SlideShare a Scribd company logo

Telecom Network & SIEM logs analysis using machine learning

ALTANAI BISHT
ALTANAI BISHT

This document summarizes a presentation on analyzing telecom network and SIEM logs using machine learning. The presentation discusses: 1. The growing field of telecommunications technologies and the increased demand during the COVID-19 pandemic. 2. The need for security event management in telecom networks given risks like intrusions, fraud, and ransomware attacks. 3. How to implement dynamic security event management using machine learning by gathering data from various logs and analyzing patterns in real-time to detect anomalies and intrusions.

Technology
1 of 34
Download to read offline
Telecom Network & SIEM Logs Analysis using Machine Learning - Altanai Presented at Machine Learning for Cyber Security & Digital Forensics - Digital Forensics (4N6) in 2020
HELLO! I am Altanai Specialised in CPaaS, carrier-grade WebRTC-SIP telecom platforms Author of WebRTC Integrator's Guide, https://www.packtpub.com/in/web-development/webrtc-integrators-guide. 2
3 10 yrs in Telecom + Voice Over IP + Media streaming + Communication as a Service Freelancer , Open source contributor and blogger https://telecom.altanai.com/ Author of WebRTC Integrator’s Guide Inventor of RamuDroid ( Bot to clean roads and outdoors ) currently with Airtel Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
1. Rich and growing world of Telecommunication technologies - Unified Communication and Collaboration client (UCC) - High level view of device agnostic Communication as a service provider - SIP ( Session Initiation Protocol) Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
“Covid-19 impact on telecoms - Demand Skyrocketed on telcos and OTTs - VoD video on demand and Media platform - Remote office working - elearning 5 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
6 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
7 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
SIP ( Session Initiation protocol) 8
2. Security event Management and Telecom Networks - Intrusions and Hacks on Telecom and Communication platforms - Fraud and Ransomware in Communication Service Industry - Need for Security information and event management (SIEM) Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
Intrusions and Hacks on Telecom and Communication platforms 10 https://telecom.economictimes.indiatimes.com/news/bsnl-intranet-hacked-company-fixes-leak-after-alert-by-re searcher/63159693 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
Fraud and Ransomware in Communication Service Industry 11 https://www.computerweekly.com/news/450415866/Nearly-a-third- of-malware-attacks-are-zero-day-exploits https://www.vyopta.com/blog/business -collaboration/telecommunications-sec urity-vulnerabilties/ Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
“..telecommunications industry experienced $38.1 billion in fraudulent charges in 2016. - Communication and Fraud Control Association ( https://www.cfca.org/) 12 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
Hacking in to a VoIP System 13 - Vulnerabilities via network firewalls - Lack of ACL - Device / Endpoint Vulnerabilities like malicious app on phone - Server backdoor entry - Leaked passwords or Pem keys 03 01 02 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai Intrusions Classes ● denial of service(DoS) ● unauthorized access from a remote machine (R2L) ● unauthorized access to local superuser (root) privileges (U2R) ● probing (PRB)
Risk to Operation of a communication provider 14 Toll frauds on international calling Private Call Record Data leaks Ransomware DDOS Subscript ion fraud Eavesdropping Ip/PBX takeover Dealer Fraud Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
SS7 and Diameter Signalling Threats Phone endpoint Hacking SIP / H3.23 Toll Fraud One ring and Cut to generate Call back revenue Blind Call Transfers SPIT Points of Concern in CPaaS or VoIP Network User Authentication Hacking Browser based Click to Call Malicious Chrome extensions Call Cards Vishing VOMIT 15 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
2. Dynamic Security event Management using Machine Learning - Types of Security Managements - HOMER and heplify voip monitoring - Log alerts using elastic Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
Types of Security Managements - Statistical correlation engine like SIEM - User and entity behavior analytics (UEBA) - Security orchestration, automation and response (SOAR) - Dynamic/Active ML based Protection - Adaptive / Proactive security - Continuous Risk scoring - Updated blocklist for alerted accounts - Outsourcing to MSSP (managed security service providers) 17 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
“ 18 Gathering Data and Logs - VoIP /SIP traces , protocol sniffer - Logs ( audit , system , services , networks ) - RTP / RTCP media traces - Call Data records Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
19 HEP / EEP encapsulation protocol of HOMER Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
HOMER in operation 20 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
21 Real Time Monitoring - SIPCAPTURE Credits : https://sipcapture.org/ Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
“Device Authentication and Call Pattern - Static / Rule based engine - SIP trunks interaction with VoIP PBX gateways based on thresholds - Registration flooding - Unknown protocol packets - Detect attacks signature based on historical analysis - Detect abrupt change in routing plans 22 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
“ 23 Real Time VoIP Traffic Analysis - Supervised learning on labelled use cases via training dataset - source /destination ip address geolocations so on - Unsupervised Machine learning for non Linear Classification of Calls - K-means clustering ( others include Bayes Network, Random Forest, Random Tree, MLP, Decision Table ) Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
Intrusion Detection System (IDS) for VoIP Accounts 24 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
Custom IDS ( Intrusion Detection System ) 25 - Signature-based intrusion detection - Anomaly-based intrusion detection Usecase Driven - Call Centre - Remote office collaboration - Sales Calls - OTP calls - Anonymous calling - Secure / financial / bank calls - TeleMedicine - Video KYC
3. Solutions 26 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
Demo 27 https://www.kaggle.com/altanai/network-intrusion-detection-using-python/ Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
28
29
Applications of ANN Aggregate data from honeypot application and traffic monitoring to neural network Extensive testbed experimentation for Responding to Attacks Back propagation Neural Network to detect SPAM calls 30 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
4. Key Takeaways - High availability is critical - Honeypots to observe behaviour of crawlers and hackers - Traffic Pattern and Behavior analysis - Hacks are more common in off hours like early morning or holiday season 31 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
CREDITS Special thanks to all the people who made and released these awesome resources for free: ▹ Presentation template by SlidesCarnival ▹ Photographs by Unsplash 32
References This presentation uses the following references: ▹ Communication And Fraud Prevention https://www.cfca.org/ ▹ ForcePoint What is SIEM? Defined, Explained, and Explored ▹ Techtarget is SIEM and Why is it Important? ▹ Medium - Evaluation of Machine Learning Algorithms for Intrusion Detection System by Cuelogic Technologies ▹ Zamani, Mahdi. (2013). Machine Learning Techniques for Intrusion Detection. ▹ QoS Evaluation Based on Extend E-Model in VoIP Hongli Zhangab, Zhimin Gua , Zhenqing Tianb a School of Computer Science and Technology, Beijing Institute of Technology b Media College, Inner Mongolia Normal University ,China ▹ Voice quality prediction models and their application in VoIP networks - September 2006 IEEE Transactions on Multimedia DOI: 10.1109/TMM.2006.876279 , Lingfen Sun, Emmanuel Ifeachor assar, Mohamed & State, Radu & Festor, Olivier. (2007). VoIP Honeypot Architecture. 109 - 118. 10.1109/INM.2007.374775. ▹ Telecom RnD https://telecom.altanai.com/ ▸ VOIP Call Metric Monitoring and MOS ( Mean Opinion Score) ▸ OTT ( Over the Top ) Communication applications ▸ CLI/NCLI, Robocalls and STIR/SHAKEN 33
THANKS! Any questions? You can find me at @altanai https://telecom.altanai.com/ 34

Recommended

Security in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) NetworksSecurity in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) Networks
Naveen Kumar
 
Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notes
gangadhar9989166446
 
Octave
OctaveOctave
Octave
Amar Myana
 
Security Mechanisms
Security MechanismsSecurity Mechanisms
Security Mechanismspriya_trehan
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)
PECB
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chain
Tarun Gupta,CRISC CISSP CISM CISA BCCE
 
Cryptography
CryptographyCryptography
Cryptography
Jens Patel
 
Requirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing LabRequirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing Lab
Syed Ubaid Ali Jafri
 

Recommended

Security in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) NetworksSecurity in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) Networks
Naveen Kumar
 
Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notes
gangadhar9989166446
 
Octave
OctaveOctave
Octave
Amar Myana
 
Security Mechanisms
Security MechanismsSecurity Mechanisms
Security Mechanismspriya_trehan
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)
PECB
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chain
Tarun Gupta,CRISC CISSP CISM CISA BCCE
 
Cryptography
CryptographyCryptography
Cryptography
Jens Patel
 
Requirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing LabRequirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing Lab
Syed Ubaid Ali Jafri
 
Transport Layer Security
Transport Layer SecurityTransport Layer Security
Transport Layer SecurityChhatra Thapa
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
Shahid Beheshti University
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & Cryptography
Arun ACE
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
BharathiKrishna6
 
Ssl and tls
Ssl and tlsSsl and tls
Ssl and tls
Rana assad ali
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography ppt
OECLIB Odisha Electronics Control Library
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquesMohd Arif
 
Network Security
Network SecurityNetwork Security
Network Security
MAJU
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic Presentation
MD. SHORIFUL ISLAM
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
 
MITRE ATT&CK Framework
MITRE ATT&CK FrameworkMITRE ATT&CK Framework
MITRE ATT&CK Framework
n|u - The Open Security Community
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
Dr. Kapil Gupta
 
Hardware Security
Hardware SecurityHardware Security
Hardware Security
Mani Rathnam
 
Public key cryptography and message authentication
Public key cryptography and message authenticationPublic key cryptography and message authentication
Public key cryptography and message authentication
CAS
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
David Sweigert
 
Introduction to Internet Governance and Cyber-security
Introduction to Internet Governance and Cyber-securityIntroduction to Internet Governance and Cyber-security
Introduction to Internet Governance and Cyber-security
Glenn McKnight
 
IP Security
IP SecurityIP Security
IP Security
Ambo University
 
Deception technology for advanced detection
Deception technology for advanced detectionDeception technology for advanced detection
Deception technology for advanced detection
Jisc
 
IoT Security
IoT SecurityIoT Security
IoT Security
Narudom Roongsiriwong, CISSP
 
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca BarbaEvolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Angeloluca Barba
 
InfoSec Deep Learning in Action
InfoSec Deep Learning in ActionInfoSec Deep Learning in Action
InfoSec Deep Learning in Action
Satnam Singh
 

More Related Content

What's hot

Transport Layer Security
Transport Layer SecurityTransport Layer Security
Transport Layer SecurityChhatra Thapa
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
Shahid Beheshti University
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & Cryptography
Arun ACE
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
BharathiKrishna6
 
Ssl and tls
Ssl and tlsSsl and tls
Ssl and tls
Rana assad ali
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography ppt
OECLIB Odisha Electronics Control Library
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquesMohd Arif
 
Network Security
Network SecurityNetwork Security
Network Security
MAJU
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic Presentation
MD. SHORIFUL ISLAM
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
 
MITRE ATT&CK Framework
MITRE ATT&CK FrameworkMITRE ATT&CK Framework
MITRE ATT&CK Framework
n|u - The Open Security Community
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
Dr. Kapil Gupta
 
Hardware Security
Hardware SecurityHardware Security
Hardware Security
Mani Rathnam
 
Public key cryptography and message authentication
Public key cryptography and message authenticationPublic key cryptography and message authentication
Public key cryptography and message authentication
CAS
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
David Sweigert
 
Introduction to Internet Governance and Cyber-security
Introduction to Internet Governance and Cyber-securityIntroduction to Internet Governance and Cyber-security
Introduction to Internet Governance and Cyber-security
Glenn McKnight
 
IP Security
IP SecurityIP Security
IP Security
Ambo University
 
Deception technology for advanced detection
Deception technology for advanced detectionDeception technology for advanced detection
Deception technology for advanced detection
Jisc
 
IoT Security
IoT SecurityIoT Security
IoT Security
Narudom Roongsiriwong, CISSP
 

What's hot (20)

Transport Layer Security
Transport Layer SecurityTransport Layer Security
Transport Layer Security
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & Cryptography
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
 
Ssl and tls
Ssl and tlsSsl and tls
Ssl and tls
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography ppt
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniques
 
Network Security
Network SecurityNetwork Security
Network Security
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic Presentation
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
 
MITRE ATT&CK Framework
MITRE ATT&CK FrameworkMITRE ATT&CK Framework
MITRE ATT&CK Framework
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
 
Hardware Security
Hardware SecurityHardware Security
Hardware Security
 
Public key cryptography and message authentication
Public key cryptography and message authenticationPublic key cryptography and message authentication
Public key cryptography and message authentication
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
 
Introduction to Internet Governance and Cyber-security
Introduction to Internet Governance and Cyber-securityIntroduction to Internet Governance and Cyber-security
Introduction to Internet Governance and Cyber-security
 
IP Security
IP SecurityIP Security
IP Security
 
Deception technology for advanced detection
Deception technology for advanced detectionDeception technology for advanced detection
Deception technology for advanced detection
 
IoT Security
IoT SecurityIoT Security
IoT Security
 

Similar to Telecom Network & SIEM logs analysis using machine learning

Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca BarbaEvolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Angeloluca Barba
 
InfoSec Deep Learning in Action
InfoSec Deep Learning in ActionInfoSec Deep Learning in Action
InfoSec Deep Learning in Action
Satnam Singh
 
Fortinet k
Fortinet kFortinet k
Fortinet k
mrehan2k2
 
Ibm iot overview
Ibm iot overviewIbm iot overview
Ibm iot overview
Eric Cattoir
 
SFScon 21 - Stefano Della Valle - The role of DLTs in advanced IoT platform
SFScon 21 - Stefano Della Valle - The role of DLTs in advanced IoT platformSFScon 21 - Stefano Della Valle - The role of DLTs in advanced IoT platform
SFScon 21 - Stefano Della Valle - The role of DLTs in advanced IoT platform
South Tyrol Free Software Conference
 
Machine Learning applications in Voice over IP
Machine Learning applications in Voice over IPMachine Learning applications in Voice over IP
Machine Learning applications in Voice over IP
ALTANAI BISHT
 
Securing Digital_Adams
Securing Digital_AdamsSecuring Digital_Adams
Securing Digital_AdamsJulius Adams
 
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
TI Safe
 
2008 Trends
2008 Trends2008 Trends
2008 Trends
TBledsoe
 
Securty Issues from 1999
Securty Issues from 1999Securty Issues from 1999
Securty Issues from 1999
TomParker
 
Greater China Cyber Threat Landscape - ISC 2016
Greater China Cyber Threat Landscape - ISC 2016Greater China Cyber Threat Landscape - ISC 2016
Greater China Cyber Threat Landscape - ISC 2016
Sergey Gordeychik
 
TechWiseTV Workshop: Encrypted Traffic Analytics
TechWiseTV Workshop: Encrypted Traffic Analytics TechWiseTV Workshop: Encrypted Traffic Analytics
TechWiseTV Workshop: Encrypted Traffic Analytics
Robb Boyd
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
TI Safe
 
Cyber security
Cyber securityCyber security
Cyber security
Aman Pradhan
 
Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018 Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018
African Cyber Security Summit
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Using Network Security and Identity Management to Empower CISOs Today: The Ca...
Using Network Security and Identity Management to Empower CISOs Today: The Ca...Using Network Security and Identity Management to Empower CISOs Today: The Ca...
Using Network Security and Identity Management to Empower CISOs Today: The Ca...
ForgeRock
 
Telecom incidents investigation: daily work behind the scenes
Telecom incidents investigation: daily work behind the scenesTelecom incidents investigation: daily work behind the scenes
Telecom incidents investigation: daily work behind the scenes
PositiveTechnologies
 
Automation: The Wonderful Wizard of CTI (or is it?)
Automation: The Wonderful Wizard of CTI (or is it?) Automation: The Wonderful Wizard of CTI (or is it?)
Automation: The Wonderful Wizard of CTI (or is it?)
MITRE ATT&CK
 

Similar to Telecom Network & SIEM logs analysis using machine learning (20)

Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca BarbaEvolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
 
InfoSec Deep Learning in Action
InfoSec Deep Learning in ActionInfoSec Deep Learning in Action
InfoSec Deep Learning in Action
 
Fortinet k
Fortinet kFortinet k
Fortinet k
 
Ibm iot overview
Ibm iot overviewIbm iot overview
Ibm iot overview
 
SFScon 21 - Stefano Della Valle - The role of DLTs in advanced IoT platform
SFScon 21 - Stefano Della Valle - The role of DLTs in advanced IoT platformSFScon 21 - Stefano Della Valle - The role of DLTs in advanced IoT platform
SFScon 21 - Stefano Della Valle - The role of DLTs in advanced IoT platform
 
Machine Learning applications in Voice over IP
Machine Learning applications in Voice over IPMachine Learning applications in Voice over IP
Machine Learning applications in Voice over IP
 
Securing Digital_Adams
Securing Digital_AdamsSecuring Digital_Adams
Securing Digital_Adams
 
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
 
2008 Trends
2008 Trends2008 Trends
2008 Trends
 
Securty Issues from 1999
Securty Issues from 1999Securty Issues from 1999
Securty Issues from 1999
 
Greater China Cyber Threat Landscape - ISC 2016
Greater China Cyber Threat Landscape - ISC 2016Greater China Cyber Threat Landscape - ISC 2016
Greater China Cyber Threat Landscape - ISC 2016
 
TechWiseTV Workshop: Encrypted Traffic Analytics
TechWiseTV Workshop: Encrypted Traffic Analytics TechWiseTV Workshop: Encrypted Traffic Analytics
TechWiseTV Workshop: Encrypted Traffic Analytics
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
 
Cyber security
Cyber securityCyber security
Cyber security
 
Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018 Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
02 ibm security for smart grids
02 ibm security for smart grids02 ibm security for smart grids
02 ibm security for smart grids
 
Using Network Security and Identity Management to Empower CISOs Today: The Ca...
Using Network Security and Identity Management to Empower CISOs Today: The Ca...Using Network Security and Identity Management to Empower CISOs Today: The Ca...
Using Network Security and Identity Management to Empower CISOs Today: The Ca...
 
Telecom incidents investigation: daily work behind the scenes
Telecom incidents investigation: daily work behind the scenesTelecom incidents investigation: daily work behind the scenes
Telecom incidents investigation: daily work behind the scenes
 
Automation: The Wonderful Wizard of CTI (or is it?)
Automation: The Wonderful Wizard of CTI (or is it?) Automation: The Wonderful Wizard of CTI (or is it?)
Automation: The Wonderful Wizard of CTI (or is it?)
 

More from ALTANAI BISHT

Practical byzantine fault tolerance by altanai
Practical byzantine fault tolerance by altanaiPractical byzantine fault tolerance by altanai
Practical byzantine fault tolerance by altanai
ALTANAI BISHT
 
Cinemarkup
CinemarkupCinemarkup
Cinemarkup
ALTANAI BISHT
 
Ramudroid presented in woman in robotics 2021
Ramudroid presented in woman in robotics 2021Ramudroid presented in woman in robotics 2021
Ramudroid presented in woman in robotics 2021
ALTANAI BISHT
 
Current trends and innovations in voice over IP
Current trends and innovations in voice over IPCurrent trends and innovations in voice over IP
Current trends and innovations in voice over IP
ALTANAI BISHT
 
Ramudroid
RamudroidRamudroid
Ramudroid
ALTANAI BISHT
 
Plivo webrtc telephony in your browser
Plivo webrtc telephony in your browserPlivo webrtc telephony in your browser
Plivo webrtc telephony in your browser
ALTANAI BISHT
 
Hybrid Smart Grid System for Renewable energy
Hybrid Smart Grid System for Renewable energyHybrid Smart Grid System for Renewable energy
Hybrid Smart Grid System for Renewable energy
ALTANAI BISHT
 
RFID in Assets and Library Management
RFID in Assets and Library Management RFID in Assets and Library Management
RFID in Assets and Library Management
ALTANAI BISHT
 
Unified Communications and Collaborations (UC&C)
Unified Communications and Collaborations (UC&C)Unified Communications and Collaborations (UC&C)
Unified Communications and Collaborations (UC&C)
ALTANAI BISHT
 
Media Streams in IOT via WebRTC
Media Streams in IOT via WebRTCMedia Streams in IOT via WebRTC
Media Streams in IOT via WebRTC
ALTANAI BISHT
 
Ramudroid v7.0
Ramudroid v7.0Ramudroid v7.0
Ramudroid v7.0
ALTANAI BISHT
 
Hackaday ramudroid 6.5
Hackaday ramudroid 6.5Hackaday ramudroid 6.5
Hackaday ramudroid 6.5
ALTANAI BISHT
 
WbeRTC in IOT presented in KrankyGeek
WbeRTC in IOT presented in KrankyGeekWbeRTC in IOT presented in KrankyGeek
WbeRTC in IOT presented in KrankyGeek
ALTANAI BISHT
 
Ramu droid for swach bharat abhiyaan
Ramu droid for swach bharat abhiyaanRamu droid for swach bharat abhiyaan
Ramu droid for swach bharat abhiyaan
ALTANAI BISHT
 
Ramu droid @gracehopper
Ramu droid @gracehopperRamu droid @gracehopper
Ramu droid @gracehopper
ALTANAI BISHT
 
Single board computer options
Single board computer optionsSingle board computer options
Single board computer options
ALTANAI BISHT
 
Ramu droid
Ramu droidRamu droid
Ramu droid
ALTANAI BISHT
 
Real time control and communication ( Robots , Machines , IOT )
Real time control and communication ( Robots , Machines , IOT )Real time control and communication ( Robots , Machines , IOT )
Real time control and communication ( Robots , Machines , IOT )
ALTANAI BISHT
 
Augmented reality in web rtc browser
Augmented reality in web rtc browserAugmented reality in web rtc browser
Augmented reality in web rtc browser
ALTANAI BISHT
 
Service Broker for VOIP IMA WebRTC and old telecom networks
Service Broker for VOIP IMA WebRTC and old telecom networksService Broker for VOIP IMA WebRTC and old telecom networks
Service Broker for VOIP IMA WebRTC and old telecom networks
ALTANAI BISHT
 

More from ALTANAI BISHT (20)

Practical byzantine fault tolerance by altanai
Practical byzantine fault tolerance by altanaiPractical byzantine fault tolerance by altanai
Practical byzantine fault tolerance by altanai
 
Cinemarkup
CinemarkupCinemarkup
Cinemarkup
 
Ramudroid presented in woman in robotics 2021
Ramudroid presented in woman in robotics 2021Ramudroid presented in woman in robotics 2021
Ramudroid presented in woman in robotics 2021
 
Current trends and innovations in voice over IP
Current trends and innovations in voice over IPCurrent trends and innovations in voice over IP
Current trends and innovations in voice over IP
 
Ramudroid
RamudroidRamudroid
Ramudroid
 
Plivo webrtc telephony in your browser
Plivo webrtc telephony in your browserPlivo webrtc telephony in your browser
Plivo webrtc telephony in your browser
 
Hybrid Smart Grid System for Renewable energy
Hybrid Smart Grid System for Renewable energyHybrid Smart Grid System for Renewable energy
Hybrid Smart Grid System for Renewable energy
 
RFID in Assets and Library Management
RFID in Assets and Library Management RFID in Assets and Library Management
RFID in Assets and Library Management
 
Unified Communications and Collaborations (UC&C)
Unified Communications and Collaborations (UC&C)Unified Communications and Collaborations (UC&C)
Unified Communications and Collaborations (UC&C)
 
Media Streams in IOT via WebRTC
Media Streams in IOT via WebRTCMedia Streams in IOT via WebRTC
Media Streams in IOT via WebRTC
 
Ramudroid v7.0
Ramudroid v7.0Ramudroid v7.0
Ramudroid v7.0
 
Hackaday ramudroid 6.5
Hackaday ramudroid 6.5Hackaday ramudroid 6.5
Hackaday ramudroid 6.5
 
WbeRTC in IOT presented in KrankyGeek
WbeRTC in IOT presented in KrankyGeekWbeRTC in IOT presented in KrankyGeek
WbeRTC in IOT presented in KrankyGeek
 
Ramu droid for swach bharat abhiyaan
Ramu droid for swach bharat abhiyaanRamu droid for swach bharat abhiyaan
Ramu droid for swach bharat abhiyaan
 
Ramu droid @gracehopper
Ramu droid @gracehopperRamu droid @gracehopper
Ramu droid @gracehopper
 
Single board computer options
Single board computer optionsSingle board computer options
Single board computer options
 
Ramu droid
Ramu droidRamu droid
Ramu droid
 
Real time control and communication ( Robots , Machines , IOT )
Real time control and communication ( Robots , Machines , IOT )Real time control and communication ( Robots , Machines , IOT )
Real time control and communication ( Robots , Machines , IOT )
 
Augmented reality in web rtc browser
Augmented reality in web rtc browserAugmented reality in web rtc browser
Augmented reality in web rtc browser
 
Service Broker for VOIP IMA WebRTC and old telecom networks
Service Broker for VOIP IMA WebRTC and old telecom networksService Broker for VOIP IMA WebRTC and old telecom networks
Service Broker for VOIP IMA WebRTC and old telecom networks
 

Recently uploaded

Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 

Recently uploaded (20)

Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 

Telecom Network & SIEM logs analysis using machine learning

  • 1. Telecom Network & SIEM Logs Analysis using Machine Learning - Altanai Presented at Machine Learning for Cyber Security & Digital Forensics - Digital Forensics (4N6) in 2020
  • 2. HELLO! I am Altanai Specialised in CPaaS, carrier-grade WebRTC-SIP telecom platforms Author of WebRTC Integrator's Guide, https://www.packtpub.com/in/web-development/webrtc-integrators-guide. 2
  • 3. 3 10 yrs in Telecom + Voice Over IP + Media streaming + Communication as a Service Freelancer , Open source contributor and blogger https://telecom.altanai.com/ Author of WebRTC Integrator’s Guide Inventor of RamuDroid ( Bot to clean roads and outdoors ) currently with Airtel Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 4. 1. Rich and growing world of Telecommunication technologies - Unified Communication and Collaboration client (UCC) - High level view of device agnostic Communication as a service provider - SIP ( Session Initiation Protocol) Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 5. “Covid-19 impact on telecoms - Demand Skyrocketed on telcos and OTTs - VoD video on demand and Media platform - Remote office working - elearning 5 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 6. 6 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 7. 7 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 8. SIP ( Session Initiation protocol) 8
  • 9. 2. Security event Management and Telecom Networks - Intrusions and Hacks on Telecom and Communication platforms - Fraud and Ransomware in Communication Service Industry - Need for Security information and event management (SIEM) Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 10. Intrusions and Hacks on Telecom and Communication platforms 10 https://telecom.economictimes.indiatimes.com/news/bsnl-intranet-hacked-company-fixes-leak-after-alert-by-re searcher/63159693 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 11. Fraud and Ransomware in Communication Service Industry 11 https://www.computerweekly.com/news/450415866/Nearly-a-third- of-malware-attacks-are-zero-day-exploits https://www.vyopta.com/blog/business -collaboration/telecommunications-sec urity-vulnerabilties/ Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 12. “..telecommunications industry experienced $38.1 billion in fraudulent charges in 2016. - Communication and Fraud Control Association ( https://www.cfca.org/) 12 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 13. Hacking in to a VoIP System 13 - Vulnerabilities via network firewalls - Lack of ACL - Device / Endpoint Vulnerabilities like malicious app on phone - Server backdoor entry - Leaked passwords or Pem keys 03 01 02 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai Intrusions Classes ● denial of service(DoS) ● unauthorized access from a remote machine (R2L) ● unauthorized access to local superuser (root) privileges (U2R) ● probing (PRB)
  • 14. Risk to Operation of a communication provider 14 Toll frauds on international calling Private Call Record Data leaks Ransomware DDOS Subscript ion fraud Eavesdropping Ip/PBX takeover Dealer Fraud Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 15. SS7 and Diameter Signalling Threats Phone endpoint Hacking SIP / H3.23 Toll Fraud One ring and Cut to generate Call back revenue Blind Call Transfers SPIT Points of Concern in CPaaS or VoIP Network User Authentication Hacking Browser based Click to Call Malicious Chrome extensions Call Cards Vishing VOMIT 15 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 16. 2. Dynamic Security event Management using Machine Learning - Types of Security Managements - HOMER and heplify voip monitoring - Log alerts using elastic Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 17. Types of Security Managements - Statistical correlation engine like SIEM - User and entity behavior analytics (UEBA) - Security orchestration, automation and response (SOAR) - Dynamic/Active ML based Protection - Adaptive / Proactive security - Continuous Risk scoring - Updated blocklist for alerted accounts - Outsourcing to MSSP (managed security service providers) 17 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 18. “ 18 Gathering Data and Logs - VoIP /SIP traces , protocol sniffer - Logs ( audit , system , services , networks ) - RTP / RTCP media traces - Call Data records Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 19. 19 HEP / EEP encapsulation protocol of HOMER Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 20. HOMER in operation 20 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 21. 21 Real Time Monitoring - SIPCAPTURE Credits : https://sipcapture.org/ Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 22. “Device Authentication and Call Pattern - Static / Rule based engine - SIP trunks interaction with VoIP PBX gateways based on thresholds - Registration flooding - Unknown protocol packets - Detect attacks signature based on historical analysis - Detect abrupt change in routing plans 22 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 23. “ 23 Real Time VoIP Traffic Analysis - Supervised learning on labelled use cases via training dataset - source /destination ip address geolocations so on - Unsupervised Machine learning for non Linear Classification of Calls - K-means clustering ( others include Bayes Network, Random Forest, Random Tree, MLP, Decision Table ) Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 24. Intrusion Detection System (IDS) for VoIP Accounts 24 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 25. Custom IDS ( Intrusion Detection System ) 25 - Signature-based intrusion detection - Anomaly-based intrusion detection Usecase Driven - Call Centre - Remote office collaboration - Sales Calls - OTP calls - Anonymous calling - Secure / financial / bank calls - TeleMedicine - Video KYC
  • 26. 3. Solutions 26 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 28. 28
  • 29. 29
  • 30. Applications of ANN Aggregate data from honeypot application and traffic monitoring to neural network Extensive testbed experimentation for Responding to Attacks Back propagation Neural Network to detect SPAM calls 30 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 31. 4. Key Takeaways - High availability is critical - Honeypots to observe behaviour of crawlers and hackers - Traffic Pattern and Behavior analysis - Hacks are more common in off hours like early morning or holiday season 31 Machine Learning for Cyber Security & Digital Forensics - talk by @Altanai
  • 32. CREDITS Special thanks to all the people who made and released these awesome resources for free: ▹ Presentation template by SlidesCarnival ▹ Photographs by Unsplash 32
  • 33. References This presentation uses the following references: ▹ Communication And Fraud Prevention https://www.cfca.org/ ▹ ForcePoint What is SIEM? Defined, Explained, and Explored ▹ Techtarget is SIEM and Why is it Important? ▹ Medium - Evaluation of Machine Learning Algorithms for Intrusion Detection System by Cuelogic Technologies ▹ Zamani, Mahdi. (2013). Machine Learning Techniques for Intrusion Detection. ▹ QoS Evaluation Based on Extend E-Model in VoIP Hongli Zhangab, Zhimin Gua , Zhenqing Tianb a School of Computer Science and Technology, Beijing Institute of Technology b Media College, Inner Mongolia Normal University ,China ▹ Voice quality prediction models and their application in VoIP networks - September 2006 IEEE Transactions on Multimedia DOI: 10.1109/TMM.2006.876279 , Lingfen Sun, Emmanuel Ifeachor assar, Mohamed & State, Radu & Festor, Olivier. (2007). VoIP Honeypot Architecture. 109 - 118. 10.1109/INM.2007.374775. ▹ Telecom RnD https://telecom.altanai.com/ ▸ VOIP Call Metric Monitoring and MOS ( Mean Opinion Score) ▸ OTT ( Over the Top ) Communication applications ▸ CLI/NCLI, Robocalls and STIR/SHAKEN 33
  • 34. THANKS! Any questions? You can find me at @altanai https://telecom.altanai.com/ 34