Akamai 엣지 보안 솔루션 | Akamai · 2020-06-05 · Akamai 엣지보안 솔루션 6 봇관리 봇은기업웹사이트트래픽의 30~70%를차지하고성능저하, 고객감소,
Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai
-
Upload
akamai-technologies -
Category
Technology
-
view
2.407 -
download
1
description
Transcript of Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai
![Page 1: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/1.jpg)
Big Data IntelligenceOr Katz, Principal Security Researcher
Tsvika Klein, Security Product Manager
![Page 2: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/2.jpg)
©2013 AKAMAI | FASTER FORWARDTM
August 30 2013Cyber Attack
Origin: syria
target: major US media sitestype: Orchestrated & synced recon
scan & d.d.o.s
outcome: attacks blocked by akamai konaanalysis: further analysis made using
Akamai’s security big data platform...
![Page 3: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/3.jpg)
©2013 AKAMAI | FASTER FORWARDTM
Aug-20 Sep-11Aug-30 Sep-4
Attacks from Syria (Aug-Oct)
Avg. Attacks from Syria (2013)
سوريا (Syria) Google Trends
Attacks from TOR Network
![Page 4: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/4.jpg)
©2013 AKAMAI | FASTER FORWARDTM
The AUG-30 Syrian Attack Deconstructed…
![Page 5: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/5.jpg)
©2013 AKAMAI | FASTER FORWARDTM
Big Data - Introduction
![Page 6: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/6.jpg)
©2013 AKAMAI | FASTER FORWARDTM
Akamai is Big Data
30% of Internet traffic Delivered by Akamai
100K+ Edge servers Collecting data in real time
734 Million IPv4 addresses seen by Akamai (quarterly)
30 Billion Security events logged
260 Terabytes Compressed daily logs
![Page 7: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/7.jpg)
Security Big Data Challenge #1
![Page 8: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/8.jpg)
Security Big Data Challenge #2
![Page 9: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/9.jpg)
©2013 AKAMAI | FASTER FORWARDTM
Rate Triggers
IP Table Logs
WAF Triggers
Akamai’s Big Data Platform – High Level Architecture
Big Data Platform
Geo InfoGeo Info
HTTPHTTP
IPIP
Client Reputatio
n
SARA Client Reputation Threat Reports
![Page 10: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/10.jpg)
©2013 AKAMAI | FASTER FORWARDTM
Security Analytics with SARA
• Interactive Tool to Analyze Kona Events
• Reporting Engine to generate the WAF Analysis Report
![Page 11: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/11.jpg)
©2013 AKAMAI | FASTER FORWARDTM
Client Reputation
Record past behavior and use the data to protect everyone
• Analyze activity over the Internet• We see majority of all Web users over period of one month
• Focus on the source of the attack
• Identify good and bad clients based on past behavior
• Define an attack reputation score for clients
• Filter malicious client based on reputation score
• Distributed to over 100K Edge servers
• Shared across our customers
![Page 12: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/12.jpg)
©2013 AKAMAI | FASTER FORWARDTM
Client Reputation Definition
“To provide security intelligence … a reputation provider must take
action in three phases. It must collect relevant data, it must analyze this
data for security intelligence … and it must distribute the results quickly
and efficiently to security policy enforcement ...”
Source: Gartner, Dec 2012
![Page 13: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/13.jpg)
©2013 AKAMAI | FASTER FORWARDTM
Big Data analysis – Use cases
•
•
•
![Page 14: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/14.jpg)
©2013 AKAMAI | FASTER FORWARDTM
Web LOIC
![Page 15: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/15.jpg)
©2013 AKAMAI | FASTER FORWARDTM
Web LOIC Attack
Attackers!
![Page 16: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/16.jpg)
©2013 AKAMAI | FASTER FORWARDTM
Grow revenue opportunities with fast, personalized
web experiences and manage complexity from peak
demand, mobile devices and data collection.
![Page 17: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/17.jpg)
©2013 AKAMAI | FASTER FORWARDTM
Scraping Bot Net
Attacker - $?$?$
![Page 18: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/18.jpg)
©2013 AKAMAI | FASTER FORWARDTM
Anonymous Networks
• Tor
• Opera mini (cloud browsing)
• Blackberry infrastructure
• Cloud services
![Page 19: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/19.jpg)
©2013 AKAMAI | FASTER FORWARDTM
Big Data - Summary
• Insight like never before
• Helps to address the evolving threat landscape
• Innovative security solutions to protect our customers
![Page 20: Big Data Intelligence - Or Katz, Akamai and Tsvika Klein, Akamai](https://reader034.fdocuments.net/reader034/viewer/2022051208/54749afcb4af9f980a8b56ea/html5/thumbnails/20.jpg)
©2013 AKAMAI | FASTER FORWARDTM
Glance into the Future
Fraud Prevention
Risk Based Authentication
Adaptive Security Controls
Simplified Configuration