EMELIA Yamson My Email: ewyamson@nosmay.com

Big Data & Intelligence Driven Security

©2013 AKAMA FASTER FORWARDTM

Introduction to Big Data

Big Data - Introduction

High volume, velocity and variety

information assets that demand cost-

effective, innovative and reliable forms of

information processing for enhanced

insight and decision making

3

Big Data – Introduction Cont.

• Variety – Big data is any type of data: structured and unstructured data such as text, sensor data, audio, video, click

streams, log files and more. New insights are found when

analyzing these data types together

• Volume – Enterprises are awash with ever-growing data of all types, easily amassing terabytes even petabytes of information

• Velocity – For time-sensitive processes such as catching fraud, big data must be used as it streams into your

enterprise in order to maximize its value

4

©2013 AKAMA FASTER FORWARDTM

Security Trends & Challenges

Security Trends & Challenges Up to date organizations confront unprecedented security arising mainly from:

risks

1. Mobility, dissolves

and the “consumerization” of enterprise IT network boundaries

6

Security Trends & Challenges – Mobility, and I

T “consumerization”

7

Security Trends & Challenges Cont. 2. Highly

skilled, attacks

sophisticated, non signature targeted cyber

8

Security Trends & Challenges Cont.

circumvent traditional security systems

requires organizations to reinvent their

security approach

9

The dissolution of traditional defensive

perimeters coupled with attackers ability to

©2013 AKAMA FASTER FORWARDTM

Big Data & Intelligence Driven Security

Big Data & Intelligence Driven Security Big Data fuels intelligence driven security – • Big data encompasses the breadth of sources and the

information depth needed to:

1)

2)

3)

Assess risks

Detect illicit activities and advanced cyber threats

Allow advanced predictive capabilities and automated RT controls

4)

5)

Serve cyber incident response & investigation services

Deliver compliance

11

Big

Data & Intelligence Driven Security – What & How

12

©2013 AKAMA FASTER FORWARDTM

Big Data & Intelligence Driven Security Use Case

Akamai Confidential Faster ForwardTM ©2012 Akamai I |

Use case – Web User Identity & Big Data

The Goal –

• Verify web customer identity The Process – • Generate, maintain and store a precise continuously evaluated

digital fingerprint of every web customer, based on behavioral

monitoring combined with other "biometrics" measurements

The Means – •

•

•

Ongoing active & passive user activity data feeds 3rd party intelligence (reputation, fraud etc.) Big data platform

14 ©2013 AKAMAI | FASTER FORWARDTM

Big Da Store &

User rofilePs

ocess ed DCa oammo Profil s

cess

Intern Feeds Data eeds eEexdtesrna

ata Extrac ed D

Use case – User Identity & Big Data

Data

Device Patterns

Access Patterns

LocationP Activity Patterns

Access Patterns

Location n Device Activity Patterns r t e Patterns Patterns Patterns

Preconfigured Users Profile Correlation

Rules

Preconfigured Data Rules Correlation

Preconfigured Data Rules

Preconfigured Deviation Rules ta – Pro

Source IP & NW

Activity Time

Activity Type

Geo Location

Host ID

Reputation Rank

Fraud Rank

Device Fingerprint t

3rd Party Reputation

Data

3rd Party Fraud Data

3rd Party/ MSSPs

Data

Web Server Data

Mobile Operators

Data

DNS Log Data al F l F

15 15 ©2013 AKAMAI | FASTER FORWARDTM

C e a

Da a

Access

Week y Sun 2pm

3pm

Loca on P ange

US CA 2 71 2 1

Dev ce Dev ce Pad Sys CPU OS

3_2_1 ke Mac OS X P a om

App eWebK 531 21 10

B owse Sa a

Ac v y

Ma n R

C e a

Da a

C e a Da a

Access Week y Sun 2pm

3pm

Loca on P ange US CA 2 71 2 1

Dev ce Dev ce Pad Sys CPU OS

3_2_1 ke Mac OS X P a om

App eWebK 531 21 10

B owse Sa a

Ac v y Ma n R

C e a

Da a

W

3pm

US

FASTER FOR

ARDTM

C e a

Da a

Access

Days Sun 2 3pm

Mon 8 9am

Loca on P ange

US MA 18 1 1 3

18 1 2 3

Dev ce

Dev ce Mob e T Mob e 3G

Sys L nux P a om And o

d

2 3 4 App eWebK 533 1

Ac v y

W

Ma n�P oduc A

�P oduc B…

Access Week y Sa

10am 11am

Loca on P ange

US TX 34 1 1 1

Dev ce

Dev ce PC Mob e Sys W n8

OS5 01 32b 64b p oc

P a om App eWebK 537 36

Ac v y

Ma n

�Log n�Ca � Checkou

Access Week y Sa

10am 11am

Loca on P ange

US TX 34 1 1 1

Dev ce

Dev ce PC Mob e Sys W n8

OS5 01 32b 64b p oc

P a om App eWebK 537 36

Ac v y

Ma n

�Log n�Ca � Checkou

C e a

Da a

Access

Days Sun 2 3pm

Mon 8 9am

Loca on P ange

US MA 18 1 1 3

18 1 2 3

Dev ce

Dev ce Mob e T Mob e 3G

Sys L nux P a om And o

d

2 3 4 App eWebK 533 1

Ac v y Ma n�P oduc A

�P oduc B…

Web User Identity

Customers

& Big

Data Use case – Cont.

User Profiles Common Profiles

i i : i: i ; ; : : 3_

li li : ; ;l tl frtfr : : l l it/it/ . . . .

r rBro

r: r: f fri ri

10a-m- -11am

i i : : , , il il; ; : : i i , , i i i . . , , it i,t , it itr r ; ;

l tl frtfr : : l l it/it/ . .

�Loi

igin�Crtratrt�

Mon- 8- -

9am 1. 8. ..1. ..2.

).3) ) i i : : il il - - il il ;

; : :i i ; ; l ltfrtfr : : r ri i

. .. . l l it/it/ . .

16 ©2013 AKAMAI

riCrtirtirtieriria Dtat ta

Access Da:y:s: Sun- 2- -3p,m, ,

Loctitaitio(nI(I(IrPr rang) e) )

U, ,S, M(A( (1. 8. ..1. ..1.

;.3; ;

Dei ivice Device: Mobile T-Mobile

3G; Sys: Linux; Platfrom:

Android

2.3.4 AppleWebKit/533.1

Atitcititiivtity

I Mi iain�rPr rodut

tctA �rPr rodut tctB…

riCrtirtirtieriria Dtat ta

Access eel lk;l;y; Sun 2p-

m- - Loctitaitio(nI(I(IrPr rang)

e) ) , , , C(A( .(2. .7. 1. ..2.

).1) ) Dei ivice Device: iPad; Sys: CPU OS

2_1 like Mac OS X;

Platfrom

AppleWebKit/531.21.10

wser: Safari

Atitcititiivtity Mi iai(n( ) )

riCrtirtirtieriria Dtat ta

Access Weel lk;l;y; St tat

Loctitaitio(nI(I(IrPr rang) e) )

U, ,S, T(X( (3. 4. ..1. ..1.

).1) ) Dei ivice Device: PC, Mobile; Sys:

Win8, OS5.01, 32bit , 64bit

proc; Platfrom:

AppleWebKit/537.36

Atitcititiivtity Mi iain

Checkotut t

©2013 AKAMA FASTER FORWARDTM

From Big Data to Big Insights – Best Practice Guidelines

Akamai Confidential Faster ForwardTM ©2012 Akamai I I

From Big Data to Big Insights – Best Practice Guidelines 1) 2)

3)

Define your objectives Understand the potential data feeds needed to meet the objectives

Understand the process needed to obtain, format correctly, clean and

standardize

Assess the platform and infrastructure needed to obtain, process,

manage and use the data

Start small

4)

5) 6) 7)

Assure data is safe and private Be transparent about data practices

18

©2013 AKAMA FASTER FORWARDTM

Thank You