1 / 20

Cyber Analytics Project

Cyber Analytics Project. Team: Desert Cyber Police Team Members and Roles Jagdeesh Narayanan - Leader Prajwal Shirurkar - Researcher Sagnik Roy Chowdhury - Researcher Krishna Pavan Bhat – Analytics Lead. Introduction . Project Overview A cyber analytics research project Objective

ossie
Download Presentation

Cyber Analytics Project

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Cyber Analytics Project • Team: Desert Cyber Police • Team Members and Roles • Jagdeesh Narayanan - Leader • PrajwalShirurkar- Researcher • Sagnik Roy Chowdhury- Researcher • Krishna Pavan Bhat– Analytics Lead

  2. Introduction • Project Overview • A cyber analytics research project • Objective • To conduct research on the data related to users of hacker web forums • Provide analytics and insights into the world of hackers and help in reducing cyber crimes • Identify trends on How, Why, When and Where the attacks happened

  3. Research questions • Hacker web data set questions • How sensitive (potentially dangerous) are the discussions happening in hacker forums? • Which are top antivirus software frequently discussed amongst these communities and how is their time series trend looking like? • What are the trends of DDOS attack warnings or threats posted across forums through different timelines? • What are the trending topics and programming languages that have been widely discussed across forums? • Shodan data set questions • Which areas around the world have apache servers which give out their Geographical locations, exposing this vulnerability for a future attack?

  4. Sample dataset • Hacker Web – raw data from My SQL database

  5. Sample dataset • Shodan - data extracted using ShodanWebAPI

  6. Hacking trends and activities • Question 1:- What is the sensitivity of each forum in Hacker web? • What does sensitivity of a forum mean? • Sensitivity of a Forum = Sensitive posts / Total Number of posts • Keywords for sensitivity are made public by the government • http://www.rense.com/general66/scgh.htm • Select data set corresponding to discussions involving sensitive information • Utilized 5 English speaking forums to collect data • Ran SQL queries to filter discussions with “sensitive” keywords in it • The results were filtered according to time for further analysis • Analytics through Tableau Desktop and Microsoft Excel • Observed antivirus discussion trends across all forums for years between 2009-2013 • Used excel charts pivot table, Tableau to visualize data on antivirus popularity and even across years • Determined that Avira, AVG and Avast are the top antiviruses of concern to the community • Determined that new software are popping up in the discussion forums showing increased concern over better security functionalities

  7. Forum sensitivity trends

  8. Forum sensitivity trends by year

  9. Hacking trends and activities • Question 2:- Which are top antivirus software frequently discussed amongst these communities and how is their time series trend looking like? • What are the antivirus software of interest in the discussions of Hacker forums? • Select data set corresponding to discussions in the forums involving antivirus software • Narrowed down on 5 English forums in Hacker web Database • Use data pertaining to 15 antiviruses famous in the market(http://anti-virus-software-review.toptenreviews.com/) • The results were filtered according to different forums • Analytics through Tableau and Microsoft Excel • Observed antivirus discussion trends across all forums for years between 2009-2013 • Used excel charts pivot table, Tableau to visualize data on antivirus popularity and even across years • Determined that Avira, AVG and Avast are the top antiviruses of concern to the community • Determined that new software are popping up in the discussion forums showing increased concern over better security functionalities

  10. Antivirus popularity across forums

  11. Hacking trends and activities • What are the recent DDOS threats that have been made? • Attack warnings, threats and information about an attack that might have happened • Select understandable data with rich information • Narrowed down on 5 English forums • Used data pertaining to post with data on attack threats & warnings • Streamlining of data based on the authenticity of the attack warning. • Analytics through Tableau Desktop • Observed attack activities by year • Visualized frequency of posts being discussed by hackers • Determined the specific attacks that specific authors are speaking about • Question 3:- What are the trends of DDOS attack warnings or threats posted • across forums through different timelines?

  12. Hacking trends and activities

  13. Hacking trends and activities • What is the emerging trends in the world of Hackers? • Activity, hot topic, popular programming languages • Select understandable data with rich information • Narrowed down on 5 English forums • Used data pertaining to Authors with top 10 reputation scores • Further streaming of important data by using NoOfViews (In-link concept) • Analytics through Tableau Desktop • Observed increased hacker activities by year • Visualized hot technology topics being discussed by hackers • Determined C&C++ as most popular programming language • Question 4:- What are the trending topics and programming languages that have been widely discussed across forums?

  14. Hacking trends and activities

  15. Hacking trends and activities

  16. Hacking trends and activities

  17. Hacking trends and activities • What are some of the vulnerability factors of a system connected over the internet? • Their IP and geographical locations exposed to the outer world • Select understandable data with rich information • Used Shodan as the source for data • Retrieved data pertaining to research through python API • Retrieved IP addresses, longitude and latitude of apache servers across the world • Analytics through Tableau Desktop • The data after being fetched to excel spreadsheet was run through Tableau • The geographical locations of the servers were mapped on a world map • Determined that USA, South East Asia and Western Europe had high concentration of vulnerable apache servers • Question 5:- Which geographical locations have vulnerable Apache servers installed which gives out its IP, longitudes and latitudes?

  18. Data set retrieved from Shodan

  19. Mapped geographical locations of apache servers

  20. Summary • Conducted extensive research on Hacker Web data set • Research was also done on Shodan data set • Data concerning only the most reputed hackers used • Important research questions selected and answered with deep insights and analytics • Prediction of increase in hacker activities to using specific programming languages and methods

More Related