1 / 20

Cyber Security Analytics

Cyber Security Analytics. Su Zhao Yuan-Jen Lee Ching -Tang Lin Yufeng Mao. How to prevent unauthorized users to access modems ?. Question 1. Introduction to SHODAN. SHODAN is a search engine which can assist us to find computer equipment

nura
Download Presentation

Cyber Security Analytics

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyber Security Analytics Su Zhao Yuan-Jen Lee Ching-Tang Lin Yufeng Mao

  2. How to prevent unauthorized users to access modems? Question 1

  3. Introduction to SHODAN • SHODAN is a search engine which can assist us to find computer equipment • Using SHODAN can find the device which connected to country, city, and the company Purpose • In order to prevent unauthorized users to access the company’s computers by hacking modems.

  4. Research Design • Step 1: Accessing to the SHODAN account, since if we do not login the account, the filter about country and net are not available. • Step 2: Using python to link SHODAN; moreover, we only need to know IP and data, so we can just only filter IP and data. • Step 3: Writing a code to generate .txt file. By doing this, we can easily to find which modems may have risk. • Step 4: Analyzing those information we got, then providing the solution to prevent attackers.

  5. Findings & Solution • Finding the useful information such as IP address, HTTP • Closing all the PORT service for WAN and just only allow intranet IP to access • Changing our password regularly, since the maximum of password on PPPOE is 8 characters.

  6. Analysis the relationship between number of surveillance camera and homicide rate. Question 2

  7. Use Python to query surveillance camera related devices Save data into keyword.txt

  8. Get IP, country, Latitude and Longitude data

  9. Use Google Maps APIto display geolocations

  10. Geolocation of Surveillance Devices

  11. To analyze the trends that Chinese Hackers talks about VPN. Question 3

  12. Hypothesis • 1. As the Chinese government has an increasingly restrict for the citizens to access foreign network, the key word “VPN” in Chinese hacker websites should have a corroborate increase trend. • 2. VPN is the most popular way for ordinary people in China to get out the Great Firewall.

  13. SQL codes

  14. Trends of the data

  15. Discussion: • From the analysis above, we can find an increasingly popularity of VPN. • The potential security problem that the VPN causes should draw our attention. • For further discussion, we can have a model to extract the attitude of the author in these posts using text mining techniques.

  16. How to prevent unauthorized users to access modems? Question 4

  17. Introduction to Bitcoin Bitcoin is a peer-to-peer payment system and digital currency introduced as open source software in 2009. Future in Question Concerns: • Unregulated • Taxation Issue • No Transaction Record • Anonymous • Potential Illicit Activities

  18. Question 1: Frequency Trend & Price Trend • More hackers highly focused on Bitcoin in 2012 • There is a process for people to accept new emerged item on the Internet • Bitcoin is a hot topic in Chinese & Russian language environment -- higher security risk in higher attention areas • Research hackers’ behavior relates to economic topics • Stable price & upward discussion trend -- a more dangerous phase

  19. Question 2: Hacker Discussion Texting Mining Topic 1: keywords -- lulzsec, attack, wallet, passwords and sock Bitcoin wallets may have higher risks recently about its account security Topic 2: keywords -- botnet, payment and server Bitcoin payment method may have the risk from botnet Topic 3: Keywords -- html, injection, VPN, connection and port Code injection attack Network connection vulnerabilities

  20. Code and Screenshots http://mallet.cs.umass.edu/quick-start.php • bin/mallet train-topics --input bitcoin.mallet --num-topics 5 --output-state topic-state.gz --output-topic-keys bitcoin_keys_5.txt --output-doc-topics bitcoin_topics_5.txt • bin/mallet train-topics --input bitcoin.mallet --num-topics 3 --output-state topic-state.gz --output-topic-keys bitcoin_keys_3.txt --output-doc-topics bitcoin_topics_3.txt • bin/mallet train-topics --input bitcoin.mallet --num-topics 7 --output-state topic-state.gz --output-topic-keys bitcoin_keys_7.txt --output-doc-topics bitcoin_topics_7.txt

More Related