1 / 20

Team MITRE Sentinel Final Presentation

Team MITRE Sentinel Final Presentation. Mark Nowicki Michael Dunn Kate Brown Dave Tittle. Overview. Motivation Product Features Design Results Challenges Future Work Plan for Demo. Motivation. MITRE produces XML files that contain workstation configuration information

Download Presentation

Team MITRE Sentinel Final Presentation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Team MITRESentinel Final Presentation Mark Nowicki Michael Dunn Kate Brown Dave Tittle Purdue University - CS 307

  2. Overview • Motivation • Product Features • Design • Results • Challenges • Future Work • Plan for Demo Purdue University - CS 307

  3. Motivation • MITRE produces XML files that contain workstation configuration information • However, XML file checking is: • Tedious • Time consuming • Prone to human error • Automation will speed the process and decrease error Purdue University - CS 307

  4. Product Features • Core functionality: • Retains, compares, and parses XML files • Baseline management (Previous configurations) • Alerts administration of crucial differences • Overall: • Reduces time needed to monitor a network Purdue University - CS 307

  5. Design • Solution: • Python and MySQL implementation • Open Source Solution Purdue University - CS 307

  6. Design, cont. Purdue University - CS 307

  7. Design, cont. Purdue University - CS 307

  8. Design, cont. Purdue University - CS 307

  9. Experiments • Inexperience: • Python & MySQL • Software Engineering Practices • Deadlines • Metrics • Code Coverage (PyUnit) Purdue University - CS 307

  10. Results • No Test Bed • Configurations Files • Performance Testing • Trouble Out of the Box • Software not perfect as-is • Component functionality • Performance • Overhead: Database and FTP Purdue University - CS 307

  11. Challenges • New Language, New Environment • Freedom, Horrible Freedom • Lessons Learned: • Setting Boundaries • Overhead Time • Time Management • SVN for documentation • Assembla.com Purdue University - CS 307

  12. Robustness • Extensive error checking • If one file goes bad: • error message returned • move to next file (continue execution) Purdue University - CS 307

  13. Future Work • Requirements not met: • Scheduler System • Heartbeat • Email message system • Not configured to specific MITRE system • Logging System • Additional Features • Graphical User Interface • Streamlined Installation Configuration • Multiple Databases Purdue University - CS 307

  14. Future Work, cont. • Pitfalls of Open Source Solutions: • Infancy • Configuration required • No Out of Box functionality Purdue University - CS 307

  15. Demo Plan • Show Test Environment (MySQL) • Test individual parts • Execute • Transfer • Rule • Execute system • Execute All Purdue University - CS 307

  16. Questions? Thank you for your time! Special Thanks to Corporate Partner Dan Aiello, MITRE Purdue University - CS 307

  17. Purdue University - CS 307

  18. Purdue University - CS 307

  19. Purdue University - CS 307

  20. Purdue University - CS 307

More Related