SlideShare una empresa de Scribd logo

Vis sense cluster meeting

F
fcleary
EducaciónTecnología
1 de 18
Descargar para leer sin conexión
Visual Analytic Representation of Large Datasets for Enhancing Network Security James Davey Fraunhofer Institute for Computer Graphics Research IGD Fraunhoferstraße 5 64283 Darmstadt Phone +49 6151 155-655 | Fax -139 james.davey@igd.fraunhofer.de www.igd.fraunhofer.de/igd-a3 www.vis-sense.eu No. 257495
VIS-SENSE Organisation Topic: Technology and Tools for Trustworthy ICT (2009.1.4) Grant Agreement: STREP – 257495 Time Frame: 01.10.2010 until 30.09.2013 Budget: 3,32 million euro / 2.35 million euro EU contribution 6 partners from 4 countries: Fraunhofer IGD (Germany) – Coordinator CERTH / ITI (Greece) Institut EURECOM (France) Institut Telecom (France) Symantec Ltd. (Ireland) University of Konstanz (Germany) www.vis-sense.eu No. 257495
Root-Cause Analysis Use Case: Root-Cause Analysis Overview over the Internet threat landscape Zooming Out www.vis-sense.eu No. 257495
Overview – Zooming Out www.vis-sense.eu No. 257495
Overview – Zooming Out www.vis-sense.eu No. 257495
Overview – Zooming Out www.vis-sense.eu No. 257495
Overview – Zooming Out Features in an interactive map: Our Features: Position, I.P. addresses, Area, Server names, Street hierarchy, Email addresses, Etc. Keyword sets, Distributions, Timestamps, Etc. www.vis-sense.eu No. 257495
Overview – Zooming Out Features in an interactive map: Our Features: Grouping is easy and unambiguous Grouping is difficult Grouping is ambiguous We need some definition of distance or similarity Similarity Models www.vis-sense.eu No. 257495
The TRIAGE(1) approach Clustering based on Multi-Criteria Decision Analysis (MCDA) Automatic grouping of elements likely to share the same root causes Features Selection Σ Multi-criteria Per feature Multi-Dimensional Aggregation Graph-based representation Clusters (MDC’s) Events (data fusion) 1) Triage (med.): process of prioritizing patients based on the severity of their condition www.vis-sense.eu No. 257495 9 9
Definitions Features Entities www.vis-sense.eu No. 257495
Similarity – Models for Similarity www.vis-sense.eu No. 257495
Per Feature Similarity Example – Real Numbers www.vis-sense.eu No. 257495
Grouping with respect to different features www.vis-sense.eu No. 257495
Aggregate Similarity Example www.vis-sense.eu No. 257495
An example of Rogue AV campaign 750 domains registered over a span of 8 months Domain name /24 network of web server Registrant email www.vis-sense.eu Registration date No. 257495
- domain name patterns - use of whois privacy protection services www.vis-sense.eu No. 257495
Spam Botnets Inter-relationships Unclassified Rustock Mega-D Cutwail Grum Spam event Subject keywords www.vis-sense.eu No. 257495 Bot name
Thanks for Your Attention James Davey Fraunhofer IGD Fraunhoferstraße 5 64283 Darmstadt IGD_Folienvorlage_v2010.10.ppt Tel +49 6151 155 – 655 | Fax – 139 james.davey@igd.fraunhofer.de www.igd.fraunhofer.de/igd-a3 www.vis-sense.eu No. 257495

Recomendados

Endorse cluster meeting
Endorse cluster meetingEndorse cluster meeting
Endorse cluster meetingfcleary
 
Models Workshop Objectives
Models Workshop ObjectivesModels Workshop Objectives
Models Workshop Objectivesfcleary
 
Massif cluster meeting
Massif cluster meetingMassif cluster meeting
Massif cluster meetingfcleary
 
Tdl
TdlTdl
Tdlfcleary
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meetingfcleary
 
Syssec
SyssecSyssec
Syssecfcleary
 
Assert4soa cluster meeting
Assert4soa cluster meetingAssert4soa cluster meeting
Assert4soa cluster meetingfcleary
 
Massif road mapping_20110704
Massif road mapping_20110704Massif road mapping_20110704
Massif road mapping_20110704fcleary
 

Recomendados

Endorse cluster meeting
Endorse cluster meetingEndorse cluster meeting
Endorse cluster meetingfcleary
 
Models Workshop Objectives
Models Workshop ObjectivesModels Workshop Objectives
Models Workshop Objectivesfcleary
 
Massif cluster meeting
Massif cluster meetingMassif cluster meeting
Massif cluster meetingfcleary
 
Tdl
TdlTdl
Tdlfcleary
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meetingfcleary
 
Syssec
SyssecSyssec
Syssecfcleary
 
Assert4soa cluster meeting
Assert4soa cluster meetingAssert4soa cluster meeting
Assert4soa cluster meetingfcleary
 
Massif road mapping_20110704
Massif road mapping_20110704Massif road mapping_20110704
Massif road mapping_20110704fcleary
 
Aniketos 2nd cluster meeting
Aniketos 2nd cluster meetingAniketos 2nd cluster meeting
Aniketos 2nd cluster meetingfcleary
 
Nessos securechange cluster meeting
Nessos securechange cluster meetingNessos securechange cluster meeting
Nessos securechange cluster meetingfcleary
 
Posecco cluster meeting
Posecco cluster meetingPosecco cluster meeting
Posecco cluster meetingfcleary
 
Workshop summary software assurance and trust
Workshop summary software assurance and trustWorkshop summary software assurance and trust
Workshop summary software assurance and trustfcleary
 
VIKING cluster meeting 1
VIKING cluster meeting 1VIKING cluster meeting 1
VIKING cluster meeting 1fcleary
 
Posecco clustering meeting
Posecco clustering meetingPosecco clustering meeting
Posecco clustering meetingfcleary
 
U trustit_cluster meeting
U trustit_cluster meetingU trustit_cluster meeting
U trustit_cluster meetingfcleary
 
T&s roadmap slides ams
T&s roadmap slides amsT&s roadmap slides ams
T&s roadmap slides amsfcleary
 
Viking vi cisi
Viking vi cisiViking vi cisi
Viking vi cisifcleary
 
Nessos
NessosNessos
Nessosfcleary
 
Effect splus systems-and-network-cluster-results-draft-v1
Effect splus systems-and-network-cluster-results-draft-v1Effect splus systems-and-network-cluster-results-draft-v1
Effect splus systems-and-network-cluster-results-draft-v1fcleary
 
Eccenca linked data_101 (en)
Eccenca linked data_101 (en)Eccenca linked data_101 (en)
Eccenca linked data_101 (en)Hans-Chr. Brockmann
 
PKI in today's landscape (Mauritius - Siddick)
PKI in today's landscape (Mauritius - Siddick)PKI in today's landscape (Mauritius - Siddick)
PKI in today's landscape (Mauritius - Siddick)Siddick Elaheebocus
 
Solving Compliance for Big Data
Solving Compliance for Big DataSolving Compliance for Big Data
Solving Compliance for Big Datafbeckett1
 
Tear down this wall PESGB
Tear down this wall PESGBTear down this wall PESGB
Tear down this wall PESGBDavid Lloyd
 
SIEM evolution
SIEM evolutionSIEM evolution
SIEM evolutionStijn Vande Casteele
 
Cloud security and cyber security v 3.1
Cloud security and cyber security v 3.1Cloud security and cyber security v 3.1
Cloud security and cyber security v 3.1CloudExpoEurope
 
Cisco Presentation 1
Cisco Presentation 1Cisco Presentation 1
Cisco Presentation 1changcai
 
Zero-Knowledge Proofs: Identity Proofing and Authentication
Zero-Knowledge Proofs: Identity Proofing and AuthenticationZero-Knowledge Proofs: Identity Proofing and Authentication
Zero-Knowledge Proofs: Identity Proofing and AuthenticationClare Nelson, CISSP, CIPP-E
 
Leveraging the Cloud - Getting the Most Bang for your Buck ( presentation by ...
Leveraging the Cloud - Getting the Most Bang for your Buck ( presentation by ...Leveraging the Cloud - Getting the Most Bang for your Buck ( presentation by ...
Leveraging the Cloud - Getting the Most Bang for your Buck ( presentation by ...Cloudyn
 
Achieving Visibility, Security and Real-Time Actionable Alerts Using VPC Flow...
Achieving Visibility, Security and Real-Time Actionable Alerts Using VPC Flow...Achieving Visibility, Security and Real-Time Actionable Alerts Using VPC Flow...
Achieving Visibility, Security and Real-Time Actionable Alerts Using VPC Flow...Amazon Web Services
 
PCTY 2012, Cloud security (real life) v. Ulf Feger
PCTY 2012, Cloud security (real life) v. Ulf FegerPCTY 2012, Cloud security (real life) v. Ulf Feger
PCTY 2012, Cloud security (real life) v. Ulf FegerIBM Danmark
 

Más contenido relacionado

Destacado

Aniketos 2nd cluster meeting
Aniketos 2nd cluster meetingAniketos 2nd cluster meeting
Aniketos 2nd cluster meetingfcleary
 
Nessos securechange cluster meeting
Nessos securechange cluster meetingNessos securechange cluster meeting
Nessos securechange cluster meetingfcleary
 
Posecco cluster meeting
Posecco cluster meetingPosecco cluster meeting
Posecco cluster meetingfcleary
 
Workshop summary software assurance and trust
Workshop summary software assurance and trustWorkshop summary software assurance and trust
Workshop summary software assurance and trustfcleary
 
VIKING cluster meeting 1
VIKING cluster meeting 1VIKING cluster meeting 1
VIKING cluster meeting 1fcleary
 
Posecco clustering meeting
Posecco clustering meetingPosecco clustering meeting
Posecco clustering meetingfcleary
 
U trustit_cluster meeting
U trustit_cluster meetingU trustit_cluster meeting
U trustit_cluster meetingfcleary
 
T&s roadmap slides ams
T&s roadmap slides amsT&s roadmap slides ams
T&s roadmap slides amsfcleary
 
Viking vi cisi
Viking vi cisiViking vi cisi
Viking vi cisifcleary
 
Effect splus systems-and-network-cluster-results-draft-v1
Effect splus systems-and-network-cluster-results-draft-v1Effect splus systems-and-network-cluster-results-draft-v1
Effect splus systems-and-network-cluster-results-draft-v1fcleary
 

Destacado (11)

Aniketos 2nd cluster meeting
Aniketos 2nd cluster meetingAniketos 2nd cluster meeting
Aniketos 2nd cluster meeting
 
Nessos securechange cluster meeting
Nessos securechange cluster meetingNessos securechange cluster meeting
Nessos securechange cluster meeting
 
Posecco cluster meeting
Posecco cluster meetingPosecco cluster meeting
Posecco cluster meeting
 
Workshop summary software assurance and trust
Workshop summary software assurance and trustWorkshop summary software assurance and trust
Workshop summary software assurance and trust
 
VIKING cluster meeting 1
VIKING cluster meeting 1VIKING cluster meeting 1
VIKING cluster meeting 1
 
Posecco clustering meeting
Posecco clustering meetingPosecco clustering meeting
Posecco clustering meeting
 
U trustit_cluster meeting
U trustit_cluster meetingU trustit_cluster meeting
U trustit_cluster meeting
 
T&s roadmap slides ams
T&s roadmap slides amsT&s roadmap slides ams
T&s roadmap slides ams
 
Viking vi cisi
Viking vi cisiViking vi cisi
Viking vi cisi
 
Nessos
NessosNessos
Nessos
 
Effect splus systems-and-network-cluster-results-draft-v1
Effect splus systems-and-network-cluster-results-draft-v1Effect splus systems-and-network-cluster-results-draft-v1
Effect splus systems-and-network-cluster-results-draft-v1
 

Similar a Vis sense cluster meeting

PKI in today's landscape (Mauritius - Siddick)
PKI in today's landscape (Mauritius - Siddick)PKI in today's landscape (Mauritius - Siddick)
PKI in today's landscape (Mauritius - Siddick)Siddick Elaheebocus
 
Solving Compliance for Big Data
Solving Compliance for Big DataSolving Compliance for Big Data
Solving Compliance for Big Datafbeckett1
 
Tear down this wall PESGB
Tear down this wall PESGBTear down this wall PESGB
Tear down this wall PESGBDavid Lloyd
 
Cloud security and cyber security v 3.1
Cloud security and cyber security v 3.1Cloud security and cyber security v 3.1
Cloud security and cyber security v 3.1CloudExpoEurope
 
Cisco Presentation 1
Cisco Presentation 1Cisco Presentation 1
Cisco Presentation 1changcai
 
Zero-Knowledge Proofs: Identity Proofing and Authentication
Zero-Knowledge Proofs: Identity Proofing and AuthenticationZero-Knowledge Proofs: Identity Proofing and Authentication
Zero-Knowledge Proofs: Identity Proofing and AuthenticationClare Nelson, CISSP, CIPP-E
 
Leveraging the Cloud - Getting the Most Bang for your Buck ( presentation by ...
Leveraging the Cloud - Getting the Most Bang for your Buck ( presentation by ...Leveraging the Cloud - Getting the Most Bang for your Buck ( presentation by ...
Leveraging the Cloud - Getting the Most Bang for your Buck ( presentation by ...Cloudyn
 
Achieving Visibility, Security and Real-Time Actionable Alerts Using VPC Flow...
Achieving Visibility, Security and Real-Time Actionable Alerts Using VPC Flow...Achieving Visibility, Security and Real-Time Actionable Alerts Using VPC Flow...
Achieving Visibility, Security and Real-Time Actionable Alerts Using VPC Flow...Amazon Web Services
 
PCTY 2012, Cloud security (real life) v. Ulf Feger
PCTY 2012, Cloud security (real life) v. Ulf FegerPCTY 2012, Cloud security (real life) v. Ulf Feger
PCTY 2012, Cloud security (real life) v. Ulf FegerIBM Danmark
 
Introduction to Drupal features
Introduction to Drupal featuresIntroduction to Drupal features
Introduction to Drupal featuresStijn De Meyere
 
In the social, mobile and cloud era, what does it take to be an Information P...
In the social, mobile and cloud era, what does it take to be an Information P...In the social, mobile and cloud era, what does it take to be an Information P...
In the social, mobile and cloud era, what does it take to be an Information P...John Mancini
 
Data Breach from the Inside Out
Data Breach from the Inside Out Data Breach from the Inside Out
Data Breach from the Inside Out The Lorenzi Group
 
AWS Summit Singapore 2019 | Learn How to Achieve Complete Visibility, Strong ...
AWS Summit Singapore 2019 | Learn How to Achieve Complete Visibility, Strong ...AWS Summit Singapore 2019 | Learn How to Achieve Complete Visibility, Strong ...
AWS Summit Singapore 2019 | Learn How to Achieve Complete Visibility, Strong ...AWS Summits
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk OverviewSplunk
 
Building a data network (wired and wireless
Building a data network (wired and wirelessBuilding a data network (wired and wireless
Building a data network (wired and wirelessFedora Leo
 
2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinarAlgoSec
 

Similar a Vis sense cluster meeting (20)

Eccenca linked data_101 (en)
Eccenca linked data_101 (en)Eccenca linked data_101 (en)
Eccenca linked data_101 (en)
 
PKI in today's landscape (Mauritius - Siddick)
PKI in today's landscape (Mauritius - Siddick)PKI in today's landscape (Mauritius - Siddick)
PKI in today's landscape (Mauritius - Siddick)
 
Solving Compliance for Big Data
Solving Compliance for Big DataSolving Compliance for Big Data
Solving Compliance for Big Data
 
Tear down this wall PESGB
Tear down this wall PESGBTear down this wall PESGB
Tear down this wall PESGB
 
SIEM evolution
SIEM evolutionSIEM evolution
SIEM evolution
 
Cloud security and cyber security v 3.1
Cloud security and cyber security v 3.1Cloud security and cyber security v 3.1
Cloud security and cyber security v 3.1
 
Cisco Presentation 1
Cisco Presentation 1Cisco Presentation 1
Cisco Presentation 1
 
Zero-Knowledge Proofs: Identity Proofing and Authentication
Zero-Knowledge Proofs: Identity Proofing and AuthenticationZero-Knowledge Proofs: Identity Proofing and Authentication
Zero-Knowledge Proofs: Identity Proofing and Authentication
 
Leveraging the Cloud - Getting the Most Bang for your Buck ( presentation by ...
Leveraging the Cloud - Getting the Most Bang for your Buck ( presentation by ...Leveraging the Cloud - Getting the Most Bang for your Buck ( presentation by ...
Leveraging the Cloud - Getting the Most Bang for your Buck ( presentation by ...
 
Achieving Visibility, Security and Real-Time Actionable Alerts Using VPC Flow...
Achieving Visibility, Security and Real-Time Actionable Alerts Using VPC Flow...Achieving Visibility, Security and Real-Time Actionable Alerts Using VPC Flow...
Achieving Visibility, Security and Real-Time Actionable Alerts Using VPC Flow...
 
PCTY 2012, Cloud security (real life) v. Ulf Feger
PCTY 2012, Cloud security (real life) v. Ulf FegerPCTY 2012, Cloud security (real life) v. Ulf Feger
PCTY 2012, Cloud security (real life) v. Ulf Feger
 
Introduction to Drupal features
Introduction to Drupal featuresIntroduction to Drupal features
Introduction to Drupal features
 
In the social, mobile and cloud era, what does it take to be an Information P...
In the social, mobile and cloud era, what does it take to be an Information P...In the social, mobile and cloud era, what does it take to be an Information P...
In the social, mobile and cloud era, what does it take to be an Information P...
 
Data Breach from the Inside Out
Data Breach from the Inside Out Data Breach from the Inside Out
Data Breach from the Inside Out
 
Alcatel-Lucent Enterprise Forum 2009 Keynote Address
Alcatel-Lucent Enterprise Forum 2009 Keynote AddressAlcatel-Lucent Enterprise Forum 2009 Keynote Address
Alcatel-Lucent Enterprise Forum 2009 Keynote Address
 
AWS Summit Singapore 2019 | Learn How to Achieve Complete Visibility, Strong ...
AWS Summit Singapore 2019 | Learn How to Achieve Complete Visibility, Strong ...AWS Summit Singapore 2019 | Learn How to Achieve Complete Visibility, Strong ...
AWS Summit Singapore 2019 | Learn How to Achieve Complete Visibility, Strong ...
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
 
Building a data network (wired and wireless
Building a data network (wired and wirelessBuilding a data network (wired and wireless
Building a data network (wired and wireless
 
2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar
 
Download It
Download ItDownload It
Download It
 

Más de fcleary

Effectsplus july event report
Effectsplus july event report Effectsplus july event report
Effectsplus july event report fcleary
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meetingfcleary
 
Comifin cluster meeting
Comifin cluster meetingComifin cluster meeting
Comifin cluster meetingfcleary
 
Bic effectplus ws
Bic effectplus wsBic effectplus ws
Bic effectplus wsfcleary
 
Assert4soa 2nd cluster meeting
Assert4soa 2nd cluster meetingAssert4soa 2nd cluster meeting
Assert4soa 2nd cluster meetingfcleary
 
Nessos cluster meeting
Nessos cluster meetingNessos cluster meeting
Nessos cluster meetingfcleary
 
Amsterdam logistics fcleary
Amsterdam logistics fclearyAmsterdam logistics fcleary
Amsterdam logistics fclearyfcleary
 

Más de fcleary (7)

Effectsplus july event report
Effectsplus july event report Effectsplus july event report
Effectsplus july event report
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meeting
 
Comifin cluster meeting
Comifin cluster meetingComifin cluster meeting
Comifin cluster meeting
 
Bic effectplus ws
Bic effectplus wsBic effectplus ws
Bic effectplus ws
 
Assert4soa 2nd cluster meeting
Assert4soa 2nd cluster meetingAssert4soa 2nd cluster meeting
Assert4soa 2nd cluster meeting
 
Nessos cluster meeting
Nessos cluster meetingNessos cluster meeting
Nessos cluster meeting
 
Amsterdam logistics fcleary
Amsterdam logistics fclearyAmsterdam logistics fcleary
Amsterdam logistics fcleary
 

Último

Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Shubhangi Sonawane
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17Celine George
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
An Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdfAn Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdfSanaAli374401
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 

Último (20)

Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
An Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdfAn Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdf
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 

Vis sense cluster meeting

  • 1. Visual Analytic Representation of Large Datasets for Enhancing Network Security James Davey Fraunhofer Institute for Computer Graphics Research IGD Fraunhoferstraße 5 64283 Darmstadt Phone +49 6151 155-655 | Fax -139 james.davey@igd.fraunhofer.de www.igd.fraunhofer.de/igd-a3 www.vis-sense.eu No. 257495
  • 2. VIS-SENSE Organisation Topic: Technology and Tools for Trustworthy ICT (2009.1.4) Grant Agreement: STREP – 257495 Time Frame: 01.10.2010 until 30.09.2013 Budget: 3,32 million euro / 2.35 million euro EU contribution 6 partners from 4 countries: Fraunhofer IGD (Germany) – Coordinator CERTH / ITI (Greece) Institut EURECOM (France) Institut Telecom (France) Symantec Ltd. (Ireland) University of Konstanz (Germany) www.vis-sense.eu No. 257495
  • 3. Root-Cause Analysis Use Case: Root-Cause Analysis Overview over the Internet threat landscape Zooming Out www.vis-sense.eu No. 257495
  • 4. Overview – Zooming Out www.vis-sense.eu No. 257495
  • 5. Overview – Zooming Out www.vis-sense.eu No. 257495
  • 6. Overview – Zooming Out www.vis-sense.eu No. 257495
  • 7. Overview – Zooming Out Features in an interactive map: Our Features: Position, I.P. addresses, Area, Server names, Street hierarchy, Email addresses, Etc. Keyword sets, Distributions, Timestamps, Etc. www.vis-sense.eu No. 257495
  • 8. Overview – Zooming Out Features in an interactive map: Our Features: Grouping is easy and unambiguous Grouping is difficult Grouping is ambiguous We need some definition of distance or similarity Similarity Models www.vis-sense.eu No. 257495
  • 9. The TRIAGE(1) approach Clustering based on Multi-Criteria Decision Analysis (MCDA) Automatic grouping of elements likely to share the same root causes Features Selection Σ Multi-criteria Per feature Multi-Dimensional Aggregation Graph-based representation Clusters (MDC’s) Events (data fusion) 1) Triage (med.): process of prioritizing patients based on the severity of their condition www.vis-sense.eu No. 257495 9 9
  • 10. Definitions Features Entities www.vis-sense.eu No. 257495
  • 11. Similarity – Models for Similarity www.vis-sense.eu No. 257495
  • 12. Per Feature Similarity Example – Real Numbers www.vis-sense.eu No. 257495
  • 13. Grouping with respect to different features www.vis-sense.eu No. 257495
  • 14. Aggregate Similarity Example www.vis-sense.eu No. 257495
  • 15. An example of Rogue AV campaign 750 domains registered over a span of 8 months Domain name /24 network of web server Registrant email www.vis-sense.eu Registration date No. 257495
  • 16. - domain name patterns - use of whois privacy protection services www.vis-sense.eu No. 257495
  • 17. Spam Botnets Inter-relationships Unclassified Rustock Mega-D Cutwail Grum Spam event Subject keywords www.vis-sense.eu No. 257495 Bot name
  • 18. Thanks for Your Attention James Davey Fraunhofer IGD Fraunhoferstraße 5 64283 Darmstadt IGD_Folienvorlage_v2010.10.ppt Tel +49 6151 155 – 655 | Fax – 139 james.davey@igd.fraunhofer.de www.igd.fraunhofer.de/igd-a3 www.vis-sense.eu No. 257495