Events

 

Technical Courses /

Cyber Defence Monitoring Course Suite Module 2

Date:

26 Feb-2 Mar 2018

Registration deadline:

22 Jan 2018

 

Location:

Tallinn, Estonia

Participation fee:

300 € (no fee for the Sponsoring Nations, Contributing Partners and NATO bodies)

Stream Data Mining Workshop

This intensive hands-on workshop explores Big Data processing frameworks in conjunction with various scripting languages and probabilistic data structures. We intend to use Apache Kafka as a centralised highavailability data bus to design and implement custom security tools that process high-volume data streams in real time, improve overall defensive situational awareness, explore novel data processing methods, and design a unified open-source monitoring framework to be used by both nations and medium to large enterprises.

Learning Objectives

Participants will be given hands-on experience in configuring replicated big-data clusters, real-time data pipelines, and streaming threat intelligence tools. This includes exploration of data normalisation and feature extraction techniques. The workshop will also explore the use of advanced data structures for solving practical monitoring challenges.

Target Audience 

  • Technical IT security staff in charge of monitoring sensitive networks.
  • Skilled DevOps personnel in need of novel data processing tools.
  • Security architects and researchers who design organisational monitoring frameworks.

Non-target audience:

  • Experienced data mining and machine learning specialists.
  • Security appliance operators.

Outline 

  • Installing a replicated stream processing cluster
  • Creating data retention and partitioning schemes
  • Integrating with existing event log, IDS alert, and NetFlow feeds
  • Introduction to probabilistic data structures, and implementing these in popular scripting languages
  • Creating custom data consumers and producers
  • Using scripting languages to solve various monitoring tasks.

 

Prerequisites 

  • Good understanding of TCP/IP networking and network/system administration
  • Recent everyday network/system administrator's work experience of at least 2 years in UNIX environments
  • Previous detailed knowledge on following topics
    • Work principles of UNIX operating systems and UNIX file system layout
    • Common UNIX shells (e.g., sh, bash)
    • Common UNIX user tools (e.g., ls, ps, kill)
    • Common UNIX system administration utilities
  • Proficiency in at least one multi-platform scripting language (e.g., Python, NodeJS, Golang)
  • Basic understanding of programming concepts is required:
    • Iterations, functions, classes, instantiation;
    • Importing and using software libraries.
  • Personal motivation to test and implement novel methods.
  • English language skill comparable to STANAG 6001, 3.2.3.2.

NB!  We  most  strongly  discourage  the  participation  of  students  who  do  not  fulfil  these prerequisites,  since  the  course  contains  advanced  lab  sessions  assuming  this  knowledge. Therefore, the presence of unskilled attendees is likely to hinder the overall progress of the course. 

Registration info

Invitation only. Should you have any questions, please contact: events -at- ccdcoe.org.