More than one million samples are being submitted and analyzed by more than 50 AV engines in VirusTotal on daily basis. Factors such as filtering, scaling the detected engines, scaling the categories in network data, scaling the HTTP responses are being used in conjunction of an algorithm for constructing an operational data. The filtered data are being clustered based on their malware type with indication of their malware names. The obtained data is also being evaluated by another algorithm for removing the aged and less scaled data on daily basis. The used APIs, algorithms and source code will be presented to the audiences. The tool could be downloaded for immediate use.
Gita Ziabari (Twitter: @gitaziabri) is working at Fidelis Cybersecurity as a Senior Threat Research Engineer. She has more than 12 years of experience in threat research, networking, testing and building automated frameworks.