Beta Presentation Detecting Security Threats from User Patterns - - PowerPoint PPT Presentation

From Students… …to Professionals

The Capstone Experience

Beta Presentation Detecting Security Threats from User Patterns

Department of Computer Science and Engineering Michigan State University Spring 2018

Team Symantec

Stephen Alfa Keerthana Kolisetty Robert Novak Abby Urbanski Xiaoyu Wu

Project Overview

• The goal of the project is to provide VIP

customers a Splunk add-on and an ELK application on an AWS AMI to visualize various

• perational and security trend information

present in log data and analyze it in near real- time

• Both applications should alert users when

suspicious or malicious activity is detected

The Capstone Experience Team Symantec Beta Presentation 2

System Architecture

The Capstone Experience Team Symantec Beta Presentation 3

Splunk: Operation Trends Dashboard

The Capstone Experience Team Symantec Beta Presentation 4

Splunk: Risk Analysis Dashboard

The Capstone Experience Team Symantec Beta Presentation 5

Splunk: Geolocation Dashboard

The Capstone Experience Team Symantec Beta Presentation 6

ELK: Operational Oveview Dashboard

The Capstone Experience Team Symantec Beta Presentation 7

ELK: Operational User Analysis Dashboard

The Capstone Experience Team Symantec Beta Presentation 8

ELK: Geolocation Dashboard

The Capstone Experience Team Symantec Beta Presentation 9

What’s left to do?

• Adding any additional pre-built panels
• Clean up Splunk UI
• Packaging the applications

The Capstone Experience Team Symantec Beta Presentation 10

Questions?

The Capstone Experience Team Symantec Beta Presentation 11

? ? ? ? ? ? ? ? ?