WhyMCA HappyHour - EUHackathon Part II

•

1 like•312 views

Alessandro Manfredi

The presentation for my speech at #WhyMCA HappyHour about the EUHackathon '11

Technology Design

HappyHour WhyMCA “OpenData”
Rome, Dec. 15th 2011

EUHackathon: Hacking data to deliver
meaningful information
Part II

Alessandro Manfredi

EUHackathon Nov, 8-9 ’11

Long story short:
we went,
we coded,
we had fun,
got a prize,
etc.

@matteocollina
What these guys said
@Giuliano84

@matteocollina
What these guys said
@Giuliano84

OpenData

Visualization

Meaningful Information

Data Sources
Crowd-Sourced

Transparency
Report

Hackathon
sponsor

Data Sources
Crowd-Sourced

Aggregated
data
Unﬁltered
users reports
Transparency
Report

Hackathon
sponsor

Data Sources
Crowd-Sourced

Aggregated
data
Unﬁltered
users reports
(kind of a bloody mess)
Transparency
Report

Hackathon
sponsor

So, how about the GTT ?

Transparency
Report

Roadmap from 10k ft
• Clean the data and
remove noise
• Combine data from from
different sources
>
• Put everything in an
easy-to-query format
• Throw the result inside
a DB
• Build a nice interface to
< to
display meaningful
information :-)

In practice (1/3)
• Data from Google and OpenNet were already aggregated
• Good: ready to use as information
• Bad: not much to do with them
• Bad: they were only about some countries (~75)
• So we also filtered data from Herdict to get only reports
relevant to these countries.
• We combined data from both with some stats extracted
from Herdict reports to provide country-specific
information...

Like... Content removal requests

Transparency Alert Censored categories

We did something similar
at site-speciﬁc level...
(2/3)

website keywords
Like... website preview

# of unreachability warnings

In practice (3/3)

• Data from Herdict were a little bit messy
• Good: direct users reports, a lot of data
• Bad: not verified, confirmed, or ranked
• Bad: user’s typo, non-existent ISPs, etc.
• Bad: some obvious fake data
• e.g., 600+ fake reports of palestine-info.co.uk being
inaccessible from ISP [A-Za-z0-9]{8}

In practice (3/3)

• We considered only websites with more than <T> reports
• and only (www.)?domain.<tld> with some exceptions,
like [^.]*.blogspot.com or [^.]*.wordpress.com
• We aggregated reports per-(ISP, country) and per-site
• So that it was easy to get responses to queries like:
• From which countries the website X has been reported as
unreachable?
• From which ISPs in country Y the website X is reported as
unreachable?

Cool things we didn't have time for
• Keyword-based websites search
• Selection of a temporal interval
• A sort of “PLAY” button to
visualize the evolution of
the graph through time
• ...many more :-)

Cool things we knew
we wouldn't have time for
Real-time reachability check using proxies
located in several countries.
How about using ToR with .. ?
ExitNodes <Nodes-country-X-ISP-Y>
StrictExitNodes 1

Infer censorship applied by ISP in higher
positions in the internet graph.

HappyHour WhyMCA
“OpenData”
Rome, Dec. 15th 2011

Alessandro Manfredi
www.n0on3.net
@n0on3

The purpose of this study is to develop a system which will assist a user to determine if a location can be entitled as a “Safe” residence or not. The output will be based on an analysis carried out on the local crime history of the city. This involves examining a huge geolocation data and zeroing down to a single area. The area with majority crime incidents will be highlighted as Unsafe. Clicking/hovering on a single record will display name, associated crime and its rank depending on number of crimes occurred. Big Data Hadoop and Hive systems are implemented in Azure for the analysis. Keywords: Hadoop, Big Data, Hive, Azure

LUG - Logical volumes managementAlessandro Manfredi

LUG - Ricompilazione kernel

Alessandro Manfredi

Cradle-to-Cradle Design: creating healthy emissions — a strategy for eco-effe...

Valter Wei

LUG - Install Fest 2008

Alessandro Manfredi

Hey Cloud, it’s the user calling, he says he wants the security back

Alessandro Manfredi

Connect (4|n)

Alessandro Manfredi

With the rise of IoT and the increasing complexity of applications, clouds, networks and infrastructure, the battle to keep your data and your infrastructure safe from attackers is getting harder. As groups of bad actors collaborate, sharing information and offering illegal access, and botnets as a service, terabits of attack can be launched cheaply. Meanwhile, it’s hard to find enough security analysts to catch and prevent these attacks. This is where community collaboration and open source efforts like Apache Metron come in. Metron presents a comprehensive framework for application and network, security built on Apache Hadoop and open source Streaming Analytics(ie Apache Nifi, Apache Kafka) tool’s highly scalable data management and processing stacks. Advanced features like profiling, machine learning, and visualization work with real-time streaming detection to make your SOC analysts more efficient, while the intrinsic extensibility of open source helps your data scientists get security insights out of the lab and into production fast. We will discuss and demonstrate how some real-world businesses and managed service providers are using Apache Metron to identify and solve security threats at scale, and some approaches and ideas for how the platform can fit into your security architecture. Speaker: Laurence Da Luz, Senior Solutions Architect, Hortonworks

Enhancing user engagement on mobile devices

Randall Arnold

Tibco Augmented Intelligence - Analytics, IoT, Big Data, Streaming 20161025

Nicola Sandoli

OI in the Public Sector by Esteve Almirall

citycamptunisia

DEF CON 27 - MASARAH PAQUET CLOUSTON and OLIVER BILODEAU - the industry of so...

Felipe Prado

Big Data Day LA 2016/ Data Science Track - The Evolving Data Science Landscap...

Data Con LA

Real-time Analytics in Financial: Use Case, Architecture and Challenges

DataWorks Summit/Hadoop Summit

Data in Motion - tech-intro-for-paris-hackathon

Cisco DevNet

Scaling DDS to Millions of Computers and Devices

Rick Warren

Real-time Analytics in Financial

Yifeng Jiang

Detecting Hacks: Anomaly Detection on Networking Data

James Sirota

Big Data made easy in the era of the Cloud - Demi Ben-Ari

Demi Ben-Ari

Introduction to big data

partagetransparents

Interactive Analytics at Scale in Apache Hive Using Druid

DataWorks Summit/Hadoop Summit

Druid is an open-source analytics data store specially designed to execute OLAP queries on event data. Its speed, scalability and efficiency have made it a popular choice to power user-facing analytic applications, including multiple BI tools and dashboards. However, Druid does not provide important features requested by many of these applications, such as a SQL interface or support for complex operations such as joins. This talk presents our work on extending Druid indexing and querying capabilities using Apache Hive. In particular, our solution allows to index complex query results in Druid using Hive, query Druid data sources from Hive using SQL, and execute complex Hive queries on top of Druid data sources. We describe how we built an extension that brings benefits to both systems alike, leveraging Apache Calcite to overcome the challenge of transparently generating Druid JSON queries from the input Hive SQL queries. We conclude with a demo highlighting the performant and powerful integration of these projects.

Tools and Solutions, Roger Roberts, RTBF

FIAT/IFTA

MobileMiner and NervousNet

kingsBSD

Media, data, context... and the Holy Grail of User Taste Prediction

Xavier Amatriain

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Prayukth K V

The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development. The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers: State of global ICS asset and network exposure Sectoral targets and attacks as well as the cost of ransom Global APT activity, AI usage, actor and tactic profiles, and implications Rise in volumes of AI-powered cyberattacks Major cyber events in 2024 Malware and malicious payload trends Cyberattack types and targets Vulnerability exploit attempts on CVEs Attacks on counties – USA Expansion of bot farms – how, where, and why In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East Why are attacks on smart factories rising? Cyber risk predictions Axis of attacks – Europe Systemic attacks in the Middle East Download the full report from here: https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/

Essentials of Automations: Optimizing FME Workflows with Parameters

Safe Software

Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place. Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects. Here’s what you’ll gain: - Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows. - Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy. - Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency. - Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity. We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic. Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.

Similar to WhyMCA HappyHour - EUHackathon Part II

Distributed dataintelligence

www.ixxo.io

Blockchain EXE #10：Ocean ProtocolとBigchainDB: 分散型データエコシステムの実現（Dimitri De Jong...

blockchainexe

Filtering From the Firehose: Real Time Social Media Streaming

Cloud Elements

Solving Cybersecurity at Scale

DataWorks Summit

Enhancing user engagement on mobile devices

Randall Arnold

Tibco Augmented Intelligence - Analytics, IoT, Big Data, Streaming 20161025

Nicola Sandoli

OI in the Public Sector by Esteve Almirall

citycamptunisia

DEF CON 27 - MASARAH PAQUET CLOUSTON and OLIVER BILODEAU - the industry of so...

Felipe Prado

Big Data Day LA 2016/ Data Science Track - The Evolving Data Science Landscap...

Data Con LA

Real-time Analytics in Financial: Use Case, Architecture and Challenges

DataWorks Summit/Hadoop Summit

Data in Motion - tech-intro-for-paris-hackathon

Cisco DevNet

Scaling DDS to Millions of Computers and Devices

Rick Warren

Real-time Analytics in Financial

Yifeng Jiang

Detecting Hacks: Anomaly Detection on Networking Data

James Sirota

Big Data made easy in the era of the Cloud - Demi Ben-Ari

Demi Ben-Ari

Introduction to big data

partagetransparents

Interactive Analytics at Scale in Apache Hive Using Druid

DataWorks Summit/Hadoop Summit

Tools and Solutions, Roger Roberts, RTBF

FIAT/IFTA

MobileMiner and NervousNet

kingsBSD

Media, data, context... and the Holy Grail of User Taste Prediction

Xavier Amatriain

Similar to WhyMCA HappyHour - EUHackathon Part II (20)

Distributed dataintelligence

Blockchain EXE #10：Ocean ProtocolとBigchainDB: 分散型データエコシステムの実現（Dimitri De Jong...

Filtering From the Firehose: Real Time Social Media Streaming

Solving Cybersecurity at Scale

Enhancing user engagement on mobile devices

Tibco Augmented Intelligence - Analytics, IoT, Big Data, Streaming 20161025

OI in the Public Sector by Esteve Almirall

DEF CON 27 - MASARAH PAQUET CLOUSTON and OLIVER BILODEAU - the industry of so...

Big Data Day LA 2016/ Data Science Track - The Evolving Data Science Landscap...

Real-time Analytics in Financial: Use Case, Architecture and Challenges

Data in Motion - tech-intro-for-paris-hackathon

Scaling DDS to Millions of Computers and Devices

Real-time Analytics in Financial

Detecting Hacks: Anomaly Detection on Networking Data

Big Data made easy in the era of the Cloud - Demi Ben-Ari

Introduction to big data

Interactive Analytics at Scale in Apache Hive Using Druid

Tools and Solutions, Roger Roberts, RTBF

MobileMiner and NervousNet

Media, data, context... and the Holy Grail of User Taste Prediction

Recently uploaded

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Prayukth K V

Essentials of Automations: Optimizing FME Workflows with Parameters

Safe Software

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

James Anderson

Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management. The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM). Speakers: Bob Boule Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle. Gopinath Rebala Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.

Designing Great Products: The Power of Design and Leadership by Chief Designe...

Product School

PHP Frameworks: I want to break free (IPC Berlin 2024)

Ralf Eggert

In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development. This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.

Accelerate your Kubernetes clusters with Varnish Caching

Thijs Feryn

The Future of Platform Engineering

Jemma Hussein Allen

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

UiPathCommunity

💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™: See how to accelerate model training and optimize model performance with active learning Learn about the latest enhancements to out-of-the-box document processing – with little to no training required Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath. Speakers: 👨‍🏫 Andras Palfi, Senior Product Manager, UiPath 👩‍🏫 Lenka Dulovicova, Product Program Manager, UiPath

DevOps and Testing slides at DASA Connect

Kari Kakkonen

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

FIDO Alliance

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

Product School

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

Abida Shariff

ODC, Data Fabric and Architecture User Group

CatarinaPereira64715

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

FIDO Alliance

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Thierry Lestable

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Paul Groth

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Inflectra

In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring. Learn about: • The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks. • Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective. • Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification. • Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process. Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.

Bits & Pixels using AI for Good.........

Alison B. Lowndes

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

UiPath Test Automation using UiPath Test Suite series, part 4

DianaGray10

Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap. The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies. Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques What will you get from this session? 1. Insights into SAP testing best practices 2. Heatmap utilization for testing 3. Optimization of testing processes 4. Demo Topics covered: Execution from the test manager Orchestrator execution result Defect reporting SAP heatmap example with demo Speaker: Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

Recently uploaded (20)

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Essentials of Automations: Optimizing FME Workflows with Parameters

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

Designing Great Products: The Power of Design and Leadership by Chief Designe...

PHP Frameworks: I want to break free (IPC Berlin 2024)

Accelerate your Kubernetes clusters with Varnish Caching

The Future of Platform Engineering

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

DevOps and Testing slides at DASA Connect

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

ODC, Data Fabric and Architecture User Group

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Bits & Pixels using AI for Good.........

FIDO Alliance Osaka Seminar: Overview.pdf

UiPath Test Automation using UiPath Test Suite series, part 4

WhyMCA HappyHour - EUHackathon Part II

1. HappyHour WhyMCA “OpenData” Rome, Dec. 15th 2011 EUHackathon: Hacking data to deliver meaningful information Part II Alessandro Manfredi

2. EUHackathon Nov, 8-9 ’11 Long story short: we went, we coded, we had fun, got a prize, etc.

3. EUHackathon Nov, 8-9 ’11 Long story short: we went, we coded, we had fun, got a prize, etc.

4. @matteocollina What these guys said @Giuliano84

5. @matteocollina What these guys said @Giuliano84

6. @matteocollina What these guys said @Giuliano84

7. @matteocollina What these guys said @Giuliano84

8. @matteocollina What these guys said @Giuliano84 OpenData Visualization Meaningful Information

9. Data Sources Transparency Report

10. Data Sources Crowd-Sourced Transparency Report Hackathon sponsor

11. Data Sources Crowd-Sourced Aggregated data Unﬁltered users reports Transparency Report Hackathon sponsor

12. Data Sources Crowd-Sourced Aggregated data Unﬁltered users reports (kind of a bloody mess) Transparency Report Hackathon sponsor

13. So, how about the GTT ?

14. So, how about the GTT ? Transparency Report

15. Roadmap from 10k ft • Clean the data and remove noise • Combine data from from different sources > • Put everything in an easy-to-query format • Throw the result inside a DB • Build a nice interface to < to display meaningful information :-)

16. In practice (1/3) • Data from Google and OpenNet were already aggregated • Good: ready to use as information • Bad: not much to do with them • Bad: they were only about some countries (~75) • So we also filtered data from Herdict to get only reports relevant to these countries. • We combined data from both with some stats extracted from Herdict reports to provide country-specific information...

17. Like...

18. Like... Content removal requests Transparency Alert Censored categories

19. We did something similar at site-speciﬁc level... (2/3)

20. Like...

21. website keywords Like... website preview # of unreachability warnings

22. In practice (3/3) • Data from Herdict were a little bit messy • Good: direct users reports, a lot of data • Bad: not verified, confirmed, or ranked • Bad: user’s typo, non-existent ISPs, etc. • Bad: some obvious fake data • e.g., 600+ fake reports of palestine-info.co.uk being inaccessible from ISP [A-Za-z0-9]{8}

23. In practice (3/3) • We considered only websites with more than <T> reports • and only (www.)?domain.<tld> with some exceptions, like [^.]*.blogspot.com or [^.]*.wordpress.com • We aggregated reports per-(ISP, country) and per-site • So that it was easy to get responses to queries like: • From which countries the website X has been reported as unreachable? • From which ISPs in country Y the website X is reported as unreachable?

24. http://www.sharpnod.es/

25. http://www.sharpnod.es/ Live Demo?

26. Cool things we didn't have time for • Keyword-based websites search • Selection of a temporal interval • A sort of “PLAY” button to visualize the evolution of the graph through time • ...many more :-)

27. Cool things we knew we wouldn't have time for Real-time reachability check using proxies located in several countries. How about using ToR with .. ? ExitNodes <Nodes-country-X-ISP-Y> StrictExitNodes 1 Infer censorship applied by ISP in higher positions in the internet graph.

28. Q (&A)?

29. HappyHour WhyMCA “OpenData” Rome, Dec. 15th 2011 Alessandro Manfredi www.n0on3.net @n0on3

WhyMCA HappyHour - EUHackathon Part II

Recommended

Recommended

More Related Content

Similar to WhyMCA HappyHour - EUHackathon Part II

Similar to WhyMCA HappyHour - EUHackathon Part II (20)

Recently uploaded

Recently uploaded (20)

WhyMCA HappyHour - EUHackathon Part II

Editor's Notes