Registrujte se

Otevřený a svobodný software

Otevřené operační systémy a programy, webové technologie, databáze, virtualizace, kontejnery

Celodenní git workshop

Workshop | A112 | Sobota 10:00 - 17:45 |

Umíš základy Pythonu (například ze začátečnického kurzu PyLadies), ale chceš se přiučit něco o Gitu? Tento workshop je pro všechny, kteří jsou pokročilejší začátečníci – umí pracovat s příkazovou řádkou zhruba na úrovni absolventek začátečnického kurzu PyLadies, vědí, jak fungují soubory na počítači a že se do nich píše zdrojový kód. Budeme používat Python, ale o programování tolik nepůjde.

Požadavky:
Přineste si vlastní počítač, s nainstalovaným Pythonem a gitem. Předpokládá se znalost práce s příkazovou řádkou zhruba na úrovni absolventek začátečnického kurzu PyLadies. Znalost Pythonu není nutná, ale je doporučená alespoň na úrovni „umím napsat krátký skript, který přečte soubor a něco z něj vypisuje do terminálu“.

Otevřený a svobodný software free software open source git github python license patch diff sdílení internet vaření
avatar

Miro Hrončok

free software engineer
Red Hat

Bezpečnost a soukromí

Soukromí, šifrování, sledování, záloha dat, monitoring, audit, hesla, hacking, cracking, malware, phishing

Fantastic Attacks and How Kalipso can Find Them

Přednáška | D105 | Neděle 13:00 - 13:45 |

Detecting attacks in a network is very hard due to the huge amount of information, and the similarity between attacks and normal traffic. Knowing the traffic of your computer is hard enough, more so in a large network. An analyst has to decide and block infected computers without being aware of all the details. A company may afford a large detection system based on big data, but what about you? Slips is a network intrusion detection system that uses flows, behaviors, and machine learning to detect attacks in a network. Based on Zeek and with a modular structure it is easy to extend the system with new models of your design, leaving the final decision to an internal ensembling algorithm. From flow-based port scan detection to anomaly detection, threat intelligence, VirusTotal integration, geolocation and machine learning profiling, slips includes modules that can give a comprehensive high-level view of your security. However, it is very hard to show this information clearly and to include the analyst in the process. Enter Kalipso. Kalipso is a nodejs-based terminal interface designed to display the complexity of the information produced by Slips. This interface helps traffic analysts to quickly get a superficial understanding of what is going on in the network. With animated graphs and charts based on the blessed and the blessed-contrib libraries, it is possible to configure and connect data from Slips meaningfully. After slips filled the redis database, Kalipso is ready to display the information. It creates a tree with all IP addresses in the traffic, separating the data in time windows. For every IP and time window, it shows a timeline, detections, and a map with the geolocation of all the destination IPs contacted. Each IP address is modeled using stacked bars and tables based on the destination ports contacted, destination IPs contacted, source ports used, and ports opened as a server. Different windows are accessed with hotkeys, and important information is highlighted with several font types and colors. Distinctive outgoing connections are displayed together with their VirusTotal information and behavioral model. Complete with the ability to copy information to the clipboard or save it into a file, Kalipso allows the analyst to rapidly overview what is happening in a network.

Bezpečnost a soukromí Security Bezpečnost a soukromí Attacks machine learning nodejs Interface Python Free software malware OWASP
avatar

Sebastian Garcia

Director
Stratosphere
avatar

Kamila Babayeva

Reseacher
Civilsphere