real time analytics of dns packets using apache …...real time analytics of dns packets using...
TRANSCRIPT
![Page 2: Real Time Analytics of DNS packets using Apache …...Real Time Analytics of DNS packets using Apache STORM Lightning talk Francisco Cifuentes francisco@niclabs.cl 1 State of the Art](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f0a909f7e708231d42c4183/html5/thumbnails/2.jpg)
State of the Art
These are DSC presenters!
2
![Page 3: Real Time Analytics of DNS packets using Apache …...Real Time Analytics of DNS packets using Apache STORM Lightning talk Francisco Cifuentes francisco@niclabs.cl 1 State of the Art](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f0a909f7e708231d42c4183/html5/thumbnails/3.jpg)
DSC: A DNS Statistics Collector
3
![Page 4: Real Time Analytics of DNS packets using Apache …...Real Time Analytics of DNS packets using Apache STORM Lightning talk Francisco Cifuentes francisco@niclabs.cl 1 State of the Art](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f0a909f7e708231d42c4183/html5/thumbnails/4.jpg)
What’s Apache Storm!?
“Apache Storm is a (…) distributed realtime computation system.”
https://storm.apache.org/
4
![Page 5: Real Time Analytics of DNS packets using Apache …...Real Time Analytics of DNS packets using Apache STORM Lightning talk Francisco Cifuentes francisco@niclabs.cl 1 State of the Art](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f0a909f7e708231d42c4183/html5/thumbnails/5.jpg)
What it is used for!?
“Storm has many use cases: realtime analytics, online machine learning, continuous computation, distributed RPC, ETL, and more…”
https://storm.apache.org/
5
![Page 6: Real Time Analytics of DNS packets using Apache …...Real Time Analytics of DNS packets using Apache STORM Lightning talk Francisco Cifuentes francisco@niclabs.cl 1 State of the Art](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f0a909f7e708231d42c4183/html5/thumbnails/6.jpg)
What it is used for!?
And many others...
6
![Page 7: Real Time Analytics of DNS packets using Apache …...Real Time Analytics of DNS packets using Apache STORM Lightning talk Francisco Cifuentes francisco@niclabs.cl 1 State of the Art](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f0a909f7e708231d42c4183/html5/thumbnails/7.jpg)
What it is used for!?
“One example is security monitoring where we are leveraging Storm to analyze the network telemetry data of our globally distributed infrastructure in order to detect and mitigate cyber attacks”
http://storm.apache.org/documentation/Powered-By.html
7
![Page 8: Real Time Analytics of DNS packets using Apache …...Real Time Analytics of DNS packets using Apache STORM Lightning talk Francisco Cifuentes francisco@niclabs.cl 1 State of the Art](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f0a909f7e708231d42c4183/html5/thumbnails/8.jpg)
Proposed Architecture
8
![Page 9: Real Time Analytics of DNS packets using Apache …...Real Time Analytics of DNS packets using Apache STORM Lightning talk Francisco Cifuentes francisco@niclabs.cl 1 State of the Art](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f0a909f7e708231d42c4183/html5/thumbnails/9.jpg)
Proposed Architecture
9
![Page 10: Real Time Analytics of DNS packets using Apache …...Real Time Analytics of DNS packets using Apache STORM Lightning talk Francisco Cifuentes francisco@niclabs.cl 1 State of the Art](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f0a909f7e708231d42c4183/html5/thumbnails/10.jpg)
Proposed Architecture
10
![Page 11: Real Time Analytics of DNS packets using Apache …...Real Time Analytics of DNS packets using Apache STORM Lightning talk Francisco Cifuentes francisco@niclabs.cl 1 State of the Art](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f0a909f7e708231d42c4183/html5/thumbnails/11.jpg)
Inspiration
11
![Page 12: Real Time Analytics of DNS packets using Apache …...Real Time Analytics of DNS packets using Apache STORM Lightning talk Francisco Cifuentes francisco@niclabs.cl 1 State of the Art](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f0a909f7e708231d42c4183/html5/thumbnails/12.jpg)
Inspiration
Distance between client and server reached the threshold!
12
![Page 13: Real Time Analytics of DNS packets using Apache …...Real Time Analytics of DNS packets using Apache STORM Lightning talk Francisco Cifuentes francisco@niclabs.cl 1 State of the Art](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f0a909f7e708231d42c4183/html5/thumbnails/13.jpg)
Some choices reasons
● Why do we need real time analysis?● Why Apache Storm?
13
![Page 14: Real Time Analytics of DNS packets using Apache …...Real Time Analytics of DNS packets using Apache STORM Lightning talk Francisco Cifuentes francisco@niclabs.cl 1 State of the Art](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f0a909f7e708231d42c4183/html5/thumbnails/14.jpg)
What has been done
● DNS Packet Parser.● Tested different topologies.
14