SlideShare a Scribd company logo

Week 6Read Chapter 8 on CollectionRead Chapter 9 on Correlat.docx

Download as DOCX, PDF
H
helzerpatrina

Week 6 Read Chapter 8 on Collection Read Chapter 9 on Correlation Listen to weekly lectures Complete the following Post to discussion week 5 Complete Practical Connection Assignment Complete Quiz 4 based on Chapter 6 Depth and Chapter 7 Discretion Copyright © 2012, Elsevier Inc. All rights Reserved ‹#› Copyright © 2012, Elsevier Inc. All Rights Reserved Chapter 9 Correlation Cyber Attacks Protecting National Infrastructure, 1st ed. ‹#› ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 2 Correlation is one of the most powerful analytic methods for threat investigation Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Introduction ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 3 Data comparison creates a clearer picture of adversary activity Profile-based correlation Signature-based correlation Domain-based correlation Time-based correlation We rely on human analysis of data; no software can factor in relevant elements Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Introduction ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 4 Fig. 9.1 – Profile-based activity anomaly Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation ‹#› Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Fig. 9.2 – Signature-based activity match ‹#› Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Fig. 9.3 – Domain-based correlation of a botnet attack at two targets ‹#› Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Fig. 9.4 – Time-based correlation of a botnet attack ‹#› Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Fig. 9.5 – Taxonomy of correlation scenarios ‹#› Conventional Security Correlation Methods Threat management – data from multiple sources is correlated to identify patterns, trends, and relationships The approach relies upon security information and event management (SIEM) Commercial firewalls are underutilized Correlation function can be decentralized, but that often complicates the process Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 10 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Fig. 9.6 – Correlating intrusion detection alarms with firewall policy rules ‹#› Quality and Reliability Issues in Data Correlation Quality and reliability of data sources important to consider Service level agreements Service level agreements guarantee quality of data Quality and reliability ...

Education
1 of 21
Week 6 Read Chapter 8 on Collection Read Chapter 9 on Correlation Listen to weekly lectures Complete the following Post to discussion week 5 Complete Practical Connection Assignment Complete Quiz 4 based on Chapter 6 Depth and Chapter 7 Discretion Copyright © 2012, Elsevier Inc. All rights Reserved ‹#› Copyright © 2012, Elsevier Inc. All Rights Reserved Chapter 9 Correlation Cyber Attacks Protecting National Infrastructure, 1st ed. ‹#›
‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 2 Correlation is one of the most powerful analytic methods for threat investigation Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Introduction ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 3 Data comparison creates a clearer picture of adversary activity Profile-based correlation Signature-based correlation Domain-based correlation Time-based correlation
We rely on human analysis of data; no software can factor in relevant elements Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Introduction ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 4 Fig. 9.1 – Profile-based activity anomaly Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation ‹#› Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Fig. 9.2 – Signature-based activity match
‹#› Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Fig. 9.3 – Domain-based correlation of a botnet attack at two targets ‹#› Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Fig. 9.4 – Time-based correlation of a botnet attack ‹#› Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation
Fig. 9.5 – Taxonomy of correlation scenarios ‹#› Conventional Security Correlation Methods Threat management – data from multiple sources is correlated to identify patterns, trends, and relationships The approach relies upon security information and event management (SIEM) Commercial firewalls are underutilized Correlation function can be decentralized, but that often complicates the process Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 10 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation
Fig. 9.6 – Correlating intrusion detection alarms with firewall policy rules ‹#› Quality and Reliability Issues in Data Correlation Quality and reliability of data sources important to consider Service level agreements Service level agreements guarantee quality of data Quality and reliability not guaranteed with volunteered data Without consistent, predictable, and guaranteed data delivery, correlations likely to be incorrect and data likely missing Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 12 Copyright © 2012, Elsevier Inc. All rights Reserved
Chapter 9 – Correlation Fig. 9.7 – Incorrect correlation result due to imperfect collection ‹#› Network service providers have best vantage point for correlating data across multiple organizations, regions, etc. Network service providers have view of network activity that allows them to see problems Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Correlating Data to Detect a Worm ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 14 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation
Fig. 9.8 – Time-based correlation to detect worm ‹#› The context of carrier infrastructure may offer best chance to perform correlation relative to a botnet Botnets are often widely distributed, geographically Sharing information on botnet tactics might help others protect themselves Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Correlating Data to Detect a Botnet ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 16 For national infrastructure protection, large-scale correlation of all-source data is complicated by several factors Data formats Collection targets
Competition These can only be overcome with a deliberate correlation process Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Large-Scale Correlation Process ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 17 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Fig. 9.10 – Large-scale, multipass correlation process with feedback ‹#› Organizations with national infrastructure responsibility should be encouraged to create and follow a local program of data correlation
National-level programs might be created to correlate collected data at the highest level. This approach requires the following Transparent operations Guaranteed data feeds Clearly defined value proposition Focus on situational awareness Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation National Correlation Process ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 19 Week 6 Read Chapter 8 on Collection Read Chapter 9 on Correlation Listen to weekly lectures Complete the following Post to discussion week 5 Complete Practical Connection Assignment Complete Quiz 4 based on Chapter 6 Depth and Chapter 7 Discretion
Copyright © 2012, Elsevier Inc. All rights Reserved ‹#› Copyright © 2012, Elsevier Inc. All Rights Reserved Chapter 8 Collection Cyber Attacks Protecting National Infrastructure, 1st ed. ‹#› ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 2 Diligent and ongoing observation of computing and networking
behavior can highlight malicious activity The processing and analysis required for this must be done within a program of data collection A national collection process that combines local, regional, and aggregated data does not exist in an organized manner Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Introduction ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 3 Fig. 8.1 – Local, regional, and national data collection with aggregation Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection ‹#› At local and national levels data collection decisions for
national infrastructure should be based on the following security goals Preventing an attack Mitigating an attack Analyzing an attack Data collection must be justified (who is collecting and why) The quality of data is more important than the quantity Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Introduction ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 5 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Fig. 8.2 – Justification-based decision analysis template for data collection ‹#›
Metadata is perhaps the most useful type of data for collection in national infrastructure Metadata is information about data, not what the data is about Data collection systems need to keep pace with growth of carrier backbones Sampling data takes less time, but unsampled data may be reveal more Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Collecting Network Data ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 7 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Fig. 8.4 – Collection detects evidence of vulnerability in advance of notification ‹#›
National initiatives have not traditionally collected data from mainframes, servers, and PCs The ultimate goal should be to collect data from all relevant computers, even if that goal is beyond current capacity System monitoring may reveal troubling patterns Two techniques useful for embedding system management data Inventory process needed to identify critical systems Process of instrumenting or reusing data collection facilities must be identified Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Collecting System Data ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 9 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Fig. 8.5 – Collecting data from mainframes, servers, and PCs
‹#› Security Information and Event Management Security information and event management (SIEM) is the process of aggregating system data from multiple sources for purpose of protection Each SIEM system (in a national system of data collection) would collect, filter, and process data Objections to this approach include both the cost of setting up the architecture and the fact that embedded SIEM functionality might introduce problems locally Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 11 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Fig. 8.7 – Generic national SIEM architecture
‹#› Identifying trends is the most fundamental processing technique for data collected across the infrastructure Simplest terms Some quantities go up (growth) Some quantities go down (reduction) Some quantities stay the same (leveling) Some quantities doing none of the above (unpredictability) Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Large-Scale Trending ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 13 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Fig. 8.8 – Growth trend in botnet behavior over 9-month period (2006–2007)
‹#› Some basic practical considerations that must be made by security analysts before a trend can be trusted Underlying collection Volunteered data Relevant coverage Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Large-Scale Trending ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 15 Collecting network metadata allows security analysts track a worm’s progress and predict its course Consensus holds that worms work too fast for data collection to be an effective defense There’s actually some evidence that a closer look at the data
might provide early warning of worm threats After collecting and analyzing, the next step is acting on the data in a timely manner Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Tracking a Worm ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 16 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Fig. 8.9 – Coarse view of UDP traffic spike from SQL/Slammer worm (Figure courtesy of Dave Gross and Brian Rexroad) ‹#› Copyright © 2012, Elsevier Inc. All rights Reserved
Chapter 8 – Collection Fig. 8.10 – Fine view of UDP traffic spike from SQL/Slammer worm (Figure courtesy of Dave Gross and Brian Rexroad) ‹#› Once the idea for a national data collection program is accepted, the following need to be addressed Data sources Protected transit Storage considerations Data reduction emphasis Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection National Collection Program ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 19
Week 6Read Chapter 8 on CollectionRead Chapter 9 on Correlat.docx

Recommended

Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 5.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 5.docxCopyright © 2012, Elsevier Inc. All Rights ReservedChapter 5.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 5.docx
bobbywlane695641
 
Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 11.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 11.docxCopyright © 2012, Elsevier Inc. All Rights ReservedChapter 11.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 11.docx
bobbywlane695641
 
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docxCopyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
bobbywlane695641
 
PICOTPICO QUESTION Week 2 Discussion Post Dear Dr. Hellem and.docx
PICOTPICO QUESTION Week 2 Discussion Post Dear Dr. Hellem and.docxPICOTPICO QUESTION Week 2 Discussion Post Dear Dr. Hellem and.docx
PICOTPICO QUESTION Week 2 Discussion Post Dear Dr. Hellem and.docx
stilliegeorgiana
 
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
bobbywlane695641
 
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
dickonsondorris
 
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
jesusamckone
 
Week 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docx
Week 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docxWeek 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docx
Week 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docx
helzerpatrina
 

Recommended

Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 5.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 5.docxCopyright © 2012, Elsevier Inc. All Rights ReservedChapter 5.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 5.docx
bobbywlane695641
 
Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 11.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 11.docxCopyright © 2012, Elsevier Inc. All Rights ReservedChapter 11.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedChapter 11.docx
bobbywlane695641
 
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docxCopyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
bobbywlane695641
 
PICOTPICO QUESTION Week 2 Discussion Post Dear Dr. Hellem and.docx
PICOTPICO QUESTION Week 2 Discussion Post Dear Dr. Hellem and.docxPICOTPICO QUESTION Week 2 Discussion Post Dear Dr. Hellem and.docx
PICOTPICO QUESTION Week 2 Discussion Post Dear Dr. Hellem and.docx
stilliegeorgiana
 
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
bobbywlane695641
 
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
dickonsondorris
 
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
jesusamckone
 
Week 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docx
Week 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docxWeek 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docx
Week 5Read Chapter 7- DiscretionListen to Week 5 LecturePa.docx
helzerpatrina
 
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docxCopyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
dickonsondorris
 
Smart Storage for Home Application
Smart Storage for Home ApplicationSmart Storage for Home Application
Smart Storage for Home Application
IRJET Journal
 
Cyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercatoCyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercato
HP Enterprise Italia
 
Top 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationTop 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integration
Sridhar Karnam
 
Protecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityProtecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud Security
InnoTech
 
Big Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinBig Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy Franklin
Sridhar Karnam
 
Application Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise SetupApplication Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise Setup
Eswar Publications
 
Are Your PCs and Laptops Recovery and Discovery Ready?
Are Your PCs and Laptops Recovery and Discovery Ready?Are Your PCs and Laptops Recovery and Discovery Ready?
Are Your PCs and Laptops Recovery and Discovery Ready?
Iron Mountain
 
Mbrojtje e te Dhenave nga DellEMC - Sinteza Co
Mbrojtje e te Dhenave nga DellEMC - Sinteza CoMbrojtje e te Dhenave nga DellEMC - Sinteza Co
Mbrojtje e te Dhenave nga DellEMC - Sinteza Co
SintezaCo
 
Leveraging IoT and cognitive for asset and field force optimization_ibm
Leveraging IoT and cognitive for asset and field force optimization_ibmLeveraging IoT and cognitive for asset and field force optimization_ibm
Leveraging IoT and cognitive for asset and field force optimization_ibm
Cyrus Sorab
 
An Efficient and Safe Data Sharing Scheme for Mobile Cloud Computing
An Efficient and Safe Data Sharing Scheme for Mobile Cloud ComputingAn Efficient and Safe Data Sharing Scheme for Mobile Cloud Computing
An Efficient and Safe Data Sharing Scheme for Mobile Cloud Computing
ijtsrd
 
EDRM Foundational e-Discovery Practices-ilta
EDRM Foundational e-Discovery Practices-iltaEDRM Foundational e-Discovery Practices-ilta
EDRM Foundational e-Discovery Practices-ilta
David Kearney
 
ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...
ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...
ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...
IJCSIS Research Publications
 
IRJET- Usage of Multiple Clouds for Storing and Securing Data through Identit...
IRJET- Usage of Multiple Clouds for Storing and Securing Data through Identit...IRJET- Usage of Multiple Clouds for Storing and Securing Data through Identit...
IRJET- Usage of Multiple Clouds for Storing and Securing Data through Identit...
IRJET Journal
 
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
IRJET Journal
 
A Review On Data Security In Cloud Computing
A Review On Data Security In Cloud ComputingA Review On Data Security In Cloud Computing
A Review On Data Security In Cloud Computing
Yolanda Ivey
 
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
ijccsa
 
11272019 SafeAssign Originality Reporthttpsucumberlan.docx
11272019 SafeAssign Originality Reporthttpsucumberlan.docx11272019 SafeAssign Originality Reporthttpsucumberlan.docx
11272019 SafeAssign Originality Reporthttpsucumberlan.docx
aulasnilda
 
A Web-based Attendance System Using Face Recognition
A Web-based Attendance System Using Face RecognitionA Web-based Attendance System Using Face Recognition
A Web-based Attendance System Using Face Recognition
IRJET Journal
 
Driven by data - Why we need a Modern Enterprise Data Analytics Platform
Driven by data - Why we need a Modern Enterprise Data Analytics PlatformDriven by data - Why we need a Modern Enterprise Data Analytics Platform
Driven by data - Why we need a Modern Enterprise Data Analytics Platform
Arne Roßmann
 
Most patients with mental health disorders are not aggressive. H.docx
Most patients with mental health disorders are not aggressive. H.docxMost patients with mental health disorders are not aggressive. H.docx
Most patients with mental health disorders are not aggressive. H.docx
helzerpatrina
 
MotivationExplain your motivation for applying to this prog.docx
MotivationExplain your motivation for applying to this prog.docxMotivationExplain your motivation for applying to this prog.docx
MotivationExplain your motivation for applying to this prog.docx
helzerpatrina
 

More Related Content

Similar to Week 6Read Chapter 8 on CollectionRead Chapter 9 on Correlat.docx

Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docxCopyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
dickonsondorris
 
Application Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise SetupApplication Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise Setup
Eswar Publications
 
Are Your PCs and Laptops Recovery and Discovery Ready?
Are Your PCs and Laptops Recovery and Discovery Ready?Are Your PCs and Laptops Recovery and Discovery Ready?
Are Your PCs and Laptops Recovery and Discovery Ready?
Iron Mountain
 
An Efficient and Safe Data Sharing Scheme for Mobile Cloud Computing
An Efficient and Safe Data Sharing Scheme for Mobile Cloud ComputingAn Efficient and Safe Data Sharing Scheme for Mobile Cloud Computing
An Efficient and Safe Data Sharing Scheme for Mobile Cloud Computing
ijtsrd
 
EDRM Foundational e-Discovery Practices-ilta
EDRM Foundational e-Discovery Practices-iltaEDRM Foundational e-Discovery Practices-ilta
EDRM Foundational e-Discovery Practices-ilta
David Kearney
 
ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...
ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...
ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...
IJCSIS Research Publications
 
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
ijccsa
 
11272019 SafeAssign Originality Reporthttpsucumberlan.docx
11272019 SafeAssign Originality Reporthttpsucumberlan.docx11272019 SafeAssign Originality Reporthttpsucumberlan.docx
11272019 SafeAssign Originality Reporthttpsucumberlan.docx
aulasnilda
 

Similar to Week 6Read Chapter 8 on CollectionRead Chapter 9 on Correlat.docx (20)

Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docxCopyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
 
Smart Storage for Home Application
Smart Storage for Home ApplicationSmart Storage for Home Application
Smart Storage for Home Application
 
Cyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercatoCyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercato
 
Top 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationTop 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integration
 
Protecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityProtecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud Security
 
Big Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinBig Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy Franklin
 
Application Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise SetupApplication Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise Setup
 
Are Your PCs and Laptops Recovery and Discovery Ready?
Are Your PCs and Laptops Recovery and Discovery Ready?Are Your PCs and Laptops Recovery and Discovery Ready?
Are Your PCs and Laptops Recovery and Discovery Ready?
 
Mbrojtje e te Dhenave nga DellEMC - Sinteza Co
Mbrojtje e te Dhenave nga DellEMC - Sinteza CoMbrojtje e te Dhenave nga DellEMC - Sinteza Co
Mbrojtje e te Dhenave nga DellEMC - Sinteza Co
 
Leveraging IoT and cognitive for asset and field force optimization_ibm
Leveraging IoT and cognitive for asset and field force optimization_ibmLeveraging IoT and cognitive for asset and field force optimization_ibm
Leveraging IoT and cognitive for asset and field force optimization_ibm
 
An Efficient and Safe Data Sharing Scheme for Mobile Cloud Computing
An Efficient and Safe Data Sharing Scheme for Mobile Cloud ComputingAn Efficient and Safe Data Sharing Scheme for Mobile Cloud Computing
An Efficient and Safe Data Sharing Scheme for Mobile Cloud Computing
 
EDRM Foundational e-Discovery Practices-ilta
EDRM Foundational e-Discovery Practices-iltaEDRM Foundational e-Discovery Practices-ilta
EDRM Foundational e-Discovery Practices-ilta
 
ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...
ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...
ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...
 
IRJET- Usage of Multiple Clouds for Storing and Securing Data through Identit...
IRJET- Usage of Multiple Clouds for Storing and Securing Data through Identit...IRJET- Usage of Multiple Clouds for Storing and Securing Data through Identit...
IRJET- Usage of Multiple Clouds for Storing and Securing Data through Identit...
 
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
 
A Review On Data Security In Cloud Computing
A Review On Data Security In Cloud ComputingA Review On Data Security In Cloud Computing
A Review On Data Security In Cloud Computing
 
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
 
11272019 SafeAssign Originality Reporthttpsucumberlan.docx
11272019 SafeAssign Originality Reporthttpsucumberlan.docx11272019 SafeAssign Originality Reporthttpsucumberlan.docx
11272019 SafeAssign Originality Reporthttpsucumberlan.docx
 
A Web-based Attendance System Using Face Recognition
A Web-based Attendance System Using Face RecognitionA Web-based Attendance System Using Face Recognition
A Web-based Attendance System Using Face Recognition
 
Driven by data - Why we need a Modern Enterprise Data Analytics Platform
Driven by data - Why we need a Modern Enterprise Data Analytics PlatformDriven by data - Why we need a Modern Enterprise Data Analytics Platform
Driven by data - Why we need a Modern Enterprise Data Analytics Platform
 

More from helzerpatrina

Most patients with mental health disorders are not aggressive. H.docx
Most patients with mental health disorders are not aggressive. H.docxMost patients with mental health disorders are not aggressive. H.docx
Most patients with mental health disorders are not aggressive. H.docx
helzerpatrina
 
Most public policy is made from within government agencies. Select a.docx
Most public policy is made from within government agencies. Select a.docxMost public policy is made from within government agencies. Select a.docx
Most public policy is made from within government agencies. Select a.docx
helzerpatrina
 
Mr. Smith brings his 4-year-old son to your primary care office. He .docx
Mr. Smith brings his 4-year-old son to your primary care office. He .docxMr. Smith brings his 4-year-old son to your primary care office. He .docx
Mr. Smith brings his 4-year-old son to your primary care office. He .docx
helzerpatrina
 
Mrs. Walsh, a woman in her 70s, was in critical condition after rep.docx
Mrs. Walsh, a woman in her 70s, was in critical condition after rep.docxMrs. Walsh, a woman in her 70s, was in critical condition after rep.docx
Mrs. Walsh, a woman in her 70s, was in critical condition after rep.docx
helzerpatrina
 
MSN 5550 Health Promotion Prevention of Disease Case Study Module 2.docx
MSN 5550 Health Promotion Prevention of Disease Case Study Module 2.docxMSN 5550 Health Promotion Prevention of Disease Case Study Module 2.docx
MSN 5550 Health Promotion Prevention of Disease Case Study Module 2.docx
helzerpatrina
 
MSEL Strategy Mid-term Instructions Miguel Rivera-SantosFormat.docx
MSEL Strategy Mid-term Instructions Miguel Rivera-SantosFormat.docxMSEL Strategy Mid-term Instructions Miguel Rivera-SantosFormat.docx
MSEL Strategy Mid-term Instructions Miguel Rivera-SantosFormat.docx
helzerpatrina
 
Mt. Baker Hazards Hazard Rating Score High silic.docx
Mt. Baker Hazards Hazard Rating Score High silic.docxMt. Baker Hazards Hazard Rating Score High silic.docx
Mt. Baker Hazards Hazard Rating Score High silic.docx
helzerpatrina
 
Motivation and Cognitive FactorsQuestion AAlfred Hit.docx
Motivation and Cognitive FactorsQuestion AAlfred Hit.docxMotivation and Cognitive FactorsQuestion AAlfred Hit.docx
Motivation and Cognitive FactorsQuestion AAlfred Hit.docx
helzerpatrina
 
Motivation in OrganizationsMotivation i.docx
Motivation in OrganizationsMotivation i.docxMotivation in OrganizationsMotivation i.docx
Motivation in OrganizationsMotivation i.docx
helzerpatrina
 
Motivations to Support Charity-Linked Events After Exposure to.docx
Motivations to Support Charity-Linked Events After Exposure to.docxMotivations to Support Charity-Linked Events After Exposure to.docx
Motivations to Support Charity-Linked Events After Exposure to.docx
helzerpatrina
 
Mrs. Walsh, a woman in her 70s, was in critical condition after.docx
Mrs. Walsh, a woman in her 70s, was in critical condition after.docxMrs. Walsh, a woman in her 70s, was in critical condition after.docx
Mrs. Walsh, a woman in her 70s, was in critical condition after.docx
helzerpatrina
 
MOVIE TITLE IS LIAR LIAR starring JIM CARREYProvide the name o.docx
MOVIE TITLE IS LIAR LIAR starring JIM CARREYProvide the name o.docxMOVIE TITLE IS LIAR LIAR starring JIM CARREYProvide the name o.docx
MOVIE TITLE IS LIAR LIAR starring JIM CARREYProvide the name o.docx
helzerpatrina
 
mple selection, and assignment to groups (as applicable). Describe.docx
mple selection, and assignment to groups (as applicable). Describe.docxmple selection, and assignment to groups (as applicable). Describe.docx
mple selection, and assignment to groups (as applicable). Describe.docx
helzerpatrina
 
Module Five Directions for the ComparisonContrast EssayWrite a.docx
Module Five Directions for the ComparisonContrast EssayWrite a.docxModule Five Directions for the ComparisonContrast EssayWrite a.docx
Module Five Directions for the ComparisonContrast EssayWrite a.docx
helzerpatrina
 
Monica asked that we meet to see if I could help to reduce the d.docx
Monica asked that we meet to see if I could help to reduce the d.docxMonica asked that we meet to see if I could help to reduce the d.docx
Monica asked that we meet to see if I could help to reduce the d.docx
helzerpatrina
 

More from helzerpatrina (20)

Most patients with mental health disorders are not aggressive. H.docx
Most patients with mental health disorders are not aggressive. H.docxMost patients with mental health disorders are not aggressive. H.docx
Most patients with mental health disorders are not aggressive. H.docx
 
MotivationExplain your motivation for applying to this prog.docx
MotivationExplain your motivation for applying to this prog.docxMotivationExplain your motivation for applying to this prog.docx
MotivationExplain your motivation for applying to this prog.docx
 
Most public policy is made from within government agencies. Select a.docx
Most public policy is made from within government agencies. Select a.docxMost public policy is made from within government agencies. Select a.docx
Most public policy is made from within government agencies. Select a.docx
 
Mr. Smith brings his 4-year-old son to your primary care office. He .docx
Mr. Smith brings his 4-year-old son to your primary care office. He .docxMr. Smith brings his 4-year-old son to your primary care office. He .docx
Mr. Smith brings his 4-year-old son to your primary care office. He .docx
 
Mrs. Walsh, a woman in her 70s, was in critical condition after rep.docx
Mrs. Walsh, a woman in her 70s, was in critical condition after rep.docxMrs. Walsh, a woman in her 70s, was in critical condition after rep.docx
Mrs. Walsh, a woman in her 70s, was in critical condition after rep.docx
 
Much has been made of the new Web 2.0 phenomenon, including social n.docx
Much has been made of the new Web 2.0 phenomenon, including social n.docxMuch has been made of the new Web 2.0 phenomenon, including social n.docx
Much has been made of the new Web 2.0 phenomenon, including social n.docx
 
MSN 5550 Health Promotion Prevention of Disease Case Study Module 2.docx
MSN 5550 Health Promotion Prevention of Disease Case Study Module 2.docxMSN 5550 Health Promotion Prevention of Disease Case Study Module 2.docx
MSN 5550 Health Promotion Prevention of Disease Case Study Module 2.docx
 
MSEL Strategy Mid-term Instructions Miguel Rivera-SantosFormat.docx
MSEL Strategy Mid-term Instructions Miguel Rivera-SantosFormat.docxMSEL Strategy Mid-term Instructions Miguel Rivera-SantosFormat.docx
MSEL Strategy Mid-term Instructions Miguel Rivera-SantosFormat.docx
 
Much of the focus in network security centers upon measures in preve.docx
Much of the focus in network security centers upon measures in preve.docxMuch of the focus in network security centers upon measures in preve.docx
Much of the focus in network security centers upon measures in preve.docx
 
Mt. Baker Hazards Hazard Rating Score High silic.docx
Mt. Baker Hazards Hazard Rating Score High silic.docxMt. Baker Hazards Hazard Rating Score High silic.docx
Mt. Baker Hazards Hazard Rating Score High silic.docx
 
Motivation and Cognitive FactorsQuestion AAlfred Hit.docx
Motivation and Cognitive FactorsQuestion AAlfred Hit.docxMotivation and Cognitive FactorsQuestion AAlfred Hit.docx
Motivation and Cognitive FactorsQuestion AAlfred Hit.docx
 
Motivation in OrganizationsMotivation i.docx
Motivation in OrganizationsMotivation i.docxMotivation in OrganizationsMotivation i.docx
Motivation in OrganizationsMotivation i.docx
 
Motivations to Support Charity-Linked Events After Exposure to.docx
Motivations to Support Charity-Linked Events After Exposure to.docxMotivations to Support Charity-Linked Events After Exposure to.docx
Motivations to Support Charity-Linked Events After Exposure to.docx
 
Mrs. Walsh, a woman in her 70s, was in critical condition after.docx
Mrs. Walsh, a woman in her 70s, was in critical condition after.docxMrs. Walsh, a woman in her 70s, was in critical condition after.docx
Mrs. Walsh, a woman in her 70s, was in critical condition after.docx
 
MOVIE TITLE IS LIAR LIAR starring JIM CARREYProvide the name o.docx
MOVIE TITLE IS LIAR LIAR starring JIM CARREYProvide the name o.docxMOVIE TITLE IS LIAR LIAR starring JIM CARREYProvide the name o.docx
MOVIE TITLE IS LIAR LIAR starring JIM CARREYProvide the name o.docx
 
mple selection, and assignment to groups (as applicable). Describe.docx
mple selection, and assignment to groups (as applicable). Describe.docxmple selection, and assignment to groups (as applicable). Describe.docx
mple selection, and assignment to groups (as applicable). Describe.docx
 
More and more businesses have integrated social media into every asp.docx
More and more businesses have integrated social media into every asp.docxMore and more businesses have integrated social media into every asp.docx
More and more businesses have integrated social media into every asp.docx
 
Module Five Directions for the ComparisonContrast EssayWrite a.docx
Module Five Directions for the ComparisonContrast EssayWrite a.docxModule Five Directions for the ComparisonContrast EssayWrite a.docx
Module Five Directions for the ComparisonContrast EssayWrite a.docx
 
Monica asked that we meet to see if I could help to reduce the d.docx
Monica asked that we meet to see if I could help to reduce the d.docxMonica asked that we meet to see if I could help to reduce the d.docx
Monica asked that we meet to see if I could help to reduce the d.docx
 
Module 6 AssignmentPlease list and describe four types of Cy.docx
Module 6 AssignmentPlease list and describe four types of Cy.docxModule 6 AssignmentPlease list and describe four types of Cy.docx
Module 6 AssignmentPlease list and describe four types of Cy.docx
 

Recently uploaded

會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
中 央社
 
會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文
會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文
會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文
中 央社
 
Liberal & Redical Feminism presentation.pptx
Liberal & Redical Feminism presentation.pptxLiberal & Redical Feminism presentation.pptx
Liberal & Redical Feminism presentation.pptx
Rizwan Abbas
 

Recently uploaded (20)

[GDSC YCCE] Build with AI Online Presentation
[GDSC YCCE] Build with AI Online Presentation[GDSC YCCE] Build with AI Online Presentation
[GDSC YCCE] Build with AI Online Presentation
 
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
 
會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文
會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文
會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文
 
MichaelStarkes_UncutGemsProjectSummary.pdf
MichaelStarkes_UncutGemsProjectSummary.pdfMichaelStarkes_UncutGemsProjectSummary.pdf
MichaelStarkes_UncutGemsProjectSummary.pdf
 
Mbaye_Astou.Education Civica_Human Rights.pptx
Mbaye_Astou.Education Civica_Human Rights.pptxMbaye_Astou.Education Civica_Human Rights.pptx
Mbaye_Astou.Education Civica_Human Rights.pptx
 
Open Educational Resources Primer PowerPoint
Open Educational Resources Primer PowerPointOpen Educational Resources Primer PowerPoint
Open Educational Resources Primer PowerPoint
 
Word Stress rules esl .pptx
Word Stress rules esl .pptxWord Stress rules esl .pptx
Word Stress rules esl .pptx
 
Post Exam Fun(da) Intra UEM General Quiz - Finals.pdf
Post Exam Fun(da) Intra UEM General Quiz - Finals.pdfPost Exam Fun(da) Intra UEM General Quiz - Finals.pdf
Post Exam Fun(da) Intra UEM General Quiz - Finals.pdf
 
50 ĐỀ LUYỆN THI IOE LỚP 9 - NĂM HỌC 2022-2023 (CÓ LINK HÌNH, FILE AUDIO VÀ ĐÁ...
50 ĐỀ LUYỆN THI IOE LỚP 9 - NĂM HỌC 2022-2023 (CÓ LINK HÌNH, FILE AUDIO VÀ ĐÁ...50 ĐỀ LUYỆN THI IOE LỚP 9 - NĂM HỌC 2022-2023 (CÓ LINK HÌNH, FILE AUDIO VÀ ĐÁ...
50 ĐỀ LUYỆN THI IOE LỚP 9 - NĂM HỌC 2022-2023 (CÓ LINK HÌNH, FILE AUDIO VÀ ĐÁ...
 
Basic_QTL_Marker-assisted_Selection_Sourabh.ppt
Basic_QTL_Marker-assisted_Selection_Sourabh.pptBasic_QTL_Marker-assisted_Selection_Sourabh.ppt
Basic_QTL_Marker-assisted_Selection_Sourabh.ppt
 
Incoming and Outgoing Shipments in 2 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 2 STEPS Using Odoo 17Incoming and Outgoing Shipments in 2 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 2 STEPS Using Odoo 17
 
Salient features of Environment protection Act 1986.pptx
Salient features of Environment protection Act 1986.pptxSalient features of Environment protection Act 1986.pptx
Salient features of Environment protection Act 1986.pptx
 
Features of Video Calls in the Discuss Module in Odoo 17
Features of Video Calls in the Discuss Module in Odoo 17Features of Video Calls in the Discuss Module in Odoo 17
Features of Video Calls in the Discuss Module in Odoo 17
 
Telling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdf
Telling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdfTelling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdf
Telling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdf
 
philosophy and it's principles based on the life
philosophy and it's principles based on the lifephilosophy and it's principles based on the life
philosophy and it's principles based on the life
 
2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptx2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptx
 
Liberal & Redical Feminism presentation.pptx
Liberal & Redical Feminism presentation.pptxLiberal & Redical Feminism presentation.pptx
Liberal & Redical Feminism presentation.pptx
 
The Benefits and Challenges of Open Educational Resources
The Benefits and Challenges of Open Educational ResourcesThe Benefits and Challenges of Open Educational Resources
The Benefits and Challenges of Open Educational Resources
 
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdfINU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
 
How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17
 

Week 6Read Chapter 8 on CollectionRead Chapter 9 on Correlat.docx

  • 1. Week 6 Read Chapter 8 on Collection Read Chapter 9 on Correlation Listen to weekly lectures Complete the following Post to discussion week 5 Complete Practical Connection Assignment Complete Quiz 4 based on Chapter 6 Depth and Chapter 7 Discretion Copyright © 2012, Elsevier Inc. All rights Reserved ‹#› Copyright © 2012, Elsevier Inc. All Rights Reserved Chapter 9 Correlation Cyber Attacks Protecting National Infrastructure, 1st ed. ‹#›
  • 2. ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 2 Correlation is one of the most powerful analytic methods for threat investigation Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Introduction ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 3 Data comparison creates a clearer picture of adversary activity Profile-based correlation Signature-based correlation Domain-based correlation Time-based correlation
  • 3. We rely on human analysis of data; no software can factor in relevant elements Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Introduction ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 4 Fig. 9.1 – Profile-based activity anomaly Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation ‹#› Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Fig. 9.2 – Signature-based activity match
  • 4. ‹#› Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Fig. 9.3 – Domain-based correlation of a botnet attack at two targets ‹#› Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Fig. 9.4 – Time-based correlation of a botnet attack ‹#› Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation
  • 5. Fig. 9.5 – Taxonomy of correlation scenarios ‹#› Conventional Security Correlation Methods Threat management – data from multiple sources is correlated to identify patterns, trends, and relationships The approach relies upon security information and event management (SIEM) Commercial firewalls are underutilized Correlation function can be decentralized, but that often complicates the process Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 10 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation
  • 6. Fig. 9.6 – Correlating intrusion detection alarms with firewall policy rules ‹#› Quality and Reliability Issues in Data Correlation Quality and reliability of data sources important to consider Service level agreements Service level agreements guarantee quality of data Quality and reliability not guaranteed with volunteered data Without consistent, predictable, and guaranteed data delivery, correlations likely to be incorrect and data likely missing Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 12 Copyright © 2012, Elsevier Inc. All rights Reserved
  • 7. Chapter 9 – Correlation Fig. 9.7 – Incorrect correlation result due to imperfect collection ‹#› Network service providers have best vantage point for correlating data across multiple organizations, regions, etc. Network service providers have view of network activity that allows them to see problems Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Correlating Data to Detect a Worm ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 14 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation
  • 8. Fig. 9.8 – Time-based correlation to detect worm ‹#› The context of carrier infrastructure may offer best chance to perform correlation relative to a botnet Botnets are often widely distributed, geographically Sharing information on botnet tactics might help others protect themselves Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Correlating Data to Detect a Botnet ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 16 For national infrastructure protection, large-scale correlation of all-source data is complicated by several factors Data formats Collection targets
  • 9. Competition These can only be overcome with a deliberate correlation process Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Large-Scale Correlation Process ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 17 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation Fig. 9.10 – Large-scale, multipass correlation process with feedback ‹#› Organizations with national infrastructure responsibility should be encouraged to create and follow a local program of data correlation
  • 10. National-level programs might be created to correlate collected data at the highest level. This approach requires the following Transparent operations Guaranteed data feeds Clearly defined value proposition Focus on situational awareness Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 9 – Correlation National Correlation Process ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 19 Week 6 Read Chapter 8 on Collection Read Chapter 9 on Correlation Listen to weekly lectures Complete the following Post to discussion week 5 Complete Practical Connection Assignment Complete Quiz 4 based on Chapter 6 Depth and Chapter 7 Discretion
  • 11. Copyright © 2012, Elsevier Inc. All rights Reserved ‹#› Copyright © 2012, Elsevier Inc. All Rights Reserved Chapter 8 Collection Cyber Attacks Protecting National Infrastructure, 1st ed. ‹#› ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 2 Diligent and ongoing observation of computing and networking
  • 12. behavior can highlight malicious activity The processing and analysis required for this must be done within a program of data collection A national collection process that combines local, regional, and aggregated data does not exist in an organized manner Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Introduction ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 3 Fig. 8.1 – Local, regional, and national data collection with aggregation Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection ‹#› At local and national levels data collection decisions for
  • 13. national infrastructure should be based on the following security goals Preventing an attack Mitigating an attack Analyzing an attack Data collection must be justified (who is collecting and why) The quality of data is more important than the quantity Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Introduction ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 5 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Fig. 8.2 – Justification-based decision analysis template for data collection ‹#›
  • 14. Metadata is perhaps the most useful type of data for collection in national infrastructure Metadata is information about data, not what the data is about Data collection systems need to keep pace with growth of carrier backbones Sampling data takes less time, but unsampled data may be reveal more Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Collecting Network Data ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 7 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Fig. 8.4 – Collection detects evidence of vulnerability in advance of notification ‹#›
  • 15. National initiatives have not traditionally collected data from mainframes, servers, and PCs The ultimate goal should be to collect data from all relevant computers, even if that goal is beyond current capacity System monitoring may reveal troubling patterns Two techniques useful for embedding system management data Inventory process needed to identify critical systems Process of instrumenting or reusing data collection facilities must be identified Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Collecting System Data ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 9 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Fig. 8.5 – Collecting data from mainframes, servers, and PCs
  • 16. ‹#› Security Information and Event Management Security information and event management (SIEM) is the process of aggregating system data from multiple sources for purpose of protection Each SIEM system (in a national system of data collection) would collect, filter, and process data Objections to this approach include both the cost of setting up the architecture and the fact that embedded SIEM functionality might introduce problems locally Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 11 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Fig. 8.7 – Generic national SIEM architecture
  • 17. ‹#› Identifying trends is the most fundamental processing technique for data collected across the infrastructure Simplest terms Some quantities go up (growth) Some quantities go down (reduction) Some quantities stay the same (leveling) Some quantities doing none of the above (unpredictability) Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Large-Scale Trending ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 13 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Fig. 8.8 – Growth trend in botnet behavior over 9-month period (2006–2007)
  • 18. ‹#› Some basic practical considerations that must be made by security analysts before a trend can be trusted Underlying collection Volunteered data Relevant coverage Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Large-Scale Trending ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 15 Collecting network metadata allows security analysts track a worm’s progress and predict its course Consensus holds that worms work too fast for data collection to be an effective defense There’s actually some evidence that a closer look at the data
  • 19. might provide early warning of worm threats After collecting and analyzing, the next step is acting on the data in a timely manner Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Tracking a Worm ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 16 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection Fig. 8.9 – Coarse view of UDP traffic spike from SQL/Slammer worm (Figure courtesy of Dave Gross and Brian Rexroad) ‹#› Copyright © 2012, Elsevier Inc. All rights Reserved
  • 20. Chapter 8 – Collection Fig. 8.10 – Fine view of UDP traffic spike from SQL/Slammer worm (Figure courtesy of Dave Gross and Brian Rexroad) ‹#› Once the idea for a national data collection program is accepted, the following need to be addressed Data sources Protected transit Storage considerations Data reduction emphasis Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 8 – Collection National Collection Program ‹#› The University of Adelaide, School of Computer Science 5 August 2019 Chapter 2 — Instructions: Language of the Computer 19