The power of intelligent flows: real time IoT botnet classification with NiFi

The power of intelligent flows: real time IoT botnet classification with NiFi

Thursday, April 19
2:00 PM - 2:40 PM
Convention Hall I - C

The last five years have been marked by an explosion of Internet-connected devices. From cars to solar power, from TVs to juice makers, modern life is filled with interconnected smart devices. But while those ubiquitous devices enhance the interaction with the technology that surrounds us, the lifecycle management of IoT firmware and poor security design choices also present a significant threat to our daily lives.

Despite the ascent of threats like the Mirai botnet, the amount of published research around how to programmatically detect new IoTs in the wild has been somewhat limited.

In this presentation we introduce data engineering in the context of cyber security, discuss why it is important to move away from the view that security log pipelines are enrichment and indicator matching tools, and push the boundaries of “Simple Event Processing” to demonstrate how Apache NiFi and Apache MiNiFi’s feature-rich data flows can be used to dynamically identify new IoT botnet activities in the wild.

Presentation Video

SPEAKERS

Andy LoPresto
Sr. Member of Technical Staff
Hortonworks, Inc
Andy LoPresto is a Sr. Member of Technical Staff at Hortonworks working on the Hortonworks DataFlow team. In this role he serves as both a Committer and Project Management Committee Member for Apache NiFi, an open source, robust, secure data routing and delivery system. Andy focuses on security concerns within NiFi including identity management, TLS negotiation, data protection, access control, encryption and hashing. Andy is also involved with the sub-project, Apache MiNiFi, which drives edge data collection, including secure command and control and immediate data provenance and governance. He has presented about NiFi at DataWorks Summit Berlin 2018, DataWorks Summit Sydney 2017, Hadoop Summit San Jose 2016, FOSDEM '17 in Brussels, and the OpenIoT Summit 2017.
Andre Fucs de Miranda
Independent Consultant
Fluenda
With 20 years of experience on Cyber Security, Andre Fucs de Miranda has spent good part of his life securing systems around the globe. Andre is Apache NiFi PMC Member and an accidental big data user.