(carefully edited) summary of california meeting, dec 2017
TRANSCRIPT
Group and Join: Pthread Loop 1
traffic data
map
/* srcIP, destIP */
typedef struct _result {
map<string, string> m;
pthread_mutex_t mutex;
} result_t;
result_t result;
thread 1…N
https://github.com/RuoAndo/nii-cyber-security-admin/blob/master/eigen/group/group7.cpp
traffic data
map
vector
Group and Join: Pthread Loop 2
https://github.com/RuoAndo/nii-cyber-security-admin/blob/master/eigen/group/group7.cpp
thread 1…N
/* dataNo(counter), bytes */
typedef struct _result2 {
map<int, int> bytes_all;
map<int, int> bytes_sent;
map<int, int> bytes_recv;
map<int, int> nSessions;
pthread_mutex_t mutex;
} result2_t;
result2_t result2;
Group and Join: Pthread Loop 1
Reduced Data
Labeled data
thread 1…N
https://github.com/RuoAndo/nii-cyber-security-admin/blob/master/eigen/group/group7.cpp
sourceIP, destIP, bytes, bytes_sent, bytes_recv,
occurrence
A,B,28199,7000,21136,24
0:(0.0%) <
44363:(2.53048526588%):87501.5,474065,4.85761
1:(5.7040445098e-05%) <
43496:(2.48103119998%):26552.2,331767,4.28941
5:(0.00028520222549%) <
43742:(2.49506314948%):25774,260326,4.74686
0:(0.0%) <
Hidden Cobra
SOURCE: https://www.us-cert.gov/ncas/alerts/TA17-164A
①CVE-2015-6585: Hangul
Word Processor Vulnerability
②CVE-2015-8651: Adobe Flash
Player 18.0.0.324 and 19.x
Vulnerability
③CVE-2016-0034: Microsoft
Silverlight 5.1.41212.0
Vulnerability
④CVE-2016-1019: Adobe Flash
Player 21.0.0.197 Vulnerability
⑤CVE-2016-4117: Adobe Flash
Player 21.0.0.226 Vulnerability