wars of the wars of the wars of the wars of the wars of
play

WARS OF THE WARS OF THE WARS OF THE WARS OF THE WARS OF THE WARS - PowerPoint PPT Presentation

Aug 23, 2023 •164 likes •1.15k views

WARS OF THE WARS OF THE WARS OF THE WARS OF THE WARS OF THE WARS OF THE WARS OF THE WARS OF THE WARS OF THE WARS OF THE WARS OF THE WARS OF THE MACHINES MACHINES MACHINES MACHINES MACHINES MACHINES MACHINES MACHINES MACHINES

  1. WARS OF THE WARS OF THE WARS OF THE WARS OF THE WARS OF THE WARS OF THE WARS OF THE WARS OF THE WARS OF THE WARS OF THE WARS OF THE WARS OF THE MACHINES MACHINES MACHINES MACHINES MACHINES MACHINES MACHINES MACHINES MACHINES MACHINES MACHINES MACHINES BUILD YOUR OWN SEEK AND DESTROY ROBOT

  2. WHO AM I ? Senior Security Researcher @ digital.security Definitely not a ML expert / data scien�st Love learning new things !

  3. INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION

  4. MACHINE LEARNING IS COOL !

  5. LOOKS AWESOME !

  6. DEEPFAKES !

  7. I'M GOING TO LEARN ML That's a challenge for me I have no clue what I'm doing Nevermind, I'll learn (as usual)

  8. MY LITTLE PROJECT

  9. MY LITTLE PROJECT I need to start small

  10. MY LITTLE PROJECT I need to start small I need something that will give some results shortly

  11. MY LITTLE PROJECT I need to start small I need something that will give some results shortly Something related to IoT security , indeed

  12. MY LITTLE PROJECT I need to start small I need something that will give some results shortly Something related to IoT security , indeed A tool that gives a big picture about IoT ?

  13. DESIRED FEATURES

  14. DESIRED FEATURES Scans and collect device info from HTTP services on known ports

  15. DESIRED FEATURES Scans and collect device info from HTTP services on known ports Automa�cally classifies these devices

  16. DESIRED FEATURES Scans and collect device info from HTTP services on known ports Automa�cally classifies these devices Provides an overview of customer-premises devices available on the Internet

  17. DESIRED FEATURES Scans and collect device info from HTTP services on known ports Automa�cally classifies these devices Provides an overview of customer-premises devices available on the Internet Can be used to create targeted a�acks !

  18. PREVIOUS RESEARCH All Things Considered: An Analysis of IoT Devices on Home Networks - USENIX 2019, Kumar & Al. ProfilIoT: A Machine Learning Approach for IoT Device Iden�fica�on Based on Network Traffic Analysis - Yair Medan & Al.

  19. BUT HOW IS IT DONE ?

  20. BUT HOW IS IT DONE ? HOW ?? HOW ?? HOW ?? HOW ?? HOW ?? HOW ?? HOW ?? HOW ?? HOW ?? HOW ?? HOW ?? HOW ??

  21. MACHINE LEARNING MACHINE LEARNING MACHINE LEARNING MACHINE LEARNING MACHINE LEARNING MACHINE LEARNING MACHINE LEARNING MACHINE LEARNING MACHINE LEARNING MACHINE LEARNING MACHINE LEARNING MACHINE LEARNING FOR FOR DUMMIES DUMMIES HACKERS DUMMIES HACKERS HACKERS FOR FOR DUMMIES DUMMIES HACKERS HACKERS FOR FOR FOR DUMMIES DUMMIES DUMMIES HACKERS HACKERS HACKERS FOR DUMMIES HACKERS FOR FOR DUMMIES DUMMIES HACKERS HACKERS FOR DUMMIES HACKERS FOR

  22. HOW CAN A MACHINE LEARN ?

  23. HOW CAN A MACHINE LEARN ? THE SAME WAY OUR BRAIN LEARNS.

  24. HOW CAN A MACHINE LEARN ? THE SAME WAY OUR BRAIN LEARNS. (THANKS CAPT'N OBVIOUS...)

  25. TRAIN AND PREDICT Train a machine to do a precise task (e.g. answer "is there a cat in this image ?" ) Ask the trained machine to answer the same ques�on on random images This is called supervised learning

  26. THE PERCEPTRON

  27. TRAIN AND PREDICT

  28. CLASSIFY Ask a machine to sort a set of images (e.g. group them by cats, dogs, etc.) The machine will find similari�es between these images and group them This is called unsupervised learning

  29. EXAMPLE We want to sort a set of data about vehicles Describe each vehicle number of wheels number of seats Let the machine do the rest !

  30. CLASSIFY

  31. K-MEANS CLUSTERING

  32. K-MEANS CLUSTERING Number of centroids (K) is set at the beginning If K is too low , groups will contain mul�ple subgroups If K is too high , groups will be spread among mul�ple centroids

  33. OTHER ALGORITHMS (WE WON'T COVER) Fuzzy C-means : similar to K-means but data points are weighted Hierarchical Clustering

  34. SUPERVISED VS. UNSUPERVISED Supervised learning is for training Two datasets required Training dataset needs associated results set Unsupervised learning finds rela�onships in chao�c data

  35. SUPERVISED VS. UNSUPERVISED Supervised learning is a simple and effec�ve method Unsupervised learning is more complex and subject to errors

  36. DATASETS DATASETS DATASETS DATASETS DATASETS DATASETS DATASETS DATASETS DATASETS DATASETS DATASETS DATASETS

  37. DATASETS Datasets ma�er : if not correctly created, could lead to errors Datasets may be biased Spli�ng a dataset in two for training and tes�ng is not that easy

  38. FEATURE VECTOR feature : a measurable characteris�c of our input data feature vector : a N-dimension vector containing features

  39. HOW TO TURN DATA INTO A FEATURE VECTOR ?

  40. COLLECTING AND COLLECTING AND COLLECTING AND COLLECTING AND COLLECTING AND COLLECTING AND COLLECTING AND COLLECTING AND COLLECTING AND COLLECTING AND COLLECTING AND COLLECTING AND CONVERTING DATA CONVERTING DATA CONVERTING DATA CONVERTING DATA CONVERTING DATA CONVERTING DATA CONVERTING DATA CONVERTING DATA CONVERTING DATA CONVERTING DATA CONVERTING DATA CONVERTING DATA

  41. SCANNING Scan the Internet for well-known HTTP ports Collect valuable data Turn every collected page into a feature vector

  42. CREATING OUR DATASET HTTP headers HTTP body Web page screenshot

  43. USING REQUESTS TO SCRAPE DATA # Query page result = requests.get( 'http://%s:%d/' % ( self .ip_address, self . port ), timeout =1.0 ) headers = json.dumps(dict(result.headers)) body = result.text # Report target self .report_target( self .ip_address, self . port , headers, body )

  44. CHROMIUM + SELENIUM # Configure Chromium self .chrome_options = Options() self .chrome_options.add_argument("--headless") self .chrome_options.binary_location = '/usr/bin/chromium' self .driver = webdriver.Chrome( chrome_options= self .chrome_options ) self .driver.set_page_load_timeout(30) self .driver.fullscreen_window() # ... # Save screenshot self .driver.save_screenshot(dest)

  45. ANARCHY IN THE EU

  46. RESULTS $ sqlite3 targets.db SQLite version 3.27.2 2019-02-25 16:06:06 Enter ".help" for usage hints. sqlite> select count(*) from targets; 4901

  47. RESULTS

  48. HOW TO MEASURE A WEB PAGE

  49. HOW TO MEASURE A WEB PAGE content length : usually the same / device

  50. HOW TO MEASURE A WEB PAGE content length : usually the same / device number of headers

  51. HOW TO MEASURE A WEB PAGE content length : usually the same / device number of headers number of scripts , images and other tags

  52. HOW TO MEASURE A WEB PAGE (BADASS MODE) Levenshtein distance to a reference page DOM tree structure fla�ening combined with Levenshtein distance Normalized page text size

  53. LEVENSHTEIN DISTANCE (FTR) Measures the difference between two strings Gives a posi�ve integer value The bigger the value, the bigger the difference

  54. CREATING THE CREATING THE CREATING THE CREATING THE CREATING THE CREATING THE CREATING THE CREATING THE CREATING THE CREATING THE CREATING THE CREATING THE AUTOMATIC CLASSIFIER AUTOMATIC CLASSIFIER AUTOMATIC CLASSIFIER AUTOMATIC CLASSIFIER AUTOMATIC CLASSIFIER AUTOMATIC CLASSIFIER AUTOMATIC CLASSIFIER AUTOMATIC CLASSIFIER AUTOMATIC CLASSIFIER AUTOMATIC CLASSIFIER AUTOMATIC CLASSIFIER AUTOMATIC CLASSIFIER

  55. SCIKIT-LEARN Python-based Machine Learning framework Built on NumPy , SciPy and matplotlib Implements major ML algorithms

  56. RECORDS TO DATASET import pandas as pd def create_dataset_from_records (records): """ Create a ML dataset from a list of records """ lst = [ record_to_values(r) for r in records] return pd.DataFrame(lst, columns =[ 'headers','metas','scripts','images','bodysize' ])

  57. IMPLEMENTING K-MEANS from sklearn.cluster import KMeans from sklearn import datasets #... def classify (records): # create a dataset from our DB records dataset = create_dataset_from_records(records) # classify model = KMeans(n_clusters=OPT_CLUSTERS) model.fit(dataset) # return result return model.labels_

  58. NUMBER OF CENTROIDS MATTERS

  59. BADASS FEATURE VECTOR

  60. BASIC FEATURE VECTOR

  61. BADASS IS NOT THE BEST 😮 Levenshtein distance : two pages with same distance are not always iden�cal DOM tree structure : a lot of devices rely on the same page structure (login) Normalized page size : Most of iden�cal devices have same content length

  62. BEST RESULTS 🤰 500 centroids Content length Number of various tags ( img , meta , script ) Number of HTTP headers 4767|213.183.189.11|80|6|1|0|0|120|0.0|0

  63. ADDING METADATA ADDING METADATA ADDING METADATA ADDING METADATA ADDING METADATA ADDING METADATA ADDING METADATA ADDING METADATA ADDING METADATA ADDING METADATA ADDING METADATA ADDING METADATA

  64. METADATA MAY HELP Metada can be useful for searches : category : NAS, wireless router, etc. vendor product name/series What if we were able to automa�cally determine (at least) the category ?

  65. ML-BASED METADATA Supervised learning : this is the way. We need a reference dataset with verified metadata Let's add metadata to our classified targets !

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Trade Wars or Territorial Wars - The next global battle Trade Wars or Territorial Wars - The Next

Trade Wars or Territorial Wars - The next global battle Trade Wars or Territorial Wars - The Next

Trade Wars or Territorial Wars - The next global battle Trade Wars or Territorial Wars - The Next Global Battle The traditional understanding about the term WAR is that it involves a situation where there is state of armed conflict between

672 views • 18 slides
Tar Wars 2 What is Tar Wars? A tobacco-free education program for 4th- and 5th-grade

Tar Wars 2 What is Tar Wars? A tobacco-free education program for 4th- and 5th-grade

Tar Wars 2 What is Tar Wars? A tobacco-free education program for 4th- and 5th-grade students A way to learn interesting facts on staying healthy An interactive and fun curriculum Abby Tennessee 2014 Poster 3 Whats in a

1k views • 30 slides
Herodotus and the Persian Wars Herodotus and the Persian Wars Herodotus is the first true

Herodotus and the Persian Wars Herodotus and the Persian Wars Herodotus is the first true

Herodotus and the Persian Wars Herodotus and the Persian Wars Herodotus is the first true historian known in Western Civilization he lived during the Classical Age of Greece (the fifth century BCE) Herodotus and the Persian Wars

439 views • 28 slides
GOLD GOLD WARS WARS A Golden Renaissance A Tribute to Ferdinand Lips (1931 2005) WHAT ARE

GOLD GOLD WARS WARS A Golden Renaissance A Tribute to Ferdinand Lips (1931 2005) WHAT ARE

THE THE GOLD GOLD WARS WARS A Golden Renaissance A Tribute to Ferdinand Lips (1931 2005) WHAT ARE GOLD WARS? Gold Wars are between governments and gold. This ultimately restricts the constitutional rights of the people. Gold is the

522 views • 41 slides
Class Wars/Culture Wars 1 st March 2012 Who makes chavs? Sue Christoforou

Class Wars/Culture Wars 1 st March 2012 Who makes chavs? Sue Christoforou

Class Wars/Culture Wars 1 st March 2012 Who makes chavs? Sue Christoforou www.equalitytrust.org.uk Causes of disadvantage V Professor Sir Michael Marmot, internationally acclaimed epidemiologist Income inequality is not just about material

676 views • 23 slides
PART III Trading Partners The Americas and the Caribbean Basin CHAPTER 10 THE US AND WARS

PART III Trading Partners The Americas and the Caribbean Basin CHAPTER 10 THE US AND WARS

PART III Trading Partners The Americas and the Caribbean Basin CHAPTER 10 THE US AND WARS List of wars involving the United States http://en.wikipedia.org/wiki/List_of_wars_invol ving_the_United_States Americas wars: U.S.

720 views • 19 slides
Classicism The Classical Moment The Persian Wars 490 Marathon - Darius invades

Classicism The Classical Moment The Persian Wars 490 Marathon - Darius invades

Clst 181SK Ancient Greece and the Origins of Western Culture Classicism The Classical Moment The Persian Wars 490 Marathon - Darius invades Greece The Persian Wars Xerxes - Invasion of Greece, 480-479 BCE The Persian Wars Delian

366 views • 22 slides
A long time ago in a galaxy far, far away. System Wars I Not ot done e or best fo forgo

A long time ago in a galaxy far, far away. System Wars I Not ot done e or best fo forgo

A long time ago in a galaxy far, far away. System Wars I Not ot done e or best fo forgo gott tten en (like e anot other er prequel) uel) System Wars II Gravity ity 3 ve vessel l vs 3 ve vessel l HERMS MS vs Brew ew in a Bag

396 views • 15 slides
4440 Trade Wars II 4198 Brexit II 4189 Trade Wars I 3593 Brexit I 1904 EDAR 2019 1504

4440 Trade Wars II 4198 Brexit II 4189 Trade Wars I 3593 Brexit I 1904 EDAR 2019 1504

7343 WIR 2019 4440 Trade Wars II 4198 Brexit II 4189 Trade Wars I 3593 Brexit I 1904 EDAR 2019 1504 TDR 2018 971 TIR 2018 934 RMT 2018 488 IER 2017 302 LDCR 2018 0 1000 2000 3000 4000 5000 6000 7000 8000 Source:

847 views • 30 slides
What Is the Elder Fraud Industry? 1 Kirkman Elder Fraud Wars 7/17/2020 Foreign Sweepstakes

What Is the Elder Fraud Industry? 1 Kirkman Elder Fraud Wars 7/17/2020 Foreign Sweepstakes

Kirkman Elder Fraud Wars 7/17/2020 (Courtesy Chapel Hill CROP Walk Facebook Page) What Is the Elder Fraud Industry? 1 Kirkman Elder Fraud Wars 7/17/2020 Foreign Sweepstakes (Spain, Jamaica, UK, Russia, Grandparent Scams Moldova,

397 views • 11 slides
OLIGOPOLY DYNAMICS: COLLUSION AND PRICE WARS Overview Context: Firms interact over time

OLIGOPOLY DYNAMICS: COLLUSION AND PRICE WARS Overview Context: Firms interact over time

OLIGOPOLY DYNAMICS: COLLUSION AND PRICE WARS Overview Context: Firms interact over time possibly using history-dependent strategies Concepts: repeated games, grim strategies, collusion, price wars Economic principle: repetition

375 views • 26 slides
Star Wars CSEE 4840 Embedded Systems Design Fang Fang(ff2317) Jiaxuan Shang(js4361) Xiao

Star Wars CSEE 4840 Embedded Systems Design Fang Fang(ff2317) Jiaxuan Shang(js4361) Xiao

Star Wars CSEE 4840 Embedded Systems Design Fang Fang(ff2317) Jiaxuan Shang(js4361) Xiao Xiao(xx2180) Zhenyu Zhu(zz2281) Columbia University Spring 2014 Overview of the project Inspired by the classic game Geometry Wars Various

367 views • 15 slides
US ST AR WARS MI SSI L E DE F E NSE SYST E M Jim No lto n 14 Se pt 2017 NOT E

US ST AR WARS MI SSI L E DE F E NSE SYST E M Jim No lto n 14 Se pt 2017 NOT E

US ST AR WARS MI SSI L E DE F E NSE SYST E M Jim No lto n 14 Se pt 2017 NOT E : T HI S PRE SE NT AT I ON I S UNCL ASSI F I E D UNCL ASSI F I E D ST AR WARS Do yo u re me mb e r the re fe re nc e to

347 views • 16 slides
US involvement in Mid-East wars: How can it end? The US has been in a state of perpetual war in

US involvement in Mid-East wars: How can it end? The US has been in a state of perpetual war in

US involvement in Mid-East wars: How can it end? The US has been in a state of perpetual war in the Middle East since 1991. Most of the presidential candidates in both major parties support continuing the perpetual war. Some would expand it to

450 views • 18 slides
Richard M. Nixon 1) How to raise a fucked-up kid 2) Fighting Wars for Fun and Profit 3)

Richard M. Nixon 1) How to raise a fucked-up kid 2) Fighting Wars for Fun and Profit 3)

Lessons From the Life of Richard M. Nixon 1) How to raise a fucked-up kid 2) Fighting Wars for Fun and Profit 3) Red-Baiting for dummies 4) Dogs are cute 5) Makeup is important on TV Image not licensed - Removed for internet distribution

413 views • 18 slides
The following remarks are from presentation through piling layer upon layer of wars, by Reverend

The following remarks are from presentation through piling layer upon layer of wars, by Reverend

The following remarks are from presentation through piling layer upon layer of wars, by Reverend Alex Awad at the Kairos Puget massacres, bloodshed, ethnic cleansing, Sound Coalition 2019 annual conference. political manipulations and pain.

236 views • 10 slides
Large scale structure: Phenomenology The halo model: Theory Halo abundances, clustering,

Large scale structure: Phenomenology The halo model: Theory Halo abundances, clustering,

Large scale structure: Phenomenology The halo model: Theory Halo abundances, clustering, profiles In practice: HOD, CLF, SHAM (Assembly bias) Luminous Not luminous Zehavi et al. 2010 (SDSS) blue red Zehavi et al. 2010 (SDSS)

804 views • 45 slides
Tizen Devices! Arron Wang Payment Overview Traditional Payment Cash Paper Cheque

Tizen Devices! Arron Wang Payment Overview Traditional Payment Cash Paper Cheque

Its Time to Replace Your Wallet with Mobile Tizen Devices! Arron Wang Payment Overview Traditional Payment Cash Paper Cheque Debit/Credit card Online transaction 3 Mobile Payment SMS based transaction

632 views • 20 slides
Discontinuous Feedback in Nonlinear Control: Stabilization Under Disturbances and Optimization

Discontinuous Feedback in Nonlinear Control: Stabilization Under Disturbances and Optimization

Discontinuous Feedback in Nonlinear Control: Stabilization Under Disturbances and Optimization Yuri S. Ledyaev Western Michigan University ledyaev@wmich.edu +1-(269)-387-4557 DIMACS Workshop on Perspectives and Future Directions in

1.22k views • 119 slides
Geometry of the conjugacy problem Andrew Sale Vanderbilt University May 14, 2015 Andrew Sale

Geometry of the conjugacy problem Andrew Sale Vanderbilt University May 14, 2015 Andrew Sale

Geometry of the conjugacy problem Andrew Sale Vanderbilt University May 14, 2015 Andrew Sale Geometry of the conjugacy problem For a group G , we define two functions: Andrew Sale Geometry of the conjugacy problem For a group G , we define

612 views • 35 slides
Accelerating Random Forests in Scikit-Learn Gilles Louppe Universit e de Li` ege, Belgium

Accelerating Random Forests in Scikit-Learn Gilles Louppe Universit e de Li` ege, Belgium

Accelerating Random Forests in Scikit-Learn Gilles Louppe Universit e de Li` ege, Belgium August 29, 2014 1 / 26 Motivation ... and many more applications ! 2 / 26 About Scikit-Learn Machine learning library for Python scikit

599 views • 31 slides
SPiCE Workshop: Team Ping! Flexible State-Merging with Python 10th October 2016 Chris

SPiCE Workshop: Team Ping! Flexible State-Merging with Python 10th October 2016 Chris

SPiCE Workshop: Team Ping! Flexible State-Merging with Python 10th October 2016 Chris Hammerschmidt, firstname.lastname@uni.lu Interdisciplinary Centre for Security, Reliability and Trust University of Luxembourg Context for our Participation

1k views • 36 slides
Lake Como School for Advanced Studies Computational Methods for Inverse Problems and Applications

Lake Como School for Advanced Studies Computational Methods for Inverse Problems and Applications

Lake Como School for Advanced Studies Computational Methods for Inverse Problems and Applications in Image Processing SVD Filters James Nagy Emory University Atlanta, GA USA SVD Filters James Nagy Review: TSVD Regularization Suppose A = U

531 views • 21 slides
Introductory Scientific Computing with Python Exercises FOSSEE Department of Aerospace

Introductory Scientific Computing with Python Exercises FOSSEE Department of Aerospace

Introductory Scientific Computing with Python Exercises FOSSEE Department of Aerospace Engineering IIT Bombay Mumbai, India FOSSEE (FOSSEE IIT Bombay) Exercises 1 / 21 Problem 1 Example code In []: l, t = loadtxt(pendulum.txt,

389 views • 22 slides

More recommend