Detecting Security Intrusions

Inspiration

Businesses are hacked every 39 seconds. With this threat, hackers will find new ways to gain access to valuable information. No business is completely protected from hackers but this solution will make it that much harder for hackers.

What it does

The algorithm will learn new patterns of intrusion. With big data tools like spark, we can write an algorithm that can scan and filter through millions of records to find patterns of anomaly that matches the signature of a new potential threat, particularly as the thread will mutate to new patterns to avoid detection. The mutation can happen very quickly or the virus can be programmed to split up and mutate exponentially fast. Not having computational speed and the programming paradigm (parallel processing) to detect virus mutation can cause business to be at the mercy of these attacks. Spark RDDs can be used to monitor each signature for mutation or split. We can use Corticon as a rules engine to help us set rules that govern the thresholds of mutation that business should be alerted on and avoid alerting and flooding business with alerts that are not real and thus saving them time and labor hours. This will highlight the need for Progress Spark Driver as well as Corticon business rules engine.

How I built it

We will download the signature of known viruses, and using machine learning, we can learn the patterns of the virus signature using Spark RDDs for transformation and actions. With RDDs, we can use clustering algorithms to predict how a virus can mutate itself into possible new threats that can avoid detection.

Challenges I ran into

Accomplishments that I'm proud of

What I learned

What's next for Detecting Security Intrusions

Built With

• corticon
• particle