An Elastic approach to large-scale dynamic malware analysis

This research delves into large-scale malware analysis conducted by Elastic Security Labs, highlighting how Elastic ingest pipelines were used to filter out benign and duplicate data during dynamic malware analysis. By leveraging these pipelines, we efficiently managed vast datasets, enabling us to focus on identifying malicious behaviors. The study also explores different types of ingest pipelines, their applications, and provides a step-by-step workflow for implementing them, including automation scripts. Finally, we present our findings and discuss how others can replicate this workflow to achieve similar results.

Are you interested in this research? The full paper is available at Elastic Security Labs!