This document summarizes a presentation on analyzing telecom network and SIEM logs using machine learning. The presentation discusses:
1. The growing field of telecommunications technologies and the increased demand during the COVID-19 pandemic.
2. The need for security event management in telecom networks given risks like intrusions, fraud, and ransomware attacks.
3. How to implement dynamic security event management using machine learning by gathering data from various logs and analyzing patterns in real-time to detect anomalies and intrusions.
Presentation about insider threat ways of working, their impact on organizations and how technical and human indicators can be monitored to detect and neutralize insider threats. Professionals working in security operations should monitor these indicators to create profile of possible insider going rogue.
This document has been prepared in order to develop a good Penetration Testing and Vulnerability Assessment Lab. The document contains Hardware requirements, our manual & automated Software requirements, approaches for Performing Penetration testing.
Further, this document is design to make a Penetration test LAB in order to simulate the vulnerabilities in the testing environment and to execute the vulnerability assessment & penetration testing from the LAB by providing the Static IP to the Client, ensuring that the test is being performed from a valid/legitimate link.
Presentation about insider threat ways of working, their impact on organizations and how technical and human indicators can be monitored to detect and neutralize insider threats. Professionals working in security operations should monitor these indicators to create profile of possible insider going rogue.
This document has been prepared in order to develop a good Penetration Testing and Vulnerability Assessment Lab. The document contains Hardware requirements, our manual & automated Software requirements, approaches for Performing Penetration testing.
Further, this document is design to make a Penetration test LAB in order to simulate the vulnerabilities in the testing environment and to execute the vulnerability assessment & penetration testing from the LAB by providing the Static IP to the Client, ensuring that the test is being performed from a valid/legitimate link.
How To Learn The Network Security
Slide berikut merupakan slide yang berisikan dasar-dasar bagi kita dalam memahami konsep keamanan jaringan komputer, baik dari sisi inftrastruktur, teknologi dan paradigma bagi pengguna.
Materi yang diberikan sudah disusun oleh Pakar yang merupakan Trainer CEH dan memang berkompeten dibidang keamanan jaringan.
Slide ini saya dapatkan dari beliau saat mengikut training Certified Computer Security Officer (CCSO) dan Certified Computer Security Analyst (CCSA) dari beliau.
Semoga bermanfaat sebagai acuan bagi kita untuk belajar tentang keamanan jaringan komputer.
Terimakasih
While computer systems today have some of the best security systems ever, they are more vulnerable than ever before.
This vulnerability stems from the world-wide access to computer systems via the Internet.
Computer and network security comes in many forms, including encryption algorithms, access to facilities, digital signatures, and using fingerprints and face scans as passwords.
SOC presentation- Building a Security Operations CenterMichael Nickle
Presentation I used to give on the topic of using a SIM/SIEM to unify the information stream flowing into the SOC. This piece of collateral was used to help close the largest SIEM deal (Product and services) that my employer achieved with this product line.
The growth of embedded systems connecting to the Internet or "Internet of Things" (IoT) increases year by year. Thus, the IoT ecosystems become new targets of the attackers. This presentation will talk about the basic principle of information security, why we need to secure IoT ecosystems, and also the vulnerabilities and solutions from OWASP.
How To Learn The Network Security
Slide berikut merupakan slide yang berisikan dasar-dasar bagi kita dalam memahami konsep keamanan jaringan komputer, baik dari sisi inftrastruktur, teknologi dan paradigma bagi pengguna.
Materi yang diberikan sudah disusun oleh Pakar yang merupakan Trainer CEH dan memang berkompeten dibidang keamanan jaringan.
Slide ini saya dapatkan dari beliau saat mengikut training Certified Computer Security Officer (CCSO) dan Certified Computer Security Analyst (CCSA) dari beliau.
Semoga bermanfaat sebagai acuan bagi kita untuk belajar tentang keamanan jaringan komputer.
Terimakasih
While computer systems today have some of the best security systems ever, they are more vulnerable than ever before.
This vulnerability stems from the world-wide access to computer systems via the Internet.
Computer and network security comes in many forms, including encryption algorithms, access to facilities, digital signatures, and using fingerprints and face scans as passwords.
SOC presentation- Building a Security Operations CenterMichael Nickle
Presentation I used to give on the topic of using a SIM/SIEM to unify the information stream flowing into the SOC. This piece of collateral was used to help close the largest SIEM deal (Product and services) that my employer achieved with this product line.
The growth of embedded systems connecting to the Internet or "Internet of Things" (IoT) increases year by year. Thus, the IoT ecosystems become new targets of the attackers. This presentation will talk about the basic principle of information security, why we need to secure IoT ecosystems, and also the vulnerabilities and solutions from OWASP.
Why IOTA is a disruptive technology for IoT
Bitcoin is capable of transferring a token between two addresses in the registry. Ethereum is able to transfer many tokens. Transferring tokens between two addresses is functionally similar to transmitting information between two internet address. So we can wonder if it is possible to use Bitcoin or Etherum to transmit data as securely as we transfer tokens? The answer is no!
The increase in Token value makes the cost of transfer marginal.
Conversely, the increase in the data’s value comes from its volume (particularly the data produced by IoT devices), which also implies a proportional increase in the cost of transferring it to Ethereum or Bitcoin. This is why we use IOTA, the only DLT that does not require the payment of fees for storing data into the registry and this has allowed us to create the first decentralized IOT platform.
Machine Learning applications in Voice over IPALTANAI BISHT
presented in "Women in data science Mysuru "- 2020
Media streams
Echo Cancellation
Noise Suppression
Jitter Control
Image Stabilization
Voice Activity detection
Audio fingerprinting
Echo Cancellation
Telecom Service-based Applications of ANN
Subscriber Churn and Outliers
Complains
Recharges plans
Collect CDR for daily call patterns
- identify high call volumes, or extremely long calls, or high call volumes from a particular extension
Predictive Analysis
Mean Opinion Score (MOS) - key metric for Quality of Service (QoS) of Call
predicting conversational voice quality non intrusively
Language Impact on Voice Quality assessment\
Performance
Metrics of Packet Loss on Different Codecs
VoIP provider based Applications of ANN
Anomaly detection
- Intrusion detection based on Recurrent Neural Network
(RNN) model
- Malicious System Call Sequence Detection (MSCSD)
Call Prioritization
Geographical routing
Call pattern mapping
- Bypass additional checks to remove latency
Etiquette analysis
Regulatory analysis
Telecom Fraud
Traffic Pumping
- “access stimulation” techniques to boost traffic to a high cost destination
Defraud Telecom Service Providers
- Exploitation of SIP trunks ,
- regulatory loopholes
- Premium rate numbers misused
One ring and Cut to generate Call back revenue
Blind Call Transfers
Call Cards
Vishing
VOMIT
SPIT
Detection of Fraud and Countermeasures
Call signatures
Risk Assessment
Fraud occur in off-hours
- when networks are often monitored less closely so that they can go unnoticed longer
Backpropagation Neural Network to detect SPAM calls
VoIP Intrusion Detection ( MiM)
Aggregate data from honeypot application and traffic monitoring to ANN
Recognizing attacks using ANN
Classifying Possible Intrusions
options tests; options scanning; call testing; unknown protocol; register and call; registration test, registration flooding; register attempt
Aggregate data from honeypot application and traffic monitoring to design response
ML_in_voip_altanai_wids_mysuru_sep2020
The goal of the talk is to demonstrate how technical vulnerabilities in the IT components can be used to bypass industrial and functional safety features and create cable melting or blackout conditions. Few (fixed) vulnerabilities in Relay Protection terminals discovered by the SCADA StrangeLove team will be discussed.
In Hands-on Encrypted Data Analytics, you’ll learn how to configure this new telemetry in Cisco routers and switches, use Stealthwatch to identify non-compliant devices and malware without encryption and speed up incident response and forensics.
Resources:
Watch the related TechWiseTV episode: http://cs.co/9003DzrjT
TechWiseTV: http://cs.co/9009DzrjN
Its is project based on one of the most interesting and wide topic of Computer Science, named Cyber Security
CONTENT :
1. What is Cyber Security
2. Why Cyber Security is Important
3. Brief History
4. Security Timeline
5. Architecture
6. Cyber Attack Methods
7. Technology for Cyber Secuirty
8. Development in Cyber Security
9. Future Trend in Cyber Security
Using Network Security and Identity Management to Empower CISOs Today: The Ca...ForgeRock
A General Session Presentation by Scott Stevens, VP of Technology-WW Systems Engineering at Palo Alto Networks, and Allan Foster, VP Technology & Standards, Office of the CTO at ForgeRock at the 2014 IRM Summit in Phoenix, Arizona.
Telecom incidents investigation: daily work behind the scenesPositiveTechnologies
Telecom providers build, operate, and manage integrated voice and data networks, transmitting and storing vast amounts of sensitive data. With 5G bringing eMBB and expanding the service portfolio of businesses, this volume is set to see a manifold increase, making them a golden goose for hackers.
Active work on the cyberattack prevention side is an absolute must for operators, and threat intelligence is one of the important pillars of robust security.
In this webinar we have an interactive discussion of the most common weaknesses and threats in 4G and 5G networks, plus:
How to implement a smart «risk-driven» approach to security
How to detect traces of cybercrime in signaling networks and prevent suspicious activities in telecom networks
How to make your SOC telecom-oriented
CSIRT and CERT: when it’s time to bring in outside expertise
Practical byzantine fault tolerance by altanaiALTANAI BISHT
Byzantine Fault Tolerance
state machine replication algorithm that is safe in asynchronous systems such as the Internet.Used to build highly available systems
incorporates mechanisms to defend against Byzantine-faulty clients
BFT provides safety and liveness if fewer than 1/3 of the replicas fail during the lifetime of the
system
Recovers replicas proactively : provided fewer than 1/3 of the replicas become faulty within a
small window of vulnerability
3f+1 replicas to survive the failures
3 phases protocol (pre-prepare, prepare, and commit)
Uses cryptographic hash function to compute message digests
And message authentication codes (MACs) to authenticate all messages
Allow for a very strong adversary
A video annotation service, to upload and/or record videos and make time synced playback of annotations. The video content is automatically tagged, clasified and described using congitive service.
Current trends and innovations in voice over IPALTANAI BISHT
Learn how to implement an open-source webrtc Click to dial or VOIP setup for their enterprises and also the new innovative add-on tech available for a basic VOIP system such as auto-attendants.
VoIP vs Telecom Providers
SIP Servers types
Open-source tool and technologies in VOIP
Opensip
Kamailio
Freeswitch
Media Handling
Webrtc
Machine learning in VoIP
Call Classifier
Fraud Detector
NLP and Auto attendants
VoIP to telecom bridging
Ramudroid, inspired by Bharat Swachata Abhiyaan, was invented ( v1 in 2015) to clean roads and gullies(lanes) for a cleaner environment.
Talk and demo includes the design and operation, being powered by solar energy, using camera's media stream to identify target garbage type and 3 brush design to lift up small objects like plastic cups, wrappers, leaves etc. Also discusses detecting obstruction to reroute itself and act autonomously. Last we also discuss how we can analyse data on garbage spotted and collected for segregation and spotting defaulter people or neighbourhoods who litter regularly.
WebRTC Core APIs and Interfaces , WebAudio API and context analyser, new audio API implementation Panner and MIDI . Plivo WebRTC SDK working with plivo's Voice Core Network .
In the proposed RFID based recording and identification system, the students and staffs can take books using their mobile phone and a RFID tag. The admin can add or update the new book entries through the web-site.
1. Impact of IOT and connected devices
2. Timeline for Inter of things
3. Enablers like Ipv6, sensors , Moores Law ,
4. Streaming Multimedia
5. WebRTC
6. Building Home surveillance
7. Ramudroid
8. Bottlenecks for media Streaming
Ramudroid v7.0 as presented on IEDF IOT project Day . Additions to existing functionality of bot to clean roads and outdoors are 16x2 LDC , image processing , battery and hardware enhancements , WEBRTC live streaming session details .
Building WebRTC based interesting features and services . WebRTC to stream from remote machine in IOT.
Details of Ramudroid a bot meant for cleaning outdoors uses webrtc stream for remote navigation .
Augmented Reality and WebRTC .
WebGL in browsers
threejs for 3D graphics
code and steps of making cube , sphere , torusknot
wecam texture to 3D plane
motion detection using differential analysis
more samples of AR applications
Service Broker for VOIP IMA WebRTC and old telecom networksALTANAI BISHT
SB( Service Broker ) enables us to make use of existing applications and services from Intelligent Network’s SCP ( Service control Point ) , IMS’s Application Server as well as other sources in a harmonized manner .
Service broker is a service abstraction layer between the network and application layer in telecom environment.
This document describes the process of integrating a Service Broker with service harmonization and orchestration in a telco environment .
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Telecom Network & SIEM logs analysis using machine learning
1. Telecom Network & SIEM Logs Analysis
using Machine Learning
- Altanai
Presented at Machine Learning for Cyber Security & Digital Forensics
- Digital Forensics (4N6) in 2020
2. HELLO!
I am Altanai
Specialised in CPaaS, carrier-grade WebRTC-SIP telecom platforms
Author of WebRTC Integrator's Guide, https://www.packtpub.com/in/web-development/webrtc-integrators-guide.
2
3. 3
10 yrs in Telecom + Voice Over IP
+ Media streaming +
Communication as a Service
Freelancer , Open source
contributor and blogger
https://telecom.altanai.com/
Author of WebRTC Integrator’s
Guide
Inventor of RamuDroid ( Bot to
clean roads and outdoors )
currently with Airtel
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
4. 1.
Rich and growing world of
Telecommunication technologies
- Unified Communication and Collaboration client (UCC)
- High level view of device agnostic Communication as a service
provider
- SIP ( Session Initiation Protocol)
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
5. “Covid-19 impact on
telecoms
- Demand Skyrocketed on telcos and
OTTs
- VoD video on demand and Media
platform
- Remote office working
- elearning
5
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
9. 2.
Security event Management and
Telecom Networks
- Intrusions and Hacks on Telecom and Communication platforms
- Fraud and Ransomware in Communication Service Industry
- Need for Security information and event management (SIEM)
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
10. Intrusions and Hacks on Telecom and Communication platforms
10
https://telecom.economictimes.indiatimes.com/news/bsnl-intranet-hacked-company-fixes-leak-after-alert-by-re
searcher/63159693
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
11. Fraud and Ransomware in Communication Service Industry
11
https://www.computerweekly.com/news/450415866/Nearly-a-third-
of-malware-attacks-are-zero-day-exploits
https://www.vyopta.com/blog/business
-collaboration/telecommunications-sec
urity-vulnerabilties/
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
12. “..telecommunications industry experienced $38.1
billion in fraudulent charges in 2016.
- Communication and Fraud Control Association ( https://www.cfca.org/)
12
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
13. Hacking in to a VoIP System
13
- Vulnerabilities via
network firewalls
- Lack of ACL
- Device / Endpoint
Vulnerabilities like
malicious app on phone
- Server backdoor entry
- Leaked passwords or
Pem keys
03
01 02
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
Intrusions Classes
● denial of service(DoS)
● unauthorized access from a remote machine (R2L)
● unauthorized access to local superuser (root) privileges (U2R)
● probing (PRB)
14. Risk to Operation of a communication provider
14
Toll frauds on
international
calling
Private Call
Record
Data leaks
Ransomware
DDOS
Subscript
ion fraud
Eavesdropping
Ip/PBX
takeover
Dealer
Fraud
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
15. SS7 and Diameter
Signalling Threats
Phone endpoint
Hacking
SIP / H3.23 Toll Fraud
One ring and Cut to
generate Call back
revenue
Blind Call Transfers
SPIT
Points of Concern in CPaaS or VoIP Network
User Authentication
Hacking
Browser based Click
to Call
Malicious Chrome
extensions
Call Cards
Vishing
VOMIT
15
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
16. 2.
Dynamic Security event Management
using Machine Learning
- Types of Security Managements
- HOMER and heplify voip monitoring
- Log alerts using elastic
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
17. Types of Security Managements
- Statistical correlation engine like SIEM
- User and entity behavior analytics (UEBA)
- Security orchestration, automation and response (SOAR)
- Dynamic/Active ML based Protection
- Adaptive / Proactive security
- Continuous Risk scoring
- Updated blocklist for alerted accounts
- Outsourcing to MSSP (managed security service providers)
17
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
18. “
18
Gathering Data and Logs
- VoIP /SIP traces , protocol sniffer
- Logs ( audit , system , services , networks )
- RTP / RTCP media traces
- Call Data records
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
19. 19
HEP / EEP encapsulation protocol of HOMER
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
21. 21
Real Time Monitoring - SIPCAPTURE
Credits : https://sipcapture.org/
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
22. “Device Authentication and Call Pattern
- Static / Rule based engine
- SIP trunks interaction with VoIP PBX gateways based on thresholds
- Registration flooding
- Unknown protocol packets
- Detect attacks signature based on historical analysis
- Detect abrupt change in routing plans
22
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
23. “
23
Real Time VoIP Traffic Analysis
- Supervised learning on labelled use cases via training dataset
- source /destination ip address geolocations so on
- Unsupervised Machine learning for non Linear Classification of Calls
- K-means clustering ( others include Bayes Network, Random Forest,
Random Tree, MLP, Decision Table )
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
24. Intrusion Detection System (IDS) for VoIP Accounts
24
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
30. Applications of ANN
Aggregate data from
honeypot application
and traffic monitoring
to neural network
Extensive testbed
experimentation for
Responding to
Attacks
Back propagation
Neural Network to
detect SPAM calls
30
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
31. 4. Key
Takeaways
- High availability is critical
- Honeypots to observe
behaviour of crawlers and
hackers
- Traffic Pattern and Behavior
analysis
- Hacks are more common in
off hours like early morning or
holiday season
31
Machine Learning for Cyber Security & Digital Forensics -
talk by @Altanai
32. CREDITS
Special thanks to all the people who made and
released these awesome resources for free:
▹ Presentation template by SlidesCarnival
▹ Photographs by Unsplash
32
33. References
This presentation uses the following references:
▹ Communication And Fraud Prevention https://www.cfca.org/
▹ ForcePoint What is SIEM? Defined, Explained, and Explored
▹ Techtarget is SIEM and Why is it Important?
▹ Medium - Evaluation of Machine Learning Algorithms for Intrusion Detection System by Cuelogic Technologies
▹ Zamani, Mahdi. (2013). Machine Learning Techniques for Intrusion Detection.
▹ QoS Evaluation Based on Extend E-Model in VoIP Hongli Zhangab, Zhimin Gua , Zhenqing Tianb a School of Computer Science
and Technology, Beijing Institute of Technology b Media College, Inner Mongolia Normal University ,China
▹ Voice quality prediction models and their application in VoIP networks - September 2006 IEEE Transactions on Multimedia
DOI: 10.1109/TMM.2006.876279 , Lingfen Sun, Emmanuel Ifeachor assar, Mohamed & State, Radu & Festor, Olivier. (2007). VoIP
Honeypot Architecture. 109 - 118. 10.1109/INM.2007.374775.
▹ Telecom RnD https://telecom.altanai.com/
▸ VOIP Call Metric Monitoring and MOS ( Mean Opinion Score)
▸ OTT ( Over the Top ) Communication applications
▸ CLI/NCLI, Robocalls and STIR/SHAKEN 33