MongoDB, ANTS, and the IC

554 views
456 views

Published on

The story of ANTS, an organic network traffic generation tool; a unique problem space and opportunity, and the use of MongoDB as a key part of the solution.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
554
On SlideShare
0
From Embeds
0
Number of Embeds
66
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

MongoDB, ANTS, and the IC

  1. 1. MongoDB, ANTS, and the IC A Technological Love Story
  2. 2. Overview• The State of the Cyber World• The Intelligence Community (IC), Challenges, and the Mongo solution• An Idea• ANTS - A Product• Moving Forward
  3. 3. Current State of the Cyber World"...During the past year, there have been 200attacks on core critical infrastructures in thetransportation, energy, and communicationindustries reported to the Department ofHomeland Security..."- Sen. Susan Collins, R-Maine, and rankingmember of the Senate Homeland Security andGovernmental Affairs Committee.
  4. 4. Current State Continued...Over the next few years, hackers will become moresophisticated, said Charles Croom, vice presidentof cyber security solutions at Lockheed MartinInformation Systems & Global Solutions. Thisdoesn’t necessarily mean that the technologies arebecoming more advanced — even the mostsophisticated threats often use knownvulnerabilities and malware, Croom said — but theadversaries have become more effective. -National Defense Magazine
  5. 5. Current State Continued...• Cyber threats get personal ✴ Mobile Malware ✴ Medical Identity Theft ✴ Ransom Malware ✴ Hacktivism
  6. 6. The IC Mission Primary Mission: "...to collect and convey the essentialinformation the President and members of policymaking, law enforcement, and military communities require to execute their appointed duties." (intelligence.gov)
  7. 7. Mission, Continued...• Members of the IC: ✴ Collect and Assess intel on ✦ International Terrorists ✦ Narcotics activities ✦ Hostile Activities: ✤ Foreign powers, organizations, persons, and their agents ✤ Foreign intelligence directed against US
  8. 8. Our Challenges• Data is BIG• Data is unstructured• Data is constantly evolving and changing• Technologies are evolving and changing
  9. 9. The Social NetworkAll generating data!All communicating data!The data is sensitive!
  10. 10. Scale of the ICHighly distributed!All collecting data!All enhancing data!All transforming data!All sharing data!
  11. 11. Evolve to Adapt• How do we keep up with the Data Explosion and the need to bring something to market tomorrow?• How can we react quickly by adapting to evolving data and threats?• Useful data gets the most attention, how can we make it more accessible? MongoDB is a Perfect Fit!
  12. 12. Why Mongo in the IC?• Distributed and scalable• Easy to stand up• Deals well with unstructured data• Technology stack friendly• Cheap and accessible! We love MONGO
  13. 13. The Birth of an Idea• Network Traffic Generation: ✴ Not a PCAP hose ✴ Organic generation ✴ Scripted Actions for organized and planned activity ✴ Interactivity
  14. 14. Top Level Design
  15. 15. Retrospective• Needs? ✴Stability ✴Quick time to market ✴Flexible data model ✴Scalable infrastructure• Options?
  16. 16. RDBMS vs MongoDBSQL RDBMS Solutions MongoDBSchema is rigid, inflexible, Fits very well for volatilehigh maintenance dataLearning curve of the Simple to implement andrelational model and design easy to useDifficult to scale out with Easy to scale out, automatichigh availability sharding, distributing data over multiple nodes, with high availabilityHigh cost of proprietary Low cost, open sourcehardware and software software, commodity based hardwareCauses major interruptions Rapid development cyclesto rapid development cycles AND programmer friendly
  17. 17. Why Mongo for our Product?• Minimal cost for capability coverage• Plays nicely with other technologies• Standalone stable• Short learning curve• Quick time to market/rapid prototyping
  18. 18. How ANTS benefits from Mongo• Currently supported actions: ✴ HTTP GET’s & POST’s ✴ Chat Send & Response ✴ Email Send & Response• Where does MongoDB fit in? ✴ Enables easy evolution ✴ Addition of new action types ✴ Future friendly
  19. 19. Success• Four (4) successful version updates in the six (6) months!• Recently got buy in for our 2.0 expansions and GUI facelift from current client• Expanding into new spaces with new clients• Our current client is VERY happy
  20. 20. ANTS 2.0!• Two major components ✴ Action scheduling feature ✴ Upgraded GUI• Opportunity to learn from client feedback and improve on multiple levels
  21. 21. New Features• Advanced Scheduling Features• Google Calendar-like feel and scheduling• Timeline view• Intuitive workflow• Seamless integration
  22. 22. Month View
  23. 23. Week View
  24. 24. Day View
  25. 25. Timeline!
  26. 26. Updated User Experience• Web 2.0 look and feel• User workflow streamlined• Additional enhancements based on client feedback
  27. 27. Welcome
  28. 28. Your Dashboard
  29. 29. Your Actors
  30. 30. Your Scripts
  31. 31. For the Author
  32. 32. Future of ANTS• Actors: ✴ Dynamic and automated creation ✴ easily scalable• Actions ✴ SIP/VOIP ✴ Email attachments and execution ✴ Social Network interaction• Scripts ✴ Auto-generated scripts based on Actors, Actions, and duration
  33. 33. Match Made in Heaven• Mongo really has everything we needed: ✴ Quick time to market ✴ How long to develop your initial prototype ✴ Learning curve and developer ease of use ✴ Stack flexible ✴ Data flexible ✴ Stability
  34. 34. Questions?

×