Design of Indonesia Malware Attack Monitoring Center - Charles Lim

•

0 j'aime•864 vues

This document summarizes Charles Lim's presentation on the design of a malware attack monitoring system for Indonesia. It proposes a distributed honeynet sensor system with sensors placed around Indonesia to monitor actual malware attacks. The data would be sent to a National Monitoring Center to analyze malware threats. Setting up a monitoring system could help Indonesia gain knowledge of malware behaviors and better protect its networks.

Technologie Business

Design of Indonesia Malware Attack
g
Monitorin Center
ng

7th Ma 2012
ay
Indonesia Security Conference 2012
y
Markassar Indonesia
r,

Charles Lim, Msc., ECSA ECSP, ECIH, CEH, CEI
A,
Indonesia Honeynet Project Chapter Lead

AGEN
NDA

Problem Statement
Honeynet – capturin autonomous
ng
spreading malware
Distributed Honeynet Sensors
System Architecture
e
National Monitoring Center
g
Conclusion and Rec
commendation

2

Problem S
Statement
IDSIRTII has experime t d with h
h i ented ith honeypot
t
using nepenthes and ddionaea

Swiss German Univers sity, independently, has
also experimented hon neypot using nepenthes
and dionaea for at leas 2 years
st

No existing grand des
sign to place sensors
around Indonesia and monitor actual malware
attacks around Indone
esia

3

Hone
eynet
Honeynet is a collectio of honeypots
on

“Is a decoy that is use to lured malware or
ed
attacker (hacker).”
(hacker) ”

“It is a computer that h
have no production
value, so if it is compr
romised or destroyed
should not affect the aactivities of the
companies.”
p

4

Honeypot Based on Interaction
d

Two kinds of honeypo :
ot

Low Interaction Honeypo
ot

High Interaction Honeyp
pot

5

Low Interactio Honeypot
on

Do not implements actual service
Disguise as a real s
system
Good for finding known attack and
g
expected behavior
Usually automated
Lower cost needed
Example : Nepenthe Amun, Dionaea
es,

6

High Interaction Honeypot

It is a “real” system usually with
m
different configuration than the real
g
system.
Riskier than Low-Interacti it d e to
Lo Interactivity due
“Allow all” configur
ration
Difficult to maintain and manually
n
configure
Higher cost needed
Example : Physical HIH, Virtual HIH

7

Table of Co
omparison

Low-inte
eraction High-interaction

Degree of interaction Lo
ow High

Real operating system No
N Yes

Risk Lo
ow High

Knowledge gain Connectio
on/Request Everything

Can be conquered No
N Yes

Maintenance time Lo
ow High

8

Distributed Hon
neynet Sensors

Indonesia Honeynet
Malwar Repository
re

13

National Monitoring Center
Design for National Mo
onitoring Center for
Malware Attack proposal is work in progress

KEMKOMINFO has committed to the work and
the first pilot will invol about 10 nodes
lve
within this year in diffeerent cities in Indonesia

National Conference
1st Academy CERT on Malware Research
http://www.sgu.ac.id/aca
ademy cert meeting
ademy-cert-meeting
2nd Academy CSIRT on Malware Lab Setup
n
http://www.slideshare.net/ h l li /
htt // lid h et/charles.lim/workshop-on-
k h
setting-up-malware-lab
3rd A d
d Academy CSIRT on M l
n Malware Reporting
R ti
To be held on 30th May t 2nd June 2012,
to
http://csirt.itmaranatha.o
org/event/201205/

International Conference
SecureAsia 2011, Jaka
arta, Indonesia
http://www.informationse
ecurityasia.com/2011/confere
nce/agenda.html
FIRST 2012 Conferenc Bali, Indonesia
ce,
http://event.idsirtii.or.id/w
wp-
content/uploads/2011/10 0/FIRST-TC-PROGRAMS-
LATEST-UPDATE1.pdf

Contenu connexe

En vedette

Turning tl mr 3020 into automate wireless attacker

idsecconf

Analisa kejahatan menggunakan jaringan gsm

idsecconf

Spying The Wire

Don Anto

Doan P. Sinaga, Alex F. Manihuruk, Kevin G.A.T. Pardosi - Securing SCADA Syst...

idsecconf

Hollywood style decryption

idsecconf

Secure Data Center on Cloud Environment, Case Study on GamaBox Cloud Infrastr...

idsecconf

Atmosphere: Secure Messaging for interception protection - Girindro Pringgo D...

idsecconf

Various way of protecting your cloud server port - Abdullah

idsecconf

IPv6 Fundamentals & Securities

Don Anto

Mobile security-an-introduction - za

idsecconf

Distributed Cracking

Don Anto

BGP Vulnerability

Don Anto

Linux kernel-rootkit-dev - Wonokaerun

idsecconf

Penetration Tool Berbasis Sistem Terdistribusi untuk Analisa Vulnerability Pa...

idsecconf

Riko Rahmada - Sertifikat dan Tanda Tangan Digital Indonesia

idsecconf

Danang Jaya, Query Adika Rezylana - Steganografi DCT dengan Memanfaatkan Apli...

idsecconf

Network & Computer Forensic

Don Anto

Code review and security audit in private cloud - Arief Karfianto

idsecconf

Web & Wireless Hacking

Don Anto

Pendekatan secure by design pada cluster resource allocation untuk pusat data

idsecconf

En vedette (20)

Turning tl mr 3020 into automate wireless attacker

Analisa kejahatan menggunakan jaringan gsm

Spying The Wire

Doan P. Sinaga, Alex F. Manihuruk, Kevin G.A.T. Pardosi - Securing SCADA Syst...

Hollywood style decryption

Secure Data Center on Cloud Environment, Case Study on GamaBox Cloud Infrastr...

Atmosphere: Secure Messaging for interception protection - Girindro Pringgo D...

Various way of protecting your cloud server port - Abdullah

IPv6 Fundamentals & Securities

Mobile security-an-introduction - za

Distributed Cracking

BGP Vulnerability

Linux kernel-rootkit-dev - Wonokaerun

Penetration Tool Berbasis Sistem Terdistribusi untuk Analisa Vulnerability Pa...

Riko Rahmada - Sertifikat dan Tanda Tangan Digital Indonesia

Danang Jaya, Query Adika Rezylana - Steganografi DCT dengan Memanfaatkan Apli...

Network & Computer Forensic

Code review and security audit in private cloud - Arief Karfianto

Web & Wireless Hacking

Pendekatan secure by design pada cluster resource allocation untuk pusat data

Similaire à Design of Indonesia Malware Attack Monitoring Center - Charles Lim

Honeypot ppt1

samrat saurabh

Honeypots

Gaurav Gupta

Honeypot

Shashwat Shriparv

Introduction to Honeypots

Emil Tan

Teensy Programming for Everyone

Nikhil Mittal

HoneyPots.pptx

AshishSutar11

Honeypots.ppt1800363876

Momita Sharma

Honey pots

Alok Singh

Honeypots

Bilal ZIANE

Workshop on Setting up Malware Lab

Charles Lim

"Honeypot 101" Computing Society, Royal Holloway, University of London March, 2015 Abstract: How many times have you come across the term “honeypot” in your lectures and textbooks, or security talks? How much do you know about them? Is “honeypot” a security tool or concept? In this presentation, I’ll walk you through the basics of honeypots, discuss its applications, and demonstrate some honeypots used by researchers.

Honeypot 101 (slide share)

Emil Tan

Day by day the internet is becoming an essential part of everyone’s life. In India from 2015 – 2020, there is an increase in internet users by 400 million users. As technology and innovation are increasing rapidly. Security is a key point to keep things in order. Security and privacy are the biggest concern in the world let it is in any field or domain. There is no big difference in cyber security the security is the biggest concern worrying about attacks which could happen anytime. So, in this paper, we are going to talk about honeypot comprehensively. The aim is to track hacker to analyze and understand hacker attacker behavior to create a secure system which is sustainable and efficient. Anoop V Kanavi | Feon Jaison "Honeypot Methods and Applications" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-1 , December 2020, URL: https://www.ijtsrd.com/papers/ijtsrd38045.pdf Paper URL : https://www.ijtsrd.com/computer-science/computer-security/38045/honeypot-methods-and-applications/anoop-v-kanavi

Honeypot Methods and Applications

ijtsrd

Alexandros Papanikolaou PROmis

Ignite_Athens

Honeypot- An Overview

IRJET Journal

All about Honeypots & Honeynets

Mehdi Poustchi Amin

Honeypots

Jyoti Nagargoje

Honeypot-A Brief Overview

SILPI ROSAN

Lecture 7

Education

Tushar mandal.honeypot

tushar mandal

Combating Advanced Persistent Threats with Flow-based Security Monitoring

Lancope, Inc.

Similaire à Design of Indonesia Malware Attack Monitoring Center - Charles Lim (20)

Honeypot ppt1

Honeypots

Honeypot

Introduction to Honeypots

Teensy Programming for Everyone

HoneyPots.pptx

Honeypots.ppt1800363876

Honey pots

Honeypots

Workshop on Setting up Malware Lab

Honeypot 101 (slide share)

Honeypot Methods and Applications

Alexandros Papanikolaou PROmis

Honeypot- An Overview

All about Honeypots & Honeynets

Honeypots

Honeypot-A Brief Overview

Lecture 7

Tushar mandal.honeypot

Combating Advanced Persistent Threats with Flow-based Security Monitoring

Plus de idsecconf

Cloud Managed Router merupakan hasil dari kombinasi antara perangkat router konvensional dengan teknologi cloud management, yang dikembangkan agar memudahkan pengguna untuk dapat mengatur perangkat router dari jarak jauh. Namun tentu saja dengan penerapan yang kurang tepat, maka hal ini bisa dimanfaatkan oleh orang yang tidak bertanggung jawab, bahkan dapat beresiko akses perangkat router diambil alih. Pada topik ini saya akan sedikit menceritakan bagaimana resiko tersebut bisa terjadi.

idsecconf2023 - Mochammad Riyan Firmansyah - Takeover Cloud Managed Router vi...

idsecconf

Kesiapan infrastruktur terkadang menjadi kendala dalam melaksanakan red team exercise secara internal. Guna memperoleh hasil yang optimal terdapat beberapa strong points yang perlu diadopsi dalam pengembangan infrastruktur yakni rapid deployment, stealth, dan scalability. Melalui Infrastructure as code (IaC) yang dapat mendukung proses automation infrastruktur red team, operator dapat mereduksi waktu deployment dengan komponen yang bersifat disposable per engagement. Infrastruktur terbagi menjadi 4 segmen yakni segmen network memanfaatkan WireGuard yang disederhanakan melalui Headscale “Zero Config”. Segmen C2 dan Segmen Phishing merupakan core sections. Segmen SIEM bertujuan mengagregasi dan memproses log dari berbagai komponen seperti reverse proxy pada redirector ataupun C2 server. Manajemen multi-cloud environment memanfaatkan Terraform dengan provisioning yang di-handle menggunakan Ansible. Python sebagai wrapper kedua platform sehingga penggunaan tetap sederhana. Operator dapat secara fleksibel mendeskripsikan segmen yang hendak di deploy melalui sebuah YAML file.

idsecconf2023 - Neil Armstrong - Leveraging IaC for Stealthy Infrastructure A...

idsecconf

Dalam dunia keamanan siber, sinergi antara berbagai proses memiliki peran yang sangat penting. Salah satu proses atau framework yang tengah menjadi sorotan dan menarik perhatian luas adalah Detection Engineering. Proses Detection Engineering ini bertujuan untuk meningkatkan struktur dan pengorganisasian dalam pembuatan detection use case atau rules di Security Operation Center (SOC). Detection Engineering bisa dikatakan masih baru dalam dunia keamanan siber, sehingga terdapat banyak peluang untuk membuat keseluruhan prosesnya menjadi lebih baik. Salah satu hal yang masih terlupakan adalah integrasi antara proses Detection Engineering dan Threat Modeling. Biasanya, Threat Modeling lebih berfokus pada solusi pencegahan dan mitigasi resiko secara langsung dan melupakanan komponen deteksi ketika pencegahan dan mitigasi tersebut gagal dalam menjalankan fungsinya. Dalam makalah ini, kami memperkenalkan paradigma baru dengan mengintegrasikan Detection Engineering ke dalam proses Threat Modeling. Pendekatan ini menjadikan Detection sebagai langkah proaktif tambahan, yang dapat menjadi lapisan pertahanan ekstra ketika kontrol pencegahan dan mitigasi akhirnya gagal dalam menghadapi ancaman sesungguhnya.

idsecconf2023 - Mangatas Tondang, Wahyu Nuryanto - Penerapan Model Detection ...

idsecconf

Smart doorbell atau bel pintar telah menjadi populer dalam sistem keamanan rumah pintar. Namun, banyak dari perangkat ini masih menggunakan protokol yang tidak aman untuk berkomunikasi, protokol yang rentan terhadap serangan keamanan seperti jamming, sniffing dan replay attack. Penelitian ini bertujuan untuk menganalisis kelemahan penggunaan protokol komunikasi pada smart doorbell, serta menginvestigasi potensi pemanfaatan Software Defined Radio (SDR) dan modul arduino dalam mengamati komunikasi gelombang elektronik pada frekuensi 433 MHz. Selain itu penelitian ini ditujukan untuk mengidentifikasi potensi risiko yang dihadapi oleh pengguna pengkat IoT, serta memberikan pandangan tentang perlindungan yang lebih baik.

idsecconf2023 - Rama Tri Nanda - Hacking Smart Doorbell.pdf

idsecconf

Modern organizations are facing the severe challenge of effectively countering threats and mitigating Indicators of Compromise (IOCs) within their network environments. The increasing complexity and volume of cyber threats has highlighted the urgency of building robust mechanisms to block specific IOCs independently. While some organizations have adopted Endpoint Detection and Response (EDR) systems, these solutions often have limitations and require manual processes to collect and examine IOCs from multiple sources. These operational barriers prevent organizations from achieving a proactive and efficient defense posture, an obstacle that is particularly important due to the critical role that IOC blocking plays in containing the spread of threats and limiting potential damage. Hence, the need for a solution that orchestrates automated IOC blocking, utilizing tools such as AlienVault Open Threat Exchange (OTX), VirusTotal, CrowdStrike, and Slack. In this presentation, we examine the importance of automated IOC blocking and its potential to strengthen network security, while highlighting the critical role that these tools play in mitigating evolving cyber threats.

idsecconf2023 - Akshantula Neha, Mohammad Febri Ramadlan - Cyber Harmony Auto...

idsecconf

idsecconf2023 - Aan Wahyu - Hide n seek with android app protections and beat...

idsecconf

idsecconf2023 - Satria Ady Pradana - Launch into the Stratus-phere Adversary ...

idsecconf

Semakin berkembangnya teknologi di aplikasi Desktop terdapat celah keamanan yang dapat menyebabkan dampak langsung atau tidak langsung pada kerahasiaan, Integritas Data yang di bangun menggunakan Framework dari Electron khusus nya aplikasi Desktop di Sistem Operasi MAC. Dalam materi yang di persentasikan akan membahas celah keamanan Security Misconfiguration,RCE,Code Injection, Bypass File Quarantine dan juga bagaiman cara intercept Aplikasi Electron Desktop di system operasi macOS

Ali - The Journey-Hack Electron App Desktop (MacOS).pdf

idsecconf

Amazon Web Service (AWS) menjadi pemain besar dalam industri provider cloud, AWS menawarkan berbagai macam layanan yang mempermudah pengguna untuk operasional dan manajemen administrasi cloud computing. Dengan banyaknya layanan yang disediakan oleh Amazon Web Service membuat pengguna lupa akan keamanan dari service yang digunakan, karena bukan hanya Simple Storage Service (S3) saja yang bisa secara tidak sengaja mengekspos data sentitif seperti kredensial Database, SSH Private Key, Source code aplikasi atau bahkan data pribadi lain yang bersifat rahasia. Terdapat banyak service yang secara tidak sengaja terekspos ke public seperti EBS Snapshot, RDS Snapshot, SSM Document, SNS topic dan sebagainya. Malicious Actor bisa memanfaatkan Public shared atau exposed untuk melakukan Initial Access ke lingkungan Amazon Web Service pengguna lalu melakukan eksfiltrasi data internal yang rahasia.

Muh. Fani Akbar - Infiltrate Into Your AWS Cloud Environment Through Public E...

idsecconf

Near Field Communication (NFC) saat ini adalah teknologi yang umumnya di gunakan untuk media pembayaran serta akses kontrol untuk keamanan ruangan dan gedung. Tidak terbatas untuk hal itu saja, teknologi NFC juga kerap di implementasikan untuk perangkat IoT. Beberapa perangkat menggunakan NFC tag untuk menyimpan informasi guna sinkronisasi dengan perangkat smartphone. Penggunaan teknologi NFC awalnya dianggap aman karna mengharuskan alat baca dengan tag berada dalam poisisi yang sangat dekat. Sehingga dianggap sulit untuk melakukan penyadapan informasinya. Seiring waktu banyak penilitian mengungkapkan bahwa komunikasi ISO 1443-3 ini bisa di intip dan di terjemahkan ke dalam bentuk perintah serta respon aslinya. Proxmark3 adalah salah satu alat yang dikembangkan untuk keperluan tersebut. Namun ada kondisi dimana perangkat proxmark tidak dapat di fungsikan maksimal lantaran berkurangnya sensititifitas pembaca dan tag ketika ada objek berada diantara keduanya. Di paper ini saya ingin menyajikan hasil penelitian saya tentang penggunaan Dynamic Instrumentation Frida untuk memantau penggunaan modul java nfc dalam platform Android dan menggunakannya untuk melakukan lockpicking pada gembok pintar berbasis NFC.

Rama Tri Nanda - NFC Hacking Hacking NFC Reverse Power Supply Padlock.pdf

idsecconf

This paper is a documentation of proposed security management for Electronic Health Records which includes security planning and policy, security program, risk management, and protection mechanism. Planning and policy are developed to provide a basic principle of security management at a hospital. The security program in this document includes Risk-Adaptable Access Control (RAdAC) and the implementation of security education, training and awareness (SETA). Regarding risk management, we perform risk identification, inventory of assets, information assets classification, and information assets value assessment, threat identification, and vulnerability assessment. For protection mechanism, we propose biometrics and signature as the authentication methods. The use of firewalls, intrusion detection system and encrypted data transmission is also suggested for securing data, application and network.

Arief Karfianto - Proposed Security Model for Protecting Patients Data in Ele...

idsecconf

Nosa Shandy - Clickjacking That Worthy-Google Bug Hunting Story.pdf

idsecconf

Pelanggaran privasi merupakan suatu hal yang sering ditemui dewasa ini. Salah satu penyebab pelanggaran privasi adalah adanya data privat milik pengguna yang dikirimkan pada server milik aplikasi tanpa seizin pengguna atau adanya pengumpulan data tertentu tanpa izin. Pada penelitian ini, kami menganalisis aplikasi-aplikasi yang didapatkan dari Google Play Store Indonesia untuk dicari apakah ada data privat milik pengguna yang dilanggar privasinya. Penelitian ini menggunakan tiga jenis metode yang utamanya berbasis static analysis; pendekatan reverse-engineering dengan static analysis untuk melihat apakah ada data yang berpotensi mengganggu privasi pengguna, analisis perizinan dan tracker yang dimiliki oleh aplikasi untuk melihat apakah perizinan dan tracker yang dimiliki oleh aplikasi memang tepat sesuai dengan use-case dari aplikasi tersebut, dan analisis regulasi data dengan mengambil data mengenai keamanan data yang diberikan developer ke Google Play Store. Hasil studi menunjukkan bahwa ada beberapa aplikasi yang memang mengambil data privat pengguna yang tidak relevan dengan use-case aplikasi dan mengirimnya ke server milik aplikasi dan pihak ketiga

Baskoro Adi Pratomo - Evaluasi Perlindungan Privasi Pengguna pada Aplikasi-Ap...

idsecconf

Cloud service is often part of broader strategic initiatives, principally digital transformation (DX) and cloud-first. Despite the continued rapid adoption of cloud services, security remains a crucial issue for cloud users. A majority of organizations confirm they are at least moderately concerned about cloud security. However, there is still a gap between using the cloud and the implementation of cloud security by organizations, so retains the rate of cloud crime high. Eliminating or narrowing the gap is necessary so that organizations can continue to take advantage of the cloud securely. Understanding cloud crime would aid in both cloud crime prevention and protection. The purpose of this presentation is to identify how cloud security incidents can occur from both attacker and victim sides. Organizations can use this presentation's results as a reference to develop or improve cloud security programs and eliminate or narrow the gap between cloud utilization and cloud security implementation.

Utian Ayuba - Profiling The Cloud Crime.pdf

idsecconf

Organization using Adversary Emulation plan to develop an attack emulation and/or simulation and execute it against enterprise infrastructure. These activities leverage real-world attacks and TTPs by Threat Actor, so you can identify and finding the gaps in your defense before the real adversary attacking your infrastructure. Adversary Emulation also help security team to get more visibility into their environment. Performing Adversary Emulation continuously to strengthen and improve your defense over the time.

Proactive cyber defence through adversary emulation for improving your securi...

idsecconf

Perkembangan infrastruktur kunci publik di indonesia - Andika Triwidada

idsecconf

React Native merupakan framework yang digunakan untuk membuat aplikasi mobile baik itu Android maupun IOS (multi platform). Framework ini memungkinkan developer untuk membuat aplikasi untuk berbagai platform dengan menggunakan basis kode yang sama, yaitu JavaScript. Dikarenakan aplikasi ini berbasis JavaScript (client side), banyak developer yang tidak memperhatikan celah keamanan pada aplikasi. Terdapat berbagai macam celah keamanan meliputi client side dan server side. Presentasi ini memuat pengalaman saya dalam menemukan celah keamanan pada saat melakukan Penetration Testing pada aplikasi mobile berbasis React Native

Pentesting react native application for fun and profit - Abdullah

idsecconf

Pandemi covid-19 melonjak pada gelombang ke-2 di. Untuk mengantisipasi itu pemerintah membagikan oximeter ke puskesmas. Oximeter yang ada dipasaran mengharuskan tenaga kesehatan untuk kontak langsung dengan pasien. Dengan menggunakan Hacked Oxymeter ini dapat mengurangi intensitas bertemu dengan pasien dan mengurangi resiko terpapar covid-19. Secara metodologi, hacking oximeter ini membaca output komunikasi serial pada alat oximeter untuk kemudian diolah oleh mikrokontroler dan dikirim ke MQTT broker untuk diteruskan ke klien yang membutuhkan. Alat ini digunakan oleh pasien yang sedang isoman di hotel, fasilitas Kesehatan atau rumah sakit darurat/lapangan

Hacking oximeter untuk membantu pasien covid19 di indonesia - Ryan fabella

idsecconf

Eksploitasi kerentanan pada hypervisor semakin banyak diperbincangkan di beberapa tahun ini, dimulai dari kompetisi hacking Pwn2Own pada 2017 yang mengadakan kategori Virtual Machine dalam ajang lombanya, dan juga teknologi-teknologi terkini yang banyak menggunakan hypervisor seperti Cloud Computing, Malware Detection, dll. Hal tersebut menjadi ketertarikan bagi sebagian hacker, security researcher untuk mencari kelemahan dan mengeksploitasi hypervisor. Tulisan ini menjelaskan mengenai proses Vulnerability Research dan VM Escape exploitation pada VirtualBox.

Vm escape: case study virtualbox bug hunting and exploitation - Muhammad Alif...

idsecconf

Proses DevSecOps saat ini banyak digunakan dikalangan industri yang membutuhkan kecepatan baik dalam pengembangan maupun implementasi. Setiap tahapan pada pipeline DevSecOps merupakan tahapan yang harus diperhatikan dan masuk kedalam pantauan SOC (Security Operation Center). Untuk itu diperlukan kemampuan SOC untuk bisa memantau setiap pipeline DevSecOps sehingga dapat memberikan gambaran kondisi keamanan pada organisasi

Devsecops: membangun kemampuan soc di dalam devsecops pipeline - Dedi Dwianto

idsecconf

Plus de idsecconf (20)

idsecconf2023 - Mochammad Riyan Firmansyah - Takeover Cloud Managed Router vi...

idsecconf2023 - Neil Armstrong - Leveraging IaC for Stealthy Infrastructure A...

idsecconf2023 - Mangatas Tondang, Wahyu Nuryanto - Penerapan Model Detection ...

idsecconf2023 - Rama Tri Nanda - Hacking Smart Doorbell.pdf

idsecconf2023 - Akshantula Neha, Mohammad Febri Ramadlan - Cyber Harmony Auto...

idsecconf2023 - Aan Wahyu - Hide n seek with android app protections and beat...

idsecconf2023 - Satria Ady Pradana - Launch into the Stratus-phere Adversary ...

Ali - The Journey-Hack Electron App Desktop (MacOS).pdf

Muh. Fani Akbar - Infiltrate Into Your AWS Cloud Environment Through Public E...

Rama Tri Nanda - NFC Hacking Hacking NFC Reverse Power Supply Padlock.pdf

Arief Karfianto - Proposed Security Model for Protecting Patients Data in Ele...

Nosa Shandy - Clickjacking That Worthy-Google Bug Hunting Story.pdf

Baskoro Adi Pratomo - Evaluasi Perlindungan Privasi Pengguna pada Aplikasi-Ap...

Utian Ayuba - Profiling The Cloud Crime.pdf

Proactive cyber defence through adversary emulation for improving your securi...

Perkembangan infrastruktur kunci publik di indonesia - Andika Triwidada

Pentesting react native application for fun and profit - Abdullah

Hacking oximeter untuk membantu pasien covid19 di indonesia - Ryan fabella

Vm escape: case study virtualbox bug hunting and exploitation - Muhammad Alif...

Devsecops: membangun kemampuan soc di dalam devsecops pipeline - Dedi Dwianto

Dernier

Retrieval augmented generation (RAG) is the most popular style of large language model application to emerge from 2023. The most basic style of RAG works by vectorizing your data and injecting it into a vector database like Milvus for retrieval to augment the text output generated by an LLM. This is just the beginning. One of the ways that we can extend RAG, and extend AI, is through multilingual use cases. Typical RAG is done in English using embedding models that are trained in English. In this talk, we’ll explore how RAG could work in languages other than English. We’ll explore French, Chinese, and Polish.

Introduction to Multilingual Retrieval Augmented Generation (RAG)

Zilliz

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the deployment of external web forms using Jotform for Bonterra Impact Management. This solution can be customized to your organization’s needs and deployed to support the common use cases below: - Intake and consent - Assessments - Surveys - Applications - Program registration Interested in deploying web form automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Jeffrey Haguewood

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

MadyBayot

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

Passkeys: Developing APIs to enable passwordless authentication Cody Salas, Sr Developer Advocate | Solutions Architect - Yubico Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

apidays

Exploring Multimodal Embeddings with Milvus

Zilliz

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

Architecting Cloud Native Applications

WSO2

Six Myths about Ontologies: The Basics of Formal Ontology

johnbeverley2021

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

MINDCTI Revenue Release Quarter One 2024

MIND CTI

Dubai, often portrayed as a shimmering oasis in the desert, faces its own set of challenges, including the occasional threat of flooding. Despite its reputation for opulence and modernity, the emirate is not immune to the forces of nature. In recent years, Dubai has experienced sporadic but significant floods, testing the resilience of its infrastructure and communities. Among the critical lifelines in this bustling metropolis is the Dubai International Airport, a bustling hub that connects the city to the world. This article explores the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Orbitshub

Keynote 2: APIs in 2030: The Risk of Technological Sleepwalk Paolo Malinverno, Growth Advisor - The Business of Technology Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

apidays

Corporate and higher education. Two industries that, in the past, have had a clear divide with very little crossover. The difference in goals, learning styles and objectives paved the way for differing learning technologies platforms to evolve. Now, those stark lines are blurring as both sides are discovering they have content that’s relevant to the other. Join Tammy Rutherford as she walks through the pros and cons of corporate and higher ed collaborating. And the challenges of these different technology platforms working together for a brighter future.

Corporate and higher education May webinar.pptx

Rustici Software

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

panagenda

In this keynote, Asanka Abeysinghe, CTO,WSO2 will explore the shift towards platformless technology ecosystems and their importance in driving digital adaptability and innovation. We will discuss strategies for leveraging decentralized architectures and integrating diverse technologies, with a focus on building resilient, flexible, and future-ready IT infrastructures. We will also highlight WSO2's roadmap, emphasizing our commitment to supporting this transformative journey with our evolving product suite.

Platformless Horizons for Digital Adaptability

WSO2

The Good, the Bad and the Governed - Why is governance a dirty word? David O'Neill, Chief Operating Officer - APIContext Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

apidays

AWS Community Day CPH - Three problems of Terraform

Andrey Devyatkin

Dernier (20)

Introduction to Multilingual Retrieval Augmented Generation (RAG)

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

Apidays New York 2024 - The value of a flexible API Management solution for O...

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Exploring Multimodal Embeddings with Milvus

Strategies for Landing an Oracle DBA Job as a Fresher

Architecting Cloud Native Applications

Six Myths about Ontologies: The Basics of Formal Ontology

How to Troubleshoot Apps for the Modern Connected Worker

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

MINDCTI Revenue Release Quarter One 2024

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

Corporate and higher education May webinar.pptx

Why Teams call analytics are critical to your entire business

Platformless Horizons for Digital Adaptability

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

AWS Community Day CPH - Three problems of Terraform

Design of Indonesia Malware Attack Monitoring Center - Charles Lim

1. Design of Indonesia Malware Attack g Monitorin Center ng 7th Ma 2012 ay Indonesia Security Conference 2012 y Markassar Indonesia r, Charles Lim, Msc., ECSA ECSP, ECIH, CEH, CEI A, Indonesia Honeynet Project Chapter Lead

2. AGEN NDA Problem Statement Honeynet – capturin autonomous ng spreading malware Distributed Honeynet Sensors System Architecture e National Monitoring Center g Conclusion and Rec commendation 2

3. Problem S Statement IDSIRTII has experime t d with h h i ented ith honeypot t using nepenthes and ddionaea Swiss German Univers sity, independently, has also experimented hon neypot using nepenthes and dionaea for at leas 2 years st No existing grand des sign to place sensors around Indonesia and monitor actual malware attacks around Indone esia 3

4. Hone eynet Honeynet is a collectio of honeypots on “Is a decoy that is use to lured malware or ed attacker (hacker).” (hacker) ” “It is a computer that h have no production value, so if it is compr romised or destroyed should not affect the aactivities of the companies.” p 4

5. Honeypot Based on Interaction d Two kinds of honeypo : ot Low Interaction Honeypo ot High Interaction Honeyp pot 5

6. Low Interactio Honeypot on Do not implements actual service Disguise as a real s system Good for finding known attack and g expected behavior Usually automated Lower cost needed Example : Nepenthe Amun, Dionaea es, 6

7. High Interaction Honeypot It is a “real” system usually with m different configuration than the real g system. Riskier than Low-Interacti it d e to Lo Interactivity due “Allow all” configur ration Difficult to maintain and manually n configure Higher cost needed Example : Physical HIH, Virtual HIH 7

8. Table of Co omparison Low-inte eraction High-interaction Degree of interaction Lo ow High Real operating system No N Yes Risk Lo ow High Knowledge gain Connectio on/Request Everything Can be conquered No N Yes Maintenance time Lo ow High 8

9. SGU Honeynet Project y 9

10. SGU Honeynet Report y 10

11. SGU Honeynet Report y 11

12. SGU Honeynet Report y 12

13. Distributed Hon neynet Sensors Indonesia Honeynet Malwar Repository re 13

14. System Ar rchitecture In Progress

15. National Monitoring Center Design for National Mo onitoring Center for Malware Attack proposal is work in progress KEMKOMINFO has committed to the work and the first pilot will invol about 10 nodes lve within this year in diffeerent cities in Indonesia

16. National Conference 1st Academy CERT on Malware Research http://www.sgu.ac.id/aca ademy cert meeting ademy-cert-meeting 2nd Academy CSIRT on Malware Lab Setup n http://www.slideshare.net/ h l li / htt // lid h et/charles.lim/workshop-on- k h setting-up-malware-lab 3rd A d d Academy CSIRT on M l n Malware Reporting R ti To be held on 30th May t 2nd June 2012, to http://csirt.itmaranatha.o org/event/201205/

17. International Conference SecureAsia 2011, Jaka arta, Indonesia http://www.informationse ecurityasia.com/2011/confere nce/agenda.html FIRST 2012 Conferenc Bali, Indonesia ce, http://event.idsirtii.or.id/w wp- content/uploads/2011/10 0/FIRST-TC-PROGRAMS- LATEST-UPDATE1.pdf

18. Thank You Th k Y

19. Questions t 19

Design of Indonesia Malware Attack Monitoring Center - Charles Lim

Recommandé

Recommandé

Contenu connexe

En vedette

En vedette (20)

Similaire à Design of Indonesia Malware Attack Monitoring Center - Charles Lim

Similaire à Design of Indonesia Malware Attack Monitoring Center - Charles Lim (20)

Plus de idsecconf

Plus de idsecconf (20)

Dernier

Dernier (20)

Design of Indonesia Malware Attack Monitoring Center - Charles Lim