Julian Cybersecurity Presentation

Data Science for
Cybersecurity Analysis
Julián Darío Miranda-Calle
DPhi Data Science

Bootcamp
DPhi Data Science
Bootcamp About me
Internal Auditor ISO 27001:2013, Cybersecurity Specialist,
Computer Science Engineer, and Electronics Engineer.
Currently, graduate and undergraduate professor at the
Faculty of Computer Science Engineering.
Scrum Master, developer and researcher in

cryptography, steganography, and steganalysis using
Data Science, Machine Learning and Deep Learning
techniques. Leader and Coach of the teams that will
Julián Darío participate in the XXXIV ACIS/REDIS National
Miranda-Calle Programming Contest 2020.
linkedin.com/in/juliandariomiranda/ 0000-0002-7580-2361
https://www.researchgate.net/profile/Julian_Miranda2
• Cybersecurity challenges DPhi Data Science
01 Introduction •
•
IoT services
Cyberattack practices
Bootcamp
• Key verbs
• DIKW Pyramid
02 Fundamentals •
•
Cyberattacks
CIA Triad
• Key concepts
Data Science
Agenda 03 Applied Data
Science
applications for
cybersecurity
Exploring
04 Use case cybersecurity
attacks
05 Conclusions •
•
Conclusions
Future work
DPhi Data Science Julián Darío Miranda-Calle
Introduction
Bootcamp Cybersecurity Analysis
Cybersecurity challenges
Smart Washers Smart Toilets Smart Bicycle
Smart
Smart Blender Smart Shower Smart Bulb Lamppost
Introduction
Sexting Pharming Phishing
Social Engineering Vishing Smishing

Introduction
Hiring Home
Migrations Cybersecurity Industry

breaches and
challenges
Political Institutions
Financial Public
DPhi Data Science
Bootcamp
Introduction
Cybersecurity/Cybercrime/Cyber…
Big Data, AI, ML, DL, RL, FL & BI
Quantum Computing
Lifi/Zigbee/MQTT/AMQP/CoAP
Cloud Computing, IoT, IIoT & IoE

Bootcamp
Fundamentals Cybersecurity Analysis
Key verbs in cybersecurity
Knowledge
+Context Manage
Information
+Analysis Assure
+Interpretation
+Discussion
Data Protect
Bootcamp
DIKW Pyramid
DIKW (Data, Information, Knowledge, Wisdom) Pyramid

Bootcamp
Information properties
What makes the information so desirable to be accessed

without permission, kidnapped and/or deleted?
Information is …
Critical Sensitive
Information = Competitiveness
Information = Advantage
Valuable Information = Power

Bootcamp
CIA Triad
Ensure that the

information is
available for
access
Ensure that the Ensuring

information is that the
not accessed by senders are Ensure the
unauthorized who they deprivation
personnel say they are in the control
of access to
Ensure that the information
Information has
not been hijacked
during its Ensure monitoring
transmission of the processes for
accessing and
modifying
information
Bootcamp
Anatomy of a cybersecurity attack
01 03 05
Reconnaissance Gaining Access Covering Tracks
Steps taken to 02 Gain access to the 04 Conceal the success to
gather evidence on targets through the Keeping Access avoid detection by
Scanning
the targets to be vulnerabilities security professionals.
attacked. Gather more detected. Ensure the way
technical in-depth back to the target
information on the machines for
targets. further procedures.
Bootcamp
Key concepts in cybersecurity
Any attempt to expose, alter, destroy, steal or gain unauthorized

Cyber attack access of an asset.
Source port Endpoint (between [0, 65535]) to a logical

connection that describes a service.
Logical port
Destination port
Set of rules to allow the transmission of information of two or

Protocol more entities in a system.
IPv4 Address
Numerical label assigned to devices connected
to a network that uses the Internet Protocol. IP Address
IPv6 Address
Bootcamp
Applied Data Science Cybersecurity Analysis
How are data science practices applied in cybersecurity?
Risk assessment Digital Forensics Spam filtering Phishing emails

To search for traces Using NLP techniques Using NLP and
Clustering of to detect language Machine Learning
of file modification
common risks to components in spam techniques to unveil
and information
choose a treatment messages. phishing attempts.
violation
Event correlation
Data science in Network
cybersecurity: applications monitoring
Relation of multiple
Most of the techniques are build on top of Identification of
events to identify
EDA, Regression, Classification, supervised potential
common patterns
and unsupervised learning tasks cyberattacks
DPhi Data Science
Bootcamp Use case Julián Darío Miranda-Calle
Let’s analyze a dataset of real observations of

cybersecurity attacks to reveal some existing patterns
Source code and datasets available here
DPhi Data Science
Bootcamp Conclusions Julián Darío Miranda-Calle
The procedure explained in the use case can be extrapolated for all types of
cybersecurity studies in which cybersecurity attack data records are kept,
which can provide great information on what patterns occur and how to
effectively ensure services and servers
Data science allows to analyze the large volume of data that is generated
daily by IoT devices, industry, servers, home, among other contexts, to
propose new information security policies and countermeasures for
cybersecurity attacks to come.
Bootcamp
Future work Cybersecurity Analysis
Current research
Artificial Intelligence applied to Digital Forensic Analysis:

A preliminary review. J. Miranda, J. Cano. 2019
LSB Steganography Detection in Monochromatic Still

J. Miranda, D. Parada. 2019 Images using ANN.
A study of the state of the art of NLP techniques for

Digital Forensics Analysis. Y. Reddy, J. Miranda. 2020
DL Techniques Applied against Steganalysis of Digital

M. Nabawi, J. Miranda. 2020 Images: A preliminary review.
Detection of LSB steganography in digital still images

using Convolutional Neural Networks. A. García, J. Miranda. 2020
DPhi Data Science
Bootcamp
Thanks!
juliandariomiranda@gmail.com /juliandariomiranda
Julián Darío Miranda
0000-0002-7580-2361 www.researchgate.net/profile/Julian_Miranda2

Julian Cybersecurity Presentation

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Julian Cybersecurity Presentation

Uploaded by

Copyright:

Available Formats

Data Science for

DPhi Data Science

Scrum Master, developer and researcher in

Smart Washers Smart Toilets Smart Bicycle

Sexting Pharming Phishing

Social Engineering Vishing Smishing

Migrations Cybersecurity Industry

Big Data, AI, ML, DL, RL, FL & BI

Cloud Computing, IoT, IIoT & IoE

Key verbs in cybersecurity

DIKW (Data, Information, Knowledge, Wisdom) Pyramid

What makes the information so desirable to be accessed

Valuable Information = Power

Ensure that the

Ensure that the Ensuring

Anatomy of a cybersecurity attack

Key concepts in cybersecurity

Any attempt to expose, alter, destroy, steal or gain unauthorized

Source port Endpoint (between [0, 65535]) to a logical

Set of rules to allow the transmission of information of two or

How are data science practices applied in cybersecurity?

Risk assessment Digital Forensics Spam filtering Phishing emails

Let’s analyze a dataset of real observations of

Artificial Intelligence applied to Digital Forensic Analysis:

LSB Steganography Detection in Monochromatic Still

A study of the state of the art of NLP techniques for

DL Techniques Applied against Steganalysis of Digital

Detection of LSB steganography in digital still images

You might also like