• No results found

LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A use case in Finance Sector

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "LEVERAGING BIG DATA ANALYTICS TO REDUCE SECURITY INCIDENTS A use case in Finance Sector"

Copied!
22
0
0

Loading.... (view fulltext now)

Download now ( 22 Page )

Full text

(1)

A use case in Finance Sector

LEVERAGING BIG DATA

ANALYTICS TO REDUCE

SECURITY INCIDENTS

(2)

I

NITIAL

S

CENARIO

Stolen data/credentials

Malware / Phishing

Denial of Service

APTs

Reputation damage

Discredit campaign

Mobilize demonstrations

Employee harassment

Money theft

Vandalism

Employee harassment

Black market cards

Transactions fraud

Money laundering

IT Security Incidents

Physical Incidents

(3)

LEVERAGING   BIG   DATA   ANALYTICS   TO   REDUCE   SECURITY   INCIDEN TS   ● A   FINANC E   SECTOR   USE   CASE 3

M

AIN PROJECT GOALS

Scale beyond the fish tanks

Get more out of each byte

Machine Learning

Data Lake

(4)

LEVERAGING   BIG   DATA   ANALYTICS   TO   REDUCE   SECURITY   INCIDEN TS   ● A   FINANC E   SECTOR   USE   CASE

A

RCHITECTURE

EVENTS

DATA

DATA

DATA

EVENTS

CEP CORRELATION

ENGINE

BIG DATA

REPOSITORY

COLLECTION +

NORMALIZATION

REALTIME

ANALYSIS

MESSAGE BUS

Alerts Handling

Reporting

STORAGE

(5)

T

HE DATA LAKE

IT SECURITY

INCIDENTS

PHYSICAL

INCIDENTS

E-MONEY

INCIDENTS

MALWARE

FEEDS

SOCIAL

NETWORKS

DATA NORMALIZATION

(6)

LEVERAGING   BIG   DATA   ANALYTICS   TO   REDUCE   SECURITY   INCIDEN TS   ● A   FINANC E   SECTOR   USE   CASE

SOCIAL NETWORKS

e-

F

EELING

C

ONCEPT

“Calculate

people’s feeling

about the Organization’s brand”

!

Correlation Engine

Intelligence

Engine

Big Data

Repository

e-Feeling

(7)
(8)

LEVERAGING   BIG   DATA   ANALYTICS   TO   REDUCE   SECURITY   INCIDEN TS   ● A   FINANC E   SECTOR   USE   CASE

ML

TECHNIQUES APPLIED

To

Forecast an event

occurrence based on past events

Ex: “Number of Attacks to Organization’s website in the next 5 days”

FORECASTING

To

Classify a new event

based on a previous events classification

Ex: “Classify a transaction as FRAUD / NO FRAUD”

CLASSIFICATIONS

Mine data

to find relations in events occurred in same time interval

Ex: “Every time a netscan is detected, a SQLi is seen 80% of times”

(9)

LEVERAGING   BIG   DATA   ANALYTICS   TO   REDUCE   SECURITY   INCIDEN TS   ● A   FINANC E   SECTOR   USE   CASE 9

Driven by

Data Scientists &

Validated by Organization

M

ACHINE LEARNING OPERATIONS

BIG DATA

REPOSITORY

(10)

LEVERAGING   BIG   DATA   ANALYTICS   TO   REDUCE   SECURITY   INCIDEN TS   ● A   FINANC E   SECTOR   USE   CASE

ML

IN ACTION

PATTERN DISCOVERY

Discover patterns

among different areas

Example:

“When

e-Feeling

for 3 days,

#CyberAttacks

90% of the times”

Implement the patterns

to prevent incidents

IF

e-Feeling

for 2 days

THEN

alert of potential

(11)

LEVERAGING   BIG   DATA   ANALYTICS   TO   REDUCE   SECURITY   INCIDEN TS   ● A   FINANC E   SECTOR   USE   CASE 11

ML

IN ACTION

FORECASTING

Forecast occurrence of an event

based on

modelled past ones

Example:

Tomorrow’s number of attacks to Home banking

Implement a rule

in the Correlation Engine anticipating

the possible incidents

IF

trend of

#HomeBanking attacks

in the next days,

(12)

LEVERAGING   BIG   DATA   ANALYTICS   TO   REDUCE   SECURITY   INCIDEN TS   ● A   FINANC E   SECTOR   USE   CASE

ML

IN ACTION

CLASSIFYING

Classify new events

based on models created after

analyzing previous ones

Example:

Security Risk Scoring

of a Home Banking login

Feed the results

to other applications to provide them

with useful info before taking decisions

(13)

LEVERAGING   BIG   DATA   ANALYTICS   TO   REDUCE   SECURITY   INCIDEN TS   ● A   FINANC E   SECTOR   USE   CASE 13

… The Other Ones

The Good Ones…

ML

RESULTS SO FAR

Improvement

of Cyberattacks readiness

Better anticipation

on people demonstrations calls

Decrease of fraud

on ATMs

Discover new data relationships

between areas

Numerically good results don’t always mean

interesting results for the Organization

(14)
(15)

LEVERAGING   BIG   DATA   ANALYTICS   TO   REDUCE   SECURITY   INCIDEN TS   ● A   FINANC E   SECTOR   USE   CASE 15

ML

&

A

DAPTATION

vs

(16)

LEVERAGING   BIG   DATA   ANALYTICS   TO   REDUCE   SECURITY   INCIDEN TS   ● A   FINANC E   SECTOR   USE   CASE

ML

&

K

NOWLEDGE

(17)

LEVERAGING   BIG   DATA   ANALYTICS   TO   REDUCE   SECURITY   INCIDEN TS   ● A   FINANC E   SECTOR   USE   CASE 17

M

ULTI-AREA

E

NGAGEMENT

(18)

LEVERAGING   BIG   DATA   ANALYTICS   TO   REDUCE   SECURITY   INCIDEN TS   ● A   FINANC E   SECTOR   USE   CASE

(19)

LEVERAGING   BIG   DATA   ANALYTICS   TO   REDUCE   SECURITY   INCIDEN TS   ● A   FINANC E   SECTOR   USE   CASE 19

P

ATIENCE IS REQUIRED…

(20)

LEVERAGING   BIG   DATA   ANALYTICS   TO   REDUCE   SECURITY   INCIDEN TS   ● A   FINANC E   SECTOR   USE   CASE

ML

HOUSEKEEPING

(21)

LEVERAGING   BIG   DATA   ANALYTICS   TO   REDUCE   SECURITY   INCIDEN TS   ● A   FINANC E   SECTOR   USE   CASE 21

N

EXT STEPS …

Evaluating new technologies to

horizontally-scale in memory the Machine Learning

process

(22)

Thanks for your time!

Josep Román

Senior Manager @ Indra

jroman@indra.es

References

Download now ( PDF - 22 Page - 4.37 MB )

Related documents

Comparison of two alternatives of combined drying to process blueberries (O'Neal): evaluation of the final quality

Effect of temperature on structural properties of Aloe vera (Aloe barbadensis Miller) gel and Weibull distribution for modelling drying process. Rehydration studies on pretreated and

Production and insurance under regret aversion

We further show that the optimal output level is less sensitive to changes in the probability distribution of the revenue risk with an increase in the producer’s degree of

Pet Insurance with added bite!

The policy provides 3 levels of lifetime insurance cover for cats subject to certain terms and conditions being met.. Significant features

An evaluation of patient safety culture in a secondary care setting in Kuwait

To the best of our knowledge, this is the first assessment carried out in Kuwait of the relationship between hospital staff members’ countries of origin, healthcare professional

Food tourism: potential of local production systems of food industry and tourism in chosen regions of Slovakia

Although all four perspectives on food in tourism are of high relevance, and all of them are embodied in the definition of food tourism, in this study we intend to focus

Optimal Cut-Off Values of Lymph Node Ratio Predicting Recurrence in Papillary Thyroid Cancer

Abbreviations: AJCC = American Joint Committee on Cancer, CCND = central compartment node dissection, CI = confidence interval, cLNR = central lymph node ratio, CT =

Economic Opportunities of Casino Gaming in Texas:

Previous studies have reported estimates of gaming revenue from casino-style games added to existing race tracks. Other reports and studies have examined the potential revenue

All staff involved with patients being admitted to hospital

 Ensure that clinically urgent patients are treated or seen in clinical priority order, and thereafter in strict chronological order within the target timescales set out in this