Current State of the Dasvis Project and Ideas for Moving Forward

Slides:

Advertisements

Similar presentations

Module 13: Performance Tuning. Overview Performance tuning methodologies Instance level Database level Application level Overview of tools and techniques.

Advertisements

The Basics of Information Systems

1.System Center Review 2.SCOM Review 3.SC 2012 R2 OM 1.Components 2.Architecture 3.Concepts 4.Features 5.Console Demo 6.Tools and Links 6. Q & A.

For Developers Who Hate SharePoint.  ~5 years web development experience  1 ½ years SharePoint experience  First worked with SharePoint in Dec. 2006,

Adding scalability to legacy PHP web applications Overview Mario A. Valdez-Ramirez.

Introduction to.NET Technology Marcello Benati Software Engineer.NET Architect.

A Routing Control Platform for Managing IP Networks Jennifer Rexford Princeton University

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

Comp 410: Final Project Christopher Alme Christopher Nunu Dennis Qian Stanley Roberts.

Server Load Balancing. Introduction Why is load balancing of servers needed? If there is only one web server responding to all the incoming HTTP requests.

Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over the Internet. Cloud is the metaphor for.

Tool name : Firebug A URL for more information about the tool, or where to buy or download it : Firebug is.

ControlDraw, Modularisation, Standards And Re-Use Standardised Specification and Modular Design How ControlDraw Help.

` tuplejump The data engineering platform. A startup with a vision to simplify data engineering and empower the next generation of data powered miracles!

Contents HADOOP INTRODUCTION AND CONCEPTUAL OVERVIEW TERMINOLOGY QUICK TOUR OF CLOUDERA MANAGER.

DCE (distributed computing environment) DCE (distributed computing environment)

Nobody’s Unpredictable Ipsos Portals. © 2009 Ipsos Agenda 2 Knowledge Manager Archway Summary Portal Definition & Benefits.

Loosely Coupled Parallelism: Clusters. Context We have studied older archictures for loosely coupled parallelism, such as mesh’s, hypercubes etc, which.

T Final demo I2 Iteration Agenda  Product presentation (20 min) ‏  Project close-up (20 min) ‏ Evaluation of the results  Questions.

#PACnet15. Moderator  Tina John » Sr. Product Manager, Paciolan Presenters  Michael See» Data Consultant, Paciolan  Tina John » Sr. Product Manager,

3/30/04 16:14 1 Lessons Learned CERES Data Management Presented to GIST 21 “If the 3 laws of climate are calibrate, calibrate, calibrate, then the 3 laws.

Distributed Architectures for Medical Systems Andrew A. Kitchen Computer Integrated Surgery 8 March 2001.

Virtual Application Profiler (VAPP) Problem – Increasing hardware complexity – Programmers need to understand interactions between architecture and their.

WASP Airborne Data Processor Laboratory for Imaging Algorithms and Systems Chester F. Carlson Center for Imaging Science Rochester Institute of Technology.

1999 PI System Users’ Conference 1998 Year in Review and Look forward Phil Ryder Vice President, Sales and Marketing.

Mr. Justin “JET” Turner CSCI 3000 – Fall 2015 CRN Section A – TR 9:30-10:45 CRN – Section B – TR 5:30-6:45.

Visualization of version control and issue tracking data as a tool of software analytics.

-Mayukh, clemson university1 Project Overview Study of Tfrc Verification, Analysis and Development Verification : Experiments. Analysis : Check for short.

An Introduction to Git David Johndrow COMP 490 – Senior Design & Development 2/11/16.

Time Series Data Repository #ODSummit - The Generic, Extensible, and Elastic Data Repository in OpenDaylight for Advanced Analytics.

Your app Intelligent apps learn and adapt to deliver more powerful experiences.

Grid Technology CERN IT Department CH-1211 Geneva 23 Switzerland t DBCF GT Our experience with NoSQL and MapReduce technologies Fabio Souto.

Metrics at Mantas Klasavičius.

Microsoft Ignite /28/2017 6:07 PM

Leverage Big Data With Hadoop Analytics Presentation by Ravi Namboori Visit

Start-SPPowerShell – Introduction to PowerShell for SharePoint Admins and Developers Paul BAker.

Network Data Collection Infrastructure to Detect Security Anomalies

Barracuda SSL VPN Remote, Authenticated Access to Applications and Data Version 2.6 | July 2014.

Bhakthi Liyanage SQL Saturday Atlanta 15 July 2017

Fan Engagement Solution

What’s new in SQL Server 2017 for BI?

Using Unity as an Animator and Simulator for PaypyrusRT Models

OptiView™ XG Network Analysis Tablet

Connected Maintenance Solution

Parallel Autonomous Cyber Systems Monitoring and Protection

Zhangxi Lin, The Rawls College,

Mike Gualtieri, Principal Analyst

Hadoopla: Microsoft and the Hadoop Ecosystem

Data Analytics CERN openlab Open Day Manuel Martin Marquez.

Connected Maintenance Solution

Digital Measures Replacement

#01 Client/Server Computing

Getting Started with LANGuardian

Why PC Based Control ?.

SharePoint Saturday Omaha April 2016

Introducing the SQL Server 2016 Query Store

Indigo Doyoung Lee Dept. of CSE, POSTECH

AKAMAI INTELLIGENT PLATFORM™

File Systems and Databases

Carl Data Solutions Collects Utility Sensor and Meter Data to Provide Advanced Reporting, Alarming, and Analytics with Microsoft Azure MICROSOFT AZURE.

Overview of big data tools

Resources and Schedule

A 5-minute overview of ADAudit Plus

The Basics of Information Systems

7.3 Example Use Cases Spirent Automation Platform Technologies.

The Basics of Information Systems

build a real time operational data lake in minutes.

#01 Client/Server Computing

Introducing MagicInfo 6

Presentation transcript:

Current State of the Dasvis Project and Ideas for Moving Forward www.sgt-inc.com Current State of the Dasvis Project and Ideas for Moving Forward 6/10/2015 Grant Orndorff Chris Wolf

Contents What is Dasvis? Dasvis Demo Positives and negatives of current state Ideas Moving Forward H2O Demo Feedback?

What is Dasvis? (Short Version) Dasvis is designed as an architecture/platform for processing big data in real-time using only FOSS projects On top of Dasvis we are designing a network analysis tool for detecting anomalies such as those that occur during large data exfiltration events DDOS attacks

What is Dasvis? Main Technologies used: Storm/Trident – Streaming Processing Engine Kafka – Distributed Queuing MongoDB – NoSQL Database CubeDB – Timeseries Data warehouse built on top of MongoDB

What is Dasvis? Inside the primary processing engine, there are two parts Tracking Monitors incoming packets Aggregates and stores them Comparing Looks for anomalies by comparing incoming data to past data

Quick Live Demo Brief explanation of custom simulator Start simulation – see time series graph Set baseline data – see comparison graphs and dashboard Introduce anomaly – see comparison graphs and dashboard again

The Good It works! Uses only Free and Open Source Software Runs on a distributed cluster, and in theory should scale well with relatively inexpensive hardware

The Room for Improvement Almost everything we’ve done involving the architecture technologies has been closely tied to the network analysis project The network analysis project is mostly a proof-of-concept in its current state Requires too much user interaction to scale to very large networks We’ve only tested using simulated traffic Ideally able to see how it handles and responds to a real environment

Moving Forward Separate the idea of the platform from the network analysis project Continue to work on platform/architecture as Dasvis Continue network analysis project as RNAAT (Real-time Network Activity and Anomaly Tracker)

Platform Goals Make it easier to set up clusters that leverage all of the FOSS we’ve mentioned today Create a library for connecting and leveraging these technologies in order to easily use them to write new big data processing programs Create a project template that comes with all dependencies and is easily configurable and customizable for different applications

RNAAT Goals Eliminate most user interaction by replacing the comparing part of the program with a machine learning algorithm Create more advanced and easy to use visualizations Integration with Splunk

H2O Library Machine Learning library designed to work with big data Replace “Comparing” Comes with lots of useful algorithms, including one advertised as an Anomaly Detection Algorithm Demo with fake data

New Visualizations Graphs to show multidimensional data were collecting http://dataviz.pitchbook.com/founders/ Feed of anomalies pushed from H2O

Questions/Feedback?