Upload File

patterns & anomalies in cyberspace

20
CYBERSPACE PATTERNS & ANOMALIES IN TIM BASS

Upload: tim-bass

Post on 10-Apr-2017

7 views

Category:

Technology


0 download

Report

TRANSCRIPT

Page 1: Patterns & Anomalies in Cyberspace

CYBERSPACE PATTERNS & ANOMALIES IN

TIM BASS

Page 2: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017TIM BASS 9 MARCH 2017

CYBERSPACE SITUATIONAL AWARENESS

PRESENTATION DOI 10.13140/RG.2.2.31306.77766/2

Page 3: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017TIM BASS 9 MARCH 2017

VISUALIZING NEAR REAL TIME NETWORK OBJECTS & RELATIONSHIPS

FOR INCREASED SITUATIONAL KNOWLEDGE OF CYBERSPACE ACTIVITY & ANOMALIES

PRESENTATION DOI 10.13140/RG.2.2.31306.77766/2

Page 4: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017PRESENTATION DOI 10.13140/RG.2.2.31306.77766/2

CLANDESTINE BAIDU BOTS …. GEOIP CHINA

TIM BASS 9 MARCH 2017

INDEXING WEBSITE CLANDESTINELY

BLOCKED

Page 5: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017

CLANDESTINE BAIDU BOTS …. GEOIP CHINA

TIM BASS 9 MARCH 2017PRESENTATION DOI 10.13140/RG.2.2.31306.77766/2

INDEXING WEBSITE CLANDESTINELY

BLOCKED

Page 6: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017

LINK INDEXING BOT NETWORK …

TIM BASS 9 MARCH 2017PRESENTATION DOI 10.13140/RG.2.2.31306.77766/2

INDEXING WEBSITE IDENTIFIED AS

AHREF BOTS - GEOIP US

PERMISSION GRANTED

Page 7: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017

CLANDESTINE BAIDU BOTS …. GEOIP BRAZIL

TIM BASS 9 MARCH 2017

UNREGISTERED USER

REGISTERED WEBSITE USER

PRESENTATION DOI 10.13140/RG.2.2.31306.77766/2

Page 8: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017

CLANDESTINE BAIDU BOTS …. GEOIP BRAZIL

TIM BASS 9 MARCH 2017

“NORMAL” BOT NETWORKS PRESENTATION DOI 10.13140/RG.2.2.31306.77766/2

BLOCKED

Page 9: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017TIM BASS 9 MARCH 2017

CLANDESTINE BAIDU BOTS …. GEOIP CHINA

PRESENTATION DOI 10.13140/RG.2.2.31306.77766/2

INDEXING WEBSITE CLANDESTINELY

BLOCKED

Page 10: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017TIM BASS 9 MARCH 2017

PATTERN-BASED ANOMALY DETECTION

OBSERVE SITUATIONS IN CYBERSPACE

4

- PATTERNS ANOMALIES - STRANGE BEHAVIOR - UNEXPECTED SITUATIONS - UNEXPLAINABLE OBSERVATIONS

PRESENTATION DOI 10.13140/RG.2.2.31306.77766/2

Page 11: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017TIM BASS 9 MARCH 2017PRESENTATION DOI 10.13140/RG.2.2.31306.77766/2

CLANDESTINE BAIDU BOTS …. GEOIP BRAZIL

A CLOSER LOOK SHOWS > 200 BOTS DISGUISED AS NORMAL USERS

BLOCKED

Page 12: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017

NORMAL “LARGE” BOTNET - INDEXING

WEBSITE AS AFREF BOTS

TIM BASS 9 MARCH 2017

LARGE “IDENTIFIED” SEARCH BOT NETWORK - GEOIP US

PRESENTATION DOI 10.13140/RG.2.2.31306.77766/2

PERMISSION GRANTED

Page 13: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017TIM BASS 9 MARCH 2017PRESENTATION DOI 10.13140/RG.2.2.31306.77766/2

CLANDESTINE BOT NETWORK - GEOIP KOREA …

INDEXING WEBSITE DISGUISED AS NORMAL WEB USERS (NOT BOTS)

BLOCKED

Page 14: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017TIM BASS 9 MARCH 2017PRESENTATION DOI 10.13140/RG.2.2.31306.77766/2

CLANDESTINE “BANKRUPT IP ADDRESS BLOCK” BOTNET - GEOIP US …

ADDRESS SPACE ASSIGNED TO BANKRUPT GRAPHICS CHIP COMPANY NOW RUNNING

UNIDENTIFIED BOT NETWORK FROM ASSIGNED IP ADDRESS SPACE

CI - TRIDENT MICROSYSTEMS SID-18863 BLOCKED

Page 15: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017TIM BASS 9 MARCH 2017PRESENTATION DOI 10.13140/RG.2.2.31306.77766/2

CLANDESTINE BOT NETWORK - GEOIP INDIA …

SUSPICIOUS ACTIVITY FROM IP ADDRESS CLUSTER IN INDIA

ADDED TO WATCH LIST

Page 16: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017TIM BASS 9 MARCH 2017PRESENTATION DOI 10.13140/RG.2.2.31306.77766/2

YANDEX BOT DISGUISED AT MOBILE DEVICE - GEOIP RUSSIA …

YANDEX BOT IDENTIFYING ITSELF AS AN APPLE IOS

DEVICE IN USER AGENT (UA) STRING

IGNORED

Page 17: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017TIM BASS 9 MARCH 2017

PATTERN-BASED VISUAL ANOMALY DETECTIONSHOULD APPLIED TO MOST (IF NOT ALL) NETWORK OBJECTS

- WEBSITES & SERVERS - MOBILE PHONES - SMART DEVICES - IOTS - NETWORK INFRASTRUCTURE

PRESENTATION DOI 10.13140/RG.2.2.31306.77766/2

Page 18: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017TIM BASS 9 MARCH 2017

REFERENCESTIM BASS, INTRUSION DETECTION SYSTEMS AND MULTISENSOR DATA FUSION, COMMUNICATIONS OF THE ACM 43(4): 99-105, APRIL 2000, DOI 10.1145/332051.332079

TIM BASS, CYBERSPACE SITUATIONAL AWARENESS DEMANDS MIMIC TRADITIONAL COMMAND REQUIREMENTS, SIGNAL, OFFICIAL PUBLICATION OF AFCEA, FEBRUARY 2000, DOI 10.13140/RG.2.2.27068.85127

TIM BASS, CYBERSPACE SITUATION GRAPHS - A BRIEF OVERVIEW, PRESENTATION, AFFILIATION: WWW.THECEPBLOG.COM, SEPTEMBER 2016, DOI 10.13140/RG.2.2.16014.56643/9

TIM BASS, A JOURNEY INTO CYBERSPACE, PRESENTATION, AFFILIATION: WWW.THECEPBLOG.COM, MARCH 4, 2017, DOI 10.13140/RG 2.2.26109.77284/1

PRESENTATION DOI 10.13140/RG.2.2.31306.77766/2

MY SINCERE APOLOGIES FOR THE SELF-REFERENCES

http://www.thecepblog.com
http://www.thecepblog.com
Page 19: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017

Page 20: Patterns & Anomalies in Cyberspace

TIM BASS 8 MARCH 2017

© TIM BASS, MARCH 2017

ALL RIGHTS RESERVED [email protected]

PRESENTATION DOI 10.13140/RG.2.2.31306.77766/2 9 MARCH 2017


2 predicting large-scale anomalies and patterns

Cyberspace Geography Visualization

Cyberspace Textuality

CoreScope: Graph Mining Using k-Core Analysis - Patterns ...kijungs/papers/kcoreICDM2016.pdf · CoreScope: Graph Mining Using k-Core Analysis - Patterns, Anomalies and Algorithms

Diplomacy in Cyberspace

Governing Cyberspace

Internet and cyberspace

Distant Reading Texts Adam Crymble. Distant Reading - Outline Historical Corpora Linguistics and Statistics Patterns and Anomalies

Detecting Patterns of Anomalies

Disability Patterns Among SSI Recipients · Disability Patterns Among SSI Recipients ... roid and pituitary gland disorders. ... Congenital anomalies (2 per-

Subtropical Cells and Vertical Structure · Do decadal anomalies prefer Sverdrup or baroclinic patterns (McPhaden and Zhang)? • The meridional and modal structure of the anomalies

Cyberspace & Digital Divide

children in cyberspace

Privacy & Cyberspace

CYBERSPACE addiction

Zapatistas in Cyberspace

Battlefield: Cyberspace

Cyberspace as a domain of operations NATO's Role in Cyberspace€¦ · Cyberspace as a domain of operations: Since the Allies recognised cyberspace as a domain of operations in 2016,

Patterns & Anomalies in Cyberspace

Cyberspace LTE

Disability Patterns Among SSI Recipients - Social · PDF file · 2014-11-18Disability Patterns Among SSI Recipients ... roid and pituitary gland disorders. ... Congenital anomalies

The Colonization of Cyberspace - Gordon Bellgordonbell.azurewebsites.net/Colonization of Cyberspace 000310.…  · Web viewThe Colonization of Cyberspace. Gordon Bell. Senior Researcher

“Enduring Cyberspace Operations Command and Control … · “Enduring Cyberspace Operations Command and Control Framework ... 3, The Enduring Cyberspace C2 . ... - 2010 National

What’s In Cyberspace

Can Price Anomalies been Obtained by Using Candlestick Patterns?mx.nthu.edu.tw/~ylihuang/pdf/Candle.pdf · 2013-12-04 · Can Price Anomalies been Obtained by Using Candlestick Patterns?

Essentials Of Cyberspace Law Cal Bar Cyberspace Commt

Department of Defense Cyberspace Workforce Strategydodcio.defense.gov/Portals/0/Documents/DoD Cyberspace Workforce... · Department of Defense. Cyberspace Workforce Strategy. December

Cyberspace and Transportation

BGP-lens: Patterns and Anomalies in Internet Routing Updates

Mapping Cyberspace

Mining for Patterns and Anomalies in Data Streams

Cyberspace jurisdiction

GA Cyberspace

GEE: A Gradient-based Explainable Variational Autoencoder ... · Anomalies in network can arise due to attacks and threats in the cyberspace, such as different kinds of DDoS attacks

[TECHNOLOGY ROADMAP FOR CYBERSPACE SECURITY] · KEMENTERIAN SAINS, TEKNOLOGI & INOVASI, MALAYSIA Technology Roadmap for Cyberspace Security 1. Introduction to Cyberspace Security