Visual Metaphors to monitor Cyber Attacks through Anomaly Detection

Transcript

1. None

2. Cloud Infrastructure Engineer Site Reliability Engineer Chaos Engineering Advocate @yurynino

   www.yurynino.dev YURY NIÑO ROA

3. Visual Metaphors to monitor Cyber Attacks through Anomaly Detection

4. ▪ Motivations ▪ What is Anomaly Detection? ▪ Where do

   we see Anomalies? ▪ What is a Metaphor? ▪ Comparing Metaphors vs Traditional ▪ Approaches in this field

5. Motivations

6. Motivations Challenges to be solved in this area: • Ability

   of the security system to detect previously unknown attacks. • The efficiency depends on the datasets used to train the ML models. • The completeness and validity are questionable. Cyberattacks on software systems can lead to severe consequences, and therefore it is extremely important to detect them at early stages.

7. An Anomaly can be seen as a Cyberattack because it

   is a signal of any change in the specific established standard communication of a network.

8. Anomaly Detection

9. What is an Anomaly? Anomaly detection is the process of

   identifying anomalous events that do not match the expected behaviour of the system. Currently, anomaly detection approaches are often implemented using machine learning, such as shallow (or traditional) learning and deep learning!

10. 1. Statistical Methods Univariate and multivariate analysis. 2. Knowledge-based Methods

    Finite-state machine, heuristics and rulesets. 3. Machine learning Methods Supervised and unsupervised techniques. Anomaly Detection Methods

11. Where do we see Anomalies?

12. 1. Datasource Logs Network Packets, CPU, process and RAM logs

    2. Records in Physical Systems Such as cyber-physical system (CPS) or intelligent systems. 3. Data in Databases Including structured and unstructured records, available in SQL/No SQL Databases. Data Sources

13. No matter if you use traditional or sophisticated visualization techniques,

    they will make easier the detection of Anomalies.

14. Cyber Attack Visualization

15. Visual Metaphors Because all primates, including humans, are highly visual

    creatures! Half of the human brain is directly devoted to processing visual information. At least 65% of people are visual learners. It could be higher depending on the topic. Presentations using visual ads were found to be 43% more persuasive than unaided presentations.

16. Common Visual Variables Colour Position Motion Abstraction Shape Size

17. A Visual Metaphor is a mapping from concepts and objects

    of the simulated application domain to a system of similarities and analogies.

18. Approaches

19. Metaphors Scenarios 1. Sabotaging of local file stores through creation

    and deletion of sensitive files and folders. 2. Botnet scanning activities. 3. Resource flooding (CPU and network).

20. Metaphors Scenarios 1. Sabotaging of local file stores through creation

    and deletion of sensitive files and folders. 2. Botnet scanning activities. 3. Resource flooding (CPU and network).

21. Metaphors Sabotaging City Metaphor Galaxy Metaphor

22. Metaphors Botnet Scanning City Metaphor Galaxy Metaphor

23. Metaphors Botnet Scanning City Metaphor Galaxy Metaphor

24. Thanks! @yurynino www.yurynino.dev https://www.yurynino.dev