NetSEC: metrology-based application for network security Jean-François SCARIOT Bernard MARTINET Centre Interuniversitaire de Calcul de Grenoble TNC 2002.

Slides:

Advertisements

Similar presentations

Delta Confidential 1 5/29 – 6/6, 2001 SAP R/3 V4.6c PP Module Order Change Management(OCM)

Advertisements

You have been given a mission and a code. Use the code to complete the mission and you will save the world from obliteration…

1. XP 2 * The Web is a collection of files that reside on computers, called Web servers. * Web servers are connected to each other through the Internet.

Advanced Piloting Cruise Plot.

Our library has two forms of encyclopedias: Hard copy and electronic versions. The first is simply the old-fashioned "book on the shelf" type of encyclopedia.

Chapter 1: The Database Environment

Copyright © 2002 Pearson Education, Inc. Slide 1.

Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.

Chapter 1 The Study of Body Function Image PowerPoint

1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 4 Computing Platforms.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.

1 Copyright © 2010, Elsevier Inc. All rights Reserved Fig 2.1 Chapter 2.

Business Transaction Management Software for Application Coordination 1 Business Processes and Coordination.

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Title Subtitle.

Determine Eligibility Chapter 4. Determine Eligibility 4-2 Objectives Search for Customer on database Enter application signed date and eligibility determination.

My Alphabet Book abcdefghijklm nopqrstuvwxyz.

DIVIDING INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.

FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.

Year 6 mental test 5 second questions

Year 6 mental test 10 second questions

2010 fotografiert von Jürgen Roßberg © Fr 1 Sa 2 So 3 Mo 4 Di 5 Mi 6 Do 7 Fr 8 Sa 9 So 10 Mo 11 Di 12 Mi 13 Do 14 Fr 15 Sa 16 So 17 Mo 18 Di 19.

Richmond House, Liverpool (1) 26 th January 2004.

REVIEW: Arthropod ID. 1. Name the subphylum. 2. Name the subphylum. 3. Name the order.

ABC Technology Project

Chapter 15 Integrated Services Digital Network ISDN Services History Subscriber Access Layers BISDN WCB/McGraw-Hill The McGraw-Hill Companies, Inc., 1998.

1 Undirected Breadth First Search F A BCG DE H 2 F A BCG DE H Queue: A get Undiscovered Fringe Finished Active 0 distance from A visit(A)

1 Breadth First Search s s Undiscovered Discovered Finished Queue: s Top of queue 2 1 Shortest path from s.

The World Wide Web. 2 The Web is an infrastructure of distributed information combined with software that uses networks as a vehicle to exchange that.

BIOLOGY AUGUST 2013 OPENING ASSIGNMENTS. AUGUST 7, 2013  Question goes here!

Factor P 16 8(8-5ab) 4(d² + 4) 3rs(2r – s) 15cd(1 + 2cd) 8(4a² + 3b²)

Squares and Square Root WALK. Solve each problem REVIEW:

Basel-ICU-Journal Challenge18/20/ Basel-ICU-Journal Challenge8/20/2014.

© 2012 National Heart Foundation of Australia. Slide 2.

Lets play bingo!!. Calculate: MEAN Calculate: MEDIAN

Understanding Generalist Practice, 5e, Kirst-Ashman/Hull

Executional Architecture

Chapter 5 Test Review Sections 5-1 through 5-4.

GG Consulting, LLC I-SUITE. Source: TEA SHARS Frequently asked questions 2.

Addition 1’s to 20.

25 seconds left…...

H to shape fully developed personality to shape fully developed personality for successful application in life for successful.

Januar MDMDFSSMDMDFSSS

Analyzing Genes and Genomes

We will resume in: 25 Minutes.

©Brooks/Cole, 2001 Chapter 12 Derived Types-- Enumerated, Structure and Union.

Connecting LANs, Backbone Networks, and Virtual LANs

Intracellular Compartments and Transport

PSSA Preparation.

VPN AND REMOTE ACCESS Mohammad S. Hasan 1 VPN and Remote Access.

Immunobiology: The Immune System in Health & Disease Sixth Edition

Essential Cell Biology

Weekly Attendance by Class w/e 6 th September 2013.

Immunobiology: The Immune System in Health & Disease Sixth Edition

By Rasmussen College. 1. What majors or programs do you offer? 2. What is the average length of your programs? 3. What percentage of your students graduate?

McGraw-Hill©The McGraw-Hill Companies, Inc., 2001 Chapter 16 Integrated Services Digital Network (ISDN)

CpSc 3220 Designing a Database

Traktor- og motorlære Kapitel 1 1 Kopiering forbudt.

Presentation transcript:

NetSEC: metrology-based application for network security Jean-François SCARIOT Bernard MARTINET Centre Interuniversitaire de Calcul de Grenoble TNC 2002 June 2002

2 Plan Metrology Why, what & how? Analyze NetSEC Goals Architecture Available tools Conclusion

3 why to measure? To know network usage To know network availability To detect dysfunction To do cost sharing Also… to improve security

4 What and how to measure? Qualitative: knowing its network I/O traffic load, CPU load, collision… Watch the counters of the equipments Quantitative: controlling its network Traffic type, I/O traffic load per host or group... extract information from frame analysis

5 Measurement to supervise Daily supervision (15 is enough ) Curves or bar graphs Always the same "look" To control and manage a network, you must visualize its behaviour

6 Highlighting a problem Monday April the 2nd 2001 Monday April the 9th 2001 A « normal » day May be some problems

7 Highlighting a problem Unfortunately! Problem discovery is a posteriori We have to go back And analyze the traffic of the involved period.

8 Traffic analyzing Locate the host(s) Date, addresses, intrusion method, extend of the damage… HOW? Doing crosschecking Sorting metrology data on several parameters Powerful sorting tools are needed! Powerful sorting tools are needed!

9 NetSEC goals To have an evolving software To analyze well-known data NetMET IPtrafic To support open standards To improve the security of networking computers

10 NetSEC foundations Using a relational database A simple network description A modular architecture Using an open source software

11 Open software Linux system (Redhat) MySQL database Apache Web server JAVA

12 About database JDBC database access Basic SQL queries One loader per collector

13 DB structure One table for one day (of data) & Date Port & protocol Volume One table for the network description

14 Network description A network /24 An organism University Joseph Fourier An entity CICG A location Campus of Grenoble

15 Available tools A data query module A graphic generator module A data mining module

16 Architecture Query Engine Query Process SQL Requests HTML Requests Network Description Loader Graphic Generation Process Graphic Generator Engine SQL Requests DB KDD Process Knowledge Discovery Database Engine Collector Collected Data Loader SQL Requests ALARMS REPPORTS

17 The query tool To use the SQL power Sort Query Extract Querying data with a friendly interface

18 Web interface (Question)

19 How does it work? Parameters processing JDBC driver loading & connection Building and executing the SQL query Displaying the results

20 Web interface (Answer)

21 Graphic generation A zoom of a network on demand. A supervision of a determined services

22 Graphic generation: HTTP

23 Functioning Database system provides data Querying database (with SQL queries) Returning results to MRTG for displaying MRTG Graphics building

24 Graphic generation: SSH

25 Data mining Produce unknown information non trivial Useful Produce association rules A and B => C

26 Association rules process Database Set of Transactions Data Selection Explanation Knowledge Large Itemsets Large Itemsets Research Association rules Association Rules Generation Corn flakes and sugar milk

27 Association rule example "] 14h-19h]" AND "SCAN/REGULAR_SERV" AND "[0-1KB]" AND 53 "TUESDAY" (14.8%, 90.4%)

28 Conclusion A contribution to improve security A metrology based-application Built on a database Open & Modular Who would like to participate?

29 TIGRE