200 likes | 329 Views
MIS 510 Cyber Analytic Project. Aditya Agrawal Hang Liu Meiqi Yang Yinchen Li 2.26.2014. Slides Overview. Research Questions Our R esearch Design Sample code RAW Data screenshots Extra Tables / Figures Findings and Discussions. R esearch Questions -RQ 1 MAC OS X System
E N D
MIS 510 Cyber Analytic Project Aditya AgrawalHang LiuMeiqi YangYinchen Li 2.26.2014
Slides Overview • Research Questions • Our Research Design • Sample code • RAW Data screenshots • Extra Tables / Figures • Findings and Discussions
Research Questions -RQ 1 MAC OS X System -RQ 2 IoT Attack -RQ 3 Fake Anti-virus -RQ 4 Mobile Security
Hacker Web/MYSQL SelectFlatContent, PostDate, PostRank Fromcnhonkerarmyposts WhereFlatContentLIKE "%RFID%" ORFlatContentLIKE "%Sensor%" ORFlatContentLIKE "%Node%“ OrderbyPostDateDESC; This example MYSQL code is used to collect all discussion on Hacker Web that related to IoT attacks (Based on 3 major methods, RFID, Sensor, and Node.)
Shodan/Python from shodan import WebAPI SHODAN_API_KEY = "72WhTJ2fOPIhtepGEdaF5Qvevlv8znxB" api = WebAPI(SHODAN_API_KEY) try: results = api.search('MAC OS X') print 'Results found: %s' % results['total'] for result in results['matches']: print 'IP: %s' % result['ip'] print 'Country: %s' % result['country_name'] print result['data'] except Exception, e: print 'Error: %s' % e This example Python code is used to collect all open OS X devices in Shodan Database and show the IP address and location of the device (By Country)
TOP 10 malicious programs for Mac OS X, H2 2012 RQ 1 MAC OS X http://www.securelist.com/en/analysis/204792255/
RQ 1 MAC OS X This is the search result by Hacker Web, shows the topics that are related to Mac OS X system attacks. We searched all 4 language because OS X is a general terms even used by Russian and Arabic. We do the analytics based on data from 2009 because that is the year when major discussion about OS X system merges.
RQ 1 MAC OS X -To the left is sample search output using python of all open OS X device. -To the right is the regional analytic of OS X distribution amount 3 major regions
RQ 2IoT -To the left is result from Shodan of IoT and distribution by categories -To the right is overall aggregated result of IoT distribution (All 3 categories)
RQ 2IoT This is the search result by Shodan, shows the distribution of IoT in 3 major categories: Medical devices, Buildings, And Government related host. The results shows the IP address and host country
RQ 3 Fake Anti-virus--UI It shows the main screen of W32/FakeAV.KL!tr, a professional looking Antivirus software complete with menu and scanning window. In a normal clean computer, it will show that you are infected by at least 14 threats. https://blog.fortinet.com/how-to-spot-fake-antivirus-software/
RQ 4 Mobile Security http://mediaserver.dwpub.com/press-release/22575/malware_goes_mobile.jpg
RQ 4 Mobile Security https://www.iscanonline.com/assets/iScan%20Mobile%20Security%20Analysis%202013.pdf
RQ 1 MAC OS X Number of Malware that can detect OS X system https://www.securelist.com/en/analysis/204792231/IT_Threat_Evolution_Q1_2012
RQ 3 Fake Anti-virus Hacker Web discussion about Fake Anti Virus Software Aggregated result for all Fake AV discussion from 2006 to 2013
RQ 4 Mobile Security Number of Hacker Web discussions about mobile Security Issues from 2009 ~ 2013
RQ 4 Mobile Security--Mobile Malware http://mediaserver.dwpub.com/press-release/22575/malware_goes_mobile.jpg