides the scalability, flexibility, and robustness needed to process cur- rent and future volumes of data. We show that our prototype is able to process millions of samples in only few milliseconds per sample with zero critical errors. Additionally, Skald enables the development of new methodologies for information sharing, enabling analysis across collective knowledge. Consequently, defenders can perform accurate investigations and real-time discovery, while reducing mitigation time and infrastruc- ture cost.

Original languageEnglish
Title of host publicationInformation Security - 19th International Conference, ISC 2016, Proceedings
EditorsMatt Bishop, Anderson C.A. Nascimento
PublisherSpringer Verlag
Pages231-249
Number of pages19
ISBN (Print)9783319458700
DOIs
StatePublished - 2016
Event19th Annual International Conference on Information Security, ISC 2016 - Honolulu, United States
Duration: 3 Sep 20166 Sep 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9866 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference19th Annual International Conference on Information Security, ISC 2016
Country/TerritoryUnited States
CityHonolulu
Period3/09/166/09/16

Fingerprint

Dive into the research topics of 'SKALD: A scalable architecture for feature extraction, multi-user analysis, and real-time information sharing'. Together they form a unique fingerprint.

Cite this