1 / 20

MIS 510 Cyber Analytic Project

MIS 510 Cyber Analytic Project. Aditya  Agrawal Hang Liu Meiqi Yang Yinchen  Li 2.26.2014. Slides Overview. Research Questions Our R esearch Design Sample code RAW Data screenshots Extra Tables / Figures Findings and Discussions. R esearch Questions -RQ 1 MAC OS X System

nida
Télécharger la présentation

MIS 510 Cyber Analytic Project

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. MIS 510 Cyber Analytic Project Aditya AgrawalHang LiuMeiqi YangYinchen Li 2.26.2014

  2. Slides Overview • Research Questions • Our Research Design • Sample code • RAW Data screenshots • Extra Tables / Figures • Findings and Discussions

  3. Research Questions -RQ 1 MAC OS X System -RQ 2 IoT Attack -RQ 3 Fake Anti-virus -RQ 4 Mobile Security

  4. Our Research Design

  5. Hacker Web/MYSQL SelectFlatContent, PostDate, PostRank Fromcnhonkerarmyposts WhereFlatContentLIKE "%RFID%" ORFlatContentLIKE "%Sensor%" ORFlatContentLIKE "%Node%“ OrderbyPostDateDESC; This example MYSQL code is used to collect all discussion on Hacker Web that related to IoT attacks (Based on 3 major methods, RFID, Sensor, and Node.)

  6. Shodan/Python from shodan import WebAPI SHODAN_API_KEY = "72WhTJ2fOPIhtepGEdaF5Qvevlv8znxB" api = WebAPI(SHODAN_API_KEY) try: results = api.search('MAC OS X') print 'Results found: %s' % results['total'] for result in results['matches']: print 'IP: %s' % result['ip'] print 'Country: %s' % result['country_name'] print result['data'] except Exception, e: print 'Error: %s' % e This example Python code is used to collect all open OS X devices in Shodan Database and show the IP address and location of the device (By Country)

  7. TOP 10 malicious programs for Mac OS X, H2 2012 RQ 1 MAC OS X http://www.securelist.com/en/analysis/204792255/

  8. RQ 1 MAC OS X This is the search result by Hacker Web, shows the topics that are related to Mac OS X system attacks. We searched all 4 language because OS X is a general terms even used by Russian and Arabic. We do the analytics based on data from 2009 because that is the year when major discussion about OS X system merges.

  9. RQ 1 MAC OS X -To the left is sample search output using python of all open OS X device. -To the right is the regional analytic of OS X distribution amount 3 major regions

  10. RQ 2IoT -To the left is result from Shodan of IoT and distribution by categories -To the right is overall aggregated result of IoT distribution (All 3 categories)

  11. RQ 2IoT This is the search result by Shodan, shows the distribution of IoT in 3 major categories: Medical devices, Buildings, And Government related host. The results shows the IP address and host country

  12. RQ 3 Fake Anti-virus--UI It shows the main screen of W32/FakeAV.KL!tr, a professional looking Antivirus software complete with menu and scanning window. In a normal clean computer, it will show that you are infected by at least 14 threats. https://blog.fortinet.com/how-to-spot-fake-antivirus-software/

  13. RQ 4 Mobile Security http://mediaserver.dwpub.com/press-release/22575/malware_goes_mobile.jpg

  14. RQ 4 Mobile Security https://www.iscanonline.com/assets/iScan%20Mobile%20Security%20Analysis%202013.pdf

  15. Findings and Discussions

  16. RQ 1 MAC OS X Number of Malware that can detect OS X system https://www.securelist.com/en/analysis/204792231/IT_Threat_Evolution_Q1_2012

  17. RQ 2IoT

  18. RQ 3 Fake Anti-virus Hacker Web discussion about Fake Anti Virus Software Aggregated result for all Fake AV discussion from 2006 to 2013

  19. RQ 4 Mobile Security Number of Hacker Web discussions about mobile Security Issues from 2009 ~ 2013

  20. RQ 4 Mobile Security--Mobile Malware http://mediaserver.dwpub.com/press-release/22575/malware_goes_mobile.jpg

More Related