hands on case study applying dynamic network analysis to
play

Hands on Case Study: Applying Dynamic Network Analysis to Temporal - PDF document

Jan 25, 2023 •106 likes •259 views

<Your Name> Hands on Case Study: Applying Dynamic Network Analysis to Temporal Netflow Data Geoffrey Dobson gdobson@andrew.cmu.edu June 2020 Center for Computational Analysis of Social and Organizational Systems

  1. <Your Name> Hands on Case Study: Applying Dynamic Network Analysis to Temporal Netflow Data Geoffrey Dobson gdobson@andrew.cmu.edu June 2020 Center for Computational Analysis of Social and Organizational Systems http://www.casos.cs.cmu.edu/ Overview • Graduate • Apply for jobs • Land a new job • Get direction from your customer • Do your job (the hands on part) Geoffrey Dobson 2 1

  2. <Your Name> Graduate Ph.D. Geoffrey Dobson 3 Apply for a job This job sounds perfect! Geoffrey Dobson 4 2

  3. <Your Name> Land a new job Company BAE Systems Job Title Senior Researcher, Network Science Workcenter Cyber Situational Awareness Cell Job Apply network science techniques and Description expertise to the Cyber Situational Awareness Cell of a multibillion dollar international corporation Source: Rutgers.edu Geoffrey Dobson 5 Get direction from your customer “We have thousands of computers connected all over the world, and we know all about them…but we don’t know how the network is behaving !!!.....HELP!” Source: Youtube Geoffrey Dobson 6 3

  4. <Your Name> Do your job Source: Temple.edu Geoffrey Dobson 7 Do your job • Collect Netflow data • Conduct Dynamic Network Analysis • Gain better Cyber Situational Awareness Geoffrey Dobson 8 4

  5. <Your Name> NETFLOW FLOW RECORDS Geoffrey Dobson 9 SiLK Geoffrey Dobson 10 5

  6. <Your Name> SiLK Geoffrey Dobson 11 Collect Netflow Data 1. Go Data -> net flow data Geoffrey Dobson 12 6

  7. <Your Name> Collect Netflow Data 2. Create New Folder on Desktop called “Unzipped” 3. Go to Data drive and right click on each zip file, and extract to Unzipped Folder Geoffrey Dobson 13 Collect Netflow Data 4. Open Import Wizard and select Table of network links Geoffrey Dobson 14 7

  8. <Your Name> Collect Netflow Data 5. Name the Meta Network Geoffrey Dobson 15 Collect Netflow Data 6. Browse to files Geoffrey Dobson 16 8

  9. <Your Name> Collect Netflow Data 7. Configure input data Geoffrey Dobson 17 Collect Netflow Data 8. Uncheck “Create a dynamic meta-network..” and Finish Geoffrey Dobson 18 9

  10. <Your Name> Understand your data • Describe your network data: – Undirected single mode network – Agent by Agent meta network – Bipartite graph – Flow records per day? • ~200,000 – Links per day? • ~ 130,000 – Nodes per day? • ~ 22,000 Geoffrey Dobson 19 Perform Dynamic Network Analysis 1. Create a dynamic meta-network Geoffrey Dobson 20 10

  11. <Your Name> Perform Dynamic Network Analysis 2. Fill in Date field Geoffrey Dobson 21 Perform Dynamic Network Analysis 3. Click Measure Charts Geoffrey Dobson 22 11

  12. <Your Name> Perform Dynamic Network Analysis 4. Select the Dynamic Meta Network Geoffrey Dobson 23 Perform Dynamic Network Analysis 5. Select Custom: Density and Network Centralization, Total Degree, Click Run Geoffrey Dobson 24 12

  13. <Your Name> Perform Dynamic Network Analysis 6. Add Measure, then view various results Geoffrey Dobson 25 Perform Dynamic Network Analysis 6. continued Geoffrey Dobson 26 13

  14. <Your Name> Gain Cyber SA • What could huge increase in Total Degree Centralization mean? • Malicious Scanning? • Cyber Attack? • Systems connecting to external update server? Geoffrey Dobson 27 More Analysis? • Keep library of known nodes and compare against? • Other measures that could provide better SA? – Weighted density? – In degree centralization on nodes inside the network? • Could identify targeted attacks • Periodicity? Days of the week, etc Geoffrey Dobson 28 14

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Objectives Case Study Background &amp; Data Text as a Network Refresher Hands on

Objectives Case Study Background &amp; Data Text as a Network Refresher Hands on

&lt;Your Name&gt; Text as a Network: Analysis of COVID-19 related Tweets J.D. Moffitt jdmoffit@cs.cmu.edu CASOS Center, Institute for Software Research Carnegie Mellon University CASOS Summer Institute 2020 Center for Computational Analysis

316 views • 10 slides
Applying Ontology in Network Analysis EWG-DSS Research Collaboration Network EWG-DSS Collab-Net

Applying Ontology in Network Analysis EWG-DSS Research Collaboration Network EWG-DSS Collab-Net

Applying Ontology in Network Analysis EWG-DSS Research Collaboration Network EWG-DSS Collab-Net V.2 EURO XXV - Vilnius, July 2012 Applying Ontology in the Analysis of a Research Collaboration Network Applying Ontology in Network Analysis

519 views • 27 slides
Hands-On Network Security: Practical Tools &amp; Methods Security Training Course Dr. Charles J.

Hands-On Network Security: Practical Tools &amp; Methods Security Training Course Dr. Charles J.

Hands-On Network Security: Practical Tools &amp; Methods Security Training Course Dr. Charles J. Antonelli The University of Michigan 2012 Hands-On Network Security Module 6 Firewalls &amp; VPNs Topics Firewall Fundamentals Case

881 views • 51 slides
Topological Analysis and Visualisation of Network Monitoring Data: Darknet case study Marc

Topological Analysis and Visualisation of Network Monitoring Data: Darknet case study Marc

Topological Analysis and Visualisation of Network Monitoring Data: Darknet case study Marc Coudriau 1 , 2 , Abdelkader Lahmadi 3 , cois 2 J er ome Fran 1 ENS Ulm, Paris, France 2 Inria Nancy Grand Est, Vill` ers-les-Nancy, France 3

564 views • 25 slides
Self Supply Dynamic Mapping A Case Study of Zambia Koji KUMAMARU PhD Research Scholar WEDC

Self Supply Dynamic Mapping A Case Study of Zambia Koji KUMAMARU PhD Research Scholar WEDC

Self Supply Dynamic Mapping A Case Study of Zambia Koji KUMAMARU PhD Research Scholar WEDC (Water, Engineering and Development Centre) 6 th International Rural Water Supply Network Forum : Kampala, Uganda : 29 th Nov-1 st Dec 2011 Conclusion

792 views • 9 slides
Applying Case-Based Reasoning to Spatial- temporal Analysis of Residential Burglary Crime

Applying Case-Based Reasoning to Spatial- temporal Analysis of Residential Burglary Crime

Applying Case-Based Reasoning to Spatial- temporal Analysis of Residential Burglary Crime Investigation: A Cloud Service Prototype Sheng-Ming Wang, PhD Graduate Institute of Interactive Media Design, National Taipei University of Technology,

537 views • 18 slides
Selection of cases Important questions Major problems 1. Applying quasi-statistical thinking

Selection of cases Important questions Major problems 1. Applying quasi-statistical thinking

Jochen Glser Selection of cases Important questions Major problems 1. Applying quasi-statistical thinking Why do we study cases? 2. Ignoring case analysis when selecting cases 3. Confounding empirical object What is a case? and

132 views • 9 slides
Case study 2 Case study 2 Case study 2 Case study 2 Former Industrial Site, London: How has

Case study 2 Case study 2 Case study 2 Case study 2 Former Industrial Site, London: How has

Case study 2 Case study 2 Case study 2 Case study 2 Former Industrial Site, London: How has innovation helped to produce a cost effective remedial design? Challenging contaminant profile Taken a traditional / well understood remedial

910 views • 4 slides
Analysis Analysis of Analysis Analysis of of a Real Case Study : of a Real Case Study : a

Analysis Analysis of Analysis Analysis of of a Real Case Study : of a Real Case Study : a

Analysis Analysis of Analysis Analysis of of a Real Case Study : of a Real Case Study : a Real Case Study : a Real Case Study : the the WORKPAD Project WORKPAD Project j Introduction Introduction d Requirements Engineering

1.18k views • 89 slides
Applying Technology to Streamline the FEMA Flood Map Appeals Process: A Case Study Samara

Applying Technology to Streamline the FEMA Flood Map Appeals Process: A Case Study Samara

Applying Technology to Streamline the FEMA Flood Map Appeals Process: A Case Study Samara Ebinger, CFM, Dewberry FEMAs Appeal Process Required as part of National Flood Insurance Program (NFIP) regulations Flood hazard information

306 views • 15 slides
Case Studies in Dynamic Network Models: (Xu and Hero, 2013) (Sarkar and Moore, 2005) Alex Loewi

Case Studies in Dynamic Network Models: (Xu and Hero, 2013) (Sarkar and Moore, 2005) Alex Loewi

Case Studies in Dynamic Network Models: (Xu and Hero, 2013) (Sarkar and Moore, 2005) Alex Loewi February 25, 2014 Introduction Dynamic Models (Commonalities) Latent Space Models Static LSM Refresher Dynamic LSMs The Basis of an Extension

812 views • 25 slides
projet prioritizing applying Visual PROMETHEE Case study from Nepal Rana Pratap Singh BOKU,

projet prioritizing applying Visual PROMETHEE Case study from Nepal Rana Pratap Singh BOKU,

Developing hydro power decision aid on projet prioritizing applying Visual PROMETHEE Case study from Nepal Rana Pratap Singh BOKU, Vienna Organization of the Presentation: Introduction Country context Objective of the research

598 views • 21 slides
Applying Social Network Analysis to the Information in CVS Repositories Luis L opez-Fern

Applying Social Network Analysis to the Information in CVS Repositories Luis L opez-Fern

Applying Social Network Analysis to the Information in CVS Repositories Luis L opez-Fern andez, Gregorio Robles, Jes us M. Gonz alez Barahona, GSyC, Universidad Rey Juan Carlos, Madrid, Spain { llopez,grex,jgb } @gsyc.escet.urjc.es

340 views • 18 slides
Lecture 7/Chapter 6 Getting the Big Picture Applying 7 Guidelines to Jet Lag Study

Lecture 7/Chapter 6 Getting the Big Picture Applying 7 Guidelines to Jet Lag Study

Lecture 7/Chapter 6 Getting the Big Picture Applying 7 Guidelines to Jet Lag Study Applying 7 Guidelines to Breastmilk Study Seven Guidelines for Systematic Evaluation Step 1: Determine if study was sample survey, experiment, obs study,

127 views • 12 slides
Voting Network: A Case Study of Digg 1 Y I N G W U Z H U S E A T T L E U N I V E R S I T Y E M

Voting Network: A Case Study of Digg 1 Y I N G W U Z H U S E A T T L E U N I V E R S I T Y E M

Measurement and Analysis of an Online Content Voting Network: A Case Study of Digg 1 Y I N G W U Z H U S E A T T L E U N I V E R S I T Y E M A I L : Z H U Y @ S E A T T L E U . E D U WWW2010 What are online content voting networks? 2

603 views • 32 slides
Other packages for plotting graphs Edmund Hart Instructor DataCamp Network Analysis in R: Case

Other packages for plotting graphs Edmund Hart Instructor DataCamp Network Analysis in R: Case

DataCamp Network Analysis in R: Case Studies NETWORK ANALYSIS IN R : CASE STUDIES Other packages for plotting graphs Edmund Hart Instructor DataCamp Network Analysis in R: Case Studies Generating data to plot library(ggnetwork)

374 views • 36 slides
Franklin County- Ending the HIV Epidemic Advisory Committee April 30, 2020 Tara Britton

Franklin County- Ending the HIV Epidemic Advisory Committee April 30, 2020 Tara Britton

Franklin County- Ending the HIV Epidemic Advisory Committee April 30, 2020 Tara Britton Director of Public Policy and Advocacy Three Counties in Ohio are working on plans to End the Epidemic Community Solutions Scope of Work 1 Develop a

346 views • 10 slides
SITUATIONAL AWARENESS AND EVENT ANALYSIS March 16, 2010 David Andrejcak Office of Electric

SITUATIONAL AWARENESS AND EVENT ANALYSIS March 16, 2010 David Andrejcak Office of Electric

SITUATIONAL AWARENESS AND EVENT ANALYSIS March 16, 2010 David Andrejcak Office of Electric Reliability Division of Bulk Pow er System Analysis August 14 th , 2003 Reliability Authority to FERC through EPACT 05 Office of

561 views • 6 slides
The Journey Home GENESIS 31 - 33 Opening Thoughts We encounter larger blocks of narrative

The Journey Home GENESIS 31 - 33 Opening Thoughts We encounter larger blocks of narrative

The Journey Home GENESIS 31 - 33 Opening Thoughts We encounter larger blocks of narrative recording single events The exodus from Haran gets a chapter, and The reunion with Esau gets two chapters There are many implications from these

381 views • 16 slides
Coupling of ITCZ/Monsoons to ocean circulation (John Marshall, MIT) Hadley Cells Subtropical

Coupling of ITCZ/Monsoons to ocean circulation (John Marshall, MIT) Hadley Cells Subtropical

Coupling of ITCZ/Monsoons to ocean circulation (John Marshall, MIT) Hadley Cells Subtropical Cells STCs 1. Climatological position of the ITCZ is north of the equator because of cross-equatorial ocean heat transport. 2. ITCZ migrations are

615 views • 32 slides
Learning Collaborative (TALC) FY19 Quarter 3 Meeting May 15, 2019 Housekeeping All lines

Learning Collaborative (TALC) FY19 Quarter 3 Meeting May 15, 2019 Housekeeping All lines

Transition to Adulthood Learning Collaborative (TALC) FY19 Quarter 3 Meeting May 15, 2019 Housekeeping All lines are in listen only mode To speak, click the raise hand icon and well unmute your line If your computer does not have

1.09k views • 54 slides
January 18, Week 1 Today: Chapter 2, Position and Average Velocity Homework Assignment #1 - Due

January 18, Week 1 Today: Chapter 2, Position and Average Velocity Homework Assignment #1 - Due

January 18, Week 1 Today: Chapter 2, Position and Average Velocity Homework Assignment #1 - Due Today Mastering Physics: 9 Introductory Questions About Mastering Physics. Written Question: None Homework Assignment #2 - Due January 25 Mastering

960 views • 78 slides
Drasil: From generating code to generating software Jacques Carette, Spencer Smith, Dan Szymczak

Drasil: From generating code to generating software Jacques Carette, Spencer Smith, Dan Szymczak

Drasil: From generating code to generating software Jacques Carette, Spencer Smith, Dan Szymczak and Steven Palmer McMaster University WG 2.11, August 2016 Meeting Context software certification Context software (re)certification Context

647 views • 29 slides
Exercise 1: Basic Input Exercise 1: Basic Input FLUKA Beginners Course Exercise 1: Basic Input

Exercise 1: Basic Input Exercise 1: Basic Input FLUKA Beginners Course Exercise 1: Basic Input

Exercise 1: Basic Input Exercise 1: Basic Input FLUKA Beginners Course Exercise 1: Basic Input Aim of the exercise: 1- Familiarize with different input file format 2- Familiarize with FLUKA output file (.out) 2 Exercise 1: Basic Input

432 views • 4 slides

More recommend