The document discusses how MongoDB is well-suited to meet the challenges of the Intelligence Community (IC) in collecting and analyzing large amounts of data. It describes how ANTS, a product for generating simulated network traffic, was developed using MongoDB due to its scalability, flexibility, ease of use, and ability to support rapid prototyping. The document outlines upcoming new features for ANTS, including advanced scheduling capabilities and an improved user interface, and how MongoDB enables the continued evolution of ANTS.
2. Overview
• The State of the Cyber World
• The Intelligence Community (IC),
Challenges, and the Mongo solution
• An Idea
• ANTS - A Product
• Moving Forward
3. Current State of the
Cyber World
"...During the past year, there have been 200
attacks on core critical infrastructures in the
transportation, energy, and communication
industries reported to the Department of
Homeland Security..."
- Sen. Susan Collins, R-Maine, and ranking
member of the Senate Homeland Security and
Governmental Affairs Committee.
4. Current State
Continued...
Over the next few years, hackers will become more
sophisticated, said Charles Croom, vice president
of cyber security solutions at Lockheed Martin
Information Systems & Global Solutions. This
doesn’t necessarily mean that the technologies are
becoming more advanced — even the most
sophisticated threats often use known
vulnerabilities and malware, Croom said — but the
adversaries have become more effective.
-National Defense Magazine
5. Current State
Continued...
• Cyber threats get personal
✴ Mobile Malware
✴ Medical Identity Theft
✴ Ransom Malware
✴ Hacktivism
6. The IC Mission
Primary Mission: "...to collect and convey the essential
information the President and members of policymaking,
law enforcement, and military communities require to
execute their appointed duties." (intelligence.gov)
7. Mission, Continued...
• Members of the IC:
✴ Collect and Assess intel on
✦ International Terrorists
✦ Narcotics activities
✦ Hostile Activities:
✤ Foreign powers, organizations, persons, and
their agents
✤ Foreign intelligence directed against US
8. Our Challenges
• Data is BIG
• Data is unstructured
• Data is constantly evolving and
changing
• Technologies are evolving and changing
10. Scale of the IC
Highly distributed!
All collecting data!
All enhancing data!
All transforming data!
All sharing data!
11. Evolve to Adapt
• How do we keep up with the Data
Explosion and the need to bring something
to market tomorrow?
• How can we react quickly by adapting to
evolving data and threats?
• Useful data gets the most attention, how
can we make it more accessible?
MongoDB is a Perfect Fit!
12. Why Mongo in the IC?
• Distributed and scalable
• Easy to stand up
• Deals well with unstructured data
• Technology stack friendly
• Cheap and accessible!
We love MONGO
13. The Birth of an Idea
• Network Traffic Generation:
✴ Not a PCAP hose
✴ Organic generation
✴ Scripted Actions for organized and
planned activity
✴ Interactivity
17. RDBMS vs MongoDB
SQL RDBMS Solutions MongoDB
Schema is rigid, inflexible, Fits very well for volatile
high maintenance data
Learning curve of the Simple to implement and
relational model and design easy to use
Difficult to scale out with Easy to scale out, automatic
high availability sharding, distributing data
over multiple nodes, with
high availability
High cost of proprietary Low cost, open source
hardware and software software, commodity based
hardware
Causes major interruptions Rapid development cycles
to rapid development cycles AND programmer friendly
18. Why Mongo for our
Product?
• Minimal cost for capability coverage
• Plays nicely with other technologies
• Standalone stable
• Short learning curve
• Quick time to market/rapid prototyping
19. How ANTS benefits
from Mongo
• Currently supported actions:
✴ HTTP GET’s & POST’s
✴ Chat Send & Response
✴ Email Send & Response
• Where does MongoDB fit in?
✴ Enables easy evolution
✴ Addition of new action types
✴ Future friendly
20. Success
• Four (4) successful version updates in the
six (6) months!
• Recently got buy in for our 2.0 expansions
and GUI facelift from current client
• Expanding into new spaces with new clients
• Our current client is VERY happy
21. ANTS 2.0!
• Two major components
✴ Action scheduling feature
✴ Upgraded GUI
• Opportunity to learn from client feedback
and improve on multiple levels
22. New Features
• Advanced Scheduling Features
• Google Calendar-like feel and scheduling
• Timeline view
• Intuitive workflow
• Seamless integration
33. Future of ANTS
• Actors:
✴ Dynamic and automated creation
✴ easily scalable
• Actions
✴ SIP/VOIP
✴ Email attachments and execution
✴ Social Network interaction
• Scripts
✴ Auto-generated scripts based on Actors, Actions, and duration
34. Match Made in Heaven
• Mongo really has everything we needed:
✴ Quick time to market
✴ How long to develop your initial prototype
✴ Learning curve and developer ease of use
✴ Stack flexible
✴ Data flexible
✴ Stability