BigSnarf blog

Infosec FTW

Monthly Archives: April 2016

Cloudtrail Dashboards

Leave a comment Posted by on April 30, 2016

splunk_aws_app_topo_1awsServiceEventTrackingScreenshot

unnamed

CloudTrail Monitoring and Alerting

Are Overview Reports helpful?

  • Top 10 Events
  • Top 10 Locations
  • Top 10 Access Keys
  • Top 10 Services
  • Top 10 Ip Addresses
  • Unauthorized Access

Activity reports helpful?

  • List of Instances
  • Errors
  • Instance Activities

Audit reports helpful?

  • List Users
  • List Keys
  • Access Keys Used
  • Locations Used
  • User activities
  • User patterns

Machine Learning and Data Mining helpful?

Advertisements
Tools

Get Moar Data or Tough Luck

Leave a comment Posted by on April 24, 2016

ml_map.png

scikit-learn.org/stable/_static/ml_map.png

Tools

Lambda Architecture – Redis/Postgres

Leave a comment Posted by on April 24, 2016

Lambda-architecture-illustration

 

Speed Layer (Blue):

Query (Green Output):

Batch Layer (Purple):

  • S3 or Postgres
  • Luigi/Cro
  • Prediction Models Trained
  • Postgres

 

Newer research into lambda with http://www.vldb.org/pvldb/vol8/p1792-Akidau.pdf

Tools

TensorFlow and Kaggle

Leave a comment Posted by on April 17, 2016

Screen Shot 2016-04-17 at 12.02.46 AM

Screen Shot 2016-04-17 at 12.04.35 AM

Tools

TensorFlow explained

Leave a comment Posted by on April 12, 2016

https://github.com/bigsnarfdude/TensorFlow-Examples

http://playground.tensorflow.org/#activation=sigmoid&regularization=L1&batchSize=30&dataset=xor&regDataset=reg-plane&learningRate=0.03&regularizationRate=0.001&noise=30&networkShape=8,4&seed=0.87276&showTestData=true&discretize=false&percTrainData=30&x=true&y=true&xTimesY=false&xSquared=false&ySquared=false&cosX=false&sinX=false&cosY=false&sinY=false&collectStats=false&problem=classification

averages

 

Screen Shot 2016-04-12 at 11.35.43 AMScreen Shot 2016-04-12 at 8.06.47 AM

Tools

Anomaly detection with Bayesian networks

Leave a comment Posted by on April 10, 2016

Anomaly detection, also known as outlier detection, is the process of identifying data which is unusual. I have been using basic python Markov Chains or more complex python MCMC.

https://www.quantstart.com/articles/Markov-Chain-Monte-Carlo-for-Bayesian-Inference-The-Metropolis-Algorithm

Anomaly detection can also be used to detect unusual time series. Bayesian networks are well suited for anomaly detection, because they can handle high dimensional data, which humans find difficult to interpret.

One typical way we can use data visualizations to identify some anomalies and these are clearly visible by plotting individual variables. More often anomalies are far more subtle, and are based on the interaction of many variables.

detect

Screen Shot 2016-04-10 at 9.12.48 AMScreen Shot 2016-04-10 at 9.07.25 AM

Here is a nice notebook on python mcmc:

I haven’t read the previous blog post on FFT. There are lots of time series analysis.

An interesting method for detection of patterns is using “Shape Search”:

Screen Shot 2016-04-10 at 8.58.20 AM

 

But I think there are interesting things using signal processing as well for AD like Median Filter.

http://docs.scipy.org/doc/scipy-0.16.0/reference/generated/scipy.ndimage.filters.median_filter.html

https://github.com/bugra/pydata-sv-2014

http://probcomp.csail.mit.edu/bayesdb/satellites-notebook.html

Tools