Fact #4: Big Data is being used to categorize and classify malware more effectively, grouping bad files the same way Google ranks pages.
As more information is gleaned about malware and more analysis picks up on trends, algorithms for categorizing and classifying malware are being developed to help security providers. We at ThreatTrack Security use Big Data in four ways: first, to discuss CART (Classification and Regression Trees) for predictive classification of event modifiers; second, to make use of Shewhart Control Charts for outlier threat detection; third, we use Splines for non-linear exploratory modeling; lastly, we apply the Goodness of fit principle to check for stability of historical threat data and constructing a parsimonious model for APTs.
Our case study works by using a closed loop system beginning with identifying a file/URL, correlating the information and finding where the file initially came from, where it was downloaded from, how it entered the company's data space, what it downloaded, what it installed, its current payload and so on.
As with cloud computing, Big Data is a hot topic around the business right now. Expectations for what it can achieve often reach into the stratosphere. At the same time, the overwhelming amount of data involved is daunting and can seem like an insurmountable obstacle. So what is Big Data, where does it come from, and what can you actually do with it? ThreatTrack Security has identified eight facts and eight fictions regarding Big Data.