Malware log files for Internet investigation using hadoop: A review

Abstract

On the Internet, malware is one of the most serious threats to system security. Major complex issues and problems on some software systems are oftentimes made by malware. Malware can infect any computer software that causes connection to Internet infrastructure. There are many types of malware and some of the popular malware are Botnet, Trojans, Viruses, Spyware and Adware. Internet users with lesser knowledge of the malware threats are susceptible to this issue. To protect and prevent the computer and internet users from exposing themselves towards malware attacks, identifying the attacks through investigating malware log file is an essential step to curb this threat. The log file exposes crucial information in identifying the malware, such as algorithm and functional characteristic, the network interaction between the source and the destination, and type of malware. By nature, the log file size is humongous and requires the investigation process to be executed on faster and stable platforms such as the big data environment. In this study, the authors had adopted Hadoop, an open source software framework to process and extract the information from the malware log files. The information of data will be used for further prevention and protection from malware threats.