論文

査読有り
2016年4月1日

MATATABI: Multi-layer Threat Analysis Platform with Hadoop

Proceedings - 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, BADGERS 2014
  • Hajime Tazaki
  • ,
  • Kazuya Okada
  • ,
  • Yuji Sekiya
  • ,
  • Youki Kadobayashi

開始ページ
75
終了ページ
82
記述言語
英語
掲載種別
研究論文(国際会議プロシーディングス)
DOI
10.1109/BADGERS.2014.12
出版者・発行元
Institute of Electrical and Electronics Engineers Inc.

Threat detection and analysis are indispensable processes in today's cyberspace, but current state of the art threat detection is still limited to specific aspects of modern malicious activities due to the lack of information to analyze. By measuring and collecting various types of data, from traffic information to human behavior, at different vantage points for a long duration, the viewpoint seems to be helpful to deeply inspect threats, but faces scalability issues as the amount of collected data grows, since more computational resources are required for the analysis. In this paper, we report our experience from operating the Hadoop platform, called MATATABI, for threat detections, and present the micro-benchmarks with four different backends of data processing in typical use cases such as log data and packet trace analysis. The benchmarks demonstrate the advantages of distributed computation in terms of performance. Our extensive use cases of analysis modules showcase the potential benefit of deploying our threat analysis platform.

リンク情報
DOI
https://doi.org/10.1109/BADGERS.2014.12
ID情報
  • DOI : 10.1109/BADGERS.2014.12
  • SCOPUS ID : 84968761548

エクスポート
BibTeX RIS