Using Force Directed Graphs To Analyze Huge Event Datasets

Stage 2

Using techniques learned from disease studies and algorithms developed to understand viral propagation, it’s possible to use system logs to track an infection being transmitted through “non-standard” methods. This session walks through the problem, explains the math behind the analysis and where it’s been successful elsewhere, and then applies the technique to USB thumb drive log data in order to hunt air-gap jumping malware back to ‘patient zero’.

The use of force directed graphs is not limited to the malware propagation problem. It can be used in almost any large data set that can be ingested in the analysis engine.

Detection & Response