Cyber Security Analytics. Su Zhao Yuan-Jen Lee Ching-Tang Lin Yufeng Mao



Similar documents
MIS 510: Cyber Analytics Project

Recon and Mapping Tools and Exploitation Tools in SamuraiWTF Report section Nick Robbins

Course Content: Session 1. Ethics & Hacking

STABLE & SECURE BANK lab writeup. Page 1 of 21

A Study on IP Exposure Notification System for IoT Devices Using IP Search Engine Shodan

1 Log visualization at CNES (Part II)

The Impact of Computer Engineering 1. The Impact of Computer Engineering Oakland University Andrew Nassif 11/21/2015

Baidu: Webmaster Tools Overview and Guidelines

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

THE OPEN UNIVERSITY OF TANZANIA

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

Network Security Testing using MMT: A case study in IDOLE project

Research on the Essential Network Equipment Risk Assessment Methodology based on Vulnerability Scanning Technology Xiaoqin Song 1

EC-Council Certified Security Analyst (ECSA)

CRYPTUS DIPLOMA IN IT SECURITY

Cyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies

Penetration: from Application down to OS

DEVELOP ROBOTS DEVELOPROBOTS. We Innovate Your Business

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Useful Tips for Reducing the Risk of Unauthorized Access for Network Cameras Important

SHODAN for Penetration Testers. Michael theprez98 Schearer

Multi-Homing Dual WAN Firewall Router

Security Awareness For Server Administrators. State of Illinois Central Management Services Security and Compliance Solutions

How To Prevent An Sql Injection Attack

3 day Workshop on Cyber Security & Ethical Hacking

Comtrend 1 Port Router Installation Guide CT-5072T

SMC7901WBRA2-B1 Installation Guide

FORBIDDEN - Ethical Hacking Workshop Duration

Security Threats on National Defense ICT based on IoT

Tank Gauges and Security on the Internet

ACKNOWLEDGMENT. I would like to thank Allah for giving me the patience to work hard and overcome all the

Security in the Sauce Labs Cloud

HTTPParameter Pollution. ChrysostomosDaniel

A SURVEY OF CLOUD COMPUTING: NETWORK BASED ISSUES PERFORMANCE AND ANALYSIS

D m i t r y S l i n k o v, C I S M SWISS C Y B E R S TO R M Black market of cybercrime in Russia

Figure 41-1 IP Filter Rules

Vulnerability Assessment and Penetration Testing

Honeypot that can bite: Reverse penetration

WEB APPLICATION FIREWALLS: DO WE NEED THEM?

A Prevention & Notification System By Using Firewall. Log Data. Pilan Lin

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

Cross Site Scripting in Joomla Acajoom Component

Exploiting Foscam IP Cameras.

Workshop Designed & Powered by TCIL IT, Chandigarh

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

A TASTE OF HTTP BOTNETS

How To Protect Your Data From Being Stolen

Bitrix Software Security. Powerful content management with advanced security features

Creating Stronger, Safer, Web Facing Code. JPL IT Security Mary Rivera June 17, 2011

(M.S.), INDIA. Keywords: Internet, SQL injection, Filters, Session tracking, E-commerce Security, Online shopping.

RETHINK SECURITY FOR UNKNOWN ATTACKS

SQL Injection 2.0: Bigger, Badder, Faster and More Dangerous Than Ever. Dana Tamir, Product Marketing Manager, Imperva

Web Vulnerability Scanner by Using HTTP Method

by Debasis Mohanty (Orissa, India)

[state of the internet] / SEO Attacks. Threat Advisory: Continuous Uptick in SEO Attacks

SCADA SYSTEMS AND SECURITY WHITEPAPER

Wikto how does it work and how do I use it?

SQL Injection. By Artem Kazanstev, ITSO and Alex Beutel, Student

Quick Guide of DDNS Settings

How To Fix A Web Application Security Vulnerability

Bank Hacking Live! Ofer Maor CTO, Hacktics Ltd. ATC-4, 12 Jun 2006, 4:30PM

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes

SOLUTION OF IGNOU ASSIGNMENT BY BYAS KUMAR GUPTA. BCA 6 th SEM Assignment Solution COURSE CODE BCS 062

Presented By: Holes in the Fence. Agenda. IPCCTV Attack. DDos Attack. Why Network Security is Important

CS 558 Internet Systems and Technologies

Inside-Out Attacks. Security Event April 28, 2004 Page 1. Responses to the following questions

Contemporary Web Application Attacks. Ivan Pang Senior Consultant Edvance Limited

DATA SHEET. What Darktrace Finds

Cyber Security for SCADA/ICS Networks

Appendix IP CAMERA Network Connections

SECURING APACHE : THE BASICS - III

Sonicwall Reporting Server

Acunetix Web Vulnerability Scanner. Manual V6.5. By Acunetix Ltd.

Adaptive Authentication Integration Options. John Murray Manager, RSA Systems Engineering

Hacker Intelligence Initiative, Monthly Trend Report #13

Joomla Admin Protection

How To Protect Your Network From A Hacker Attack On Zcoo Ip Phx From A Pbx From An Ip Phone From A Cell Phone From An Uniden Ip Pho From A Sim Sims (For A Sims) From A

E-Commerce for IT Advanced. Louis Aguila & Matt Burt

Chapter 4 Managing Your Network

Watching the watchers: hacking wireless IP security cameras SecTor, October Sergey Shekyan Shape Security Artem Hartutyunyan Qualys Inc.

AI Engine Rules June 2014

Metasploit The Elixir of Network Security

School of Information Science (IS 2935 Introduction to Computer Security, 2003)

Detailed Description about course module wise:

Inside-Out Attacks. Covert Channel Attacks Inside-out Attacks Seite 1 GLÄRNISCHSTRASSE 7 POSTFACH 1671 CH-8640 RAPPERSWIL

Inspection of Encrypted HTTPS Traffic

Evaluation of Google Hacking

INTERNET SECURITY: THE ROLE OF FIREWALL SYSTEM

Penetration Test JSPLC. Contact: James, APS (CCNA, CEH) mail.biz

Transcription:

+ Cyber Security Analytics Su Zhao Yuan-Jen Lee Ching-Tang Lin Yufeng Mao

+ How to prevent unauthorized users to access modems? Question 1

+ Introduction to SHODAN SHODAN is a search engine which can assist us to find computer equipment Using SHODAN can find the device which connected to country, city, and the company Purpose In order to prevent unauthorized users to access the company s computers by hacking modems.

+ Research Design Step 1: Accessing to the SHODAN account, since if we do not login the account, the filter about country and net are not available. Step 2: Using python to link SHODAN; moreover, we only need to know IP and data, so we can just only filter IP and data. Step 3: Writing a code to generate.txt file. By doing this, we can easily to find which modems may have risk. Step 4: Analyzing those information we got, then providing the solution to prevent attackers.

+ Findings & Solution Finding the useful information such as IP address, HTTP Closing all the PORT service for WAN and just only allow intranet IP to access Changing our password regularly, since the maximum of password on PPPOE is 8 characters.

Analysis the relationship + between number of surveillance camera and homicide rate. Question 2

+ Use Python to query surveillance camera related devices Save data into keyword.txt

+ Get IP, country, Latitude and Longitude data

+ Use Google Maps API to display geolocations

+ Geolocation of Surveillance Devices

+ To analyze the trends that Chinese Hackers talks about VPN. Question 3

+ Hypothesis 1. As the Chinese government has an increasingly restrict for the citizens to access foreign network, the key word VPN in Chinese hacker websites should have a corroborate increase trend. 2. VPN is the most popular way for ordinary people in China to get out the Great Firewall.

+ SQL codes

+ Trends of the data

+ Discussion: From the analysis above, we can find an increasingly popularity of VPN. The potential security problem that the VPN causes should draw our attention. For further discussion, we can have a model to extract the attitude of the author in these posts using text mining techniques.

+ How to prevent unauthorized users to access modems? Question 4

+ Introduction to Bitcoin Bitcoin is a peer-to-peer payment system and digital currency introduced as open source software in 2009. Future in Question Concerns: Unregulated Taxation Issue No Transaction Record Anonymous Potential Illicit Activities

+ Question 1: Frequency Trend & Price Trend More hackers highly focused on Bitcoin in 2012 There is a process for people to accept new emerged item on the Internet Bitcoin is a hot topic in Chinese & Russian language environment -- higher security risk in higher attention areas Research hackers behavior relates to economic topics Stable price & upward discussion trend -- a more dangerous phase

+ Question 2: Hacker Discussion Texting Mining Topic 1: keywords -- lulzsec, attack, wallet, passwords and sock Bitcoin wallets may have higher risks recently about its account security Topic 2: keywords -- botnet, payment and server Bitcoin payment method may have the risk from botnet Topic 3: Keywords -- html, injection, VPN, connection and port Code injection attack Network connection vulnerabilities

+ Code and Screenshots bin/mallet train-topics --input bitcoin.mallet --num-topics 5 --output-state topic-state.gz --output-topic-keys bitcoin_keys_5.txt --output-doc-topics bitcoin_topics_5.txt http://mallet.cs.umass.edu/quick-start.php bin/mallet train-topics --input bitcoin.mallet --num-topics 3 --output-state topic-state.gz --output-topic-keys bitcoin_keys_3.txt --output-doc-topics bitcoin_topics_3.txt bin/mallet train-topics --input bitcoin.mallet --num-topics 7 --output-state topic-state.gz --output-topic-keys bitcoin_keys_7.txt --output-doc-topics bitcoin_topics_7.txt