Presentation is loading. Please wait.

Presentation is loading. Please wait.

Academic Advisor: Dr. Yuval Elovici Technical Advisor: Dr. Lidror Troyansky.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Academic Advisor: Dr. Yuval Elovici Technical Advisor: Dr. Lidror Troyansky."— Presentation transcript:

1 Academic Advisor: Dr. Yuval Elovici Technical Advisor: Dr. Lidror Troyansky

2 PortAuthority Offers Businesses the Opportunity to Gain Insight Into Their Information Leak Vulnerabilities. 70% of Information Leaks are Internal Most organizations focus on preventing outside-in security breaches, but industry analysts argue that up to 70% of security breaches occur from the inside-out. Information leaks of private and confidential information create a growing threat to any size organization. Example of file sharing information leaks: http://www.ynet.co.il/articles/0,7340,L-2875208,00.html Air force officer in the IDF suspended over sharing confidential army documents… http://www.ynet.co.il/articles/0,7340,L-2875208,00.html

3 P2P Networks. –Gnutella, Gnutella2, Bittorrent, eDonkey2000, Kadmelia. –P2P networks are typically used for connecting nodes via largely ad hoc connections. –Sharing content files containing audio, video, data or anything in digital format is very common (including confidential information). –Real-time data, such as VOIP, is also passed using P2P technology.

4 Continued…

5 Develop a system which will: –Be able to configure the scanning parameters. –Scan the P2P networks. –Download files suspicious as confidential. –Analyze the material using Machine Learning. –Generate reports. –Produce statistics.

6

7 Scanning and looking for suspicious target (e.g. as confidential) information in the P2P network (Gnutella).

8 Downloading the suspicious target (e.g. as confidential) information from the P2P network (Gnutella). Continued…

9 Analyzing the scanned results (determine the value of the documents). –The system will use the Learning Machine based on the filtering algorithm to classify the documents.filtering algorithm Continued…

10 Bayesian filtering is the process of using Bayesian statistical method to classify documents into categories. Bayesian filtering gained attention when it was described in the paper A Plan for Spam by Paul Graham, and has become a popular mechanism to distinguish illegitimate spam email from legitimate "ham" email.A Plan for Spam Bayesian filtering take advantage of Bayes' theorem, says that the probability that a document is of a certain group (confidential documents), given that it has certain words in it, is equal to the probability of finding those certain words in a document from that group (confidential documents), times the probability that any document is of that group (confidential documents), divided by the probability of finding those words in any Group:

11 Statistics Gathering: –The number of users which currently hold the target information. –Using IP Geolocation and finding out the geographic location of the leaked information. –The history of searched for, downloaded & analyzed files. Continued…

12

13 Scan network - Use Case Diagram

14 Continued… Analyze downloaded files - Use Case Diagram

15 Continued…

16 Performance constraints: –The system should return a search result for suspicious target after no more than 15 minutes. –The system timeout for downloading should be configurable. –The system should hold history result and statistics of not more than one year ago.

17 Safety and Security: –The system will not be used for any other purpose than find information leaks in P2P networks (e.g. to find shared MP3 files). –The system will not expose the confidential documents it downloads and the documents that were used in the Machine Learning algorithm. Continued…

18 –Platform constraints: OS: Windows XP. Database: MS SQL Server 2000. –Programming languages (Restricted to Python, Java/J2E, C++ and C#) Continued…

19 Mainly a research project. –Algorithm risk (Machine Learning). –Is it good for confidential documents? Action to be taken: –Feasibility Study. Start Feasibility Study Is Successful? Add more functionality Try another algorithm End

20 What does successful mean?

21 Gnutella is an old network. –May not contain confidential information. –Action to be taken: Test suite. Use a different P2P network.

22 Epilogue אלוביץ': "חוזק האבטחה של חברה הוא בחוליה החלשה שלה..." כנסו בהמוניכם לאתר: –www.cs.bgu.ac.il/~amirf/AMOSwww.cs.bgu.ac.il/~amirf/AMOS

Download ppt "Academic Advisor: Dr. Yuval Elovici Technical Advisor: Dr. Lidror Troyansky."

Similar presentations

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
TrustPort Net Gateway Web traffic protection. WWW.TRUSTPORT.COM Keep It Secure Contents Latest security threats spam and malware Advantages of entry point.

TrustPort Net Gateway Web traffic protection. Keep It Secure Contents Latest security threats spam and malware Advantages of entry point.
Making P2P Networks Scalable a paper presentation by Derek Tingle.

Making P2P Networks Scalable a paper presentation by Derek Tingle.
ESafe Reporter V3.0 eSafe Learning and Certification Program February 2007.

ESafe Reporter V3.0 eSafe Learning and Certification Program February 2007.
Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall

Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Clayton Sullivan PEER-TO-PEER NETWORKS. INTRODUCTION What is a Peer-To-Peer Network A Peer Application Overlay Network Network Architecture and System.

Clayton Sullivan PEER-TO-PEER NETWORKS. INTRODUCTION What is a Peer-To-Peer Network A Peer Application Overlay Network Network Architecture and System.
I would like to thank Louis P. Wilder and Dr. Joseph Trien for the opportunity to work on this project and for their continued support. The Research Alliance.

I would like to thank Louis P. Wilder and Dr. Joseph Trien for the opportunity to work on this project and for their continued support. The Research Alliance.
Presented by: Alex Misstear Spam Filtering An Artificial Intelligence Showcase.

Presented by: Alex Misstear Spam Filtering An Artificial Intelligence Showcase.
Cyber X-Force-SMS alert system for E-mail threats.

Cyber X-Force-SMS alert system for threats.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Academic Advisor: Dr. Yuval Elovici Technical Advisor: Dr. Lidror Troyansky ADD Presentation.

Academic Advisor: Dr. Yuval Elovici Technical Advisor: Dr. Lidror Troyansky ADD Presentation.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
Technical Advisor: Dr. Lidror Troyansky Presents: Academic Advisor: Dr. Yuval Elovic.

Technical Advisor: Dr. Lidror Troyansky Presents: Academic Advisor: Dr. Yuval Elovic.
What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.

What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.
Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.
Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.

Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Spam Reduction Techniques Using greylisting and SpamAssassin.

Spam Reduction Techniques Using greylisting and SpamAssassin.
PROJECT IN COMPUTER SECURITY MONITORING BOTNETS FROM WITHIN FINAL PRESENTATION – SPRING 2012 Students: Shir Degani, Yuval Degani Supervisor: Amichai Shulman.

PROJECT IN COMPUTER SECURITY MONITORING BOTNETS FROM WITHIN FINAL PRESENTATION – SPRING 2012 Students: Shir Degani, Yuval Degani Supervisor: Amichai Shulman.
Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.

Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.

Similar presentations

Ads by Google