Towards Smarter Security Analytics for the Internet of People
SpeakerGerard Frankowski
TrackTrack 3 Nautica Room
DescriptionPlaSecurity, privacy and freedom of people are the values that must be protected whenever it is possible but not for the sake of criminals. In the Internet those values are misused by black hats, whose actions in the web cause severe impact on real life. Thus an appropriate countermeasures must be incorporated to protect human being that stands behind all smart devices, computers and things, connected to the network. We need smart security monitoring to protect ourselves and provide tools for legal investigators.
From the NREN perspective, protection of infrastructures for e-science, including grids environments and core facilities, requires the use of novel techniques to collect monitoring data and, what is more import, to conduct analytics allowing successful identification of misbehaviour or security breach and affected parties including people. Integration and efficient processing of data from multiple sensors and systems placed within the infrastructure is a necessity. The complex event processing, SIEM systems or Big Data techniques are our modern weapons in the cyber battlefield.
In this work, we would like to show how the network level information can be combined with user centric data (e.g. authentication logs, mail logs). We will show how the graph model to link all relevant data can be built and stored in NoSQL like graph database and queried in multiple ways using dedicated language (e.g. Cypher or Gremlin).
ceholder
From the NREN perspective, protection of infrastructures for e-science, including grids environments and core facilities, requires the use of novel techniques to collect monitoring data and, what is more import, to conduct analytics allowing successful identification of misbehaviour or security breach and affected parties including people. Integration and efficient processing of data from multiple sensors and systems placed within the infrastructure is a necessity. The complex event processing, SIEM systems or Big Data techniques are our modern weapons in the cyber battlefield.
In this work, we would like to show how the network level information can be combined with user centric data (e.g. authentication logs, mail logs). We will show how the graph model to link all relevant data can be built and stored in NoSQL like graph database and queried in multiple ways using dedicated language (e.g. Cypher or Gremlin).
ceholder
Presentation documents
All talks
- A Hybrid Cloud for Norwegian HE
- A Virtual Global Infrastructure - Maximising infrastructure investment.
- Advances in the Global Network Architecture
- Benefits of student driven ISPs
- Building an Identity Federation using OpenID Connect
- Building an NREN without a Network
- Building an open HSM - The cryptech.is Project
- Building low-cost measurement infrastructure with perfSONAR
- CBF-ring in Northern Sweden, Finland and Norway
- Can we bridge the gap between average and peak loads in science networks?
- Certificate Transparency
- CodeRefinery: teaching scientists in modern software development
- Cost and benefit of NREN Cyber Risk Compliance
- DDoS Attacks on Research and Education: Stopping, Tracing and Prosecuting the Culprits
- Dynamic network provisioning over the NSI-enabled infrastructures: feedback and lessons learned from the FELIX project
- ESnet's Software Journey - From Networks to Visualization
- EUDAT – the pan-European Collaborative Data Infrastructure.
- EduKEEP: Towards a User-Centric Identity Management Model
- Emerging Software Defined Network Exchanges (SDXs)
- Forget SDN controllers, think Configuration Management
- Future Architecture of Federations
- GEANT Community Delivering Copernicus Mission Data
- Gaming e-Infrastructures to improve Interfederation Readiness
- Glenna: The Nordic Cloud Project
- Global Networks for High Energy Physics and Data Intensive Sciences: Past, Present and Future
- GÉANT Network Evolution: moving to a Software Defined Network
- Improving eduroam and WLAN in general
- InfiniCortex and InfiniCloud : a distributed way to exascale
- Information Security Management at DeiC
- Information Security Management at UNINETT
- Invitation to NDN2018
- Key management from the trenches and why you want an open HSM
- Make Security Great (Again)!
- Networking the Square Kilometre Array
- Nordic Media Group Report: Leveraging Media Services in the 21st Century
- Old data. Digital research infrastructure and archaeological data
- On Carrots and Sticks: Moving from Exams to Drills with Cryptocurrency Rewards
- Our new lecture capture setup
- Performance Monitoring of DWDM-links
- Pervasive Monitoring, 3 Years In
- Releasing Attributes for Science! - Why does this seem so difficult?
- SNIC Science Cloud (SSC): A National Cloud Infrastructure for Swedish Research
- Science DMZ's in the Philippines
- Scientific applications on an OpenStack cloud
- Securing the Internet
- Share, steward and reuse research data - European Open Science Cloud
- Software Defined Wavelengths: maximize photonic infrastructure usage and secure services
- Somewhere in the cloud is not enough
- SunetC – a story about fiber
- Supporting Student Mobility is impossible if we don't recognize our students
- The Changing NREN Landscape
- The Global Research Platform (GRP)
- The GÉANT SIG-ISM Group
- The LMS is dead, long live the digital learning platform
- The Networking Grand Challenge: Can We Rise to It?
- The role of YANG in network programming (for fun and profit)
- Three FUAS-universities of applied Sciences using Kaltura-service together in Finland
- Towards Smarter Security Analytics for the Internet of People
- UNINETT Certified Infrastructure Room
- Welcome
- What is an UnConference? How does it work?
- ePouta - A Cloud Platform for Sensitive Data