MISP Threat Intelligence Summit 0x05 at hack.lu 2019. Practical threat intelligence and information sharing for everyone.
2019-10-21, 12:00–12:20, Hollenfels
After "Master of Cluster" presented last year, the new work is focused on how to improve the comparison speed between malware samples. The goal is to provide this feature as service through a web platform freely and available for all and also being inspirational as comparison engine for other platforms.
Starting from pure python, it will be shown multiprocessing, numpy, cython, dask, arriving to dask-cuda with cupy: A NumPy-compatible matrix library accelerated by CUDA. The study explored also differents places to store and retrieve data such as Neo4j, MongoDB, PostgreSQL, zarr and different data format like strings, numpy vectors and numpy packbits vectors.
Online presentation available here: https://ldo-cert.github.io/MISP-Summit-05/#/home
Recording available here: https://www.youtube.com/watch?v=X33f6xTx3kQ