YoVDO

BinaryPig - Scalable Malware Analytics in Hadoop

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Machine Learning Courses Python Courses Hadoop Courses Feature Extraction Courses Clustering Courses Static Analysis Courses Security Research Courses

Course Description

Overview

Explore scalable malware analytics using Hadoop in this Black Hat USA 2013 conference talk. Learn how Endgame developed BinaryPig, an open framework built on Apache Hadoop, Apache Pig, and Python, to process and analyze massive amounts of malware data. Discover techniques for handling terabytes of binary data, extracting feature sets for machine learning, and performing large-scale malware studies. Gain insights into the challenges of processing millions of malware samples and how BinaryPig addresses issues of scalability, workflow development, and parallel processing. Examine the architecture, optimizations, and implementations of BinaryPig, including loaders, scripting, and web interface. Delve into general findings, feature extraction methods, clustering results, and icon analysis. Understand the lessons learned and future directions for scalable malware analytics in the face of ever-increasing data volumes.

Syllabus

Intro
Background
Malware data mining is useful
Pre-BinaryPig: Architecture
BinaryPig - Results Exploration
BinaryPig Loaders
Optimizations in BinaryPig
BinaryPig: Loader Implementations
BinaryPig: Scripting
Web Interface
General Findings
Feature Extraction
Feature Depth
Clustering Results **.
ICO Extraction
Icon Features
Lessons Learned
Future work
black hat USA 2013


Taught by

Black Hat

Related Courses

Assembly Language Adventures (1): Counting with two digits
Udemy Assembly Language Adventures: Complete Course
Udemy OWASP Top 10 - A10:2021 - Server-Side Request Forgery (SSRF)
Cybrary Analyzing Wi-Fi Wardriving Data with Google Colab
SecurityFWD via YouTube Firing Rounds at the Analysis Shooting Gallery - CSAW'16 Security Workshop
New York University (NYU) via YouTube