Presentation is loading. Please wait.

Presentation is loading. Please wait.

Current State of the Dasvis Project and Ideas for Moving Forward

Published byShanna Lewis Modified over 6 years ago

Similar presentations

Presentation on theme: "Current State of the Dasvis Project and Ideas for Moving Forward"— Presentation transcript:

1 Current State of the Dasvis Project and Ideas for Moving Forward
Current State of the Dasvis Project and Ideas for Moving Forward 6/10/2015 Grant Orndorff Chris Wolf

2 Contents What is Dasvis? Dasvis Demo
Positives and negatives of current state Ideas Moving Forward H2O Demo Feedback?

3 What is Dasvis? (Short Version)
Dasvis is designed as an architecture/platform for processing big data in real-time using only FOSS projects On top of Dasvis we are designing a network analysis tool for detecting anomalies such as those that occur during large data exfiltration events DDOS attacks

4 What is Dasvis? Main Technologies used:
Storm/Trident – Streaming Processing Engine Kafka – Distributed Queuing MongoDB – NoSQL Database CubeDB – Timeseries Data warehouse built on top of MongoDB

5 What is Dasvis? Inside the primary processing engine, there are two parts Tracking Monitors incoming packets Aggregates and stores them Comparing Looks for anomalies by comparing incoming data to past data

6 Quick Live Demo Brief explanation of custom simulator
Start simulation – see time series graph Set baseline data – see comparison graphs and dashboard Introduce anomaly – see comparison graphs and dashboard again

7 The Good It works! Uses only Free and Open Source Software
Runs on a distributed cluster, and in theory should scale well with relatively inexpensive hardware

8 The Room for Improvement
Almost everything we’ve done involving the architecture technologies has been closely tied to the network analysis project The network analysis project is mostly a proof-of-concept in its current state Requires too much user interaction to scale to very large networks We’ve only tested using simulated traffic Ideally able to see how it handles and responds to a real environment

9 Moving Forward Separate the idea of the platform from the network analysis project Continue to work on platform/architecture as Dasvis Continue network analysis project as RNAAT (Real-time Network Activity and Anomaly Tracker)

10 Platform Goals Make it easier to set up clusters that leverage all of the FOSS we’ve mentioned today Create a library for connecting and leveraging these technologies in order to easily use them to write new big data processing programs Create a project template that comes with all dependencies and is easily configurable and customizable for different applications

11 RNAAT Goals Eliminate most user interaction by replacing the comparing part of the program with a machine learning algorithm Create more advanced and easy to use visualizations Integration with Splunk

12 H2O Library Machine Learning library designed to work with big data
Replace “Comparing” Comes with lots of useful algorithms, including one advertised as an Anomaly Detection Algorithm Demo with fake data

13 New Visualizations Graphs to show multidimensional data were collecting Feed of anomalies pushed from H2O

14

15 Questions/Feedback?

Download ppt "Current State of the Dasvis Project and Ideas for Moving Forward"

Similar presentations

Module 13: Performance Tuning. Overview Performance tuning methodologies Instance level Database level Application level Overview of tools and techniques.

Module 13: Performance Tuning. Overview Performance tuning methodologies Instance level Database level Application level Overview of tools and techniques.
The Basics of Information Systems

The Basics of Information Systems
1.System Center Review 2.SCOM Review 3.SC 2012 R2 OM 1.Components 2.Architecture 3.Concepts 4.Features 5.Console Demo 6.Tools and Links 6. Q & A.

1.System Center Review 2.SCOM Review 3.SC 2012 R2 OM 1.Components 2.Architecture 3.Concepts 4.Features 5.Console Demo 6.Tools and Links 6. Q & A.
For Developers Who Hate SharePoint.  ~5 years web development experience  1 ½ years SharePoint experience  First worked with SharePoint in Dec. 2006,

For Developers Who Hate SharePoint.  ~5 years web development experience  1 ½ years SharePoint experience  First worked with SharePoint in Dec. 2006,
Adding scalability to legacy PHP web applications Overview Mario A. Valdez-Ramirez.

Adding scalability to legacy PHP web applications Overview Mario A. Valdez-Ramirez.
Introduction to.NET Technology Marcello Benati Software Engineer.NET Architect.

Introduction to.NET Technology Marcello Benati Software Engineer.NET Architect.
A Routing Control Platform for Managing IP Networks Jennifer Rexford Princeton University

A Routing Control Platform for Managing IP Networks Jennifer Rexford Princeton University
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
Comp 410: Final Project Christopher Alme Christopher Nunu Dennis Qian Stanley Roberts.

Comp 410: Final Project Christopher Alme Christopher Nunu Dennis Qian Stanley Roberts.
Server Load Balancing. Introduction Why is load balancing of servers needed? If there is only one web server responding to all the incoming HTTP requests.

Server Load Balancing. Introduction Why is load balancing of servers needed? If there is only one web server responding to all the incoming HTTP requests.
Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over the Internet. Cloud is the metaphor for.

Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over the Internet. Cloud is the metaphor for.
Tool name : Firebug A URL for more information about the tool, or where to buy or download it : Firebug is.

Tool name : Firebug A URL for more information about the tool, or where to buy or download it : Firebug is.
ControlDraw, Modularisation, Standards And Re-Use Standardised Specification and Modular Design How ControlDraw Help.

ControlDraw, Modularisation, Standards And Re-Use Standardised Specification and Modular Design How ControlDraw Help.
` tuplejump The data engineering platform. A startup with a vision to simplify data engineering and empower the next generation of data powered miracles!

` tuplejump The data engineering platform. A startup with a vision to simplify data engineering and empower the next generation of data powered miracles!
Contents HADOOP INTRODUCTION AND CONCEPTUAL OVERVIEW TERMINOLOGY QUICK TOUR OF CLOUDERA MANAGER.

Contents HADOOP INTRODUCTION AND CONCEPTUAL OVERVIEW TERMINOLOGY QUICK TOUR OF CLOUDERA MANAGER.
DCE (distributed computing environment) DCE (distributed computing environment)

DCE (distributed computing environment) DCE (distributed computing environment)
Nobody’s Unpredictable Ipsos Portals. © 2009 Ipsos Agenda 2 Knowledge Manager Archway Summary Portal Definition & Benefits.

Nobody’s Unpredictable Ipsos Portals. © 2009 Ipsos Agenda 2 Knowledge Manager Archway Summary Portal Definition & Benefits.
Loosely Coupled Parallelism: Clusters. Context We have studied older archictures for loosely coupled parallelism, such as mesh’s, hypercubes etc, which.

Loosely Coupled Parallelism: Clusters. Context We have studied older archictures for loosely coupled parallelism, such as mesh’s, hypercubes etc, which.
T-76.4115 Final demo I2 Iteration 4.3.2008. 2 Agenda  Product presentation (20 min) ‏  Project close-up (20 min) ‏ Evaluation of the results  Questions.

T Final demo I2 Iteration Agenda  Product presentation (20 min) ‏  Project close-up (20 min) ‏ Evaluation of the results  Questions.
#PACnet15. Moderator  Tina John » Sr. Product Manager, Paciolan Presenters  Michael See» Data Consultant, Paciolan  Tina John » Sr. Product Manager,

#PACnet15. Moderator  Tina John » Sr. Product Manager, Paciolan Presenters  Michael See» Data Consultant, Paciolan  Tina John » Sr. Product Manager,

Similar presentations

Ads by Google