DOCSLIB.ORG

Cyber Threat Hunting Using Machine Learning and Artificial Intelligence

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cyber Threat Hunting Using Machine Learning and Artificial Intelligence Cyber Threat Hunting using Machine Learning and Artificial Intelligence Denis Onuoha Chief Information Security Officer Arqiva IABM Copyright 2018 www.theiabm.org @THEIABM Introduction Arqiva is a leading UK communications infrastructure company enabling a vibrant digital economy. We are behind the scenes and central to millions of vital connections. We are pioneers in an always on, always connected world. Every day our infrastructure and associated services enable millions of people and machines to connect wherever they are through TV, radio, mobile and the Internet of Things (IoT). Our technology enables us to work with everyone from mobile network operators, such as BT-EE, Vodafone, O2 and Three to independent radio groups and major broadcasters, such as the BBC, ITV, Sky, Turner and CANAL+ to utility companies such as Thames Water. Denis Onuoha is the Chief Information Security Officer at Arqiva. He has the overall responsibility for Security Risk Management, Information Assurance and Cyber Security for the company and is at the forefront of its fight in defending against the latest media industry cyber-attacks. Denis commenced work in the financial sector with responsibilities for Risk and Information Security, subsequently making the move across to the broadcast industry. He is a qualified Lead Auditor for the ISO27001 and ISO22301 standards; a Lead Implementer for ISO22301; a Risk Manager in accordance with ISO27005; and has successfully attained ISACA’s CISA and CISM certifications. A proactive IT professional, Denis sits on three of UK's Centre for the Protection of National Infrastructure (CPNI) Government Information Security Exchanges and is the elected Chair of the AIB Cyber Security Working Group. IABM Copyright 2018 www.theiabm.org @THEIABM Kill Chain Visualisation Hours to Months Seconds Months Timeline 2. Weaponisation 4. Exploitation 6. Command & Control Coupling exploit Exploiting a vulnerability Command channel for with backdoor into to execute code on remote manipulation deliverable payload victim’s system of victim’s system 1. Reconnaissance Harvesting email addresses, conference information, etc 3. Delivery 5. Installation 7. Action on objectives Delivering weaponised Installing With ‘Hands on bundle to the victim malware on keyboard’ access, via email, web, usb the asset intruders accomplish etc… Mission objective Preparation Intrusion Active Breach IABM Copyright 2018 www.theiabm.org @THEIABM Artificial Intelligence and Machine Learning in Cyber Defence 4. 1. Network Data User Behaviour IPS, IDS, Packet Analytics, User Data, Capture, Net Flow Active Directory, Proxy Logs, VPN Application Data AI engine Endpoint Data API Calls, Data Registry, Connections, Exchange, WAF Data Processes, Memory, File Intergrity 3. 2. IABM Copyright 2018 www.theiabm.org @THEIABM Benefit of AI & Machine Learning Real time security Threat Anticipation Threat Hunting monitoring Threat Intelligence and Indicators of Discovering covert Compromise from Detecting key known threats using Vendors - automated threats in real time behaviours can be mitigated before being hit IABM Copyright 2018 www.theiabm.org @THEIABM Cyber Incident Management redefined via Artificial Intelligence Automatic Stop the Contain containment spread Response Response Clean up orchestration IABM Copyright 2018 www.theiabm.org @THEIABM WHERE’S WALLY IABM Copyright 2018 www.theiabm.org @THEIABM Conclusion Makes good Improved Improved Improved Reduced Business Protection Detection Response Cost sense IABM Copyright 2018 www.theiabm.org @THEIABM ? Any questions Denis Onuoha Email: [email protected] LinkedIn: www.linkedin.com/in/denisonuoha Mobile: +447814219954 IABM Copyright 2018 www.theiabm.org @THEIABM.
Load more

Recommended publications
  • MFS Meridian® Funds
    Shareholder Semiannual Report 31 July 2021 MFS Meridian® Funds Luxembourg-Registered SICAV RCS: B0039346 SICAV-UK-SEM-7/21 MFS Meridian® Funds CONTENTS General information .................................................................... 3 Shareholder complaints or inquiries .......................................................... 3 Schedules of investments ................................................................. 4 Statements of assets and liabilities ........................................................... 130 Statements of operations and changes in net assets ............................................... 135 Statistical information ................................................................... 140 Notes to financial statements .............................................................. 179 Addendum .......................................................................... 217 Directors and administration ............................................................... 223 Primary local agents ................................................................ back cover MFS Meridian® Funds listing The following sub-funds comprise the MFS Meridian Funds family. Each sub-fund name is preceded with “MFS Meridian Funds –” which may not be stated throughout this report. Asia Ex-Japan Fund ® Blended Research European Equity Fund Continental European Equity Fund Contrarian Value Fund Diversified Income Fund Emerging Markets Debt Fund Emerging Markets Debt Local Currency Fund Emerging Markets Equity Fund Emerging Markets
    [Show full text]
  • SUBDOC-034 Self Assessment of Soundness.Pdf
    Local Development Plan Draft Plan Strategy Self-Assessment of Soundness December 2020 0 Contents Page 1.0 Introduction 3 2.0 Tests of Soundness 4 3.0 Procedural Tests 5 4.0 Consistency Tests 20 5.0 Coherence and Effectiveness Tests 31 6.0 Conclusion 38 1 Appendices Page Appendix 1 Test of Soundness 40 Appendix 2 LDP Timetable 41 Appendix 3 LDP Timetable Approval from DfI 45 Appendix 4 LDP Timetable Consultee Notification 49 Appendix 5 LDP Statutory Consultees 53 Appendix 6 LDP Non-Statutory Consultees 58 Appendix 7 LDP Stakeholder Group 59 Appendix 8 LDP Community / Voluntary Groups Consultees 60 Appendix 9 LDP Section 75 Groups Consultees 62 Appendix 10 POP Public Notice 64 Appendix 11 DPS Local Advertisement 66 Appendix 12 DPS Public Notice in the Belfast Gazette 70 Appendix 13 DPS Documents Available on Council’s Website 74 Appendix 14 PAC response to LDP Timetable 76 Appendix 15 LDP Timetable Public Notice 79 Appendix 16 LDP Timetable published on Council Website 84 Appendix 17 Meetings with Consultation Bodies 86 Appendix 18 Pre-POP Publication Consultation Notification 89 Appendix 19 POP Notification of Publication letter (Consultees) 90 Appendix 20 POP Publication on Council’s Website 92 Appendix 21 DPS Publication Notification Letter 94 Appendix 22 DPS Publication on Council’s Website 96 Appendix 23 Publication of Reps & Counter Reps Period Public Notice in Belfast Gazette 98 Appendix 24 Publication of Reps & Counter Reps Period Local Advertisement 99 Appendix 25 Notification to Consultees that Reps have been published 101 Appendix
    [Show full text]
  • Term Disruptions and Transformative Impacts of 5G and Beyond Wireless Networks: Lessons Learnt from the Development of a 5G Testbed Environment
    This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2020.2964673, IEEE Access Date of publication xxxx 00, 0000, date of current version xxxx 00, 0000. Digital Object Identifier 10.1109/XYZ.2019.DOI The Potential Short- and Long-Term Disruptions and Transformative Impacts of 5G and Beyond Wireless Networks: Lessons Learnt from the Development of a 5G Testbed Environment MOHMAMMAD N. PATWARY1, (Senior Member, IEEE), SYED JUNAID NAWAZ2, (Senior Member, IEEE), MD. ABDUR RAHMAN3, (Senior Member, IEEE), SHREE KRISHNA SHARMA4, (Senior Member, IEEE), MD MAMUNUR RASHID5, STUART J. BARNES5 1School of Computing and Digital Technology, Birmingham City University, Birmingham, UK. (e-mail:[email protected]) 2Department of Electrical and Computer Engineering, COMSATS University Islamabad (CUI), Islamabad 45550, Pakistan. (e-mail:[email protected]) 3Department of Cyber Security and Forensic Computing, The University of Prince Mugrin, KSA. (e-mail: [email protected]) 4SnT - securityandtrust.lu, University of Luxembourg, Kirchberg, Luxembourg 1855, Luxembourg. (e-mail: [email protected]) 5Consumer and Organisational Data Analytics (CODA) Research Centre, King’s College London, UK. (e-mail: [email protected] and [email protected] ) Corresponding author: Syed Junaid Nawaz (e-mail: [email protected]). ABSTRACT The capacity and coverage requirements for 5th generation (5G) and beyond wireless connectivity will be significantly different from the predecessor networks. To meet these requirements, the anticipated deployment cost in the United Kingdom (UK) is predicted to be between £30bn and £50bn, whereas the current annual capital expenditure (CapEX) of the mobile network operators (MNOs) is £2.5bn.
    [Show full text]
  • Connected. Always. Arqiva Broadcast Parent Limited Registered Number 08085823
    Connected. Always. Arqiva Broadcast Parent Limited Registered number 08085823 Annual Report For the year ended 30 June 2020 Annual Report for the year ended 30 June 2020 Corporate information As at the date of this report Group website: Company secretary: (21 September 2020): www.arqiva.com Jeremy Mavor Group Board of Directors: Independent Auditors Registered Office: Mark Braithwaite PricewaterhouseCoopers LLP, 1 Embankment Crawley Court, Winchester, Hampshire, United Frank Dangeard Place, Charing Cross, London, WC2N 6RH Kingdom SO21 2QA Mike Darcey Sally Davis Company1 Directors: Company registration number: Paul Donovan (Chief Executive Officer) Peter Adams 08085823 Martin Healey Mark Braithwaite Neil King Frank Dangeard Peter Adams (alternate) Mike Darcey Mike Parton (Chairman) Sally Davis Christian Seymour Max Fieguth Max Fieguth (alternate) Martin Healey Sean West (Chief Financial Officer) Neil King Mike Parton Christian Seymour 1 In respect of Arqiva Broadcast Parent Limited, the parent company of the Group Arqiva Broadcast Parent Limited Annual Report for the year ended 30 June 2020 Cautionary statement This annual report contains various The risks and uncertainties referred the ability of the Group to develop, forward-looking statements regarding to above include: expand and maintain its broadcast and events and trends that are subject to risks actions or decisions by governmental machine-to-machine infrastructure; and uncertainties that could cause the and regulatory bodies, or changes in the ability of the Group to obtain actual results and financial position of the the regulatory framework in which the external financing or maintain sufficient Group to differ materially from the Group operates, which may impact capital to fund its existing and future information presented herein.
    [Show full text]
  • Paging, Zoning & Microphone Technology
    Paging, Zoning & Microphone Technology Introduction CIE-Group – one of the UK’s most This UK-manufactured specialist experienced suppliers of high quality microphone range provides simple Commercial Sound and AV products single-zone desk paging microphones, – are the exclusive UK supply partner to vandal-resistant units, to the most for Communication Technology and advanced store-and-forward multi- their complete range of professional zone paging systems. In addition to the paging, zoning and microphone full range of stock products, CIE-Group technology products. and Communication Technology work in partnership with many professional installers and systems integrators to provide bespoke solutions to meet the specific requirements of more complex PA systems. Within many leading supermarkets, stores, airports, bus and train terminals, sports and education applications, you will find high quality, reliable microphone solutions bearing the Communication Technology name. T: 0115 9770075 E: [email protected] F: 0115 9770081 W: www.cie-group.com Paging, Zoning & Microphone Technology www.cie-group.com Contents 05~7 Loudspeaker Line Volume Controls 8 Paging Microphones 9 Paging Microphones - Wall Plates 10 Desk-Mounted Paging Microphones - Pro Series 11 Paging Microphones - Pro Series 12 Paging Microphones - Dynamic Fist Microphone 14 Paging Microphones - Accessories 15 Paging Microphones - DPM Series (CAT 5) 16 Paging Microphones - Store & Forward 17 Paging Microphones - Conventional Zoning 18 Paging Microphones - Heavy Duty Goosenecks 19 Paging Microphones - Light/Medium Duty Goosenecks 20 Paging Microphones - Boundary & Handheld 21~24 Systems & Electronics www.cie-group.com 04 Exclusive UK Supply Partners CIE-Group are the exclusive UK supply partners for the complete Communication Technology range of professional paging, zoning and microphone technology products.
    [Show full text]
  • Investor Report for Arqiva Group Parent Limited Schedule 7
    INVESTOR REPORT FOR ARQIVA GROUP PARENT LIMITED SCHEDULE 7 Six month period ending 31 December 2020 Date: 22 February 2021 0103110-0000010 ICM:30666316.10 1 QUARTERLY INVESTOR REPORT To: The Issuer Security Trustee, the Ratings Agencies and the Paying Agents GENERAL OVERVIEW Arqiva is one of the UK’s leading communications infrastructure and media services providers, with significant investments in essential communications infrastructure. The Group’s core business comprises of Broadcast and Utilities markets. It generates predictable earnings, supported by strong market positions, diverse revenue streams, long-life assets and long-term inflation linked contracts. The sale of the Telecoms business was successfully completed in July 2020. The Group had a contracted orderbook of £3.8bn as at 30 June 2020 for the remaining business after the Telecoms sale. Recent developments Corporate updates Sale of telecoms business The sale of the Telecoms business to Cellnex completed in July 2020. The Group’s operational and asset separation relating to the Telecoms sale has largely been completed. Operationally, Arqiva will continue to support Cellnex’s UK business via Transitional Services Agreements (TSA) for a period of up to 18 months from the deal completion date. New organisation structure Arqiva is implementing a new integrated organisation structure that will help better serve our customers, their delivery requirements, and the products and services that we provide. This change will: Place productivity, innovation and sustainability at the heart of our actions; Create a high performance, high engagement culture; and Deliver financial outcomes that create value. Brexit Arqiva has been reviewing the impact on its supply chain following the Brexit deal in December 2020.
    [Show full text]
  • We Welcome the Mod's Decision to Consider Access to a Range Of
    Consultation: Mobile Data Strategy Cover sheet for response to an Ofcom consultation BASIC DETAILS Consultation title: Mobile Data Strategy To (Ofcom contact): [email protected] Name of respondent: Arqiva Limited Representing (self or organisation/s): Organisation Address (if not received by email): CONFIDENTIALITY Please tick below what part of your response you consider is confidential, giving your reasons why Nothing X Name/contact details/job title Whole response Organisation Part of the response If there is no separate annex, which parts? If you want part of your response, your name or your organisation not to be published, can Ofcom still publish a reference to the contents of your response (including, for any confidential parts, a general summary that does not disclose the specific information or enable you to be identified)? DECLARATION I confirm that the correspondence supplied with this cover sheet is a formal consultation response that Ofcom can publish. However, in supplying this response, I understand that Ofcom may need to publish all responses, including those which are marked as confidential, in order to meet legal obligations. If I have sent my response by email, Ofcom can disregard any standard e-mail text about not disclosing email contents and attachments. Ofcom seeks to publish responses on receipt. If your response is non-confidential (in whole or in part), and you would prefer us to publish your response only once the consultation has ended, please tick here. Name Dr Peter Couch Signed (if hard copy) Head of Strategic Planning for and on behalf of Arqiva Limited Page 1 of 14 Consultation: Mobile Data Strategy Mobile Data Strategy About Arqiva Arqiva is the communications infrastructure and media services company operating at the heart of the broadcast and mobile communications industry and at the forefront of network solutions and services in an increasingly digital world.
    [Show full text]
  • Talktalk Telecom Group PLC Annual Report 2019 01 Strategic Report at a Glance Talktalk Is the UK’S Leading Value for Money Connectivity Provider
    TalkTalk Telecom Group PLC Group Telecom TalkTalk TalkTalk Telecom Group PLC AnnualReport 2019 2019 Annual Report TalkTalk is the UK’s leading value for money connectivity provider. Our purpose is to deliver simple, affordable, reliable and fair connectivity for everyone. Stay up to date at talktalkgroup.com Strategic report Highlights Financial highlights Contents • Total Headline (3) revenue (ex-Carrier and Off-net) up 2.2% to Strategic report £1,544m (FY18: £1,511m(2)); Headline On-net revenue up 3.9% to £1,263m (FY18: £1,216m(2)) Highlights ������������������������������������������������������������������������������������������������������01 At a glance �����������������������������������������������������������������������������������������������������02 (2) • Statutory revenue of £1,632m (FY18: £1,653m ), a 1.3% decline Chairman’s introduction �������������������������������������������������������������������������04 • Headline EBITDA(3) of £237m (FY18: £203m(2)) Chief Executive Officer’s review ����������������������������������������������������������05 (including FibreNation costs) Our business model ����������������������������������������������������������������������������������08 Our strategy �������������������������������������������������������������������������������������������������09 • YoY Headline EBITDA growth of 16.7% driven by a larger 1 Consumer ��������������������������������������������������������������������������������������������10 average base, increased Fibre penetration and a materially lower cost
    [Show full text]
  • Infrastructure Report 2012 Update
    Infrastructure Report 2012 Update Publication date: 14 November 2012 Contents Section Page 1 Summary 1 2 Introduction and background to the report 7 3 Fixed broadband networks 9 4 Mobile networks and Wi-Fi 27 5 Broadcast networks 40 6 Resilience 42 7 Traffic management 49 Annex Page 1 Data assumptions/methodology 57 2 List of alternative broadband providers 61 3 Glossary 63 2012 UK Communications Infrastructure Report Section 1 1 Summary 1.1 In November 2011 Ofcom published the first Communications Infrastructure Report1. This report was published pursuant to section 134A of the Communications Act 2003, which gives Ofcom a duty to report every three years to the Secretary of State for Culture, Media and Sport (DCMS) on the state of the UK’s communications infrastructure. 1.2 As we indicated last year, the UK’s communications infrastructure is changing quickly as a result of rapid developments in consumers’ use of communications services and the resulting investment by operators. This update highlights some of the most notable changes over the past year including the: • Growing availability and take-up of superfast broadband; • Rising use of mobile internet services; and • Completion of digital TV switchover. Current generation fixed broadband 1.3 Current generation broadband is available in close to 100% of premises in the UK. Overall take-up of fixed broadband services is now around 71% of UK premises. 1.4 The Government is committed to ensuring that, by 2015, almost all premises in the UK will be able to access a basic broadband service of at least 2Mbit/s, through the Universal Service Commitment (USC).
    [Show full text]
  • Arqiva Submission to CMA Inquiry Into Proposed Merger of BT and EE
    Arqiva submission to CMA inquiry into proposed merger of BT and EE CMA inquiry into proposed merger of BT and EE About Arqiva Arqiva is a communications infrastructure and media services company operating at the heart of the mobile and broadcast communications industry Arqiva provides much of the infrastructure behind television, radio, mobile and other wireless communication in the UK.. We are at the forefront of network solutions and services in an increasingly digital world. We provide much of the infrastructure behind television, radio and wireless communications in the UK and have a growing presence in Europe. We are active in the telecommunications sector, providing access to over 8,000 sites and infrastructure for mobile phone operators. We are building and running a national Internet of Things (“IoT”) network, which is now live, starting with 10 of the UK’s largest cities. In addition, our smart metering communications service, connecting 10 million homes using long-range radio technology, will be one of the UK’s largest machine-to-machine deployments. This will require sites across northern England and Scotland. Arqiva is a founder member and shareholder of Freeview. We broadcast all eight Freeview multiplexes and are the licensed operator of four of them . and we own Connect TV, the first company to launch a live IP streaming channel on Freeview. Arqiva is the licensed operator of Digital One – the national commercial DAB digital radio multiplex. In terms of radio delivery, we are the licensed operator of Digital One – the national commercial DAB digital multiplex. Arqiva is a major player in the UK’s satellite communications business, operating over 80 antennas to geostationary satellites, providing telemetry, tracking and command support services to some of the leading satellite operators.
    [Show full text]
  • 5G Infrastructure Requirements in the UK
    FINAL REPORT 5G Infrastructure Requirements in the UK On behalf of Final report Version 3.0 12.12.2016 Contact: LS telcom UK Saul Friedner Riverside House Spectrum Consulting 2a Southwark Bridge Road Tel: +44 7958 700771 LONDON, UK Email: [email protected] +44 20 3740 6472 [email protected] www.LStelcom.com 5G Infrastructure Requirements in the UK Version Control Item Description Source LS telcom Client National Infrastructure Commission Report Title 5G Infrastructure Requirements in the UK Issue Date 12 December 2016 Version Date Description 1.0 10.11.2016 Issued to National Infrastructure Commission 2.0 02.12.2016 Updated with feedback comments and issued to NIC 3.0 12.12.2016 Further refinements and issued to NIC © 2016 LS telcom UK 5G Infrastructure Requirements in the UK Page 2 5G Infrastructure Requirements in the UK Table of Content 1 EXECUTIVE SUMMARY ........................................................................... 6 1.1 Key messages ......................................................................................... 6 1.2 Opening up roadside telecoms infrastructure could pave the way for high speed mobile connectivity to vehicles .................................................................. 9 1.3 A new high capacity trackside infrastructure is the optimum approach to enabling ultra-high speed connectivity for rail passengers ........................................ 10 1.4 Dense deployment of small cell sites is needed for future networks in urban areas 11 1.5 Addressing the coverage gaps in rural areas is needed before new technology can be deployed ............................................................................................... 12 1.6 Summary of the infrastructure requirements analysis .................................. 13 2 DEVELOPMENT OF TELECOMMUNICATIONS INFRASTRUCTURE IN THE UK 14 2.1 An overview of fixed and mobile networks ................................................. 14 2.2 Future of wireless networks ....................................................................
    [Show full text]
  • Investor Report for Arqiva Group Parent Limited Schedule 7
    INVESTOR REPORT FOR ARQIVA GROUP PARENT LIMITED SCHEDULE 7 Full year ending 30 June 2020 Date: 21 September 2020 0103110-0000010 ICM:30666316.10 1 FORM OF INVESTOR REPORT/QUARTERLY INVESTOR REPORT To: The Issuer Security Trustee, the Rating Agencies and the Paying Agents GENERAL OVERVIEW Arqiva is one of the UK’s leading communications infrastructure and media services providers, with significant investments in essential communications infrastructure. The Group’s core infrastructure business comprises of Media Networks and Machine-to-Machine (M2M). It generates predictable earnings, supported by strong market positions, diverse revenue streams, long-life assets and long-term inflation linked contracts. The sale of the Telecoms business was successfully completed in July as detailed in this report. The Group had a contracted orderbook of £4.0bn as at 30 June 2020 for the remaining business post the Telecoms sale. Recent developments Corporate updates Sale of Towers business and repayment of debt On 8 July 2020, Arqiva successfully completed the sale of the Telecoms business by disposing Arqiva Services Limited and five smaller entities to Cellnex. The c. £2.0bn deal was first announced in October 2019 and includes the sale of c.7,400 sites and contractual rights to market a further c.900 sites across the UK. The majority of the sales proceeds is being used to repay senior debt and derivatives that will result in a stronger capital structure for the remaining business. In April 2020 the Group also entered into a new £165m Working Capital Facility. The purpose of this facility was to provide additional liquidity and drawings on other working capital and capex facilities to repay the £350m public bond which matured on 30th June 2020.
    [Show full text]