toward real time network wide cyber situational awareness
play

Toward Real-time Network-wide Cyber Situational Awareness - PowerPoint PPT Presentation

Jan 16, 2024 •45 likes •145 views

Toward Real-time Network-wide Cyber Situational Awareness Mini-conference NOMS 2018, April 27, 2018, Taipei, Taiwan Tomas Jirsik, Pavel Celeda Institute of Computer Science & Faculty of Informatics, Masaryk University, Czech Republic

  1. Toward Real-time Network-wide Cyber Situational Awareness Mini-conference NOMS 2018, April 27, 2018, Taipei, Taiwan Tomas Jirsik, Pavel Celeda Institute of Computer Science & Faculty of Informatics, Masaryk University, Czech Republic

  2. Cyber Situational Awareness Network-wide Cyber Situational Awareness Perception of the elements in the computer network within a volume of time and space, the comprehension of their meaning and the projection of their status in the near future. (Endsley 1998) Specifics § Cyber environment – no borders, scale free § Perception – only by sensors § Performance – small resources to harm, huge resources to protect § Attackers – takes the advantage Mini-conference NOMS 2018. Toward Real-time Network-wide Cyber Situational Awareness 2 Tomas Jirsik, Pavel Celeda, Masaryk University, Brno

  3. Cyber Situational Awareness Mini-conference NOMS 2018. Toward Real-time Network-wide Cyber Situational Awareness 3 Tomas Jirsik, Pavel Celeda, Masaryk University, Brno

  4. Motivation Data overload, meaning underload § An operator is overwhelmed with a raw data § Big data in computer networks Reaction speed § Automated attacking tools vs human defender § Speed of events § Speed of processing Heterogeneous Tools § Various tools for different network data § Both for data collection, analysis and visualization § Performance is the issue Mini-conference NOMS 2018. Toward Real-time Network-wide Cyber Situational Awareness 4 Tomas Jirsik, Pavel Celeda, Masaryk University, Brno

  5. Requirements Performance § A framework should be able to process and analyze large volumes of the data at high speeds . Universality § A framework should be able to gather and process data from various data sources . Context § A framework should be able to offer complete information including context relevant to the information instead overwhelming a user with a flood of raw data. Dynamic Level of Detail § A framework should be able to provide a dynamic level of detail both in time and information domain . Reaction Time § A framework should minimize the tim e needed for analysis to increase the speed of reaction. Mini-conference NOMS 2018. Toward Real-time Network-wide Cyber Situational Awareness 5 Tomas Jirsik, Pavel Celeda, Masaryk University, Brno

  6. Framework for Real-Time Cyber Situational Awareness Mini-conference NOMS 2018. Toward Real-time Network-wide Cyber Situational Awareness 6 Tomas Jirsik, Pavel Celeda, Masaryk University, Brno

  7. Stream4Flow: Prototype Implementation Mini-conference NOMS 2018. Toward Real-time Network-wide Cyber Situational Awareness 7 Tomas Jirsik, Pavel Celeda, Masaryk University, Brno

  8. Stream4Flow: Prototype Implementation Mini-conference NOMS 2018. Toward Real-time Network-wide Cyber Situational Awareness 8 Tomas Jirsik, Pavel Celeda, Masaryk University, Brno

  9. Discussion Performance Context § Scalability and throughput § Universality and performance enables context § Data streams § Correlation of events § Distributed computing Reaction Time Universality § On-the-fly processing § Normalization § Data Message Bus Further Remarks § High granularity modifies data Dynamic Level of Detail § Deduplication § High granularity in orders of seconds § Map-reduce principle for host monitoring Mini-conference NOMS 2018. Toward Real-time Network-wide Cyber Situational Awareness 9 Tomas Jirsik, Pavel Celeda, Masaryk University, Brno

  10. QUESTIONS? THANKS FOR YOUR ATTENTION! https://csirt.muni.cz Tomas Jirsik @csirtmu jirsik@ics.muni.cz

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Presentation Outline Bulk Power System Reliability Components NERC ACE-Frequency for

Presentation Outline Bulk Power System Reliability Components NERC ACE-Frequency for

C onsortium for DOE E lectric Situational R eliability Awareness for Resources T echnology Adequacy S olutions DOE Situational Awareness Application Using NERC Resources Adequacy Wide-Area Real Time Monitoring Application Presented by

741 views • 8 slides
Nationwide Cyber Situational Awareness Framework for Critical In Infrastructures Hayretdin

Nationwide Cyber Situational Awareness Framework for Critical In Infrastructures Hayretdin

A A Conceptual Nationwide Cyber Situational Awareness Framework for Critical In Infrastructures Hayretdin Bahi , Olaf Manuel Maennel Centre For Digital Forensics and Cyber Security Tallinn University of Technology Evolvement of Cyber

470 views • 13 slides
CRUSOE: DATA MODEL FOR CYBER SITUATIONAL AWARENESS Tuesday 28 th August, 2018 Martin Husk Jana

CRUSOE: DATA MODEL FOR CYBER SITUATIONAL AWARENESS Tuesday 28 th August, 2018 Martin Husk Jana

CRUSOE: DATA MODEL FOR CYBER SITUATIONAL AWARENESS Tuesday 28 th August, 2018 Martin Husk Jana Komrkov Martin Latovika Daniel Tovark Introduction and Motivation CRUSOE Data Model Page 2 / 23 Cyber Situational Awareness

561 views • 23 slides
Can we leverage network monitoring to build comprehensive situational awareness of our

Can we leverage network monitoring to build comprehensive situational awareness of our

Can we leverage network monitoring to build comprehensive situational awareness of our operating environments in a way that scales well? How could such an awareness allow us to find anomalous and malicious behavior? God I hope so. If

215 views • 7 slides
Developing Systems for Cyber Situational Awareness* James Okolica, J. Todd McDonald, Gilbert L.

Developing Systems for Cyber Situational Awareness* James Okolica, J. Todd McDonald, Gilbert L.

Air Force Institute of Technology Develop America's Airmen Today ... for Tomorrow Developing Systems for Cyber Situational Awareness* James Okolica, J. Todd McDonald, Gilbert L. Peterson, Robert F. Mills, and Michael W. Haas Center for

355 views • 19 slides
Situational Awareness Leveraging Versant JPA for Big Data Situation Awareness Applications

Situational Awareness Leveraging Versant JPA for Big Data Situation Awareness Applications

Situational Awareness Leveraging Versant JPA for Big Data Situation Awareness Applications Matthew Barker, Director Prof. Services Versant Corporation Situational Awareness Defined Agenda Short SA Video Big Data and Situational

545 views • 21 slides
Situational Awareness: Terrain Reasoning for Tactical Shooter A.I Situational Awareness The

Situational Awareness: Terrain Reasoning for Tactical Shooter A.I Situational Awareness The

Situational Awareness: Terrain Reasoning for Tactical Shooter A.I Situational Awareness The capability of an A.I. agent to reason is limited by the data its sensor's can acquire about the world The representation of the data we use to

537 views • 31 slides
Proactive Risk Management through Improved Situational Awareness https://protective-h2020.eu/

Proactive Risk Management through Improved Situational Awareness https://protective-h2020.eu/

Proactive Risk Management through Improved Situational Awareness https://protective-h2020.eu/ PROTECTIVE is a H2020 funded Innovation Action to evolve cyber alert flow processing , namely: correlation, prioritisation, analysis,

962 views • 40 slides
Automated Reasoning for Situational Awareness Peter Baumgartner, Alexander Krumpholz Supply

Automated Reasoning for Situational Awareness Peter Baumgartner, Alexander Krumpholz Supply

Automated Reasoning for Situational Awareness Peter Baumgartner, Alexander Krumpholz Supply Chain Integrity Digital Mission www.data61.csiro.au Situational Awareness - Systems of Interest Factory Floor - Are the operations carried out

1.24k views • 87 slides
NVIDIA ECS March 19, 2015 1 How does 3D help humans? CFIT Loss of Situational Awareness

NVIDIA ECS March 19, 2015 1 How does 3D help humans? CFIT Loss of Situational Awareness

Better Decisions in Moments of Truth with DTI 3D NVIDIA ECS March 19, 2015 1 How does 3D help humans? CFIT Loss of Situational Awareness Situational Awareness Perceive Comprehend Project Decide Act {"45752bf": [3958177,

347 views • 16 slides
and Devices in a Network AIMS CONFERENCE 13. 7. 2017 Martin Latovika lastovicka@ics.muni.cz

and Devices in a Network AIMS CONFERENCE 13. 7. 2017 Martin Latovika lastovicka@ics.muni.cz

Situational Awareness: Detecting Critical Dependencies and Devices in a Network AIMS CONFERENCE 13. 7. 2017 Martin Latovika lastovicka@ics.muni.cz 1 Situational Awareness The knowledge and understanding of the current situation. 2 3

441 views • 17 slides
Fieldbus : : Fieldbus Industrial Network Industrial Network Real Time Network Real Time

Fieldbus : : Fieldbus Industrial Network Industrial Network Real Time Network Real Time

Fieldbus : : Fieldbus Industrial Network Industrial Network Real Time Network Real Time Network Jean-Pierre Thomesse Institut National Polytechnique de Lorraine Nancy, France ETR 2005 - Fieldbus - Industrial Network - Real Time Network

1.4k views • 71 slides
Real-time Network Intrusion Detection System with Supporting Cyber Security Regulations for

Real-time Network Intrusion Detection System with Supporting Cyber Security Regulations for

Transactions of the Korean Nuclear Society Virtual Spring Meeting July 9-10, 2020 Real-time Network Intrusion Detection System with Supporting Cyber Security Regulations for Nuclear Power Plants Jae-Hee Roh a , Seok-Ki Lee a , Choul-Woong Son

362 views • 4 slides
Situational Awareness Jeff Hughes Bryan Ladds Dave Hamilton Special Guest A Complete and

Situational Awareness Jeff Hughes Bryan Ladds Dave Hamilton Special Guest A Complete and

Situational Awareness Jeff Hughes Bryan Ladds Dave Hamilton Special Guest A Complete and Integrated System Supporting Emergency Management Operations Maintain Conduct Manage Situational Damage Public Awareness Assessment Information

839 views • 41 slides
Visualization & Situational Awareness Demonstrations Project Presentation for EPIC Symposium

Visualization & Situational Awareness Demonstrations Project Presentation for EPIC Symposium

Visualization & Situational Awareness Demonstrations Project Presentation for EPIC Symposium December 1, 2016 Sacramento, CA Confidential Draft - For Internal Use Only 1 Visualization and Situational Awareness Demonstrations Aksel

289 views • 16 slides
AI-enabled Real-time Situational Understanding at the Tactical Edge ARO Adversarial ML Workshop

AI-enabled Real-time Situational Understanding at the Tactical Edge ARO Adversarial ML Workshop

APPROVED FOR PUBLIC RELEASE UNCLASSIFIED AI-enabled Real-time Situational Understanding at the Tactical Edge ARO Adversarial ML Workshop 14 September 2017 Tien Pham, PhD Senior Campaign Scientist Information Sciences Campaign The Nations

393 views • 26 slides
REAL TIME WEATHER RADAR DATA PROCESSING FOR URBAN HYDROLOGY IN NANCY FAURE Dominique,

REAL TIME WEATHER RADAR DATA PROCESSING FOR URBAN HYDROLOGY IN NANCY FAURE Dominique,

Presented to XXII General Assembly of the EGS, 21-25 April 1997, Vienna/Austria. Publicised in Physics and Chemistry of the Earth (B), Vol. 24, No 8, pp.909-914, 1999 REAL TIME WEATHER RADAR DATA PROCESSING FOR URBAN HYDROLOGY IN NANCY FAURE

216 views • 6 slides
Real Time Video Data Mining for Surveillance Video Streams JungHwan Oh, JeongKyu Lee, and

Real Time Video Data Mining for Surveillance Video Streams JungHwan Oh, JeongKyu Lee, and

Real Time Video Data Mining for Surveillance Video Streams JungHwan Oh, JeongKyu Lee, and Sanjaykumar Kote Department of Computer Science and Engineering University of Texas at Arlington Arlington, TX 76019-0015 U. S. A. e-mail: { oh, jelee,

503 views • 12 slides
Hoboken Citywide Parking Master Plan 1 st Public Workshop June 11, 2014 Todays Agenda Open

Hoboken Citywide Parking Master Plan 1 st Public Workshop June 11, 2014 Todays Agenda Open

Hoboken Citywide Parking Master Plan 1 st Public Workshop June 11, 2014 Todays Agenda Open House 6:30-7:00 Presentation 7:00-7:30 - Why are we here today? - What is the Hoboken Citywide Parking Master Plan? - What do we know so far? -

672 views • 35 slides
Demand Response Availability Data System (DADS): Phase I and II John Moura NERC Staff

Demand Response Availability Data System (DADS): Phase I and II John Moura NERC Staff

Demand Response Availability Data System (DADS): Phase I and II John Moura NERC Staff Presentation Goals Provide an overview of the on-going efforts at NERC to collect historical performance data on demand response Introduce the Demand

607 views • 27 slides
The Equilibrium Real Rate in Advanced Economies: Boston Federal Reserve Conference: What Are the

The Equilibrium Real Rate in Advanced Economies: Boston Federal Reserve Conference: What Are the

The Equilibrium Real Rate in Advanced Economies: Boston Federal Reserve Conference: What Are the Consequences of Long Spells of Low Interest Rates? September 8, 2018 Lawrence H. Summers Now Vs November 2013 Sources: BEA, Bloomberg, Federal

371 views • 9 slides
Capitol Hill Cohousing A proposal for contextually sensitive, community supporting, adaptive

Capitol Hill Cohousing A proposal for contextually sensitive, community supporting, adaptive

Century Associates / Eco Housing Corporation / Keystar Real Estate Capitol Hill Cohousing A proposal for contextually sensitive, community supporting, adaptive reuse at the Eastern Branch Boys & Girls Club Who we are The Project Team

544 views • 33 slides
Ehsan Choudhri Distinguished Research Professor Carleton University ehsan.choudhri@carleton.ca

Ehsan Choudhri Distinguished Research Professor Carleton University ehsan.choudhri@carleton.ca

Monetary Policy in Pakistan: The Role of Foreign Exchange and Credit Markets Ehsan Choudhri Distinguished Research Professor Carleton University ehsan.choudhri@carleton.ca and Hamza Ali Malik Director, Monetary Policy Department State Bank

248 views • 22 slides
CBRE GROUP, INC. INVESTOR OVERVIEW June 2019 Forward-Looking Statements This presentation

CBRE GROUP, INC. INVESTOR OVERVIEW June 2019 Forward-Looking Statements This presentation

CBRE GROUP, INC. INVESTOR OVERVIEW June 2019 Forward-Looking Statements This presentation contains statements that are forward looking within the meaning of the Private Securities Litigation Reform Act of 1995. These include statements

722 views • 51 slides

More recommend