• Home

  • Documents

  • Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion...
19
From Students… …to Professionals The Capstone Experience Team Rook Roy Barnes Matt Hammerly Will McGee Chiyu Song Mark Velez Department of Computer Science and Engineering Michigan State University Spring 2017 Beta Presentation Force Platform Ingestion Tool

Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

  • Upload
    others

  • View
    1

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

From Students…

…to Professionals

The Capstone Experience

Team RookRoy Barnes

Matt HammerlyWill McGeeChiyu SongMark Velez

Department of Computer Science and EngineeringMichigan State University

Spring 2017

Beta PresentationForce Platform Ingestion Tool

http://www.capstone.cse.msu.edu/
Page 2: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

Project Overview

• Force platform for security alert management/analysis

• Force accepts data in one format, but clients send data in different formats

• Force PIT provides a way for clients to integrate existing monitoring tools with Force

• Suggests groups of related alerts to save Rook analysts time

The Capstone Experience Team Rook Beta Presentation 2

Page 3: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

System Architecture

The Capstone Experience Team Rook Beta Presentation 3

Page 4: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

Data Flow Diagram

The Capstone Experience Team Rook Beta Presentation 4

Elastic

Page 5: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

Data Flow Diagram

The Capstone Experience Team Rook Beta Presentation 5

Brief presentation of Data Flow

Page 6: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

API

API

APIRequest alertsSend back alerts Data

Normalizer

Machine Learning

Platform Ingestion Tool

• From clients of Rook

• Endpoints like firewall, database, etc.

• Send out logs of security events (Alerts)

Data Flow Walkthrough

The Capstone Experience Team Rook Beta Presentation

Page 7: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

Data Normalizer

Machine Learning

Platform Ingestion Tool

Elastic Database

Data Flow Walkthrough (cont.)

The Capstone Experience Team Rook Beta Presentation

Page 8: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

Elastic

Contains data that includes…

• Alerts, new and old

• Tickets, composed of alerts

• Suggestions created from ML

Pull data from Elastic

Push data through to Front end

Pass back analyst changes

Push changes to update data

Data Flow Walkthrough (cont.)

The Capstone Experience Team Rook Beta Presentation

Page 9: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

Store new API configuration settings

Elastic Pull data from Elastic

Push data through to Front end

Pass back analyst changes

Push changes to update data

Data Flow Walkthrough (cont.)

The Capstone Experience Team Rook Beta Presentation

Page 10: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

Data Flow Diagram

The Capstone Experience Team Rook Beta Presentation 10

Elastic

Page 11: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

Login Page

The Capstone Experience Team Rook Beta Presentation 11

To the end…

Page 12: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

Alerts Page

The Capstone Experience Team Rook Beta Presentation 12

Page 13: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

Alerts Page – Ticket Panel

The Capstone Experience Team Rook Beta Presentation 13

Page 14: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

Alerts - Filtered

The Capstone Experience Team Rook Beta Presentation 14

Page 15: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

Tickets Page

The Capstone Experience Team Rook Beta Presentation 15

Page 16: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

Tickets - Editing Ticket

The Capstone Experience Team Rook Beta Presentation 16

Page 17: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

Jobs Page

The Capstone Experience Team Rook Beta Presentation 17

Page 18: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

What’s left to do?

•Update color scheme to Rook’s updated colors

•Continue building out support for more types of APIs

The Capstone Experience Team Rook Beta Presentation 18

Page 19: Read Me (Delete this slide.) [1 of 2] · 2017-04-04 · Beta Presentation Force Platform Ingestion Tool. Project Overview •Force platform for security alert ... The Capstone Experience

Questions?

The Capstone Experience 19

?

? ??

?

?

?

?

?

Team Rook Beta Presentation


Lipidos Ingestion

Lipidos Ingestion

Documents
Corrosive ingestion

Corrosive ingestion

Health & Medicine
Modeling Boundary Layer Ingestion Using a Coupled ...openmdao.org/pubs/gray_bli_2017.pdf · Modeling Boundary Layer Ingestion Using a ... Although boundary layer ingestion (BLI),

Modeling Boundary Layer Ingestion Using a Coupled ...openmdao.org/pubs/gray_bli_2017.pdf · Modeling Boundary Layer Ingestion Using a ... Although boundary layer ingestion (BLI),

Documents
Security in Adobe Experience Platform · 2021. 8. 31. · Architecture Security on . Experience Platform Security at Adobe . ... Ingestion API, Infrastructure API, and Compute API—and

Security in Adobe Experience Platform · 2021. 8. 31. · Architecture Security on . Experience Platform Security at Adobe . ... Ingestion API, Infrastructure API, and Compute API—and

Documents
36722079 Force Platform Cookbook

36722079 Force Platform Cookbook

Documents
Evaluation of motion platform embedded with force plate

Evaluation of motion platform embedded with force plate

Documents
Blended Wing Body (BWB) Boundary Layer Ingestion … · Layer Ingestion (BLI) Inlet Configuration ... Boundary Layer Ingestion (BLI) Inlet Configuration and System Studies ... Ingesting

Blended Wing Body (BWB) Boundary Layer Ingestion … · Layer Ingestion (BLI) Inlet Configuration ... Boundary Layer Ingestion (BLI) Inlet Configuration and System Studies ... Ingesting

Documents
IoT Ingestion & Analytics using Apache Apex - A Native Hadoop Platform

IoT Ingestion & Analytics using Apache Apex - A Native Hadoop Platform

Technology
Force,Comn Platform Limits

Force,Comn Platform Limits

Documents
ELEARNING PLATFORM REVIEW - Framingham...elearning platform review task force recommendation presented october 30, 2020 . elearning platform review task force robin robinson (chair),

ELEARNING PLATFORM REVIEW - Framingham...elearning platform review task force recommendation presented october 30, 2020 . elearning platform review task force robin robinson (chair),

Documents
1 Caustic ingestion

1 Caustic ingestion

Documents
Real-time Data Ingestion with CDC - Continuous Real-Time ... · Real-time Data Ingestion with CDC The Striim platform ingests real-time, streaming data from HPE NonStop servers and

Real-time Data Ingestion with CDC - Continuous Real-Time ... · Real-time Data Ingestion with CDC The Striim platform ingests real-time, streaming data from HPE NonStop servers and

Documents
Management of Corrosive Ingestion

Management of Corrosive Ingestion

Documents
Video tracking and force platform measurements of the

Video tracking and force platform measurements of the

Documents
1st Operational Symposium - STAR€¦ · Community Knowledge Identification Knowledge Collection Mediation Ingestion GEOSS Platform connection Discover, Learn, Reuse DMPs Status Report

1st Operational Symposium - STAR€¦ · Community Knowledge Identification Knowledge Collection Mediation Ingestion GEOSS Platform connection Discover, Learn, Reuse DMPs Status Report

Documents
Spatially Isotropic Configuration of Stewart Platform-based Force Sensor

Spatially Isotropic Configuration of Stewart Platform-based Force Sensor

Documents
EPUB: The Next-Generation Digital Content Platform · EPUB: The Next-Generation Digital Content Platform ... • EPUB has been universally adopted for ingestion ... (Adobe InDesign)

EPUB: The Next-Generation Digital Content Platform · EPUB: The Next-Generation Digital Content Platform ... • EPUB has been universally adopted for ingestion ... (Adobe InDesign)

Documents
Intro to Apache Apex, the Next Gen Hadoop Platform for Ingestion & Transformation

Intro to Apache Apex, the Next Gen Hadoop Platform for Ingestion & Transformation

Technology
Measurement of force torque and pressure. Measuring devices MeasurandsMeasuring instruments Force, loadAnalytical balance Platform balance Proving ring

Measurement of force torque and pressure. Measuring devices MeasurandsMeasuring instruments Force, loadAnalytical balance Platform balance Proving ring

Documents
Evaluation of motion platform embedded with force …...221 JRRD Volume 52, Number 2, 2015 Pages 221–234 Evaluation of motion platform embedded with force plate-instrumented treadmill

Evaluation of motion platform embedded with force …...221 JRRD Volume 52, Number 2, 2015 Pages 221–234 Evaluation of motion platform embedded with force plate-instrumented treadmill

Documents
RabbitMQ Data Ingestion

RabbitMQ Data Ingestion

Business
Corrosive ingestion

Corrosive ingestion

Health & Medicine
Hortonworks Data Platform - Data Access€¦ · The Hortonworks Data Platform, powered by Apache Hadoop, ... All of our technology is, ... Streaming Data Ingestion

Hortonworks Data Platform - Data Access€¦ · The Hortonworks Data Platform, powered by Apache Hadoop, ... All of our technology is, ... Streaming Data Ingestion

Documents
Engine Ingestion Test

Engine Ingestion Test

Engineering
Herbicide Ingestion - Latest

Herbicide Ingestion - Latest

Documents
Automated Vulnerability Ingestion, Prioritization and ... Briefs/Rapid7...Automated Vulnerability Ingestion, Prioritization and Remediation Products: Vulcan Platform, Rapid7 Nexpose

Automated Vulnerability Ingestion, Prioritization and ... Briefs/Rapid7...Automated Vulnerability Ingestion, Prioritization and Remediation Products: Vulcan Platform, Rapid7 Nexpose

Documents
Estimating the Hydrodynamic Force on Mini Tension Leg Platform

Estimating the Hydrodynamic Force on Mini Tension Leg Platform

Documents
FORM 3 - Ingestion

FORM 3 - Ingestion

Documents
Task Force Platform Interoperability

Task Force Platform Interoperability

Technology
Sales Force Platform Portal Implementation Guide

Sales Force Platform Portal Implementation Guide

Documents