DWX2021: Open-Source Intelligenz (OSINT) mit Big Data auf Azure - Geht das?

Slide 1

Slide 1 text

www.manuelmeyer.net/ www.stefanko.ch @manumeyer1 @koecse OSINT mit Big Data auf Azure – Geht das? Developer Week 2021 Manuel Meyer, Stefan Koch

Slide 2

Slide 2 text

Manuel Meyer helps customers: • to kick-start the Azure journey. • to architect, implement and optimize their Azure Solutions www.manuelmeyer.net www.azurezurichusergroup.com @manumeyer1

Slide 3

Slide 3 text

Stefan Koch • Earns his bread and butter at Trivadis as a BI Consultant • Can move silently through the cloud • As dexterous with the gun as with the keyboard [email protected] @koecse

Slide 4

Slide 4 text

Agenda ▪ OSINT? ▪ Projekt Morpheus ▪ OSINT in Azure ▪ OSINT Tools & Tutorials.

Slide 5

Slide 5 text

No content

Slide 6

Slide 6 text

No content

Slide 7

Slide 7 text

No content

Slide 8

Slide 8 text

https://www.youtube.com/watch?v=7C20JmCt_3Q

Slide 9

Slide 9 text

2016 "celebrities who feared their phone conversations were being hacked" • Dual-Boot • End-to-end Encryption • Instant Messaging • Calls • Kill Code 2’000$ for 6 Months

Slide 10

Slide 10 text

60’000 users Gendarmerie National: «90% of subscribers are criminals» British National Crime Agency: «No evidence of non-criminals using it» «The industry standard of organized crime» 2020

Slide 11

Slide 11 text

2017 Gendarmerie discovers first devices And starts the investigation 2019 EU Funding Infiltration Distribution in the EU… https://en.wikipedia.org/wiki/EncroChat

Slide 12

Slide 12 text

No content

Slide 13

Slide 13 text

746 Festnahmen 8 Tonnen Kokain 1.2 Tonnen Crystal Meth 19 Drogenlabors 100 Waffen 55 Luxusautos 63 Mio Euro Cash 1 Folterkammer. Das Ende vom EncroChat!

Slide 14

Slide 14 text

No content

Slide 15

Slide 15 text

No content

Slide 16

Slide 16 text

No content

Slide 17

Slide 17 text

Public Sources • Most wanted • Social Media Profiles • Twitter • …

Slide 18

Slide 18 text

OSINT?

Slide 19

Slide 19 text

No content

Slide 20

Slide 20 text

«… is a multi-factor methodology for collecting, analyzing and making decisions about publicly available data sources to be used in an intelligence context» OSINT

Slide 21

Slide 21 text

«… is a multi-factor methodology for collecting, analyzing and making decisions about publicly available data sources to be used in an intelligence context» Intelligence

Slide 22

Slide 22 text

«Information, especially secret information gathered about an actual or potential enemy or adversary» Intelligence

Slide 23

Slide 23 text

No content

Slide 24

Slide 24 text

The need for new technology

Slide 25

Slide 25 text

No content

Slide 26

Slide 26 text

Initial Project Project Morpheus

Slide 27

Slide 27 text

No content

Slide 28

Slide 28 text

The setup

Slide 29

Slide 29 text

A Data Plattform in a computer

Slide 30

Slide 30 text

Indexsearch with ElasticSearch

Slide 31

Slide 31 text

Graph analysis with Neo4j

Slide 32

Slide 32 text

Apache Spark

Slide 33

Slide 33 text

No content

Slide 34

Slide 34 text

we have felt the answer

Slide 35

Slide 35 text

Morpheus on steorids (in the Azure Cloud)

Slide 36

Slide 36 text

Twitter https://developer.twitter.com/en

Slide 37

Slide 37 text

Streamsets https://streamsets.com/

Slide 38

Slide 38 text

Demo Streamsets

Slide 39

Slide 39 text

Azure Event Hub https://azure.microsoft.com/en-us/services/event-hubs/

Slide 40

Slide 40 text

Azure Data Lake https://azure.microsoft.com/en-us/solutions/data-lake/

Slide 41

Slide 41 text

Azure Data Lake https://azure.microsoft.com/en-us/solutions/data-lake/ LEGACY ADLS v2 (Storage Account with hierarchical file System)

Slide 42

Slide 42 text

Azure Data Lake https://azure.microsoft.com/en-us/solutions/data-lake/ ADLS v2 (Storage Account with hierarchical file System)

Slide 43

Slide 43 text

Azure Databricks https://databricks.com/

Slide 44

Slide 44 text

Azure Databricks

Slide 45

Slide 45 text

Demo Databricks

Slide 46

Slide 46 text

How to get the Data out of the Lake? https://azure.microsoft.com/de-de/services/synapse-analytics/

Slide 47

Slide 47 text

Azure Synapse Analytics https://azure.microsoft.com/de-de/services/synapse-analytics/

Slide 48

Slide 48 text

Azure Synapse Analytics https://www.jamesserra.com/archive/2020/08/sql-on-demand-in-azure-synapse-analytics/

Slide 49

Slide 49 text

The needle in the haystack?

Slide 50

Slide 50 text

ElasticSearch https://www.elastic.io/

Slide 51

Slide 51 text

Demo ElasticSearch

Slide 52

Slide 52 text

Azure Cognitive Services https://azure.microsoft.com/de-de/services/cognitive-services/

Slide 53

Slide 53 text

Sentiment Analysis

Slide 54

Slide 54 text

Global source, means many languages

Slide 55

Slide 55 text

Translator

Slide 56

Slide 56 text

OSINT Tools Social Analyzer https://github.com/qeeqbox/social-analyzer

Slide 57

Slide 57 text

OSINT Tools Social Analyzer https://github.com/qeeqbox/social-analyzer

Slide 58

Slide 58 text

Social Analyzer

Slide 59

Slide 59 text

OSINT Tutorial https://www.ehacking.net/2020/05/the-complete-osint-tutorial-to-find-personal-information-about-anyone.html

Slide 60

Slide 60 text

Bellingcat.com https://www.bellingcat.com/

Slide 61

Slide 61 text

Bellingcat.com https://www.bellingcat.com/

Slide 62

Slide 62 text

Bellingcat.com https://www.bellingcat.com/

Slide 63

Slide 63 text

Bellingcat.com https://www.bellingcat.com/

Slide 64

Slide 64 text

Recap

Slide 65

Slide 65 text

Lesson Learned ▪ You pay what you use. And we used a lot sometimes… ▪ Not all police investigators are computer geeks. ▪ Various difficulties to get the data from social medias >> restricted API’s, Cambridge Analytica & Facebook, etc.

Slide 66

Slide 66 text

Thank you! Manuel Meyer www.manuelmeyer.net @manumeyer1 [email protected] Stefan Koch www.stefanko.ch @koecse [email protected]

Slide 67

Slide 67 text

No content