Presentation is loading. Please wait.

Presentation is loading. Please wait.

2013 Trend Micro 25th Anniversary Threat Connect : a visualized cyber-threats entity reporting system backed with Hadoop ecosystem Scott Miao, Trend Micro.

Published byKatrina Lester Modified over 9 years ago

Similar presentations

Presentation on theme: "2013 Trend Micro 25th Anniversary Threat Connect : a visualized cyber-threats entity reporting system backed with Hadoop ecosystem Scott Miao, Trend Micro."— Presentation transcript:

1 2013 Trend Micro 25th Anniversary Threat Connect : a visualized cyber-threats entity reporting system backed with Hadoop ecosystem Scott Miao, Trend Micro scott_miao@trend.com.tw @takeshi.miao

2 2013 Trend Micro 25th Anniversary Who am I RD, SPN, Trend Micro 3+ years for Hadoop eco system Expertise in HDFS/MR/HBase @takeshi.miao

3 2013 Trend Micro 25th Anniversary Agenda Threat intelligence problem Challenges and Solutions Summary

4 2013 Trend Micro 25th Anniversary THREAT INTELLIGENCE PROBLEM “I want to quickly get an overview of the incident, including its scope, timeline, and impact.”

5 2013 Trend Micro 25th Anniversary

6 2013 Trend Micro 25th Anniversary

7 2013 Trend Micro 25th Anniversary 7

8 2013 Trend Micro 25th Anniversary

9 2013 Trend Micro 25th Anniversary Threat Connect A Web Service for Threat Information Report – RESTful Interface to access – Integrated with TM Deep Discovery products Relevant and Actionable Intelligence

10 2013 Trend Micro 25th Anniversary

11 2013 Trend Micro 25th Anniversary IP, domain, URL, filename, process, file hash, Virus detection, registry key, etc. Product 1Product 2Product 3 … Threat Connect Sand- box File Detecti on Threat Web Web Reputa tion Family Write- up TE Virus DB APT KB Most relevant threat report with actionable intelligence on a single portal Process and correlates different data sources

12 2013 Trend Micro 25th Anniversary CHALLENGES AND SOLUTIONS

13 2013 Trend Micro 25th Anniversary Storing Real Time Access Pick Your right tool Big Data Moving Process & Correlate Graph Problem

14 2013 Trend Micro 25th Anniversary MOVING

15 2013 Trend Micro 25th Anniversary Hadoop Event Logs FBS Feed Back log Service Dear users/services Accumulate small files

16 2013 Trend Micro 25th Anniversary STORING

17 2013 Trend Micro 25th Anniversary Cost Easy Process ArchiveHDFS

18 2013 Trend Micro 25th Anniversary PROCESS & CORRELATE

19 2013 Trend Micro 25th Anniversary Pig/MR UDFs MRs for special cases Store HDFS Hbase Solr RDB Time Batch Performance

20 2013 Trend Micro 25th Anniversary REAL TIME ACCESS

21 2013 Trend Micro 25th Anniversary Real Time Access Free form search Random Access Solr Cloud HBase EX. Sandbox Reports EX. Threat Detection DBs

22 2013 Trend Micro 25th Anniversary GRAPH MODEL

23 2013 Trend Micro 25th Anniversary Massive scalable ? Active community ? Analyzable ?

24 2013 Trend Micro 25th Anniversary We use HBase as a Graph Storage – Google BigTable and PageRank – HBaseCon2012 HBaseCon2012

25 2013 Trend Micro 25th Anniversary HGraph Schema Design Blueprints API Graph Analysis MRs https://github.com/tinkerpop/blueprints/wiki

26 2013 Trend Micro 25th Anniversary PICK RIGHT TOOL

27 2013 Trend Micro 25th Anniversary Pick right tool for right usecases Silver bullet ? No one project fits all One problem may has several choices http://www.neevtech.com/blog/2013/03/18/hadoop- ecosystem-at-a-glance/

28 2013 Trend Micro 25th Anniversary SUMMARY

29 2013 Trend Micro 25th Anniversary Small files Namenode fsimage would explore the memory Too many map tasks to run for a job FBS

30 2013 Trend Micro 25th Anniversary Store your data anyway Store all the raw data on the HDFS – Break invisible isolation from different data sources Archive your data with deduced easy to use FileFormat – Trenvi, RC file, ORC file

31 2013 Trend Micro 25th Anniversary Know MR more Even you are the pig developer – Deal with MR issues – Write better pig-latin – Sometimes you can only use MR

32 2013 Trend Micro 25th Anniversary Know your data & usecases Realtime ? Batch ? Access Pattern ? Therefore, you can pick right tool

33 2013 Trend Micro 25th Anniversary

Download ppt "2013 Trend Micro 25th Anniversary Threat Connect : a visualized cyber-threats entity reporting system backed with Hadoop ecosystem Scott Miao, Trend Micro."

Similar presentations

Inner Architecture of a Social Networking System Petr Kunc, Jaroslav Škrabálek, Tomáš Pitner.

Inner Architecture of a Social Networking System Petr Kunc, Jaroslav Škrabálek, Tomáš Pitner.
Abuse Testing Laboratory Management Laboratory Management.

Abuse Testing Laboratory Management Laboratory Management.
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
Copyright 2012 Trend Micro Inc. Raimund Genes, CTO Innovation In Cloud Security.

Copyright 2012 Trend Micro Inc. Raimund Genes, CTO Innovation In Cloud Security.
Hadoop in the Wild CMSC 491 Hadoop-Based Distributed Computing Spring 2015 Adam Shook.

Hadoop in the Wild CMSC 491 Hadoop-Based Distributed Computing Spring 2015 Adam Shook.
Observation Pattern Theory Hypothesis What will happen? How can we make it happen? Predictive Analytics Prescriptive Analytics What happened? Why.

Observation Pattern Theory Hypothesis What will happen? How can we make it happen? Predictive Analytics Prescriptive Analytics What happened? Why.
Running Hadoop-as-a-Service in the Cloud

Running Hadoop-as-a-Service in the Cloud
1 Advanced Data Structures. 2 Topics Data structures (old) stack, list, array, BST (new) Trees, heaps, union-find, hash tables, spatial, string Algorithm.

1 Advanced Data Structures. 2 Topics Data structures (old) stack, list, array, BST (new) Trees, heaps, union-find, hash tables, spatial, string Algorithm.
Hadoop tutorials. Todays agenda Hadoop Introduction and Architecture Hadoop Distributed File System MapReduce Spark 2.

Hadoop tutorials. Todays agenda Hadoop Introduction and Architecture Hadoop Distributed File System MapReduce Spark 2.
CS 405G: Introduction to Database Systems 24 NoSQL Reuse some slides of Jennifer Widom Chen Qian University of Kentucky.

CS 405G: Introduction to Database Systems 24 NoSQL Reuse some slides of Jennifer Widom Chen Qian University of Kentucky.
Cloud Computing Other Mapreduce issues Keke Chen.

Cloud Computing Other Mapreduce issues Keke Chen.
Chapter 2: Business Intelligence Capabilities

Chapter 2: Business Intelligence Capabilities
Copyright © 2012 Cleversafe, Inc. All rights reserved. 1 Combining the Power of Hadoop with Object-Based Dispersed Storage.

Copyright © 2012 Cleversafe, Inc. All rights reserved. 1 Combining the Power of Hadoop with Object-Based Dispersed Storage.
HADOOP ADMIN: Session -2

HADOOP ADMIN: Session -2
Hadoop Team: Role of Hadoop in the IDEAL Project ●Jose Cadena ●Chengyuan Wen ●Mengsu Chen CS5604 Spring 2015 Instructor: Dr. Edward Fox.

Hadoop Team: Role of Hadoop in the IDEAL Project ●Jose Cadena ●Chengyuan Wen ●Mengsu Chen CS5604 Spring 2015 Instructor: Dr. Edward Fox.
This presentation was scheduled to be delivered by Brian Mitchell, Lead Architect, Microsoft Big Data COE Follow him Contact him.

This presentation was scheduled to be delivered by Brian Mitchell, Lead Architect, Microsoft Big Data COE Follow him Contact him.
Page 1 © Hortonworks Inc. 2011 – 2014. All Rights Reserved Hortonworks Naser Ali UK Building Energy Management Group Hadoop: A Data platform for businesses.

Page 1 © Hortonworks Inc – All Rights Reserved Hortonworks Naser Ali UK Building Energy Management Group Hadoop: A Data platform for businesses.
U.S. Department of the Interior U.S. Geological Survey David V. Hill, Information Dynamics, Contractor to USGS/EROS 12/08/2011 Satellite Image Processing.

U.S. Department of the Interior U.S. Geological Survey David V. Hill, Information Dynamics, Contractor to USGS/EROS 12/08/2011 Satellite Image Processing.
USING HADOOP & HBASE TO BUILD CONTENT RELEVANCE & PERSONALIZATION Tools to build your big data application Ameya Kanitkar.

USING HADOOP & HBASE TO BUILD CONTENT RELEVANCE & PERSONALIZATION Tools to build your big data application Ameya Kanitkar.
Tyson Condie.

Tyson Condie.

Similar presentations

Ads by Google