Cyber Security Analytics. Su Zhao Yuan-Jen Lee Ching-Tang Lin Yufeng Mao

Transcription

1 + Cyber Security Analytics Su Zhao Yuan-Jen Lee Ching-Tang Lin Yufeng Mao

2 + How to prevent unauthorized users to access modems? Question 1

3 + Introduction to SHODAN SHODAN is a search engine which can assist us to find computer equipment Using SHODAN can find the device which connected to country, city, and the company Purpose In order to prevent unauthorized users to access the company s computers by hacking modems.

4 + Research Design Step 1: Accessing to the SHODAN account, since if we do not login the account, the filter about country and net are not available. Step 2: Using python to link SHODAN; moreover, we only need to know IP and data, so we can just only filter IP and data. Step 3: Writing a code to generate.txt file. By doing this, we can easily to find which modems may have risk. Step 4: Analyzing those information we got, then providing the solution to prevent attackers.

5 + Findings & Solution Finding the useful information such as IP address, HTTP Closing all the PORT service for WAN and just only allow intranet IP to access Changing our password regularly, since the maximum of password on PPPOE is 8 characters.

6 Analysis the relationship + between number of surveillance camera and homicide rate. Question 2

7 + Use Python to query surveillance camera related devices Save data into keyword.txt

8 + Get IP, country, Latitude and Longitude data

9 + Use Google Maps API to display geolocations

10 + Geolocation of Surveillance Devices

11 + To analyze the trends that Chinese Hackers talks about VPN. Question 3

12 + Hypothesis 1. As the Chinese government has an increasingly restrict for the citizens to access foreign network, the key word VPN in Chinese hacker websites should have a corroborate increase trend. 2. VPN is the most popular way for ordinary people in China to get out the Great Firewall.

13 + SQL codes

14 + Trends of the data

15 + Discussion: From the analysis above, we can find an increasingly popularity of VPN. The potential security problem that the VPN causes should draw our attention. For further discussion, we can have a model to extract the attitude of the author in these posts using text mining techniques.

16 + How to prevent unauthorized users to access modems? Question 4

17 + Introduction to Bitcoin Bitcoin is a peer-to-peer payment system and digital currency introduced as open source software in Future in Question Concerns: Unregulated Taxation Issue No Transaction Record Anonymous Potential Illicit Activities

18 + Question 1: Frequency Trend & Price Trend More hackers highly focused on Bitcoin in 2012 There is a process for people to accept new emerged item on the Internet Bitcoin is a hot topic in Chinese & Russian language environment -- higher security risk in higher attention areas Research hackers behavior relates to economic topics Stable price & upward discussion trend -- a more dangerous phase

19 + Question 2: Hacker Discussion Texting Mining Topic 1: keywords -- lulzsec, attack, wallet, passwords and sock Bitcoin wallets may have higher risks recently about its account security Topic 2: keywords -- botnet, payment and server Bitcoin payment method may have the risk from botnet Topic 3: Keywords -- html, injection, VPN, connection and port Code injection attack Network connection vulnerabilities

20 + Code and Screenshots bin/mallet train-topics --input bitcoin.mallet --num-topics 5 --output-state topic-state.gz --output-topic-keys bitcoin_keys_5.txt --output-doc-topics bitcoin_topics_5.txt bin/mallet train-topics --input bitcoin.mallet --num-topics 3 --output-state topic-state.gz --output-topic-keys bitcoin_keys_3.txt --output-doc-topics bitcoin_topics_3.txt bin/mallet train-topics --input bitcoin.mallet --num-topics 7 --output-state topic-state.gz --output-topic-keys bitcoin_keys_7.txt --output-doc-topics bitcoin_topics_7.txt