Graph data models have been a hot topic in security for a few years but analysis of these cyber graphs is still largely driven by visual assessments or rudimentary analysis techniques. Graphs can do a lot more than just paint pretty pictures. We will discuss how to develop cyber specific graph models that make analysis more effective and also open up possibilities for analysis that would otherwise be computationally impractical. We will demonstrate application of our graph analysis techniques to the Barncat RAT config dataset and also open source the analysis module to the community.
Nicolas Kseib (@NKseib) and Shimon Modi (@shimonmodi) work at TruSTAR Technology where they focus on R&D initiatives to better utilize data science techniques for cyber analysis. Nicolas received his M.S. and Ph.D. in Mechanical Engineering from Stanford University in Flow Physics and Computational Engineering. Nicolas oversees the development of TruSTAR’s advanced correlation algorithm and the company’s data analytics platform. Shimon has worked on a wide range of cyber security initiatives in industry, government, and academia and has presented at peer reviewed academia conferences and hacker cons.
Nicolas Kseib (@NKseib) and Shimon Modi (@shimonmodi) work at TruSTAR Technology where they focus on R&D initiatives to better utilize data science techniques for cyber analysis. Nicolas received his M.S. and Ph.D. in Mechanical Engineering from Stanford University in Flow Physics and Computational Engineering. Nicolas oversees the development of TruSTAR’s advanced correlation algorithm and the company’s data analytics platform. Shimon has worked on a wide range of cyber security initiatives in industry, government, and academia and has presented at peer reviewed academia conferences and hacker cons.