mongodb, ants, and the ic
DESCRIPTION
The story of ANTS, an organic network traffic generation tool; a unique problem space and opportunity, and the use of MongoDB as a key part of the solution.TRANSCRIPT
![Page 1: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/1.jpg)
MongoDB, ANTS, and the IC
A Technological Love Story
![Page 2: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/2.jpg)
Overview•The State of the Cyber World
•The Intelligence Community (IC), Challenges, and the Mongo solution
•An Idea
•ANTS - A Product
•Moving Forward
![Page 3: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/3.jpg)
Current State of the Cyber World
"...During the past year, there have been 200 attacks on core critical infrastructures in the transportation, energy, and communication industries reported to the Department of Homeland Security..."
- Sen. Susan Collins, R-Maine, and ranking member of the Senate Homeland Security and Governmental Affairs Committee.
![Page 4: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/4.jpg)
Current State Continued...
Over the next few years, hackers will become more sophisticated, said Charles Croom, vice president of cyber security solutions at Lockheed Martin Information Systems & Global Solutions. This doesn’t necessarily mean that the technologies are becoming more advanced — even the most sophisticated threats often use known vulnerabilities and malware, Croom said — but the adversaries have become more effective.
-National Defense Magazine
![Page 5: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/5.jpg)
Current State Continued...
•Cyber threats get personal
✴Mobile Malware
✴Medical Identity Theft
✴Ransom Malware
✴Hacktivism
![Page 6: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/6.jpg)
The IC Mission
Primary Mission: "...to collect and convey the essential information the President and
members of policymaking, law enforcement, and military communities require to execute
their appointed duties." (intelligence.gov)
![Page 7: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/7.jpg)
Mission, Continued...
• Members of the IC:
✴ Collect and Assess intel on
✦ International Terrorists
✦ Narcotics activities
✦ Hostile Activities:
✤ Foreign powers, organizations, persons, and their agents
✤ Foreign intelligence directed against US
![Page 8: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/8.jpg)
Our Challenges•Data is BIG
•Data is unstructured
•Data is constantly evolving and changing
•Technologies are evolving and changing
![Page 9: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/9.jpg)
The Social Network
All generating data!
All communicating data!
The data is sensitive!
![Page 10: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/10.jpg)
Scale of the ICHighly distributed!
All collecting data!
All enhancing data!
All transforming data!
All sharing data!
![Page 11: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/11.jpg)
Evolve to Adapt
•How do we keep up with the Data Explosion and the need to bring something to market tomorrow?
•How can we react quickly by adapting to evolving data and threats?
•Useful data gets the most attention, how can we make it more accessible?
MongoDB is a Perfect Fit!
![Page 12: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/12.jpg)
Why Mongo in the IC?
•Distributed and scalable
•Easy to stand up
•Deals well with unstructured data
•Technology stack friendly
•Cheap and accessible!
We love MONGO
![Page 13: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/13.jpg)
The Birth of an Idea
•Network Traffic Generation:
✴Not a PCAP hose
✴Organic generation
✴Scripted Actions for organized and planned activity
✴ Interactivity
![Page 14: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/14.jpg)
![Page 15: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/15.jpg)
Top Level Design
![Page 16: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/16.jpg)
Retrospective•Needs?
✴Stability
✴Quick time to market
✴Flexible data model
✴Scalable infrastructure
•Options?
![Page 17: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/17.jpg)
SQL RDBMS Solutions MongoDBSchema is rigid, inflexible, high maintenance
Fits very well for volatile data
Learning curve of the relational model and design
Simple to implement and easy to use
Difficult to scale out with high availability
Easy to scale out, automatic sharding, distributing data over multiple nodes, with high availability
High cost of proprietary hardware and software
Low cost, open source software, commodity based hardware
Causes major interruptions to rapid development cycles
Rapid development cycles AND programmer friendly
RDBMS vs MongoDB
![Page 18: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/18.jpg)
Why Mongo for our Product?
•Minimal cost for capability coverage
•Plays nicely with other technologies
•Standalone stable
•Short learning curve
•Quick time to market/rapid prototyping
![Page 19: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/19.jpg)
How ANTS benefits from Mongo
• Currently supported actions:
✴ HTTP GET’s & POST’s
✴ Chat Send & Response
✴ Email Send & Response
• Where does MongoDB fit in?
✴ Enables easy evolution
✴ Addition of new action types
✴ Future friendly
![Page 20: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/20.jpg)
Success•Four (4) successful version updates
in the six (6) months!
•Recently got buy in for our 2.0 expansions and GUI facelift from current client
•Expanding into new spaces with new clients
•Our current client is VERY happy
![Page 21: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/21.jpg)
ANTS 2.0!
•Two major components
✴Action scheduling feature
✴Upgraded GUI
•Opportunity to learn from client feedback and improve on multiple levels
![Page 22: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/22.jpg)
New Features
•Advanced Scheduling Features
•Google Calendar-like feel and scheduling
•Timeline view
•Intuitive workflow
•Seamless integration
![Page 23: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/23.jpg)
Month View
![Page 24: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/24.jpg)
Week View
![Page 25: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/25.jpg)
Day View
![Page 26: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/26.jpg)
Timeline!
![Page 27: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/27.jpg)
Updated User Experience
•Web 2.0 look and feel
•User workflow streamlined
•Additional enhancements based on client feedback
![Page 28: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/28.jpg)
Welcome
![Page 29: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/29.jpg)
Your Dashboard
![Page 30: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/30.jpg)
Your Actors
![Page 31: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/31.jpg)
Your Scripts
![Page 32: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/32.jpg)
For the Author
![Page 33: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/33.jpg)
Future of ANTS• Actors:
✴ Dynamic and automated creation
✴ easily scalable
• Actions
✴ SIP/VOIP
✴ Email attachments and execution
✴ Social Network interaction
• Scripts
✴ Auto-generated scripts based on Actors, Actions, and duration
![Page 34: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/34.jpg)
Match Made in Heaven
•Mongo really has everything we needed:
✴ Quick time to market
✴ How long to develop your initial prototype
✴ Learning curve and developer ease of use
✴ Stack flexible
✴ Data flexible
✴ Stability
![Page 35: MongoDB, ANTS, and the IC](https://reader036.vdocuments.us/reader036/viewer/2022062319/55515a59b4c905e1708b4c7e/html5/thumbnails/35.jpg)
Questions?