Add to collection(s) Add to saved
  1. No category

individual - Day-Con

advertisement 
Badger:
The Networked Security State
Estimation Toolkit
Badger42.org
Intros
Badger42.org
What is the problem?
• Hindsight is 20/20
• Too much data
• If only . . .
Badger42.org
Networked Security State Estimation
• Measurement of the state of security
• Somewhat polarizing
• Take it for what its worth
Badger42.org
What is CPTL?
• An arbiter for core metadata on cyber-physical
systems
• A mechanism to share information in a
human-readable, machine-actionable manner
Badger42.org
Cyber Physical Topology Language
• Disparate sources of data
• Ontologies to facilitiate communication
• Data queries via URL
Badger42.org
Motivation
• Machine actionable semantics
• To facilitate communication
• Consistent data operation
Badger42.org
Observation
Researchers and practitioners – through network
diagrams, documentation and publications – create
domain-specific languages to solve specific problems
Ontology
An ontology is based on four finite sets of signature symbols .
Symbol Sets
Description
Examples
NC
Set of concept names
Switch, Relay, Breaker
NR
Set of role names
hasLine, hasConnection
NI
Set of individual names
SEL-relay-1a
NF
Set of feature names
1,..100 or
“control-center”, “springfield substation”
Ref: Krötzsch, Markus, Ian
Horrocks, and Frantisek
Simancik. A Description Logic
Primer. No. arXiv: 1201.4089.
2012.
Ontology
An ontology is based on four finite sets of signature symbols .
Symbol Sets
Description
Examples
NC
Set of concept names
Switch, Relay, Breaker
NR
Set of role names
hasLine, hasConnection
NI
Set of individual names
SEL-relay-1a
NF
Set of feature names
1,..100 or
“control-center”, “springfield substation”
The axioms of the ontology are defined using the above sets of concept, role, and
individual names.
ABox axioms – properties of individuals
e.g., Relay(SEL-relay-1a)
Ref: Krötzsch, Markus, Ian
Horrocks, and Frantisek
Simancik. A Description Logic
Primer. No. arXiv: 1201.4089.
2012.
Ontology
An ontology is based on four finite sets of signature symbols .
Symbol Sets
Description
Examples
NC
Set of concept names
Switch, Relay, Breaker
NR
Set of role names
hasLine, hasConnection
NI
Set of individual names
SEL-relay-1a
NF
Set of feature names
1,..100 or
“control-center”, “springfield substation”
The axioms of the ontology are defined using the above sets of concept, role, and
individual names.
ABox axioms – properties of individuals
e.g., Relay(SEL-relay-1a)
TBox axioms – relationships between concepts
e.g., DistanceRelay
Relay
Ref: Krötzsch, Markus, Ian
Horrocks, and Frantisek
Simancik. A Description Logic
Primer. No. arXiv: 1201.4089.
2012.
Ontology
An ontology is based on four finite sets of signature symbols .
Symbol Sets
Description
Examples
NC
Set of concept names
Switch, Relay, Breaker
NR
Set of role names
hasLine, hasConnection
NI
Set of individual names
SEL-relay-1a
NF
Set of feature names
1,..100 or
“control-center”, “springfield substation”
The axioms of the ontology are defined using the above sets of concept, role, and
individual names.
ABox axioms – properties of individuals
e.g., Relay(SEL-relay-1a)
TBox axioms – relationships between concepts
e.g., DistanceRelay
Relay
RBox axioms – properties of roles
e.g., hasLine
hasConnection
Ref: Krötzsch, Markus, Ian
Horrocks, and Frantisek
Simancik. A Description Logic
Primer. No. arXiv: 1201.4089.
2012.
Interpretation
The interpretation I maps the elements of the ontology
(concepts, roles and individual names) to the domain of
discourse.
Interpretation
c
c
1
c
c
5
c4
c c c
1 1
c c 1 c1c
4 2
c 3 c1 c
5 1 c
1 c 1
1 c
1
1
1 1
c
c c
9
c
c
o
c
c
o
o
o
o o
7
1
10
50
o 11
o
o
4
o
o 4 oo
4 o
8
o o o
o
10
15
12
13
14 11
13
15
o
o
1
1 1
o
1
1
1
o
o
1
o
1
1
o
1
o
1
o
o
1
o
1
o
1
o
NC – concepts are mapped to vertices; i.e. different icons
NR – roles are mapped to edges; i.e. line width
NI – individual names are mapped to vertices; i.e. different labels
NF – feature names are mapped to vertex attribute(not shown for
brevity)
Interpretation
c
c
1
c
5
c4
c c c
1 1
c c 1 c1c
4 2
c 3 c1 c
5 1 c
1 c 1
1 c
1
1
1 1
9
c
o
c
c
o
1
o
o o
7
10
50
SEL-relay-1a
o 11
o 10
15
o
o 4 o 1213
o 4 o 14
11
4 o
8
13
15
o o
o
o
o
1
Bus o
1
1 1
o
1
o
hasBreakerConnectiono
c
I = ( ∆I, ·I)
c
c c
o
I
c
∆ – vertices in graph
1
o
·I – function mapping all the following:
o concept name (e.g., Bus) to subset of vertices
o role names (e.g., hasBreakerConnection) to subset of edges
o individual names (e.g., SEL-relay-1a) to subset of vertices
o feature names (e.g., onLocation) to vertex attributes (e.g., c,o)
(not shown in this example)
1
1
1
o
1 Bus
o
1
o
o Bus
1
o
1
o
1
o
CPTL Core Ontology
ARPA-E Power Ontology
Badger State Estimation Ontology
urn:cptl:cloud:cloudspace.network
TORSwitch_1
Main
Switch
TORSwitch_2
Blade_1
Blade_3
Blade_2
Badger42.org
Blade_4
Cloud Infrastructure
Provider
(Cloudspace)
urn:cptl:cloud:streampics.network
VM 1 VM 3
VM 2
VM 4 VM 5
VM 6
Cloud Service
Provider
(Streampics)
Badger42.org
urn:cptl:cloud:cloudspace-streampics.network
TORSwitch_1
Main
Switch
TORSwitch_2
Blade_1
VM 1 VM 3 Blade_3
VM 4 VM 5
VM 2
VM 6
Blade_2
Badger42.org
Cloud Service
Provider
(Streampics)
Blade_4
Cloud Infrastructure
Provider
(Cloudspace)
• Red == Bad
• Yellow == Caution
• Green == It’s all good
Badger42.org
Diagram renders in application
CPTL
Construct
Query
Ontology
Browser
Security
Estimator
7
State
Data
1
2
CPTL
Construct
Query
Ontology
3
Badger
Capability
Attribute
Badger
Server
4
5
Data
Baseline
Data
Entropy
Other
6
Process
Data
Browser
8
Node
Security
State
7
State
Data
1
CPTL
URN
Construct
Query
Ontology
2
3
Badger
Server
4
5
Badger
URN
Data
Baseline
Capability
Data
Entropy
(Kerf)
Attribute
Other
6
Process
Data
CPTL-Aware Services
CPTL-Aware Client
states.badger42.org
CytoScape
(Graph Visualization)
flows.badger42.org
CPTL
Data Aggregator
power.cptl-c.org
NMap Scans
Compliance Suite
Augmented Reality/
Mobile App
REQUEST:badger42.org/GETCAPABILITY?source_vertex_attr_type=urn
-cptl-HOST-ipv4
RESPONSE: A list of capabilities formatted as text/json
[{ name: "urn:badger:get_hostip_dest_hostnames", description:
"Given an IPv4 address, get the destination hostnames",
source_vertex_attr_type = "urn-cptl-HOST-ipv4",
target_vertex_attr_type = "urn-cptl-HOST-hostname" },
{ name: "urn:badger:get_host_dest_tldcounts", description: "Given an
IPv4 address, get the top-level domain counts",
source_vertex_attr_type = "urn-cptl-HOST-ipv4",
target_vertex_attr_type = "urn-cptl-HOST-hostname" } ]
Badger42.org
CPTL Browser
REQUEST:badger42.com/service?name=urn:badger:get_host_dest_tld
counts_selected_vertex_attr_values =192.168.1.100,192.168.1.120
RESPONSE: A graph of the following format:
{[ {"id": 1, source1_vertex_attr_type: "urn-cptl-HOST-ipv4"}
{"id": 2, source2_vertex_attr_type: "urn-cptl-HOST-ipv4" {"id": 3,
target_1_vertex_attr_type: "urn-cptl-HOST-tag-tldcount",
target_1_vertex_attr_value: "com,44"}{"id": 4,
target_2_vertex_attr_type: "urn-cptl-HOST-tag-tldcount",
target_2_vertex_attr_value: "com,44"}],
EDGES: [{"source": 1, "target":4}, {"source":2, "target":4}] }
Badger42.org
CPTL Browser
Demo Time
import skills, sys, time, demo
from luck import *
now = time.time()
demo = open(‘badger’ , ‘r’)
for blackhat in demo:
print skills.haxor(daycon)
else:
print ‘WASTED!’
map.network-perception.com
State DATA
Information
BADGER42.ORG
Thanks
Github.com/bigezy/badger
Github.com/ITI/cptl-power
Send your feedback
Related documents
Ontology and Natural Language
Ontology and Natural Language
Metaphysics Question Pool
Metaphysics Question Pool
algemene presentatie Universiteit Utrecht
algemene presentatie Universiteit Utrecht
Manuscript for Jan 25th
Manuscript for Jan 25th
Exercises Knowledge Extraction / Semantic Web
Exercises Knowledge Extraction / Semantic Web
MS4032 – BUSINESS RESEARCH METHODS: ESSAY 1 Tom
MS4032 – BUSINESS RESEARCH METHODS: ESSAY 1 Tom
Aesthetics Spring 2015 Course Description Frank Boardman Our
Aesthetics Spring 2015 Course Description Frank Boardman Our
Download
advertisement