AIT Austrian Institute of Technology GmbH

Österreich

Fertigungssysteme, Materialien

Video

GRAPHSENSE - platform for the analysis of transaction flows in crypto-currency systems

On Tuesday evening, April 9, 2019, Austrian Minister for Digitalization Margarete Schramböck awarded the State Prize for Digitalization for the first time during the 4Gamechangers Festival in the Marxhalle in Vienna. The forensic analysis platform GRAPHSENSE, developed at the AIT Austrian Institute of Technology, which was nominated for the State Prize for Digitization 2019 among the top 3 in the category "Digital Products and Solutions", was awarded a certificate. An independent jury of experts from various disciplines had previously selected nominations from 115 submissions, which were then ceremonially awarded during the 4Gamechangers-Festival, the ideal platform for new ideas and innovations through digitization. The high-tech solution was developed at the AIT for the analysis of transaction flows in crypto-currency systems such as Bitcoin, Bitcoin Cash, Litecoin or Zcash and will be used in the future to support authorities in the fight against organized financial crime and the detection of illegal activities in the darknet. But also in the context of compliance and smart contracts, the open source tool has great potential for use at fintechs, banks, insurance companies, energy providers and operators of large industrial plants. As a forensic analysis platform, GRAPHSENSE has been and is being continuously developed in several international R&D projects. Combined with an intuitive and easy-to-use interface, the tool impresses with its excellent future-oriented capabilities.

AIT in

Video

AECID Demo – Anomaly Detection with AMiner and Reporting to IBM QRadar

This video introduces the AMiner as a log-based anomaly detection tool. The AMiner allows to create pipelines for collecting, parsing, filtering, and analyzing log data. Thereby, the pipeline can be individually configured using modules from the ÆCID toolbox (https://aecid.ait.ac.at/), including parsing models, detectors, and interfaces to established standards such as message queues. In the video, we briefly outline the theoretical background of AMiner’s efficient log parsing and anomaly detection approach and then demonstrate its practical application in a scenario involving an attack on a Horde Webmail web server (CVE-2019-9858). Finally, the disclosed anomalies are viewed in IBM’s QRadar SIEM. Analysis techniques presented in this video include: • New event detection (log lines that do not cohere with the parser model) • Anomalous value detection (new parameter values in log lines) • Anomalous combination detection (new occurrence of groups of parameter values) The video is split up in the following sections: • 00:00 Background: Learning of log data structures and creation of parsing models • 03:19 Demo: Configuring and running the AMiner • 06:10 Demo: Learning of normal behavior • 08:37 Demo: Execution of an attack and detection of anomalies • 11:58 Demo: Visualization and analysis within the QRadar SIEM The tool is suitable to replace logcheck but also to operate as a sensor feeding a SIEM. The project is available open-source on github: https://github.com/ait-aecid/logdata-anomaly-miner The QRadar Community Edition is available at https://developer.ibm.com/qradar/ce/ An extended version of the log data set used in this demonstration is available at https://zenodo.org/record/3723083

AIT in

Video

VCSW19 - Vienna as a global centre for cyber security

In mid-March 2019, Vienna was the hub for international players in the field of cyber security for the third time during the Vienna Cyber Security Week 2019 (VCSW19). From 11-15 March 2019, more than 700 participants from over 70 countries worldwide gathered in the Austrian Federal Economic Chamber in Vienna to discuss current challenges and solutions for the protection of our global, networked critical infrastructures in areas such as energy, communications, transport and smart cities. The successful format, in existence since 2017, was organised by the AIT Austrian Institute of Technology, the WKO Aussenwirtschaft Austria and the Energypact Foundation, in close cooperation with the International Telecommunication Union (ITU), the International Electrotechnical Commission (IEC) and the Organisation for Security and Cooperation in Europe (OSCE). Further information: https://www.ait.ac.at/vcsw19 Prospect 2020: Under the motto “Global Discussion for a Connected World”, the AIT Austrian Institute of Technology along with the WKO Aussenwirtschaft, national and international partners is organizing the conference International Digital Security Forum (IDSF) Vienna to be held from 02 – 04 December 2020 in Vienna Austria. The IDSF builds on the success of the Vienna Cyber Security Week, in addressing the larger issue of digital transformation, the changing face of security, and the associated current and future societal challenges. Stay updated: https://idsf.io/

AIT in

Video

AECID Demo - Logdata Anomaly Miner (AMiner)

This video shortly introduces the logdata-anomaly-miner (AMiner) and its capabilities. The component allows to create log analysis pipelines to analyze log data streams and detect violations or anomalies. It can be run from console, as daemon with e-mail alerting and interfacing message queues or embedded as library into own programs. It was designed to run the analysis with limited resources and lowest possible permissions to make it suitable for production server use. Analysis methods demonstrated in this video include: * Pattern detection similar to logcheck but with extended syntax and options (open-source) * ComboDetector for the detection of new data elements (IPs, user names, MAC addresses) and their combined occurrences (open-source) * VariableTypeDetector for statistical anomalies of parameter values, distributions, and frequencies (not open-source) * CorrelationDetector for generating and checking event correlation rules (not open-source) The tool is suitable to replace logcheck but also to operate as a sensor feeding a SIEM. Documentation: * https://git.launchpad.net/logdata-anomaly-miner/plain/source/root/usr/share/doc/aminer/Readme.txt (intro) * https://git.launchpad.net/logdata-anomaly-miner/plain/source/root/usr/share/doc/aminer/Analysis.txt (analysis component docu) * https://git.launchpad.net/logdata-anomaly-miner/tree/source/root/usr/share/doc/aminer/ParanoidsInstallationGuide.txt (installation guide) * https://aecid.ait.ac.at/ (ÆCID website) Binary packages: * https://launchpad.net/~mwurzenberger/+archive/ubuntu/ppa (bionic all) * https://packages.debian.org/sid/logdata-anomaly-miner (sid all) * https://launchpad.net/logdata-anomaly-miner/+download (CentOS - alien build!)

AIT in

Filtern

Suchbegriff

Unterkategorie

Firmen

Inhaltstyp

Firmentyp

Land