WINNER

TRUSTED MESSAGING THROUGH IMPOSTOR DETECTION

© Astra IDentity, Inc. – Company Confidential – Do not distribute without permission - Gagan Prakash – 978-500-2415 - gprakash@astraid.com

About me – Gagan Prakash

• Founder & CEO of Astra IDentity, Inc.

• MassChallenge Finalist 2014

• Winner Commonwealth of MA, MassIT Government Innovation Competition 2014

• MIT MBA 2011

• Co-Founded 123Together.com/groupSPARK in 2002

© Astra IDentity, Inc. – Company Confidential – Do not distribute without permission - Gagan Prakash – 978-500-2415 - gprakash@astraid.com

Anomaly Detection

• “Anomaly detection is the identification of events which do not conform to an expected pattern” – Wikipedia

• IBM’s Technology Trend Prediction - Digital Guardian -

• “It looks at behavior… and spots something anomalous. It screams when there is something out of the norm.”

• Increasingly done by security companies• Cloud Computing

• Big Data

• Machine Learning

© Astra IDentity, Inc. – Company Confidential – Do not distribute without permission - Gagan Prakash – 978-500-2415 - gprakash@astraid.com

Anomaly Detection - GreenSQL

• Database Security Solution

• Preventing SQL injection attacks

• Spotting anomalies in database queries

© Astra IDentity, Inc. – Company Confidential – Do not distribute without permission - Gagan Prakash – 978-500-2415 - gprakash@astraid.com

Anomaly Detection – Rough Steps

• Establish objectives

• Get sample data

• Extract features

• Develop model

• Test model

• Use, Iterate & refine model

© Astra IDentity, Inc. – Company Confidential – Do not distribute without permission - Gagan Prakash – 978-500-2415 - gprakash@astraid.com

Resources

• Big Data• AWS DynamoDB• Google BigQuery• MongoDB, Hadoop, HBase

• Machine Learning• Mahout• Python – sci-kit

• Cloud Computing• Amazon AWS• Google, Microsoft Azure, Rackspace, IBM Softlayer

• Other sites/tools• www.kdnuggets.com• www.lingpipe.com• Meetups Predictive Analytics/ Machine Learning/ PyData• Coursera Andrew Ng

© Astra IDentity, Inc. – Company Confidential – Do not distribute without permission - Gagan Prakash – 978-500-2415 - gprakash@astraid.com

Anomaly Detection Challenges

• False Positives

• False Negatives

• Access to Data/ Training Time

• Building & revising models

• Knowledge of Applied Statistics AND software development

• Keeping up with Machine Learning/Data Science

• Difficult to find trained people

© Astra IDentity, Inc. – Company Confidential – Do not distribute without permission - Gagan Prakash – 978-500-2415 - gprakash@astraid.com

Impostor Detection

• Easy to spoof individuals online

• Triangulate behavior and compare to historical to detect impostors

• Examples

© Astra IDentity, Inc. – Company Confidential – Do not distribute without permission - Gagan Prakash – 978-500-2415 - gprakash@astraid.com

Pindrop Security – Impostor Detection for phone calls

“Pindrop solutions identify fraudsters based on anomalies in their calls, allowing us to detect spoofing, forwarding, suspicious call origins, and other indications of fraud.”

© Astra IDentity, Inc. – Company Confidential – Do not distribute without permission - Gagan Prakash – 978-500-2415 - gprakash@astraid.com

Guardian Analytics – Impostor Detection for Login forms

“Utilizing the industry’s most advanced behavior-based anomaly detection technology, FraudMAP Access delivers sophisticated fraud prevention capabilities with easy-to-use investigation and forensics tools.”

© Astra IDentity, Inc. – Company Confidential – Do not distribute without permission - Gagan Prakash – 978-500-2415 - gprakash@astraid.com

CyberArk - Impostor Detection for Network Usage

“Learns the behavior of the privileged users and accounts. Privileged Threat Analytics compares real-time privileged account activity to historical behavior in order to detect anomalies as they occur.”

© Astra IDentity, Inc. – Company Confidential – Do not distribute without permission - Gagan Prakash – 978-500-2415 - gprakash@astraid.com

AstraID - PhishingGuardian – Impostor Detection for Email

“Hackers phish using identities of known contacts & brands AstraID's Impostor Detection creates behavioral fingerprints and stops these imposters.”

Phishing requires misrepresentation of identity

Targeted Phishing SPAM

© Astra IDentity, Inc. – Company Confidential – Do not distribute without permission - Gagan Prakash – 978-500-2415 - gprakash@astraid.com

Sender sends email to recipient

Third Party SaaS SPAM filter (if any)

Company mail server

PhishingGuardianPhishing Filter

Sender sends email to recipient

Third Party SaaS SPAM filter (if any)

Company mail server

PhishingGuardianPhishing Filter

Deployment Option 1: DNS Change

Deployment Option 2: Server Rules

© Astra IDentity, Inc. – Company Confidential – Do not distribute without permission - Gagan Prakash – 978-500-2415 - gprakash@astraid.com

SaaS Service:• PhishingGuardian is our anti-phishing SaaS service• Hosted on Amazon Web Services• $2 Employee/month• Easy to deploy

© Astra IDentity, Inc. – Company Confidential – Do not distribute without permission - Gagan Prakash – 978-500-2415 - gprakash@astraid.com

PhishingGuardian

• PhishingGuardian protects your employees from phishing and targeted phishing attacks delivered through email.

• It is a SaaS service, sitting outside your perimeter, with an easy to use web based management console.

• In addition to blocking attacks, PhishingGuardian also provides sophisticated controls to filter incoming email.

• PhishingGuardian leverages Impostor Detection to create behavioral fingerprints from emails to spot sender impersonation in new emails.

© Astra IDentity, Inc. – Company Confidential – Do not distribute without permission - Gagan Prakash – 978-500-2415 - gprakash@astraid.com

Questions

?’s