Big data - Intelligence Driven Security,  Roy Katmor
Upcoming SlideShare
Loading in...5
×
 

Big data - Intelligence Driven Security, Roy Katmor

on

  • 608 views

Big Data, September 15th, 2013

Big Data, September 15th, 2013

Statistics

Views

Total Views
608
Slideshare-icon Views on SlideShare
608
Embed Views
0

Actions

Likes
0
Downloads
8
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Big data - Intelligence Driven Security,  Roy Katmor Big data - Intelligence Driven Security, Roy Katmor Presentation Transcript

    • Big Data & Intelligence Driven Security Concept Presentation
    • Introduction to Big Data ©2013 AKAMAI | FASTER FORWARDTMAkamai Confidential ©2012 AkamaiFaster ForwardTM
    • Big Data - Introduction High volume, velocity and variety information assets that demand cost- effective, innovative and reliable forms of information processing for enhanced insight and decision making ©2013 AKAMAI | FASTER FORWARDTM 3 insight and decision making
    • Big Data – Introduction Cont. • Variety – Big data is any type of data: structured and unstructured data such as text, sensor data, audio, video, click streams, log files and more. New insights are found when analyzing these data types together • Volume – Enterprises are awash with ever-growing data of all ©2013 AKAMAI | FASTER FORWARDTM 4 • Volume – Enterprises are awash with ever-growing data of all types, easily amassing terabytes even petabytes of information • Velocity – For time-sensitive processes such as catching fraud, big data must be used as it streams into your enterprise in order to maximize its value
    • Security Trends & Challenges ©2013 AKAMAI | FASTER FORWARDTMAkamai Confidential ©2012 AkamaiFaster ForwardTM
    • Security Trends & Challenges Up to date organizations confront unprecedented security risks arising mainly from: 1. Mobility, and the “consumerization” of enterprise IT dissolves network boundaries ©2013 AKAMAI | FASTER FORWARDTM 6
    • Security Trends & Challenges – Mobility, and IT “consumerization” ©2013 AKAMAI | FASTER FORWARDTM 7
    • Security Trends & Challenges Cont. 2. Highly skilled, sophisticated, non signature targeted cyber attacks ©2013 AKAMAI | FASTER FORWARDTM 8
    • Security Trends & Challenges Cont. The dissolution of traditional defensive perimeters coupled with attackers ability to ©2013 AKAMAI | FASTER FORWARDTM 9 perimeters coupled with attackers ability to circumvent traditional security systems requires organizations to reinvent their security approach
    • Big Data & Intelligence Driven Security ©2013 AKAMAI | FASTER FORWARDTMAkamai Confidential ©2012 AkamaiFaster ForwardTM
    • Big Data & Intelligence Driven Security Big Data fuels intelligence driven security – • Big data encompasses the breadth of sources and the information depth needed to: 1) Assess risks 2) Detect illicit activities and advanced cyber threats 3) Allow advanced predictive capabilities and automated RT controls ©2013 AKAMAI | FASTER FORWARDTM 11 3) Allow advanced predictive capabilities and automated RT controls 4) Serve cyber incident response & investigation services 5) Deliver compliance
    • Big Data & Intelligence Driven Security – What & How ©2013 AKAMAI | FASTER FORWARDTM 12
    • Big Data & Intelligence Driven Security Use Case ©2013 AKAMAI | FASTER FORWARDTMAkamai Confidential ©2012 AkamaiFaster ForwardTM
    • Use case – Web User Identity & Big Data The Goal – • Verify web customer identity The Process – • Generate, maintain and store a precise continuously evaluated digital fingerprint of every web customer, based on behavioral monitoring combined with other "biometrics" measurements ©2013 AKAMAI | FASTER FORWARDTM 14 monitoring combined with other "biometrics" measurements The Means – • Ongoing active & passive user activity data feeds • 3rd party intelligence (reputation, fraud etc.) • Big data platform
    • Use case – Web User Identity & Big Data Processed Data Big Data – Store & Process User Profiles Common Profiles Preconfigured Data Rules Preconfigured Data Rules Correlation Preconfigured Users Profile Correlation Rules Access Patterns Location Patterns Device Patterns Activity Patterns Access Patterns Location Patterns Device Patterns Activity Patterns Preconfigured Deviation Rules ©2013 AKAMAI | FASTER FORWARDTM 15 Data Feeds 15 Extracted Data Internal Feeds External FeedsDNS Log Data Web Server Data Mobile Operators Data 3rd Party/ MSSPs Data 3rd Party Fraud Data 3rd Party Reputation Data Activity Time Geo Location Device Fingerprint Source IP & NW Host ID Fraud Rank Reputation Rank Correlation Rules Activity Type
    • Criteria Data Access Weekly; Sun 2pm- 3pm Location (IP range) US, CA (2.71.2.1) Device Device: iPad; Sys: CPU OS 3_2_1 like Mac OS X; Platfrom: AppleWebKit/531.21.10 Browser: Safari Activity Main (R) Criteria Data Access Weekly; Sun 2pm- 3pm Location (IP range) US, CA (2.71.2.1) Device Device: iPad; Sys: CPU OS 3_2_1 like Mac OS X; Platfrom: AppleWebKit/531.21.10 Browser: Safari Activity Main (R) Criteria Data Access Weekly; Sat Criteria Data Access Weekly; Sat Criteria Data Access Weekly; Sun 2pm- 3pm Location (IP range) US, CA (2.71.2.1) Device Device: iPad; Sys: CPU OS 3_2_1 like Mac OS X; Platfrom: AppleWebKit/531.21.10 Browser: Safari Activity Main Web User Identity & Big Data Use case – Cont. Customers User Profiles Criteria Data Access Weekly; Sat Common Profiles ©2013 AKAMAI | FASTER FORWARDTM 16 Criteria Data Access Days: Sun 2-3pm, Mon 8-9am Location (IP range) US, MA (18.1.1.3; 18.1.2.3) Device Device: Mobile T-Mobile 3G; Sys: Linux; Platfrom: Android 2.3.4 AppleWebKit/533.1 Activity Main ProductA ProductB… Criteria Data Access Days: Sun 2-3pm, Mon 8-9am Location (IP range) US, MA (18.1.1.3; 18.1.2.3) Device Device: Mobile T-Mobile 3G; Sys: Linux; Platfrom: Android 2.3.4 AppleWebKit/533.1 Activity Main ProductA ProductB… Access Weekly; Sat 10am-11am Location (IP range) US, TX (34.1.1.1) Device Device: PC, Mobile; Sys: Win8, iOS5.01, 32bit , 64bit proc; Platfrom: AppleWebKit/537.36 Activity Main Login Cart Checkout Access Weekly; Sat 10am-11am Location (IP range) US, TX (34.1.1.1) Device Device: PC, Mobile; Sys: Win8, iOS5.01, 32bit , 64bit proc; Platfrom: AppleWebKit/537.36 Activity Main Login Cart Checkout Access Weekly; Sat 10am-11am Location (IP range) US, TX (34.1.1.1) Device Device: PC, Mobile; Sys: Win8, iOS5.01, 32bit , 64bit proc; Platfrom: AppleWebKit/537.36 Activity Main Login Cart Checkout Criteria Data Access Days: Sun 2-3pm, Mon 8-9am Location (IP range) US, MA (18.1.1.3; 18.1.2.3) Device Device: Mobile T-Mobile 3G; Sys: Linux; Platfrom: Android 2.3.4 AppleWebKit/533.1 Activity Main ProductA ProductB…
    • From Big Data to Big Insights – Best Practice Guidelines ©2013 AKAMAI | FASTER FORWARDTMAkamai Confidential ©2012 AkamaiFaster ForwardTM
    • From Big Data to Big Insights – Best Practice Guidelines 1) Define your objectives 2) Understand the potential data feeds needed to meet the objectives 3) Understand the process needed to obtain, format correctly, clean and standardize 4) Assess the platform and infrastructure needed to obtain, process, manage and use the data 5) Start small ©2013 AKAMAI | FASTER FORWARDTM 18 5) Start small 6) Assure data is safe and private 7) Be transparent about data practices
    • Thank You ©2013 AKAMAI | FASTER FORWARDTMAkamai Confidential ©2012 AkamaiFaster ForwardTM