Big Data & Intelligence Driven Security EMELIA Yamson My Email: ewyamson@nosmay.com
Introduction to Big Data 2013 AKAMA FASTER FORWARD TM
Big Data - Introduction High volume, velocity and variety information assets that demand costeffective, innovative and reliable forms of information processing for enhanced insight and decision making 3
Big Data Introduction Cont. Variety Big data is any type of data: structured and unstructured data such as text, sensor data, audio, video, click streams, log files and more. New insights are found when analyzing these data types together Volume Enterprises are awash with ever-growing data of all types, easily amassing terabytes even petabytes of information Velocity For time-sensitive processes such as catching fraud, big data must be used as it streams into your enterprise in order to maximize its value 4
Security Trends & Challenges 2013 AKAMA FASTER FORWARD TM
Security Trends & Challenges Up to date organizations confront unprecedented security arising mainly from: 1. Mobility, and the consumerization of enterprise IT dissolves network boundaries risks 6
Security Trends & Challenges Mobility, and I T consumerization 7
Security Trends & Challenges Cont. 2. Highly sophisticated, non signature targeted cyber skilled, attacks 8
Security Trends & Challenges Cont. The dissolution of traditional defensive perimeters coupled with attackers ability to circumvent traditional security systems requires organizations to reinvent their security approach 9
Big Data & Intelligence Driven Security 2013 AKAMA FASTER FORWARD TM
Big Data & Intelligence Driven Security Big Data fuels intelligence driven security Big data encompasses the breadth of sources and the information depth needed to: 1) Assess risks 2) 3) 4) 5) Detect illicit activities and advanced cyber threats Allow advanced predictive capabilities and automated RT controls Serve cyber incident response & investigation services Deliver compliance 11
Bi g Data & Intelligence Driven Security What & How 12
Big Data & Intelligence Driven Security Use Case Akamai Confidential Faster Forward 2013 AKAMA FASTER TM FORWARD TM 2012 Akamai I
Use case Web User Identity & Big Data The Goal Verify web customer identity The Process Generate, maintain and store a precise continuously evaluated digital fingerprint of every web customer, based on behavioral monitoring combined with other "biometrics" measurements The Means Ongoing active & passive user activity data feeds 3 rd party intelligence (reputation, fraud etc.) Big data platform 2013 AKAMAI FASTER FORWARD TM 14
Use case User Identity & Big Data Data Access Patterns Location Device Activity Access Location User P rofilep Patterns ocess Patterns ed Patterns DCa oammo n Profil Device Activity Patterns r t Patterns Patterns e s Patterns s Preconfigured Data Rules Preconfigured Data Rules Correlation Preconfigured Users Profile Preconfigured Big Da ta Store Correlation & Pro cess Deviation Rules Rules Activity Time Activity Type Geo Location Source Host Extrac IP & t ed ID D ata NW Device Fingerprint Reputation Rank Fraud Rank Web Mobile 3 rd Party 3 rd Party/ MSSPs DNS Log Intern Feeds Server Operators Reputation Data al Data F eeexdtesrn Data l F eeds Data Data Data a 2013 AKAMAI FASTER FORWARD TM 3 rd Party Fraud Data 15 15
Web User Identity Customers & Bi g Data Use case Cont. 2013 AKAMAI User Profiles C ri C Cr tirti e r t i eriria a Da D e a Da t at a ta a Access Access Access Week Week W y Sun 2pm l y lk ; Sun l;y; Sun 2pm 2p - 3pm 3pm 3pm m- - Loca on P ange US CA 2 71 2 1 Loca ti on taitio ( P n I (I(I ange r Pr rang ) US US,, CA, C ( A( 2. (2. 71.7 2. 1. 1..2. Dev ce Pad Sys CPU OS Dev e) ) ce Device: Dev 3_2_1 i ce Pad ke Mac Sys OS CPU X OS P a om Dev ce ).1) i : i :) i ipad; i ivice ; ; : Sys: : CPU OS 2_1 like Mac OS X; 3_2_1 App 3_ ewebk li ke li Mac OS 531 X ; 21 ; l P 10 t l a fr tfr om : : : App B l owse ewebk l Platfrom Sa it/ 531 it/ a. 21.. 10. B r owse rbro AppleWebKit/531.21.10 r: r: Sa f a f ri wser: Safari ri Ac Ac A v y Ma n R ti tcit v it y iivtity Ma M i n iai R ( n( ) ) C ri C rtirti e e r t i eriria a a Da Da D t a at a ta Access Week l y y lk Sa ; l;y; Sa S t tat 10am - m- -11am Loca Loc ti taitio on on ( n I (I(I P r ange Pr rang ) e) US US U,,S, TX TX T ( X( 34 34 (3 1. 1 4.. 1.1.. 1.1. ) ).1 ) ) Dev ce PC Mob e Sys W n8 Dev De Device: PC, Mobile; Sys: i ce ivice Win8, OS5.01, 32bit, 64bit Ac Ac A ti tcit v v it iivtity y y C ri C rtirti e e r t i eriria a a Da Da D t a at a ta Access Access Days : y:s: Sun Sun Sun 22-3pm 2- -3p, m, Mon Mon, 88-8- 9am - Loca Loc 9am ti taitio on on ( n I (I(I P r ange Pr rang ) e) US US U,,S, MA M ( A( 18 18 (1 1. 18.. 1.1. 3. 3.1. ) 18 18 1 ;.3. ; 1 8. ; 12..1 23.. 3.2. Dev Dev ce ce Mob Mob e e T T Mob Mob e e 3G 3G Dev Device: ce ).3 ) ) i i : : Mobile il il - - T-Mobile i ivice 3G; Sys: Linux; Platfrom: il il ; Ac Ac A ti tcit v v it iivtity y y I FASTER FOR Dev i i ce : : PC,, Mob il il; e ; Sys : : i W i n8,, i OS5 i OS5 i. 01. 01, 32b, 32b it i,t 64b, 64b it itr p p oc r oc ; ; P P a a proc; om om Platfrom: l tl frtfr : App : App l ewebk l ewebk it/it/ 537 53736. 36 AppleWebKit/537.36. Ma Ma M i n iain n Log Log Lo i n Ca n Ca Checkou Checko igin C t ut t rt ratrt Sys Sys L L nux nux P P a a om om And And o o Android ; d d 2 : 2.3.4 3 : 4 i App i AppleWebKit/533.1 ; ; ewebk l l tfr tfr : 533 : r 1 r i i 2. 3 4 App ewebk 533 1 Ma Ma.. n P n P l l oduc it/ it/. M. A i iain r Pr rodu t P P oduc B W ARD tcta TM r Pr rodu t tctb Common Profiles 16
From Big Data to Big Insights Best Practice Guidelines Akamai Confidential Faster Forward 2013 AKAMA FASTER TM FORWARD TM 2012 Akamai I I
From Big Data to Big Insights Best Practice Guidelines 1) 2) 3) 4) 5) 6) 7) Define your objectives Understand the potential data feeds needed to meet the objectives Understand the process needed to obtain, format correctly, clean and standardize Assess the platform and infrastructure needed to obtain, process, manage and use the data Start small Assure data is safe and private Be transparent about data practices 18
Thank You 2013 AKAMA FASTER FORWARD TM