SlideShare a Scribd company logo

Big Data and Cyber Security

Download as PPTX, PDF
Napier University
Napier University

A presentation by David Stubley at The Cyber Academy

Technology
1 of 11
Large-scale Log Analysis David Stubley, CEO 7 Elements
Intro
Obligatory Definition "Big data is a term for data sets that are so large or complex that traditional data processing applications are inadequate." https://en.wikipedia.org/wiki/Big_data
Known Unknowns redirect:$%7B%23a%3d(new%20java.lang.ProcessBuilder(new%20 java.lang.String%5B%5D%20%7B'whoami'%7D)).start(),%23b%3d% 23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReade r%20(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e% 3dnew%20char%5B50000%5D,%23d.read(%23e),%23matt%3d%20%23co ntext.get('com.opensymphony.xwork2.dispatcher.HttpServletR esponse'),%23matt.getWriter().println%20(%23e),%23matt.get Writer().flush(),%23matt.getWriter().close()%7D=
Size Matters! "Big data is a term for data sets that are so large or complex that traditional data processing applications are inadequate."
A New Hope? "Big data is a term for data sets that are so large or complex that traditional data processing applications are inadequate."
The Result?
Word of Caution HAL 9000: "I'm sorry Dave, I'm afraid I can't do that"
Questions ?
www.7elements.co.uk

Recommended

Lt html data_attributes
Lt html data_attributesLt html data_attributes
Lt html data_attributesYuzu Saijo
 
ORM is a perfect anti-pattern
ORM is a perfect anti-patternORM is a perfect anti-pattern
ORM is a perfect anti-patternYegor Bugayenko
 
Programación
ProgramaciónProgramación
ProgramaciónDavid Lema
 
Accelerating Innovation: Do More with Less in Your Startup
Accelerating Innovation: Do More with Less in Your StartupAccelerating Innovation: Do More with Less in Your Startup
Accelerating Innovation: Do More with Less in Your StartupNew Relic
 
Big Data in Cyber Security
Big Data in Cyber SecurityBig Data in Cyber Security
Big Data in Cyber SecurityNapier University
 
Big Data Analytics
Big Data AnalyticsBig Data Analytics
Big Data AnalyticsNapier University
 
Geek Sync | Understanding Oracle Database Security
Geek Sync | Understanding Oracle Database SecurityGeek Sync | Understanding Oracle Database Security
Geek Sync | Understanding Oracle Database SecurityIDERA Software
 
Open Source Security Tools for Big Data
Open Source Security Tools for Big DataOpen Source Security Tools for Big Data
Open Source Security Tools for Big DataRommel Garcia
 

Recommended

Lt html data_attributes
Lt html data_attributesLt html data_attributes
Lt html data_attributesYuzu Saijo
 
ORM is a perfect anti-pattern
ORM is a perfect anti-patternORM is a perfect anti-pattern
ORM is a perfect anti-patternYegor Bugayenko
 
Programación
ProgramaciónProgramación
ProgramaciónDavid Lema
 
Accelerating Innovation: Do More with Less in Your Startup
Accelerating Innovation: Do More with Less in Your StartupAccelerating Innovation: Do More with Less in Your Startup
Accelerating Innovation: Do More with Less in Your StartupNew Relic
 
Big Data in Cyber Security
Big Data in Cyber SecurityBig Data in Cyber Security
Big Data in Cyber SecurityNapier University
 
Big Data Analytics
Big Data AnalyticsBig Data Analytics
Big Data AnalyticsNapier University
 
Geek Sync | Understanding Oracle Database Security
Geek Sync | Understanding Oracle Database SecurityGeek Sync | Understanding Oracle Database Security
Geek Sync | Understanding Oracle Database SecurityIDERA Software
 
Open Source Security Tools for Big Data
Open Source Security Tools for Big DataOpen Source Security Tools for Big Data
Open Source Security Tools for Big DataRommel Garcia
 
The Future of Hadoop Security - Hadoop Summit 2014
The Future of Hadoop Security - Hadoop Summit 2014The Future of Hadoop Security - Hadoop Summit 2014
The Future of Hadoop Security - Hadoop Summit 2014Cloudera, Inc.
 
Security and Audit for Big Data
Security and Audit for Big DataSecurity and Audit for Big Data
Security and Audit for Big DataNicolas Morales
 
End-to-End Security and Auditing in a Big Data as a Service Deployment
End-to-End Security and Auditing in a Big Data as a Service DeploymentEnd-to-End Security and Auditing in a Big Data as a Service Deployment
End-to-End Security and Auditing in a Big Data as a Service DeploymentDataWorks Summit/Hadoop Summit
 
Big Data Security with Hadoop
Big Data Security with HadoopBig Data Security with Hadoop
Big Data Security with HadoopCloudera, Inc.
 
Big Data Security and Governance
Big Data Security and GovernanceBig Data Security and Governance
Big Data Security and GovernanceDataWorks Summit/Hadoop Summit
 
What is Big Data?
What is Big Data?What is Big Data?
What is Big Data?Bernard Marr
 
Advance MySQL Docstore Features
Advance MySQL Docstore FeaturesAdvance MySQL Docstore Features
Advance MySQL Docstore Featuressankalita chakraborty
 
Mres presentation
Mres presentationMres presentation
Mres presentationPanagiotis Garefalakis
 
MicroManager_MATLAB_Implementation
MicroManager_MATLAB_ImplementationMicroManager_MATLAB_Implementation
MicroManager_MATLAB_ImplementationPhilip Mohun
 
Java one 2010
Java one 2010Java one 2010
Java one 2010scdn
 
Automatic Fine-Grained Issue Report Reclassification
Automatic Fine-Grained Issue Report ReclassificationAutomatic Fine-Grained Issue Report Reclassification
Automatic Fine-Grained Issue Report ReclassificationPavneet Singh Kochhar
 
sun solaris
sun solarissun solaris
sun solarisSubur Haryawan
 
Vaadin & Web Components
Vaadin & Web ComponentsVaadin & Web Components
Vaadin & Web ComponentsJoonas Lehtinen
 
Whatever it takes - Fixing SQLIA and XSS in the process
Whatever it takes - Fixing SQLIA and XSS in the processWhatever it takes - Fixing SQLIA and XSS in the process
Whatever it takes - Fixing SQLIA and XSS in the processguest3379bd
 
HATEOAS 101 - Opinionated Introduction to a REST API Style
HATEOAS 101 - Opinionated Introduction to a REST API StyleHATEOAS 101 - Opinionated Introduction to a REST API Style
HATEOAS 101 - Opinionated Introduction to a REST API StyleApigee | Google Cloud
 
Citicorp Presentation
Citicorp PresentationCiticorp Presentation
Citicorp Presentationanniesal
 
Dropwizard Introduction
Dropwizard IntroductionDropwizard Introduction
Dropwizard IntroductionAnthony Chen
 
Vaadin 7 CN
Vaadin 7 CNVaadin 7 CN
Vaadin 7 CNjojule
 
Agile Data Science 2.0 - Big Data Science Meetup
Agile Data Science 2.0 - Big Data Science MeetupAgile Data Science 2.0 - Big Data Science Meetup
Agile Data Science 2.0 - Big Data Science MeetupRussell Jurney
 
Get Back in Control of your SQL
Get Back in Control of your SQLGet Back in Control of your SQL
Get Back in Control of your SQLJava Usergroup Berlin-Brandenburg
 
Get Back in Control of Your SQL with jOOQ at #Java2Days
Get Back in Control of Your SQL with jOOQ at #Java2DaysGet Back in Control of Your SQL with jOOQ at #Java2Days
Get Back in Control of Your SQL with jOOQ at #Java2DaysLukas Eder
 
20190627 j hipster-conf- diary of a java dev lost in the .net world
20190627 j hipster-conf- diary of a java dev lost in the .net world20190627 j hipster-conf- diary of a java dev lost in the .net world
20190627 j hipster-conf- diary of a java dev lost in the .net worldDaniel Petisme
 

More Related Content

Viewers also liked

The Future of Hadoop Security - Hadoop Summit 2014
The Future of Hadoop Security - Hadoop Summit 2014The Future of Hadoop Security - Hadoop Summit 2014
The Future of Hadoop Security - Hadoop Summit 2014Cloudera, Inc.
 
Security and Audit for Big Data
Security and Audit for Big DataSecurity and Audit for Big Data
Security and Audit for Big DataNicolas Morales
 
End-to-End Security and Auditing in a Big Data as a Service Deployment
End-to-End Security and Auditing in a Big Data as a Service DeploymentEnd-to-End Security and Auditing in a Big Data as a Service Deployment
End-to-End Security and Auditing in a Big Data as a Service DeploymentDataWorks Summit/Hadoop Summit
 
Big Data Security with Hadoop
Big Data Security with HadoopBig Data Security with Hadoop
Big Data Security with HadoopCloudera, Inc.
 

Viewers also liked (6)

The Future of Hadoop Security - Hadoop Summit 2014
The Future of Hadoop Security - Hadoop Summit 2014The Future of Hadoop Security - Hadoop Summit 2014
The Future of Hadoop Security - Hadoop Summit 2014
 
Security and Audit for Big Data
Security and Audit for Big DataSecurity and Audit for Big Data
Security and Audit for Big Data
 
End-to-End Security and Auditing in a Big Data as a Service Deployment
End-to-End Security and Auditing in a Big Data as a Service DeploymentEnd-to-End Security and Auditing in a Big Data as a Service Deployment
End-to-End Security and Auditing in a Big Data as a Service Deployment
 
Big Data Security with Hadoop
Big Data Security with HadoopBig Data Security with Hadoop
Big Data Security with Hadoop
 
Big Data Security and Governance
Big Data Security and GovernanceBig Data Security and Governance
Big Data Security and Governance
 
What is Big Data?
What is Big Data?What is Big Data?
What is Big Data?
 

Similar to Big Data and Cyber Security

MicroManager_MATLAB_Implementation
MicroManager_MATLAB_ImplementationMicroManager_MATLAB_Implementation
MicroManager_MATLAB_ImplementationPhilip Mohun
 
Java one 2010
Java one 2010Java one 2010
Java one 2010scdn
 
Automatic Fine-Grained Issue Report Reclassification
Automatic Fine-Grained Issue Report ReclassificationAutomatic Fine-Grained Issue Report Reclassification
Automatic Fine-Grained Issue Report ReclassificationPavneet Singh Kochhar
 
Whatever it takes - Fixing SQLIA and XSS in the process
Whatever it takes - Fixing SQLIA and XSS in the processWhatever it takes - Fixing SQLIA and XSS in the process
Whatever it takes - Fixing SQLIA and XSS in the processguest3379bd
 
HATEOAS 101 - Opinionated Introduction to a REST API Style
HATEOAS 101 - Opinionated Introduction to a REST API StyleHATEOAS 101 - Opinionated Introduction to a REST API Style
HATEOAS 101 - Opinionated Introduction to a REST API StyleApigee | Google Cloud
 
Citicorp Presentation
Citicorp PresentationCiticorp Presentation
Citicorp Presentationanniesal
 
Dropwizard Introduction
Dropwizard IntroductionDropwizard Introduction
Dropwizard IntroductionAnthony Chen
 
Vaadin 7 CN
Vaadin 7 CNVaadin 7 CN
Vaadin 7 CNjojule
 
Agile Data Science 2.0 - Big Data Science Meetup
Agile Data Science 2.0 - Big Data Science MeetupAgile Data Science 2.0 - Big Data Science Meetup
Agile Data Science 2.0 - Big Data Science MeetupRussell Jurney
 
Get Back in Control of Your SQL with jOOQ at #Java2Days
Get Back in Control of Your SQL with jOOQ at #Java2DaysGet Back in Control of Your SQL with jOOQ at #Java2Days
Get Back in Control of Your SQL with jOOQ at #Java2DaysLukas Eder
 
20190627 j hipster-conf- diary of a java dev lost in the .net world
20190627 j hipster-conf- diary of a java dev lost in the .net world20190627 j hipster-conf- diary of a java dev lost in the .net world
20190627 j hipster-conf- diary of a java dev lost in the .net worldDaniel Petisme
 
手把手教你如何串接 Log 到各種網路服務
手把手教你如何串接 Log 到各種網路服務手把手教你如何串接 Log 到各種網路服務
手把手教你如何串接 Log 到各種網路服務Mu Chun Wang
 
Css2011 Ruo Ando
Css2011 Ruo AndoCss2011 Ruo Ando
Css2011 Ruo AndoRuo Ando
 
ESRI Dev Meetup: Building Distributed JavaScript Map Widgets
ESRI Dev Meetup: Building Distributed JavaScript Map WidgetsESRI Dev Meetup: Building Distributed JavaScript Map Widgets
ESRI Dev Meetup: Building Distributed JavaScript Map WidgetsAllan Glen
 
Example R usage for oracle DBA UKOUG 2013
Example R usage for oracle DBA UKOUG 2013Example R usage for oracle DBA UKOUG 2013
Example R usage for oracle DBA UKOUG 2013BertrandDrouvot
 

Similar to Big Data and Cyber Security (20)

Advance MySQL Docstore Features
Advance MySQL Docstore FeaturesAdvance MySQL Docstore Features
Advance MySQL Docstore Features
 
Mres presentation
Mres presentationMres presentation
Mres presentation
 
MicroManager_MATLAB_Implementation
MicroManager_MATLAB_ImplementationMicroManager_MATLAB_Implementation
MicroManager_MATLAB_Implementation
 
Java one 2010
Java one 2010Java one 2010
Java one 2010
 
Automatic Fine-Grained Issue Report Reclassification
Automatic Fine-Grained Issue Report ReclassificationAutomatic Fine-Grained Issue Report Reclassification
Automatic Fine-Grained Issue Report Reclassification
 
sun solaris
sun solarissun solaris
sun solaris
 
Vaadin & Web Components
Vaadin & Web ComponentsVaadin & Web Components
Vaadin & Web Components
 
Whatever it takes - Fixing SQLIA and XSS in the process
Whatever it takes - Fixing SQLIA and XSS in the processWhatever it takes - Fixing SQLIA and XSS in the process
Whatever it takes - Fixing SQLIA and XSS in the process
 
HATEOAS 101 - Opinionated Introduction to a REST API Style
HATEOAS 101 - Opinionated Introduction to a REST API StyleHATEOAS 101 - Opinionated Introduction to a REST API Style
HATEOAS 101 - Opinionated Introduction to a REST API Style
 
Citicorp Presentation
Citicorp PresentationCiticorp Presentation
Citicorp Presentation
 
Dropwizard Introduction
Dropwizard IntroductionDropwizard Introduction
Dropwizard Introduction
 
Vaadin 7 CN
Vaadin 7 CNVaadin 7 CN
Vaadin 7 CN
 
Agile Data Science 2.0 - Big Data Science Meetup
Agile Data Science 2.0 - Big Data Science MeetupAgile Data Science 2.0 - Big Data Science Meetup
Agile Data Science 2.0 - Big Data Science Meetup
 
Get Back in Control of your SQL
Get Back in Control of your SQLGet Back in Control of your SQL
Get Back in Control of your SQL
 
Get Back in Control of Your SQL with jOOQ at #Java2Days
Get Back in Control of Your SQL with jOOQ at #Java2DaysGet Back in Control of Your SQL with jOOQ at #Java2Days
Get Back in Control of Your SQL with jOOQ at #Java2Days
 
20190627 j hipster-conf- diary of a java dev lost in the .net world
20190627 j hipster-conf- diary of a java dev lost in the .net world20190627 j hipster-conf- diary of a java dev lost in the .net world
20190627 j hipster-conf- diary of a java dev lost in the .net world
 
手把手教你如何串接 Log 到各種網路服務
手把手教你如何串接 Log 到各種網路服務手把手教你如何串接 Log 到各種網路服務
手把手教你如何串接 Log 到各種網路服務
 
Css2011 Ruo Ando
Css2011 Ruo AndoCss2011 Ruo Ando
Css2011 Ruo Ando
 
ESRI Dev Meetup: Building Distributed JavaScript Map Widgets
ESRI Dev Meetup: Building Distributed JavaScript Map WidgetsESRI Dev Meetup: Building Distributed JavaScript Map Widgets
ESRI Dev Meetup: Building Distributed JavaScript Map Widgets
 
Example R usage for oracle DBA UKOUG 2013
Example R usage for oracle DBA UKOUG 2013Example R usage for oracle DBA UKOUG 2013
Example R usage for oracle DBA UKOUG 2013
 

More from Napier University

10. Data to Information: NumPy and Pandas
10. Data to Information: NumPy and Pandas10. Data to Information: NumPy and Pandas
10. Data to Information: NumPy and PandasNapier University
 
The Road Ahead for Ripple, Marjan Delatinne
The Road Ahead for Ripple, Marjan DelatinneThe Road Ahead for Ripple, Marjan Delatinne
The Road Ahead for Ripple, Marjan DelatinneNapier University
 
Delivering The Tel Aviv Stock Exchange Securities, Duncan Johnston-Watt
Delivering The Tel Aviv Stock Exchange Securities, Duncan Johnston-Watt Delivering The Tel Aviv Stock Exchange Securities, Duncan Johnston-Watt
Delivering The Tel Aviv Stock Exchange Securities, Duncan Johnston-WattNapier University
 
RMIT Blockchain Innovation Hub, Chris Berg
RMIT Blockchain Innovation Hub, Chris BergRMIT Blockchain Innovation Hub, Chris Berg
RMIT Blockchain Innovation Hub, Chris BergNapier University
 
Browser-based Crypto M, C. F Mondschein
Browser-based Crypto M, C. F MondscheinBrowser-based Crypto M, C. F Mondschein
Browser-based Crypto M, C. F MondscheinNapier University
 
Should we transform or adapt to blockchain - a public sector perspective?, Al...
Should we transform or adapt to blockchain - a public sector perspective?, Al...Should we transform or adapt to blockchain - a public sector perspective?, Al...
Should we transform or adapt to blockchain - a public sector perspective?, Al...Napier University
 
IoT device attestation system using blockchain, Alistair Duke
IoT device attestation system using blockchain, Alistair DukeIoT device attestation system using blockchain, Alistair Duke
IoT device attestation system using blockchain, Alistair DukeNapier University
 
Robust Programming of Smart Contracts in Solidity+, RK Shyamasundar
Robust Programming of Smart Contracts in Solidity+, RK ShyamasundarRobust Programming of Smart Contracts in Solidity+, RK Shyamasundar
Robust Programming of Smart Contracts in Solidity+, RK ShyamasundarNapier University
 
Using Blockchain for Evidence Purpose, Rafael Prabucki
Using Blockchain for Evidence Purpose, Rafael PrabuckiUsing Blockchain for Evidence Purpose, Rafael Prabucki
Using Blockchain for Evidence Purpose, Rafael PrabuckiNapier University
 
Cryptocurrencies and cyberlaundering- the need for regulation, Gian Marco Bov...
Cryptocurrencies and cyberlaundering- the need for regulation, Gian Marco Bov...Cryptocurrencies and cyberlaundering- the need for regulation, Gian Marco Bov...
Cryptocurrencies and cyberlaundering- the need for regulation, Gian Marco Bov...Napier University
 
Emerging Regulatory Approaches to Blockchain-based Token Economy, Agata Fereirra
Emerging Regulatory Approaches to Blockchain-based Token Economy, Agata FereirraEmerging Regulatory Approaches to Blockchain-based Token Economy, Agata Fereirra
Emerging Regulatory Approaches to Blockchain-based Token Economy, Agata FereirraNapier University
 

More from Napier University (20)

Intrusion Detection Systems
Intrusion Detection SystemsIntrusion Detection Systems
Intrusion Detection Systems
 
Networks
NetworksNetworks
Networks
 
Memory, Big Data and SIEM
Memory, Big Data and SIEMMemory, Big Data and SIEM
Memory, Big Data and SIEM
 
What is Cyber Data?
What is Cyber Data?What is Cyber Data?
What is Cyber Data?
 
Open Source Intelligence
Open Source IntelligenceOpen Source Intelligence
Open Source Intelligence
 
10. Data to Information: NumPy and Pandas
10. Data to Information: NumPy and Pandas10. Data to Information: NumPy and Pandas
10. Data to Information: NumPy and Pandas
 
2. Defence Systems
2. Defence Systems2. Defence Systems
2. Defence Systems
 
1. Cyber and Intelligence
1. Cyber and Intelligence1. Cyber and Intelligence
1. Cyber and Intelligence
 
The Road Ahead for Ripple, Marjan Delatinne
The Road Ahead for Ripple, Marjan DelatinneThe Road Ahead for Ripple, Marjan Delatinne
The Road Ahead for Ripple, Marjan Delatinne
 
Delivering The Tel Aviv Stock Exchange Securities, Duncan Johnston-Watt
Delivering The Tel Aviv Stock Exchange Securities, Duncan Johnston-Watt Delivering The Tel Aviv Stock Exchange Securities, Duncan Johnston-Watt
Delivering The Tel Aviv Stock Exchange Securities, Duncan Johnston-Watt
 
ARTiFACTS, Emma Boswood
ARTiFACTS, Emma BoswoodARTiFACTS, Emma Boswood
ARTiFACTS, Emma Boswood
 
RMIT Blockchain Innovation Hub, Chris Berg
RMIT Blockchain Innovation Hub, Chris BergRMIT Blockchain Innovation Hub, Chris Berg
RMIT Blockchain Innovation Hub, Chris Berg
 
Keynote, Naseem Naqvi
Keynote, Naseem Naqvi Keynote, Naseem Naqvi
Keynote, Naseem Naqvi
 
Browser-based Crypto M, C. F Mondschein
Browser-based Crypto M, C. F MondscheinBrowser-based Crypto M, C. F Mondschein
Browser-based Crypto M, C. F Mondschein
 
Should we transform or adapt to blockchain - a public sector perspective?, Al...
Should we transform or adapt to blockchain - a public sector perspective?, Al...Should we transform or adapt to blockchain - a public sector perspective?, Al...
Should we transform or adapt to blockchain - a public sector perspective?, Al...
 
IoT device attestation system using blockchain, Alistair Duke
IoT device attestation system using blockchain, Alistair DukeIoT device attestation system using blockchain, Alistair Duke
IoT device attestation system using blockchain, Alistair Duke
 
Robust Programming of Smart Contracts in Solidity+, RK Shyamasundar
Robust Programming of Smart Contracts in Solidity+, RK ShyamasundarRobust Programming of Smart Contracts in Solidity+, RK Shyamasundar
Robust Programming of Smart Contracts in Solidity+, RK Shyamasundar
 
Using Blockchain for Evidence Purpose, Rafael Prabucki
Using Blockchain for Evidence Purpose, Rafael PrabuckiUsing Blockchain for Evidence Purpose, Rafael Prabucki
Using Blockchain for Evidence Purpose, Rafael Prabucki
 
Cryptocurrencies and cyberlaundering- the need for regulation, Gian Marco Bov...
Cryptocurrencies and cyberlaundering- the need for regulation, Gian Marco Bov...Cryptocurrencies and cyberlaundering- the need for regulation, Gian Marco Bov...
Cryptocurrencies and cyberlaundering- the need for regulation, Gian Marco Bov...
 
Emerging Regulatory Approaches to Blockchain-based Token Economy, Agata Fereirra
Emerging Regulatory Approaches to Blockchain-based Token Economy, Agata FereirraEmerging Regulatory Approaches to Blockchain-based Token Economy, Agata Fereirra
Emerging Regulatory Approaches to Blockchain-based Token Economy, Agata Fereirra
 

Recently uploaded

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 

Recently uploaded (20)

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 

Big Data and Cyber Security

Editor's Notes

  1. Big data – with spheres containing pictures of the main themes. Just as an intro to what we are going to cover and that today our talk on big data is brought to you by Leo Tolstoy, Donald Rumsfeld, 2001 A space odyssey, star wars and the Eiffel tower. Fast paced, non-sales led overview of how we approach large-scale log analysis at 7E as part of incident response.
  2. Being a conference on Big Data and as my talk is at least the sixth of the day, I thought we may need to actually define what big data is! For me, the key points are highlighted in bold, we are talking about large and or complex data sets where traditional approaches to data processing are no longer adequate. In this talk we are going to cover how large-scale log analysis can quickly generate data sets that are so large that current approaches are inadequate and explore how a blended approach of technology and human problem solving is required to find the needle in the haystack. What we are not talking about is replacing people with algorithms / machine learning or magic. Also a key point is that big data is not a panacea for all ills within the security world, but when leveraged in the right way with skilled technical resource, the use of big data will enable our community to make sense of the ever evolving and complicated threat landscape that we now face.
  3. So, this talk is based on real world experience of dealing with large amounts of log data. For context, we are going to use an incident that the 7E team worked on that involved a new exploit with no known attack signatures. So in the words of Donald Rumsfeld, “because as we know, there are known knowns; there are things we know we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns – the ones we don't know we don't know. If it was a known know, then we could expect IPS / WAF platforms to provide protection and alerting and thus analysis of those alerts. However, in the event of a breach that doesn’t match known signatures, then we are moving in to the realm of known unknowns and having to search available logs for evidence of malicious activity. I’m not even going to get in to a discussion about unknown unknowns….. So for now, lets get back to logs, specifically apache log files and lots of them.
  4. What do we actually mean when we talk about large and complex logs? Incident engagement, enterprise grade three tier architecture model, split over multiple load balancers serving traffic to eight application servers and supporting backend databases. Compromise of the main application layer. As part of the incident response we obtained 3TB of log files that covered the previous three months of log history for the eight servers. All logs split by host and further split through log rotation. Today, 3TB of data doesn’t sound that much, especially as you can now buy 3TB external drives for £70. So what is 3TB of log data in real terms? Total number of words = three hundred thirty nine billion, three hundred eighty eight million, three hundred thirteen thousand, four hundred twelve. Total number of lines = twenty six billion, eight hundred million, five hundred ninety five thousand, nine hundred twenty seven. Enough words to fill five hundred seventy seven thousand, eight hundred ninety one copies of Leo Tolstoy’s War and Peace. Which if you stacked those books would be be the height of 117 Eifel Towers.
  5. Clearly that amount of data was going to require more than notepad or a spreadsheet! And as any discerning Jedi knows, you don’t just rely on technology – the failure of the death star is a prime case in point. We need a blend of human skills supported by technology. So we built an easily extensible python controller using a RESTful JSON-based API to take advantage of Elasticsearch and Logstash. Combined with Kibana to provide a graphical interface for manual interrogation of log data.
  6. Key to large scale log analysis: Ability to extract out ‘known knowns’. This is done through verified attack signatures. Automatically generate evidence files. Access to raw logs for manual analysis and verification. Both command line and visual through kabana. Ability to update signatures with new attack patterns and repeat analysis. Timelines, suspect IPs. All traffic from a suspect IP is extracted for further targeted analysis. Human is in full control over the analysis, this includes choice of signatures.
  7. Finding new attacks that automated tools along would not have found! In our reference case: Identification of an exploit kit being used to compromise enterprise Established the timeline of the attack, occurred further back than initially thought Identification of compromised hosts and backdoor scripts in use by the attackers, allowing for wider internal search of systems for evidence of compromise. As a second example: Manual analysis of 1m lines of log data for evidence of compromise through a new exploit. Manually the effort took around four man days of effort. Using the platform, 2.5 seconds to identify the nine relevant entries within the logs showing a successful compromise of the server.
  8. Positioning slide to talk about the need to be able to drive tools and interrogate the data. Do not be driven by the output of the tool! Also talk about being able to do critical analysis – “So what” Use example of analyst finding shellshock. Skill set of front line needs to increase, not just restricted to research.