Malware forensic analytics framework using big data platform

Abstract

The dramatically increased threats such as malware attacks to our cyber world have given us the vital sign to strengthen the security in a more proactive way. Thus, in recent research we proposed an integrated malware forensic analytics framework that will expose the future threats of malware attacks. This framework incorporates malware collections, malware analytics and visualization of discovered malware attacks. In this paper, we present the design and implementation of the framework which focuses on analytics and visualization, and utilized the emerging technology of big data platform. The implementation of the framework shows promising results in presenting descriptive analytics and predicting the future attacks using machine learning algorithms. We also demonstrate the feasibility of Hortonworks Cybersecurity Package (HCP) in supporting the proposed framework. Finally, we discussed the future work that can be further investigated in improving the implementation of the framework.