Mohd Sharudin Mat Deli, Saiful Adli Ismail, M. Kama, O. Yusop, Azri Azmi
{"title":"利用Hadoop平台分析恶意软件日志文件进行网络调查","authors":"Mohd Sharudin Mat Deli, Saiful Adli Ismail, M. Kama, O. Yusop, Azri Azmi","doi":"10.1504/ijdet.2019.10025004","DOIUrl":null,"url":null,"abstract":"To protect the computer and internet users from exposing themselves towards malware attacks, identifying the attacks through investigating malware log file is an essential step to curb this threat. The log file exposes crucial information in identifying the malware, such as algorithm and functional characteristic, the network interaction between the source and the destination, and type of malware. By nature, the log file size is humongous and requires the investigation process to be executed on faster and stable platform such as big data environment. In this study, Hadoop technology used to process and extract the information from the malware log files that obtains from university's security equipment. The Python program was used for data transformation then analysis it in Hadoop simulation environment. The results of log processing have reduced 50% of the original log file size, while the total execution time would not increase linearly with the size of the data.","PeriodicalId":175346,"journal":{"name":"International Journal of Digital Enterprise Technology","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Analysing malware log files for internet investigation using Hadoop platform\",\"authors\":\"Mohd Sharudin Mat Deli, Saiful Adli Ismail, M. Kama, O. Yusop, Azri Azmi\",\"doi\":\"10.1504/ijdet.2019.10025004\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"To protect the computer and internet users from exposing themselves towards malware attacks, identifying the attacks through investigating malware log file is an essential step to curb this threat. The log file exposes crucial information in identifying the malware, such as algorithm and functional characteristic, the network interaction between the source and the destination, and type of malware. By nature, the log file size is humongous and requires the investigation process to be executed on faster and stable platform such as big data environment. In this study, Hadoop technology used to process and extract the information from the malware log files that obtains from university's security equipment. The Python program was used for data transformation then analysis it in Hadoop simulation environment. The results of log processing have reduced 50% of the original log file size, while the total execution time would not increase linearly with the size of the data.\",\"PeriodicalId\":175346,\"journal\":{\"name\":\"International Journal of Digital Enterprise Technology\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-10-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Digital Enterprise Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1504/ijdet.2019.10025004\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Digital Enterprise Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1504/ijdet.2019.10025004","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Analysing malware log files for internet investigation using Hadoop platform
To protect the computer and internet users from exposing themselves towards malware attacks, identifying the attacks through investigating malware log file is an essential step to curb this threat. The log file exposes crucial information in identifying the malware, such as algorithm and functional characteristic, the network interaction between the source and the destination, and type of malware. By nature, the log file size is humongous and requires the investigation process to be executed on faster and stable platform such as big data environment. In this study, Hadoop technology used to process and extract the information from the malware log files that obtains from university's security equipment. The Python program was used for data transformation then analysis it in Hadoop simulation environment. The results of log processing have reduced 50% of the original log file size, while the total execution time would not increase linearly with the size of the data.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
