Finding Needles in Haystacks @ Ruxcon
Yesterday I was in Melbourne presenting “Finding Needles in Haystacks (the size of countries)” at Ruxcon. If you are looking for the latest version of the slides they are here – [PDF] [Slideshare]. It was an awesome conference with high quality presentations. Special thanks to Chris Spencer and the Ruxcon panel for selecting our CFP.
I was a little concerned about how it would be received as ‘Big Data’ hasn’t really penetrated the security world yet. However that fear was soon dispelled and I think our visualisations really helped to reinforce the concepts.
The Worldwide Attack Globe received a great response. It showed almost 1 Million attacks over a 12 day period. This was a real world dataset from an early customer of Packetloop’s.
The Worldwide Attack Globe can also be used to show/filter different data types. In this example I demoed how TOR endpoints can be plotted on the globe and then I zoom in on a very persistent attacker from the Republic of Ireland.
One of the concepts I wanted to focus on was that of data fidelity. Big Data tooling enables the ability to maintain full fidelity from years to minutes. Further to this sometimes it’s seeing data in a different way or seeing it animate that brings on the discovery and knowledge. This was shown in the ‘Full HD – Play, Pause and Rewind’ demonstration.
Thanks again to everyone who attended and filled Room 1. Also thanks to all those who took time out to chat with us and share ideas.