Canada's Communications Security Establishment, Assemblyline →
The CSE has published the sourcecode (via an Atlassian Bitbucket repository) for the organization's malware analytical toolkit. Outstanding. H/T
XKCD, State Word Map →
Another sarcastically superb analytics mapping bit of tomfoolery? No, it's the real deal - well, maybe... via the superlative talent of Randall Munroe at XKCD.
Splunked, The Leak →
via the eponymous Richard Chirgwin, whilst writing at El Reg, comes this unfortunate tale of security flaws within Splunk Enterprise (now, happily patched). First discovered by John Page (aka hyp3rlinx), and published via an advisory at Full Discosure. Here's hyp3rlinxs' source.
For the Record: We have always been pleased with Splunk products, and, most importantly, they are fast and focused when fixing issues.
The takeway? Make an effort to be extraordinarily cognizant of the threats posed by log and machine generated data aggregation in the enterprise. That is all.
Machine-Based Investigation: Fully →
via Motherboard writer Michael Byrne, comes this well-wrought piece on the apparent proliferation of 'bots on Twitter, ie., the implications of algorithm-driven entities on the Twitterverse. The fascinating component to this study by Onur Varol, Emilio Ferrara, Clayton A. Davis, Filippo Menczer and Alessandro Flammini, was the utilization of a machine-learning apparatus (and the feature-sets therein) to tease out the truth. Additional documentation (in the form of the paper) is available on arXIv. Today's MustRead.
"Part of what makes the new research interesting is the sheer number of features used in the classification model..." - Motherboard's Michael Byrne
Fingered →
Relatively new fingerprinting techniques were brought to my attention last week (H/T), that (reportedly) focus on the identification of browser users and utilization across multiple application deployments. Enjoy.
PREDATOR →
PREDATOR – Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration, described in the released paper, details the newly developed capability to predict bad-behavior (in this case criminally bad behavior), with the use of analytics at the time of domain registration. Created by Nick Feamster, Shuang Ho, Alex Kantchelian, Brad Miller and Vern Paxson. Outstanding.
"Princeton professor Nick Feamster and University of California Santa Barbara PhD student Shuang Ho worked with Alex Kantchelian (UC Berkley), Google's Brad Miller and Vern Paxson of the International Computer Science Institute to create PREDATOR – Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration...." "The important numbers are: the researchers say PREDATOR identified 70 per cent of domain registrations that were later abused; and they claim a false positive rate of just 0.35 per cent." - via El Reg's Richard Chirgwin
Surveilled Online, The Super Cookie Effect →
via The Security Ledger, comes this outstanding piece detailing malicious data analytics driving super cookie use [the so-called 'Evercookie]'], and focusing on "individuals with links to international diplomacy, the Russian government and the energy sector." Today's Must Read