BigSnarf blog

Infosec FTW

Use cases for probabilistic data structures in Infosec metrics

Use Cases for monitoring counts on anything and for network monitoring

  • Network Login counts
  • Failed attempts per user
  • Failed attempts per groups
  • Failed attempts per role
  • Success counts for above
  • Passwords reset volumes per day, month, year
  • Counts for credentials per person
  • Password age
  • Password change day counts
  • Password lengths
  • User accounts counts for overall issued
  • Time elapsed for provision
  • Time elapsed for decommission
  • Time elapsed for authorization for changes
  • Number of privilege accounts per person
  • Infection counts per user
  • Infection counts per machine
  • Infection counts per IP
  • New account provisioning counts per hour, day, week, month, year
  • Success and failed for each IP per user counts
  • Counts of logins devices
  • Counts of login unique destinations
  • Packet Counts
  • Port Counts
  • DNS request counts per host
  • DNS over all
  • DNS request to internal devices
  • DNS request for each device
  • Per device aggregation of all types of traffic
  • Comparing the increase of the number of DNS requests per second with respect to the average number of DNS requests per second
  • DHCP request counts
  • Segment DHCP counts for lease requests
  • Availability
  • Packet Delay
  • Packet Reordering
  • Packet Loss
  • Packet Inter-arrival Jitter
  • Types of packets counters for each host
  • Bandwidth Measurements (Capacity, Achievable Throughputs)
  • Counts for twitter per user
  • Counts of tweets from user to user
  • Counts of uses of words in tweets
  • Counts of uses of hashtag in tweets
  • Counts of uses of any word or hashtag from specific locations
  • Device counts
  • Software counts
  • Application patch level counts
  • Active user counts
  • Inactive user counts
  • Remote login per country counts
  • Remote login per IP address counts
  • Website visit counts per user
  • Email counts
  • Email attachment counts
  • SPAM counts
  • Statistics for developer
  • Stats on access per application, IP address, service, user

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: