Embed Size (px)
DESCRIPTION
Big Data, September 15th, 2013
Citation preview
Big Data & Intelligence Driven Security
Concept Presentation
Introduction to Big Data
©2013 AKAMAI | FASTER FORWARDTMAkamai Confidential ©2012 AkamaiFaster ForwardTM
Big Data - Introduction
High volume, velocity and variety
information assets that demand cost-
effective, innovative and reliable forms of
information processing for enhanced
insight and decision making
©2013 AKAMAI | FASTER FORWARDTM3
insight and decision making
Big Data – Introduction Cont.
• Variety – Big data is any type of data: structured and
unstructured data such as text, sensor data, audio, video, click
streams, log files and more. New insights are found when
analyzing these data types together
• Volume – Enterprises are awash with ever-growing data of all
©2013 AKAMAI | FASTER FORWARDTM4
• Volume – Enterprises are awash with ever-growing data of all
types, easily amassing terabytes even petabytes of
information
• Velocity – For time-sensitive processes such as catching
fraud, big data must be used as it streams into your
enterprise in order to maximize its value
Security Trends & Challenges
©2013 AKAMAI | FASTER FORWARDTMAkamai Confidential ©2012 AkamaiFaster ForwardTM
Security Trends & Challenges
Up to date organizations confront unprecedented security risks
arising mainly from:
1. Mobility, and the “consumerization” of enterprise IT
dissolves network boundaries
©2013 AKAMAI | FASTER FORWARDTM6
Security Trends & Challenges –
Mobility, and IT “consumerization”
©2013 AKAMAI | FASTER FORWARDTM7
Security Trends & Challenges Cont.
2. Highly skilled, sophisticated, non signature targeted cyber
attacks
©2013 AKAMAI | FASTER FORWARDTM8
Security Trends & Challenges Cont.
The dissolution of traditional defensive
perimeters coupled with attackers ability to
©2013 AKAMAI | FASTER FORWARDTM9
perimeters coupled with attackers ability to
circumvent traditional security systems
requires organizations to reinvent their
security approach
Big Data & Intelligence Driven Security
©2013 AKAMAI | FASTER FORWARDTMAkamai Confidential ©2012 AkamaiFaster ForwardTM
Big Data & Intelligence Driven Security
Big Data fuels intelligence driven security –
• Big data encompasses the breadth of sources and the
information depth needed to:
1) Assess risks
2) Detect illicit activities and advanced cyber threats
3) Allow advanced predictive capabilities and automated RT controls
©2013 AKAMAI | FASTER FORWARDTM11
3) Allow advanced predictive capabilities and automated RT controls
4) Serve cyber incident response & investigation services
5) Deliver compliance
Big Data & Intelligence Driven Security – What & How
©2013 AKAMAI | FASTER FORWARDTM12
Big Data & Intelligence Driven Security Use Case
©2013 AKAMAI | FASTER FORWARDTMAkamai Confidential ©2012 AkamaiFaster ForwardTM
Use case –
Web User Identity & Big Data
The Goal –
• Verify web customer identity
The Process –
• Generate, maintain and store a precise continuously evaluated
digital fingerprint of every web customer, based on behavioral
monitoring combined with other "biometrics" measurements
©2013 AKAMAI | FASTER FORWARDTM14
monitoring combined with other "biometrics" measurements
The Means –
• Ongoing active & passive user activity data feeds
• 3rd party intelligence (reputation, fraud etc.)
• Big data platform
Use case –
Web User Identity & Big Data
Processed Data
Big Data – Store & Process
User Profiles Common Profiles
Preconfigured Data Rules
Preconfigured Data Rules Correlation
Preconfigured Users Profile Correlation
Rules
Access Patterns
Location Patterns
Device Patterns
Activity Patterns
Access Patterns
Location Patterns
Device Patterns
Activity Patterns
Preconfigured Deviation Rules
©2013 AKAMAI | FASTER FORWARDTM15
Data Feeds
15
Extracted Data
Internal Feeds External FeedsDNS Log Data
Web Server Data
Mobile Operators
Data
3rd Party/ MSSPs
Data
3rd
Party Fraud Data
3rd Party Reputation
Data
Activity Time
Geo Location
Device Fingerprint
Source IP & NW
Host ID
Fraud Rank
Reputation Rank
CorrelationRules
Activity Type
Criteria Data
Access Weekly; Sun 2pm-
3pm
Location (IP range) US, CA (2.71.2.1)
Device Device: iPad; Sys: CPU OS
3_2_1 like Mac OS X; Platfrom:
AppleWebKit/531.21.10
Browser: Safari
Activity Main (R)
Criteria Data
Access Weekly; Sun 2pm-
3pm
Location (IP range) US, CA (2.71.2.1)
Device Device: iPad; Sys: CPU OS
3_2_1 like Mac OS X; Platfrom:
AppleWebKit/531.21.10
Browser: Safari
Activity Main (R)
Criteria Data
Access Weekly; Sat
Criteria Data
Access Weekly; Sat
Criteria Data
Access Weekly; Sun 2pm-
3pm
Location (IP range) US, CA (2.71.2.1)
Device Device: iPad; Sys: CPU OS
3_2_1 like Mac OS X; Platfrom:
AppleWebKit/531.21.10
Browser: Safari
Activity Main
Web User Identity & Big Data Use case – Cont.
Customers User Profiles
Criteria Data
Access Weekly; Sat
Common Profiles
©2013 AKAMAI | FASTER FORWARDTM16
Criteria Data
Access Days: Sun 2-3pm,
Mon 8-9am
Location (IP range) US, MA (18.1.1.3;
18.1.2.3)
Device Device: Mobile T-Mobile 3G;
Sys: Linux; Platfrom: Android
2.3.4 AppleWebKit/533.1
Activity Main�ProductA
�ProductB…
Criteria Data
Access Days: Sun 2-3pm,
Mon 8-9am
Location (IP range) US, MA (18.1.1.3;
18.1.2.3)
Device Device: Mobile T-Mobile 3G;
Sys: Linux; Platfrom: Android
2.3.4 AppleWebKit/533.1
Activity Main�ProductA
�ProductB…
Access Weekly; Sat
10am-11am
Location (IP range) US, TX (34.1.1.1)
Device Device: PC, Mobile; Sys: Win8,
iOS5.01, 32bit , 64bit proc;
Platfrom: AppleWebKit/537.36
Activity Main
�Login�Cart�
Checkout
Access Weekly; Sat
10am-11am
Location (IP range) US, TX (34.1.1.1)
Device Device: PC, Mobile; Sys: Win8,
iOS5.01, 32bit , 64bit proc;
Platfrom: AppleWebKit/537.36
Activity Main
�Login�Cart�
Checkout
Access Weekly; Sat
10am-11am
Location (IP range) US, TX (34.1.1.1)
Device Device: PC, Mobile; Sys: Win8,
iOS5.01, 32bit , 64bit proc;
Platfrom: AppleWebKit/537.36
Activity Main
�Login�Cart�
Checkout
Criteria Data
Access Days: Sun 2-3pm,
Mon 8-9am
Location (IP range) US, MA (18.1.1.3;
18.1.2.3)
Device Device: Mobile T-Mobile 3G;
Sys: Linux; Platfrom: Android
2.3.4 AppleWebKit/533.1
Activity Main�ProductA
�ProductB…
From Big Data to Big Insights – Best Practice Guidelines
©2013 AKAMAI | FASTER FORWARDTMAkamai Confidential ©2012 AkamaiFaster ForwardTM
From Big Data to Big Insights – Best Practice Guidelines
1) Define your objectives
2) Understand the potential data feeds needed to meet the objectives
3) Understand the process needed to obtain, format correctly, clean and
standardize
4) Assess the platform and infrastructure needed to obtain, process,
manage and use the data
5) Start small
©2013 AKAMAI | FASTER FORWARDTM18
5) Start small
6) Assure data is safe and private
7) Be transparent about data practices
Thank You
©2013 AKAMAI | FASTER FORWARDTMAkamai Confidential ©2012 AkamaiFaster ForwardTM
