Play all

Intro

When Automation is Needed?

What to Automate?

Planning Automation for Data Mining

Finding Needle in a Hayshack

Prepare Checklist of Desired Results

Consider Inserting Data in a Database!

Start with Manual Analysis

Extracting Data from Malware Files

Analyze Body of Email

Analyze json File with mime

Extracting Malicious Domains from wsf file!

Process of Analyzing Json Mime File Download Json Mime

Detect the First Chain!

Email Campaign Featuring a PDF Attachment

Extract URL from PDF

CVE-2017-0199 Malicious RTF Document

Use Known Tools for Analysis

Apply Foremost on the File!

Malicious Extracted Files

Introducing Yalda!

Yalda Framework

Data Storage File Type

Applying Quality Control

Conclusion

How to use Yalda

Code is available at Fidelis gitHub

Description:

Learn to automate bulk intelligence collection for cybersecurity analysis in this BSidesCharm 2017 conference talk. Explore when and what to automate in data mining processes, focusing on extracting valuable information from malware files, emails, and various document types. Discover techniques for finding critical data in large datasets, preparing result checklists, and considering database integration. Follow along as the speaker demonstrates manual analysis methods, extracts malicious domains from different file formats, and analyzes email campaigns with suspicious attachments. Gain insights into using known tools for analysis, including Foremost for file extraction. Get introduced to the Yalda framework for data storage and quality control in automated intelligence gathering. Access the code on the Fidelis GitHub repository to implement these automation techniques in your own cybersecurity workflows.

Automating Bulk Intelligence Collection

Add to list

#Conference Talks #Data Science #Data Mining #Information Security (InfoSec) #Cybersecurity #Malware Analysis #Computer Science #Database Management #Data Storage #Engineering #Manufacturing #Quality Control

0:00 / 0:00