The power of intelligent flows: real time IoT botnet classification with NiFi

The power of intelligent flows: real time IoT botnet classification with NiFi

Wednesday, June 20
2:50 PM - 3:30 PM
Meeting Room 230C

The last five years have been marked by an explosion of Internet-connected devices. From cars to solar power, from TVs to juice makers, modern life is filled with interconnected smart devices. But while those ubiquitous devices enhance the interaction with the technology that surrounds us, the lifecycle management of IoT firmware and poor security design choices also present a significant threat to our daily lives.

Despite the ascent of threats like the Mirai botnet, the amount of published research around how to programmatically detect new IoTs in the wild has been somewhat limited.

In this presentation we introduce data engineering in the context of cyber security, discuss why it is important to move away from the view that security log pipelines are enrichment and indicator matching tools and push the boundaries of “simple event processing” to demonstrate how Apache NiFi and Apache MiNiFi’s feature-rich data flows can be used to dynamically identify new IoT botnet activities in the wild.


Andy LoPresto
Sr. Member of Technical Staff
Andy LoPresto is a Sr. Member of Technical Staff at Hortonworks working on the Hortonworks DataFlow team. In this role he serves as both a Committer and Project Management Committee Member for Apache NiFi, an open source, robust, secure data routing and delivery system. Andy focuses on security concerns within NiFi including identity management, TLS negotiation, data protection, access control, encryption and hashing. Andy is also involved with the sub-project, Apache MiNiFi, which drives edge data collection, including secure command and control and immediate data provenance and governance. He has presented about NiFi at DataWorks Summits in Singapore, Tokyo, Melbourne, Berlin, Sydney, and San Jose, FOSDEM '17 in Brussels, and the OpenIoT Summit 2017.