SlideShare a Scribd company logo
1 of 42
Download to read offline
Copyright © 2018 CyberSecurity MalaysiaCopyright © 2018 CyberSecurity Malaysia
Dr.AA (Dr.Aswami Ariffin)
SVP & Digital Forensics Scientist
Cyber Security Responsive Services
CyberSecurity Malaysia
aswami@cybersecurity.my
CyberI3 System -
Intelligence, Incidence & Investigation Based Big
Data Technology
Copyright © 2018 CyberSecurity Malaysia
1. Cyber Threat Landscape
Copyright © 2018 CyberSecurity Malaysia
,090,77721
68.1% population
Copyright © 2018 CyberSecurity Malaysia
Copyright © 2018 CyberSecurity Malaysia
INTEL chipset bug
Copyright © 2018 CyberSecurity Malaysia
2. CyberFIC – Forensics
Intelligence Center
Copyright © 2018 CyberSecurity Malaysia
#ITUCyberSecurityStudy
{Technical, CapacityBuilding, Cooperation, Legal,
Organizational}
Copyright © 2018 CyberSecurity Malaysia
CyberFIT
Copyright © 2018 CyberSecurity Malaysia
#CyberDefenceWarRoom
{ChainOfCustody, Command, Trust}
Copyright © 2018 CyberSecurity Malaysia
CyberACT
Copyright © 2018 CyberSecurity Malaysia
#CyberDefenceMalaysia
{Intelligence, Incidence, Investigation}
Copyright © 2018 CyberSecurity Malaysia
Copyright © 2018 CyberSecurity Malaysia
Our 2 years journey
(2016-2018)
Feb 2016
MOU/MOA
Signed, Title &
Concept
Aug 2016 - SRS, SDD
(Initial Design),
Satellite Lab
Feb 2016 - Revised SRS,
SDD (Detail Design),
STP, Research Papers,
the Proof of Concept of
Big Data Platform
Oct 2017 – Optimization
Report, Proof of
Concept, Testing
Documents, Research
Papers
Feb 2018 – Final
Report, Research
Papers
Copyright © 2018 CyberSecurity Malaysia
The team & funding
UTM Team (Consultant & Research)
• Prof Dr Shamsul Sahibuddin
• PM Dr Mohd Naz’ri Mahrin
• PM Dr Azurati Ahmad
• Dr Ganthan Narayana Samy
• Dr Priteega Mahalingam
• Dr Syahid Anuar
• Dr Suriayati Chuprat
Consultation
RM 1.72 Million
Research
RM 556.6 K
CSM Team
•Dr Aswami Ariffin (Dr AA)
•Mohd Zabri Adil Talib
•Mohamad Firham Effendy
•Fakhrul Afiq Abd Aziz
•Muhammad Zaharudin
•Nazri Ahmad Zamani
•Nur Afifah Mohd Saupi
•Nor Zarina Zainal Abidin
•Wafa Mohd Khairudin
•Yasmin Jeffry
Copyright © 2018 CyberSecurity Malaysia
The beginning…
Copyright © 2018 CyberSecurity Malaysia
CyberI3 framework
Data Warehouse
Is a component that will be the central repository for the storing data sent
by CMERP. Data will be enriched to become more meaningful for further
analytics.
Data Analytics
Data will be further analyzed, correlated and uncovered any possible
hidden patterns or connections using collected historical data. Will
perform descriptive analytics and predictive analytics to discover the
future malware attacks.
Visualization
Descriptive and predictive analytics results will be presented in a pictorial
or graphical format to enable decision makers to view the analytics
graphically. Will be used as evidence in forensic investigations and can be
used to distribute warning to the targeted organization.
Copyright © 2018 CyberSecurity Malaysia
Understanding the requirements
• Software
engineering
Practices
• Series of
workshops, training
and reviews
• Developed the
software
requirement
specifications (SRS)
Copyright © 2018 CyberSecurity Malaysia
Translating the requirements
to design
• Series of workshops
& reviews
• Developed the
Software Design
Document (SDD)
• Knowledge sharing
by the related
industry
Copyright © 2018 CyberSecurity Malaysia
CyberI3 framework implementation
Copyright © 2018 CyberSecurity Malaysia
Implementation (proof of concept)
Copyright © 2018 CyberSecurity Malaysia
• SLR
– Malware
Predictions
– Malware
Analytics
Techniques
– Visualization
Techniques
Concurrently… we do research
Systematic	Literature	
Review
Prediction	Techniques	
Selection
Prediction	Techniques	
Evaluation
Development	of	ICE	
Systems	(Data	Analytic	
Module)
Copyright © 2018 CyberSecurity Malaysia
Optimizing the implementation
• Evaluation
– Machine Learning
Algorithms
– Computing Platforms
MSE RMSE MAE
(Mean (Root Mean (Mean Absolute
Square Square Error) Error)
Error)
Linear 0.0581 0.241 0.1994
Regression
Random Forest 0.1959 0.4426 0.3852
ANN 0.1083 0.3291 0.2872
SVM 0.0442 0.2102 0.1689
ARIMA 0.0454 0.213 0.1711
Copyright © 2018 CyberSecurity Malaysia
CyberI3 dashboard-i
Copyright © 2018 CyberSecurity Malaysia
#GlobalCyberThreat
{Internal, External}
Copyright © 2018 CyberSecurity Malaysia
Copyright © 2018 CyberSecurity Malaysia
CyberI3 dashboard-ii
Copyright © 2018 CyberSecurity Malaysia
CyberI3 dashboard-iii
Copyright © 2018 CyberSecurity Malaysia
CyberI3 dashboard-iv
Copyright © 2018 CyberSecurity Malaysia
CyberI3 dashboard-v
Copyright © 2018 CyberSecurity Malaysia
CyberI3 dashboard-vi
Copyright © 2018 CyberSecurity Malaysia
Predictive signature and
prescriptive
solution
Copyright © 2018 CyberSecurity Malaysia
CyberI3 system; e.g. content analysis
& visualization
32
Copyright © 2018 CyberSecurity Malaysia
CyberI3 Cluster
Copyright © 2018 CyberSecurity Malaysia
#CyberLaw@CyberCSI
#UncoveringTruthBeyondDigitalImagination
{Prosecution, ExpertWitness, Takedown}
Copyright © 2018 CyberSecurity Malaysia
3. Conclusion
• People; operational + research (training & experience)
• Process; coordination
• Technology; facilitation
• Based on statistics be alert; awareness!
• Normally increase if there is major event e.g. MH 370
• New vulnerability/exploit/zero-day
• Based on cyber threat intelligence targeting
corporation/organization; CNII be careful!
• Ransomware on the rise; motivation is monetary gain
• Attack is getting sophisticated, mobile; Target/Sony!
• A lot research needed! @ Threat hunting…
Copyright © 2018 CyberSecurity Malaysia
Final deliverables (consultation)
• Software Requirement Specification (SRS)
• Software Design Document (SDD)
• Software Test Plan (STP)
• Optimization Report
• Final Report
• Closing Report
Copyright © 2018 CyberSecurity Malaysia
Final deliverables (research)
• 5 Journal Articles
–Malware Prediction Algorithm: Systematic Review (Scopus
Indexed)
–Malware Prediction Techniques: Selection and
Implementation for Integrated Cyber Evidence (ISI
Indexed)
–Classification of Malware Analytics Techniques: A
Systematic Literature Review (ISI Indexed)
–Analysis of Features for Malware Visualization (Scopus
Indexed)
–Systematic Literature Review for Malware Visualization
Techniques (Scopus Indexed)
Copyright © 2018 CyberSecurity Malaysia
Final deliverables (research)
• 2 Conference Proceedings
–Modeling Malware Prediction Using Artificial Neural
Network (presented in SOMET 2018, Spain)
–Malware Forensic Analytics Framework Using Big Data
Platform (to be presented at Future Technology
Conference, Vancouver Canada in November 2018)
• Satellite Lab @ Level 3 Menara Razak UTM Kuala
Lumpur
Copyright © 2018 CyberSecurity Malaysia
Experiences
• Smart Partnership
• Setting up Big Data Platform
• Hands on HCP Apache Metron Setup
• Professional Trainings with Hortonworks
– Apache NIFI
– Apache Metron
– HDP Developer – Enterprise Apache Spark
• 60-40 Data Science Practices
• Software Engineering Practices
Copyright © 2018 CyberSecurity Malaysia
#CyberDefenceAlliance
{CyberFIT, CyberACT, CyberDEF}
Copyright © 2018 CyberSecurity MalaysiaCopyright © 2018 CyberSecurity Malaysia 41
Copyright © 2018 CyberSecurity MalaysiaCopyright © 2018 CyberSecurity Malaysia 42

More Related Content

What's hot

Spark and Hadoop Perfect Togeher by Arun Murthy
Spark and Hadoop Perfect Togeher by Arun MurthySpark and Hadoop Perfect Togeher by Arun Murthy
Spark and Hadoop Perfect Togeher by Arun MurthySpark Summit
 
The curious case of data lake redemption
The curious case of data lake redemptionThe curious case of data lake redemption
The curious case of data lake redemptionDataWorks Summit
 
Balancing data democratization with comprehensive information governance: bui...
Balancing data democratization with comprehensive information governance: bui...Balancing data democratization with comprehensive information governance: bui...
Balancing data democratization with comprehensive information governance: bui...DataWorks Summit
 
Privacy-Preserving AI Network - PlatON 2.0
Privacy-Preserving AI Network - PlatON 2.0 Privacy-Preserving AI Network - PlatON 2.0
Privacy-Preserving AI Network - PlatON 2.0 ShiHeng1
 
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...Cloudera, Inc.
 
Platform for the Research and Analysis of Cybernetic Threats
Platform for the Research and Analysis of Cybernetic ThreatsPlatform for the Research and Analysis of Cybernetic Threats
Platform for the Research and Analysis of Cybernetic ThreatsDataWorks Summit
 
Building intelligent applications, experimental ML with Uber’s Data Science W...
Building intelligent applications, experimental ML with Uber’s Data Science W...Building intelligent applications, experimental ML with Uber’s Data Science W...
Building intelligent applications, experimental ML with Uber’s Data Science W...DataWorks Summit
 
2016 Cybersecurity Analytics State of the Union
2016 Cybersecurity Analytics State of the Union2016 Cybersecurity Analytics State of the Union
2016 Cybersecurity Analytics State of the UnionCloudera, Inc.
 
3 CTOs Discuss the Shift to Next-Gen Analytic Ecosystems
3 CTOs Discuss the Shift to Next-Gen Analytic Ecosystems3 CTOs Discuss the Shift to Next-Gen Analytic Ecosystems
3 CTOs Discuss the Shift to Next-Gen Analytic EcosystemsHortonworks
 
The 5 Biggest Data Myths in Telco: Exposed
The 5 Biggest Data Myths in Telco: ExposedThe 5 Biggest Data Myths in Telco: Exposed
The 5 Biggest Data Myths in Telco: ExposedCloudera, Inc.
 
Intro to Big Data Analytics and the Hybrid Cloud
Intro to Big Data Analytics and the Hybrid CloudIntro to Big Data Analytics and the Hybrid Cloud
Intro to Big Data Analytics and the Hybrid CloudIan Balina
 
How Cloudera SDX can aid GDPR compliance 6.21.18
How Cloudera SDX can aid GDPR compliance 6.21.18How Cloudera SDX can aid GDPR compliance 6.21.18
How Cloudera SDX can aid GDPR compliance 6.21.18Cloudera, Inc.
 
First in Class: Optimizing the Data Lake for Tighter Integration
First in Class: Optimizing the Data Lake for Tighter IntegrationFirst in Class: Optimizing the Data Lake for Tighter Integration
First in Class: Optimizing the Data Lake for Tighter IntegrationInside Analysis
 
When SAP alone is not enough
When SAP alone is not enoughWhen SAP alone is not enough
When SAP alone is not enoughCloudera, Inc.
 
Achieving a 360 degree view of manufacturing
Achieving a 360 degree view of manufacturingAchieving a 360 degree view of manufacturing
Achieving a 360 degree view of manufacturingDataWorks Summit
 
Data Aggregation, Curation and analytics for security and situational awareness
Data Aggregation, Curation and analytics for security and situational awarenessData Aggregation, Curation and analytics for security and situational awareness
Data Aggregation, Curation and analytics for security and situational awarenessDataWorks Summit/Hadoop Summit
 
Applying Noisy Knowledge Graphs to Real Problems
Applying Noisy Knowledge Graphs to Real ProblemsApplying Noisy Knowledge Graphs to Real Problems
Applying Noisy Knowledge Graphs to Real ProblemsDataWorks Summit
 
IoT-Enabled Predictive Maintenance
IoT-Enabled Predictive MaintenanceIoT-Enabled Predictive Maintenance
IoT-Enabled Predictive MaintenanceCloudera, Inc.
 
Zementis hortonworks-webinar-2014-09
Zementis hortonworks-webinar-2014-09Zementis hortonworks-webinar-2014-09
Zementis hortonworks-webinar-2014-09Hortonworks
 

What's hot (20)

Spark and Hadoop Perfect Togeher by Arun Murthy
Spark and Hadoop Perfect Togeher by Arun MurthySpark and Hadoop Perfect Togeher by Arun Murthy
Spark and Hadoop Perfect Togeher by Arun Murthy
 
The curious case of data lake redemption
The curious case of data lake redemptionThe curious case of data lake redemption
The curious case of data lake redemption
 
Balancing data democratization with comprehensive information governance: bui...
Balancing data democratization with comprehensive information governance: bui...Balancing data democratization with comprehensive information governance: bui...
Balancing data democratization with comprehensive information governance: bui...
 
Privacy-Preserving AI Network - PlatON 2.0
Privacy-Preserving AI Network - PlatON 2.0 Privacy-Preserving AI Network - PlatON 2.0
Privacy-Preserving AI Network - PlatON 2.0
 
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
 
Platform for the Research and Analysis of Cybernetic Threats
Platform for the Research and Analysis of Cybernetic ThreatsPlatform for the Research and Analysis of Cybernetic Threats
Platform for the Research and Analysis of Cybernetic Threats
 
Building intelligent applications, experimental ML with Uber’s Data Science W...
Building intelligent applications, experimental ML with Uber’s Data Science W...Building intelligent applications, experimental ML with Uber’s Data Science W...
Building intelligent applications, experimental ML with Uber’s Data Science W...
 
2016 Cybersecurity Analytics State of the Union
2016 Cybersecurity Analytics State of the Union2016 Cybersecurity Analytics State of the Union
2016 Cybersecurity Analytics State of the Union
 
3 CTOs Discuss the Shift to Next-Gen Analytic Ecosystems
3 CTOs Discuss the Shift to Next-Gen Analytic Ecosystems3 CTOs Discuss the Shift to Next-Gen Analytic Ecosystems
3 CTOs Discuss the Shift to Next-Gen Analytic Ecosystems
 
The 5 Biggest Data Myths in Telco: Exposed
The 5 Biggest Data Myths in Telco: ExposedThe 5 Biggest Data Myths in Telco: Exposed
The 5 Biggest Data Myths in Telco: Exposed
 
Intro to Big Data Analytics and the Hybrid Cloud
Intro to Big Data Analytics and the Hybrid CloudIntro to Big Data Analytics and the Hybrid Cloud
Intro to Big Data Analytics and the Hybrid Cloud
 
How Cloudera SDX can aid GDPR compliance 6.21.18
How Cloudera SDX can aid GDPR compliance 6.21.18How Cloudera SDX can aid GDPR compliance 6.21.18
How Cloudera SDX can aid GDPR compliance 6.21.18
 
First in Class: Optimizing the Data Lake for Tighter Integration
First in Class: Optimizing the Data Lake for Tighter IntegrationFirst in Class: Optimizing the Data Lake for Tighter Integration
First in Class: Optimizing the Data Lake for Tighter Integration
 
When SAP alone is not enough
When SAP alone is not enoughWhen SAP alone is not enough
When SAP alone is not enough
 
Achieving a 360 degree view of manufacturing
Achieving a 360 degree view of manufacturingAchieving a 360 degree view of manufacturing
Achieving a 360 degree view of manufacturing
 
Hadoop Crash Course
Hadoop Crash CourseHadoop Crash Course
Hadoop Crash Course
 
Data Aggregation, Curation and analytics for security and situational awareness
Data Aggregation, Curation and analytics for security and situational awarenessData Aggregation, Curation and analytics for security and situational awareness
Data Aggregation, Curation and analytics for security and situational awareness
 
Applying Noisy Knowledge Graphs to Real Problems
Applying Noisy Knowledge Graphs to Real ProblemsApplying Noisy Knowledge Graphs to Real Problems
Applying Noisy Knowledge Graphs to Real Problems
 
IoT-Enabled Predictive Maintenance
IoT-Enabled Predictive MaintenanceIoT-Enabled Predictive Maintenance
IoT-Enabled Predictive Maintenance
 
Zementis hortonworks-webinar-2014-09
Zementis hortonworks-webinar-2014-09Zementis hortonworks-webinar-2014-09
Zementis hortonworks-webinar-2014-09
 

Similar to Cyber-I3 System - Intelligence, Incidence, and Investigation-based Big Data Technology

Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Netpluz Asia Pte Ltd
 
[Webinar] Supercharging Security with Behavioral Analytics
[Webinar] Supercharging Security with Behavioral Analytics[Webinar] Supercharging Security with Behavioral Analytics
[Webinar] Supercharging Security with Behavioral AnalyticsInterset
 
Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Karl Kispert
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehReZa AdineH
 
Securing the Digital Frontier - An Analysis of Cybersecurity Landscape and Tr...
Securing the Digital Frontier - An Analysis of Cybersecurity Landscape and Tr...Securing the Digital Frontier - An Analysis of Cybersecurity Landscape and Tr...
Securing the Digital Frontier - An Analysis of Cybersecurity Landscape and Tr...Draup3
 
Operationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
Operationalizing Big Data Security Analytics - IANS Forum Toronto KeynoteOperationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
Operationalizing Big Data Security Analytics - IANS Forum Toronto KeynoteInterset
 
Operationalizing Big Data Security Analytics - IANS Forum Dallas
Operationalizing Big Data Security Analytics - IANS Forum DallasOperationalizing Big Data Security Analytics - IANS Forum Dallas
Operationalizing Big Data Security Analytics - IANS Forum DallasInterset
 
Data Connectors San Antonio Cybersecurity Conference 2018
Data Connectors San Antonio Cybersecurity Conference 2018Data Connectors San Antonio Cybersecurity Conference 2018
Data Connectors San Antonio Cybersecurity Conference 2018Interset
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftOSIsoft, LLC
 
Leveraging Compliance to “Help” Prevent a Future Breach
Leveraging Compliance to “Help” Prevent a Future BreachLeveraging Compliance to “Help” Prevent a Future Breach
Leveraging Compliance to “Help” Prevent a Future BreachKevin Murphy
 
DataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the DayDataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the DayInterset
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSFDigital Bond
 
CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan MMohan M
 
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...Cohesive Networks
 
Security as a Strategy
Security as a Strategy Security as a Strategy
Security as a Strategy James Deiotte
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare ☁
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare ☁
 

Similar to Cyber-I3 System - Intelligence, Incidence, and Investigation-based Big Data Technology (20)

Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service
 
[Webinar] Supercharging Security with Behavioral Analytics
[Webinar] Supercharging Security with Behavioral Analytics[Webinar] Supercharging Security with Behavioral Analytics
[Webinar] Supercharging Security with Behavioral Analytics
 
CCA study group
CCA study groupCCA study group
CCA study group
 
Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
 
Emerging Trends in Application Security
Emerging Trends in Application Security Emerging Trends in Application Security
Emerging Trends in Application Security
 
Securing the Digital Frontier - An Analysis of Cybersecurity Landscape and Tr...
Securing the Digital Frontier - An Analysis of Cybersecurity Landscape and Tr...Securing the Digital Frontier - An Analysis of Cybersecurity Landscape and Tr...
Securing the Digital Frontier - An Analysis of Cybersecurity Landscape and Tr...
 
Operationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
Operationalizing Big Data Security Analytics - IANS Forum Toronto KeynoteOperationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
Operationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
 
Operationalizing Big Data Security Analytics - IANS Forum Dallas
Operationalizing Big Data Security Analytics - IANS Forum DallasOperationalizing Big Data Security Analytics - IANS Forum Dallas
Operationalizing Big Data Security Analytics - IANS Forum Dallas
 
Data Connectors San Antonio Cybersecurity Conference 2018
Data Connectors San Antonio Cybersecurity Conference 2018Data Connectors San Antonio Cybersecurity Conference 2018
Data Connectors San Antonio Cybersecurity Conference 2018
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
 
Leveraging Compliance to “Help” Prevent a Future Breach
Leveraging Compliance to “Help” Prevent a Future BreachLeveraging Compliance to “Help” Prevent a Future Breach
Leveraging Compliance to “Help” Prevent a Future Breach
 
FireEye Solutions
FireEye SolutionsFireEye Solutions
FireEye Solutions
 
DataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the DayDataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the Day
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSF
 
CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan M
 
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
 
Security as a Strategy
Security as a Strategy Security as a Strategy
Security as a Strategy
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 

More from DataWorks Summit

Floating on a RAFT: HBase Durability with Apache Ratis
Floating on a RAFT: HBase Durability with Apache RatisFloating on a RAFT: HBase Durability with Apache Ratis
Floating on a RAFT: HBase Durability with Apache RatisDataWorks Summit
 
Tracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFi
Tracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFiTracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFi
Tracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFiDataWorks Summit
 
HBase Tales From the Trenches - Short stories about most common HBase operati...
HBase Tales From the Trenches - Short stories about most common HBase operati...HBase Tales From the Trenches - Short stories about most common HBase operati...
HBase Tales From the Trenches - Short stories about most common HBase operati...DataWorks Summit
 
Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...
Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...
Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...DataWorks Summit
 
Managing the Dewey Decimal System
Managing the Dewey Decimal SystemManaging the Dewey Decimal System
Managing the Dewey Decimal SystemDataWorks Summit
 
Practical NoSQL: Accumulo's dirlist Example
Practical NoSQL: Accumulo's dirlist ExamplePractical NoSQL: Accumulo's dirlist Example
Practical NoSQL: Accumulo's dirlist ExampleDataWorks Summit
 
HBase Global Indexing to support large-scale data ingestion at Uber
HBase Global Indexing to support large-scale data ingestion at UberHBase Global Indexing to support large-scale data ingestion at Uber
HBase Global Indexing to support large-scale data ingestion at UberDataWorks Summit
 
Scaling Cloud-Scale Translytics Workloads with Omid and Phoenix
Scaling Cloud-Scale Translytics Workloads with Omid and PhoenixScaling Cloud-Scale Translytics Workloads with Omid and Phoenix
Scaling Cloud-Scale Translytics Workloads with Omid and PhoenixDataWorks Summit
 
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFi
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFiBuilding the High Speed Cybersecurity Data Pipeline Using Apache NiFi
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFiDataWorks Summit
 
Supporting Apache HBase : Troubleshooting and Supportability Improvements
Supporting Apache HBase : Troubleshooting and Supportability ImprovementsSupporting Apache HBase : Troubleshooting and Supportability Improvements
Supporting Apache HBase : Troubleshooting and Supportability ImprovementsDataWorks Summit
 
Security Framework for Multitenant Architecture
Security Framework for Multitenant ArchitectureSecurity Framework for Multitenant Architecture
Security Framework for Multitenant ArchitectureDataWorks Summit
 
Presto: Optimizing Performance of SQL-on-Anything Engine
Presto: Optimizing Performance of SQL-on-Anything EnginePresto: Optimizing Performance of SQL-on-Anything Engine
Presto: Optimizing Performance of SQL-on-Anything EngineDataWorks Summit
 
Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...
Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...
Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...DataWorks Summit
 
Extending Twitter's Data Platform to Google Cloud
Extending Twitter's Data Platform to Google CloudExtending Twitter's Data Platform to Google Cloud
Extending Twitter's Data Platform to Google CloudDataWorks Summit
 
Event-Driven Messaging and Actions using Apache Flink and Apache NiFi
Event-Driven Messaging and Actions using Apache Flink and Apache NiFiEvent-Driven Messaging and Actions using Apache Flink and Apache NiFi
Event-Driven Messaging and Actions using Apache Flink and Apache NiFiDataWorks Summit
 
Securing Data in Hybrid on-premise and Cloud Environments using Apache Ranger
Securing Data in Hybrid on-premise and Cloud Environments using Apache RangerSecuring Data in Hybrid on-premise and Cloud Environments using Apache Ranger
Securing Data in Hybrid on-premise and Cloud Environments using Apache RangerDataWorks Summit
 
Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...
Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...
Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...DataWorks Summit
 
Computer Vision: Coming to a Store Near You
Computer Vision: Coming to a Store Near YouComputer Vision: Coming to a Store Near You
Computer Vision: Coming to a Store Near YouDataWorks Summit
 
Big Data Genomics: Clustering Billions of DNA Sequences with Apache Spark
Big Data Genomics: Clustering Billions of DNA Sequences with Apache SparkBig Data Genomics: Clustering Billions of DNA Sequences with Apache Spark
Big Data Genomics: Clustering Billions of DNA Sequences with Apache SparkDataWorks Summit
 

More from DataWorks Summit (20)

Data Science Crash Course
Data Science Crash CourseData Science Crash Course
Data Science Crash Course
 
Floating on a RAFT: HBase Durability with Apache Ratis
Floating on a RAFT: HBase Durability with Apache RatisFloating on a RAFT: HBase Durability with Apache Ratis
Floating on a RAFT: HBase Durability with Apache Ratis
 
Tracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFi
Tracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFiTracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFi
Tracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFi
 
HBase Tales From the Trenches - Short stories about most common HBase operati...
HBase Tales From the Trenches - Short stories about most common HBase operati...HBase Tales From the Trenches - Short stories about most common HBase operati...
HBase Tales From the Trenches - Short stories about most common HBase operati...
 
Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...
Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...
Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...
 
Managing the Dewey Decimal System
Managing the Dewey Decimal SystemManaging the Dewey Decimal System
Managing the Dewey Decimal System
 
Practical NoSQL: Accumulo's dirlist Example
Practical NoSQL: Accumulo's dirlist ExamplePractical NoSQL: Accumulo's dirlist Example
Practical NoSQL: Accumulo's dirlist Example
 
HBase Global Indexing to support large-scale data ingestion at Uber
HBase Global Indexing to support large-scale data ingestion at UberHBase Global Indexing to support large-scale data ingestion at Uber
HBase Global Indexing to support large-scale data ingestion at Uber
 
Scaling Cloud-Scale Translytics Workloads with Omid and Phoenix
Scaling Cloud-Scale Translytics Workloads with Omid and PhoenixScaling Cloud-Scale Translytics Workloads with Omid and Phoenix
Scaling Cloud-Scale Translytics Workloads with Omid and Phoenix
 
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFi
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFiBuilding the High Speed Cybersecurity Data Pipeline Using Apache NiFi
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFi
 
Supporting Apache HBase : Troubleshooting and Supportability Improvements
Supporting Apache HBase : Troubleshooting and Supportability ImprovementsSupporting Apache HBase : Troubleshooting and Supportability Improvements
Supporting Apache HBase : Troubleshooting and Supportability Improvements
 
Security Framework for Multitenant Architecture
Security Framework for Multitenant ArchitectureSecurity Framework for Multitenant Architecture
Security Framework for Multitenant Architecture
 
Presto: Optimizing Performance of SQL-on-Anything Engine
Presto: Optimizing Performance of SQL-on-Anything EnginePresto: Optimizing Performance of SQL-on-Anything Engine
Presto: Optimizing Performance of SQL-on-Anything Engine
 
Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...
Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...
Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...
 
Extending Twitter's Data Platform to Google Cloud
Extending Twitter's Data Platform to Google CloudExtending Twitter's Data Platform to Google Cloud
Extending Twitter's Data Platform to Google Cloud
 
Event-Driven Messaging and Actions using Apache Flink and Apache NiFi
Event-Driven Messaging and Actions using Apache Flink and Apache NiFiEvent-Driven Messaging and Actions using Apache Flink and Apache NiFi
Event-Driven Messaging and Actions using Apache Flink and Apache NiFi
 
Securing Data in Hybrid on-premise and Cloud Environments using Apache Ranger
Securing Data in Hybrid on-premise and Cloud Environments using Apache RangerSecuring Data in Hybrid on-premise and Cloud Environments using Apache Ranger
Securing Data in Hybrid on-premise and Cloud Environments using Apache Ranger
 
Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...
Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...
Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...
 
Computer Vision: Coming to a Store Near You
Computer Vision: Coming to a Store Near YouComputer Vision: Coming to a Store Near You
Computer Vision: Coming to a Store Near You
 
Big Data Genomics: Clustering Billions of DNA Sequences with Apache Spark
Big Data Genomics: Clustering Billions of DNA Sequences with Apache SparkBig Data Genomics: Clustering Billions of DNA Sequences with Apache Spark
Big Data Genomics: Clustering Billions of DNA Sequences with Apache Spark
 

Recently uploaded

Checklist to troubleshoot CD moisture profiles.docx
Checklist to troubleshoot CD moisture profiles.docxChecklist to troubleshoot CD moisture profiles.docx
Checklist to troubleshoot CD moisture profiles.docxNoman khan
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
Dev Dives: Master advanced authentication and performance in Productivity Act...
Dev Dives: Master advanced authentication and performance in Productivity Act...Dev Dives: Master advanced authentication and performance in Productivity Act...
Dev Dives: Master advanced authentication and performance in Productivity Act...UiPathCommunity
 
Unleashing the power of AI in UiPath Studio with UiPath Autopilot.
Unleashing the power of AI in UiPath Studio with UiPath Autopilot.Unleashing the power of AI in UiPath Studio with UiPath Autopilot.
Unleashing the power of AI in UiPath Studio with UiPath Autopilot.DianaGray10
 
20200723_insight_release_plan
20200723_insight_release_plan20200723_insight_release_plan
20200723_insight_release_planJamie (Taka) Wang
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
Reference Domain Ontologies and Large Medical Language Models.pptx
Reference Domain Ontologies and Large Medical Language Models.pptxReference Domain Ontologies and Large Medical Language Models.pptx
Reference Domain Ontologies and Large Medical Language Models.pptxChimezie Ogbuji
 
Introducing Milvus and new features in 2.4 release
Introducing Milvus and new features in 2.4 releaseIntroducing Milvus and new features in 2.4 release
Introducing Milvus and new features in 2.4 releaseZilliz
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
CHIPS Alliance_Object Automation Inc_workshop
CHIPS Alliance_Object Automation Inc_workshopCHIPS Alliance_Object Automation Inc_workshop
CHIPS Alliance_Object Automation Inc_workshopObject Automation
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
5 Considerations For Choosing The Best Gutter Guards
5 Considerations For Choosing The Best Gutter Guards5 Considerations For Choosing The Best Gutter Guards
5 Considerations For Choosing The Best Gutter GuardsCPR Gutter Protection
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxYounusS2
 
RTL Design Methodologies_Object Automation Inc
RTL Design Methodologies_Object Automation IncRTL Design Methodologies_Object Automation Inc
RTL Design Methodologies_Object Automation IncObject Automation
 
IEEE Computer Society 2024 Technology Predictions Update
IEEE Computer Society 2024 Technology Predictions UpdateIEEE Computer Society 2024 Technology Predictions Update
IEEE Computer Society 2024 Technology Predictions UpdateHironori Washizaki
 
BODYPACK DIGITAL TECHNOLOGY STACK - 2024
BODYPACK DIGITAL TECHNOLOGY STACK - 2024BODYPACK DIGITAL TECHNOLOGY STACK - 2024
BODYPACK DIGITAL TECHNOLOGY STACK - 2024Andri H.
 
GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncObject Automation
 
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataCloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataSafe Software
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServiceRenan Moreira de Oliveira
 
Dragino Technology LoRaWANデバイス、ゲートウェイ ユースケース
Dragino Technology   LoRaWANデバイス、ゲートウェイ ユースケースDragino Technology   LoRaWANデバイス、ゲートウェイ ユースケース
Dragino Technology LoRaWANデバイス、ゲートウェイ ユースケースCRI Japan, Inc.
 

Recently uploaded (20)

Checklist to troubleshoot CD moisture profiles.docx
Checklist to troubleshoot CD moisture profiles.docxChecklist to troubleshoot CD moisture profiles.docx
Checklist to troubleshoot CD moisture profiles.docx
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
Dev Dives: Master advanced authentication and performance in Productivity Act...
Dev Dives: Master advanced authentication and performance in Productivity Act...Dev Dives: Master advanced authentication and performance in Productivity Act...
Dev Dives: Master advanced authentication and performance in Productivity Act...
 
Unleashing the power of AI in UiPath Studio with UiPath Autopilot.
Unleashing the power of AI in UiPath Studio with UiPath Autopilot.Unleashing the power of AI in UiPath Studio with UiPath Autopilot.
Unleashing the power of AI in UiPath Studio with UiPath Autopilot.
 
20200723_insight_release_plan
20200723_insight_release_plan20200723_insight_release_plan
20200723_insight_release_plan
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
Reference Domain Ontologies and Large Medical Language Models.pptx
Reference Domain Ontologies and Large Medical Language Models.pptxReference Domain Ontologies and Large Medical Language Models.pptx
Reference Domain Ontologies and Large Medical Language Models.pptx
 
Introducing Milvus and new features in 2.4 release
Introducing Milvus and new features in 2.4 releaseIntroducing Milvus and new features in 2.4 release
Introducing Milvus and new features in 2.4 release
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
CHIPS Alliance_Object Automation Inc_workshop
CHIPS Alliance_Object Automation Inc_workshopCHIPS Alliance_Object Automation Inc_workshop
CHIPS Alliance_Object Automation Inc_workshop
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
5 Considerations For Choosing The Best Gutter Guards
5 Considerations For Choosing The Best Gutter Guards5 Considerations For Choosing The Best Gutter Guards
5 Considerations For Choosing The Best Gutter Guards
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptx
 
RTL Design Methodologies_Object Automation Inc
RTL Design Methodologies_Object Automation IncRTL Design Methodologies_Object Automation Inc
RTL Design Methodologies_Object Automation Inc
 
IEEE Computer Society 2024 Technology Predictions Update
IEEE Computer Society 2024 Technology Predictions UpdateIEEE Computer Society 2024 Technology Predictions Update
IEEE Computer Society 2024 Technology Predictions Update
 
BODYPACK DIGITAL TECHNOLOGY STACK - 2024
BODYPACK DIGITAL TECHNOLOGY STACK - 2024BODYPACK DIGITAL TECHNOLOGY STACK - 2024
BODYPACK DIGITAL TECHNOLOGY STACK - 2024
 
GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation Inc
 
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataCloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
 
Dragino Technology LoRaWANデバイス、ゲートウェイ ユースケース
Dragino Technology   LoRaWANデバイス、ゲートウェイ ユースケースDragino Technology   LoRaWANデバイス、ゲートウェイ ユースケース
Dragino Technology LoRaWANデバイス、ゲートウェイ ユースケース
 

Cyber-I3 System - Intelligence, Incidence, and Investigation-based Big Data Technology

  • 1. Copyright © 2018 CyberSecurity MalaysiaCopyright © 2018 CyberSecurity Malaysia Dr.AA (Dr.Aswami Ariffin) SVP & Digital Forensics Scientist Cyber Security Responsive Services CyberSecurity Malaysia aswami@cybersecurity.my CyberI3 System - Intelligence, Incidence & Investigation Based Big Data Technology
  • 2. Copyright © 2018 CyberSecurity Malaysia 1. Cyber Threat Landscape
  • 3. Copyright © 2018 CyberSecurity Malaysia ,090,77721 68.1% population
  • 4. Copyright © 2018 CyberSecurity Malaysia
  • 5. Copyright © 2018 CyberSecurity Malaysia INTEL chipset bug
  • 6. Copyright © 2018 CyberSecurity Malaysia 2. CyberFIC – Forensics Intelligence Center
  • 7. Copyright © 2018 CyberSecurity Malaysia #ITUCyberSecurityStudy {Technical, CapacityBuilding, Cooperation, Legal, Organizational}
  • 8. Copyright © 2018 CyberSecurity Malaysia CyberFIT
  • 9. Copyright © 2018 CyberSecurity Malaysia #CyberDefenceWarRoom {ChainOfCustody, Command, Trust}
  • 10. Copyright © 2018 CyberSecurity Malaysia CyberACT
  • 11. Copyright © 2018 CyberSecurity Malaysia #CyberDefenceMalaysia {Intelligence, Incidence, Investigation}
  • 12. Copyright © 2018 CyberSecurity Malaysia
  • 13. Copyright © 2018 CyberSecurity Malaysia Our 2 years journey (2016-2018) Feb 2016 MOU/MOA Signed, Title & Concept Aug 2016 - SRS, SDD (Initial Design), Satellite Lab Feb 2016 - Revised SRS, SDD (Detail Design), STP, Research Papers, the Proof of Concept of Big Data Platform Oct 2017 – Optimization Report, Proof of Concept, Testing Documents, Research Papers Feb 2018 – Final Report, Research Papers
  • 14. Copyright © 2018 CyberSecurity Malaysia The team & funding UTM Team (Consultant & Research) • Prof Dr Shamsul Sahibuddin • PM Dr Mohd Naz’ri Mahrin • PM Dr Azurati Ahmad • Dr Ganthan Narayana Samy • Dr Priteega Mahalingam • Dr Syahid Anuar • Dr Suriayati Chuprat Consultation RM 1.72 Million Research RM 556.6 K CSM Team •Dr Aswami Ariffin (Dr AA) •Mohd Zabri Adil Talib •Mohamad Firham Effendy •Fakhrul Afiq Abd Aziz •Muhammad Zaharudin •Nazri Ahmad Zamani •Nur Afifah Mohd Saupi •Nor Zarina Zainal Abidin •Wafa Mohd Khairudin •Yasmin Jeffry
  • 15. Copyright © 2018 CyberSecurity Malaysia The beginning…
  • 16. Copyright © 2018 CyberSecurity Malaysia CyberI3 framework Data Warehouse Is a component that will be the central repository for the storing data sent by CMERP. Data will be enriched to become more meaningful for further analytics. Data Analytics Data will be further analyzed, correlated and uncovered any possible hidden patterns or connections using collected historical data. Will perform descriptive analytics and predictive analytics to discover the future malware attacks. Visualization Descriptive and predictive analytics results will be presented in a pictorial or graphical format to enable decision makers to view the analytics graphically. Will be used as evidence in forensic investigations and can be used to distribute warning to the targeted organization.
  • 17. Copyright © 2018 CyberSecurity Malaysia Understanding the requirements • Software engineering Practices • Series of workshops, training and reviews • Developed the software requirement specifications (SRS)
  • 18. Copyright © 2018 CyberSecurity Malaysia Translating the requirements to design • Series of workshops & reviews • Developed the Software Design Document (SDD) • Knowledge sharing by the related industry
  • 19. Copyright © 2018 CyberSecurity Malaysia CyberI3 framework implementation
  • 20. Copyright © 2018 CyberSecurity Malaysia Implementation (proof of concept)
  • 21. Copyright © 2018 CyberSecurity Malaysia • SLR – Malware Predictions – Malware Analytics Techniques – Visualization Techniques Concurrently… we do research Systematic Literature Review Prediction Techniques Selection Prediction Techniques Evaluation Development of ICE Systems (Data Analytic Module)
  • 22. Copyright © 2018 CyberSecurity Malaysia Optimizing the implementation • Evaluation – Machine Learning Algorithms – Computing Platforms MSE RMSE MAE (Mean (Root Mean (Mean Absolute Square Square Error) Error) Error) Linear 0.0581 0.241 0.1994 Regression Random Forest 0.1959 0.4426 0.3852 ANN 0.1083 0.3291 0.2872 SVM 0.0442 0.2102 0.1689 ARIMA 0.0454 0.213 0.1711
  • 23. Copyright © 2018 CyberSecurity Malaysia CyberI3 dashboard-i
  • 24. Copyright © 2018 CyberSecurity Malaysia #GlobalCyberThreat {Internal, External}
  • 25. Copyright © 2018 CyberSecurity Malaysia
  • 26. Copyright © 2018 CyberSecurity Malaysia CyberI3 dashboard-ii
  • 27. Copyright © 2018 CyberSecurity Malaysia CyberI3 dashboard-iii
  • 28. Copyright © 2018 CyberSecurity Malaysia CyberI3 dashboard-iv
  • 29. Copyright © 2018 CyberSecurity Malaysia CyberI3 dashboard-v
  • 30. Copyright © 2018 CyberSecurity Malaysia CyberI3 dashboard-vi
  • 31. Copyright © 2018 CyberSecurity Malaysia Predictive signature and prescriptive solution
  • 32. Copyright © 2018 CyberSecurity Malaysia CyberI3 system; e.g. content analysis & visualization 32
  • 33. Copyright © 2018 CyberSecurity Malaysia CyberI3 Cluster
  • 34. Copyright © 2018 CyberSecurity Malaysia #CyberLaw@CyberCSI #UncoveringTruthBeyondDigitalImagination {Prosecution, ExpertWitness, Takedown}
  • 35. Copyright © 2018 CyberSecurity Malaysia 3. Conclusion • People; operational + research (training & experience) • Process; coordination • Technology; facilitation • Based on statistics be alert; awareness! • Normally increase if there is major event e.g. MH 370 • New vulnerability/exploit/zero-day • Based on cyber threat intelligence targeting corporation/organization; CNII be careful! • Ransomware on the rise; motivation is monetary gain • Attack is getting sophisticated, mobile; Target/Sony! • A lot research needed! @ Threat hunting…
  • 36. Copyright © 2018 CyberSecurity Malaysia Final deliverables (consultation) • Software Requirement Specification (SRS) • Software Design Document (SDD) • Software Test Plan (STP) • Optimization Report • Final Report • Closing Report
  • 37. Copyright © 2018 CyberSecurity Malaysia Final deliverables (research) • 5 Journal Articles –Malware Prediction Algorithm: Systematic Review (Scopus Indexed) –Malware Prediction Techniques: Selection and Implementation for Integrated Cyber Evidence (ISI Indexed) –Classification of Malware Analytics Techniques: A Systematic Literature Review (ISI Indexed) –Analysis of Features for Malware Visualization (Scopus Indexed) –Systematic Literature Review for Malware Visualization Techniques (Scopus Indexed)
  • 38. Copyright © 2018 CyberSecurity Malaysia Final deliverables (research) • 2 Conference Proceedings –Modeling Malware Prediction Using Artificial Neural Network (presented in SOMET 2018, Spain) –Malware Forensic Analytics Framework Using Big Data Platform (to be presented at Future Technology Conference, Vancouver Canada in November 2018) • Satellite Lab @ Level 3 Menara Razak UTM Kuala Lumpur
  • 39. Copyright © 2018 CyberSecurity Malaysia Experiences • Smart Partnership • Setting up Big Data Platform • Hands on HCP Apache Metron Setup • Professional Trainings with Hortonworks – Apache NIFI – Apache Metron – HDP Developer – Enterprise Apache Spark • 60-40 Data Science Practices • Software Engineering Practices
  • 40. Copyright © 2018 CyberSecurity Malaysia #CyberDefenceAlliance {CyberFIT, CyberACT, CyberDEF}
  • 41. Copyright © 2018 CyberSecurity MalaysiaCopyright © 2018 CyberSecurity Malaysia 41
  • 42. Copyright © 2018 CyberSecurity MalaysiaCopyright © 2018 CyberSecurity Malaysia 42