copyright niksun 2014 using big data analytics to thwart cyber threats shivank dua
TRANSCRIPT
- Slide 1
- Copyright NIKSUN 2014 Using Big Data Analytics To Thwart Cyber Threats Shivank Dua
- Slide 2
- Slide 2 Copyright NIKSUN 2014
- Slide 3
- Slide 3 Copyright NIKSUN 2014
- Slide 4
- Slide 4 Hacking ~ 52% Threat Actions Malware ~ 40% Physical ~ 35% Social ~ 29% Verizon USSS 2013 DBIR Misuse ~ 13% Error ~ 2% Copyright NIKSUN 2014
- Slide 5
- Exponential Growth in Malware Slide 5 Copyright NIKSUN 2014
- Slide 6
- An Approach Based on Detection Theory Slide 6 Copyright NIKSUN 2014 EffectivenessEffectiveness
- Slide 7
- + An Approach Based on Event Collection Slide 7 Copyright NIKSUN 2014 EffectivenessEffectiveness Create a Database for all Security Data
- Slide 8
- How Can We Increase Effectiveness? Slide 8 Copyright NIKSUN 2014 KnownKnown KnownKnownUnknownUnknown UnknownUnknownUnknownUnknown KnownKnown
- Slide 9
- Effectiveness Increases If We Can Slide 9 Copyright NIKSUN 2014 Make More of the Unknown Known
- Slide 10
- In The Meantime Slide 10 Copyright NIKSUN 2014 Exponential Growth in 4 Vs VolumeVelocityVarietyVariability Exponential Growth in 4 Vs Volume Velocity Variety Variability
- Slide 11
- Use Distributed Data Warehousing to Handle Increasing Volume Slide 11 Copyright NIKSUN 2014 Global Command & Control Regional Data Warehouse Local Data Warehouse Regional Data Warehouse Local Data Warehouse
- Slide 12
- Use Parallel Proc. to Handle Exponential Growth in Velocity Slide 12 Copyright NIKSUN 2014 Optimizing the Pipeline Micro Analytic Modules Atomic Results Produce Partial Results & Update Update Incrementally Molecular Results Aggregate Results Aggregate Results From Multiple Micro To Macro Modules Elemental Results Analytic Module
- Slide 13
- A Library of Analytic Modules & Malleable Rules Handle Variety Slide 13 Copyright NIKSUN 2014 Link Layer Analytic Module Network Layer Analytic Module Session Layer Analytic Module Application Layer Analytic Module Enterprise Level Analytic Module
- Slide 14
- Handles Variability Slide 14 Copyright NIKSUN 2014
- Slide 15
- Slide 15 Copyright NIKSUN 2014 EffectivenessEffectiveness
- Slide 16
- Slide 16 Copyright NIKSUN 2014 Case Study
- Slide 17
- Slide 17 Copyright NIKSUN 2014 Phishing & Data Leakage
- Slide 18
- Slide 18 Copyright NIKSUN 2014
- Slide 19
- Slide 19 Copyright NIKSUN 2014 Total Balance Due: $928.52
- Slide 20
- Slide 20 Copyright NIKSUN 2014
- Slide 21
- Slide 21 Copyright NIKSUN 2014
- Slide 22
- Slide 22 Copyright NIKSUN 2014
- Slide 23
- Slide 23 Copyright NIKSUN 2014
- Slide 24
- Slide 24 Copyright NIKSUN 2014 Targets Identified Summary Zombies Identified & Method of Breach New Vulnerability Identified New Malware Identified Exfiltration Identified
- Slide 25
- Slide 25 Copyright NIKSUN 2014 Case Study
- Slide 26
- Slide 26 Copyright NIKSUN 2014 Client Hit by DDoS Attacks from Iran As Has Been Widely Reported Several times a week the bank experienced DoS attacks Brought Down Their Network Brought Down Customer Portal Quickly Caused Financial Losses / Damage To Reputation Call Centers Were Lighting Up w/ Customer Complaints
- Slide 27
- Slide 27 Copyright NIKSUN 2014 HTTPS Port Carrying non- HTTPS curl Traffic
- Slide 28
- Slide 28 Copyright NIKSUN 2014 "GET /signon.php? df58ce7h HTTP/1.1 " 200 "- "Mozilla/5.0 (Windows; U; Windows NT 6.1; rv:2.2) Gecko/2011020
- Slide 29
- Slide 29 Copyright NIKSUN 2014 Law Enforcement received all the data and a complete analysis within hours Summary The Denial of Service (DoS) attacks were traced back to the Middle East Consisted of a large number of geographically dispersed servers which flooded the client networks and crippling the application delivery servers with malformed requests
- Slide 30
- Slide 30 Copyright NIKSUN 2014 Significantly Reduce Response Time Big Data Analytics Can Provide Actionable Intelligence Provide Accurate Analytics Effectively Thwart Cyber Threats
- Slide 31
- NIKSUN: Helping You Know the Unknown Visit us at www.niksun.com orwww.niksun.com email to [email protected]@niksun.com For additional information: Slide 31 Copyright NIKSUN 2014