200 likes | 286 Views
Team MITRE Sentinel Final Presentation. Mark Nowicki Michael Dunn Kate Brown Dave Tittle. Overview. Motivation Product Features Design Results Challenges Future Work Plan for Demo. Motivation. MITRE produces XML files that contain workstation configuration information
E N D
Team MITRESentinel Final Presentation Mark Nowicki Michael Dunn Kate Brown Dave Tittle Purdue University - CS 307
Overview • Motivation • Product Features • Design • Results • Challenges • Future Work • Plan for Demo Purdue University - CS 307
Motivation • MITRE produces XML files that contain workstation configuration information • However, XML file checking is: • Tedious • Time consuming • Prone to human error • Automation will speed the process and decrease error Purdue University - CS 307
Product Features • Core functionality: • Retains, compares, and parses XML files • Baseline management (Previous configurations) • Alerts administration of crucial differences • Overall: • Reduces time needed to monitor a network Purdue University - CS 307
Design • Solution: • Python and MySQL implementation • Open Source Solution Purdue University - CS 307
Design, cont. Purdue University - CS 307
Design, cont. Purdue University - CS 307
Design, cont. Purdue University - CS 307
Experiments • Inexperience: • Python & MySQL • Software Engineering Practices • Deadlines • Metrics • Code Coverage (PyUnit) Purdue University - CS 307
Results • No Test Bed • Configurations Files • Performance Testing • Trouble Out of the Box • Software not perfect as-is • Component functionality • Performance • Overhead: Database and FTP Purdue University - CS 307
Challenges • New Language, New Environment • Freedom, Horrible Freedom • Lessons Learned: • Setting Boundaries • Overhead Time • Time Management • SVN for documentation • Assembla.com Purdue University - CS 307
Robustness • Extensive error checking • If one file goes bad: • error message returned • move to next file (continue execution) Purdue University - CS 307
Future Work • Requirements not met: • Scheduler System • Heartbeat • Email message system • Not configured to specific MITRE system • Logging System • Additional Features • Graphical User Interface • Streamlined Installation Configuration • Multiple Databases Purdue University - CS 307
Future Work, cont. • Pitfalls of Open Source Solutions: • Infancy • Configuration required • No Out of Box functionality Purdue University - CS 307
Demo Plan • Show Test Environment (MySQL) • Test individual parts • Execute • Transfer • Rule • Execute system • Execute All Purdue University - CS 307
Questions? Thank you for your time! Special Thanks to Corporate Partner Dan Aiello, MITRE Purdue University - CS 307