The magical uses of large data? Big data is the safest "antivirus platform" in history!

Science and technology with the times, cybercrime, infiltration, theft is also constantly sophisticated renovation, special malicious software can easily escape detection, into the enterprise to steal information No-man, traditional security software tools immediately lost their application.

Are we just going to sit there? The security industry also holds a weapon against cyber-security crime, which is big data (http://www.aliyun.com/zixun/aggregation/13527.html ">big")!

According to wikis, big data began to become a popular buzzword in the 2009, fiery intensity does not lose the cloud, refers to the amount of data involved in a large scale to not be processed through the current mainstream software tools, and this technology can be in a reasonable time to capture, manage, process, and organize a large number of data, more actively help?? To help enterprises to achieve business decision-making purposes information.

However, do not think that large data can only handle a large number of data, once used, it can become the mirror of cyber criminals!

Every walk will leave a mark

These so-called advanced attacks (Advanced Threat) have a fatal weakness, and they are like habitual offenders who are accustomed to leaving a personal mark on a crime scene, which generates outliers in a generic user data object or an IP address, and can thwart these attacks if they can be identified.

To find the anomaly, you have to rely on big data to help. First, you must find ways to aggregate the data and records generated by IT equipment, all the data from firewalls, anti-virus, intrusion detection software to windows, emails, networks, domain names, etc. are counted, which have huge (volume), instantaneous (velocity) and diverse (produced characteristics, the unit of measurement is more in megabytes (terabyte) calculation, traditional data storage can not be processed at this time can only help large data.

In addition, the defenders need to be able to further concatenate and analyze data immediately before they can cobwebs to hide their skins.

The bad news is, hold these data can ponder one of the mystery that is another subject, these malicious attacks do not follow the conventional nor fixed mode, to conquer can only "put yourself in" Ask yourself "if I am a criminal will do?"

For example, if your computer receives unknown emails and unknown links, or the Internet domain name flow is unusually high, please be alert as you may have been subjected to phishing attacks (Phishing) or infiltration.

Large Data platform coming

Traditional security information and event Management (SIEM) products have very limited performance, unable to accurately and quickly identify the exception values in the IT system and infrastructure, fortunately, over the past few years, enterprises have created a new large data security platform, do not have to take the day, a few minutes to solve problems and detect security incidents, Splunk And Hadoop are the leaders of this intelligence software.

Large data platforms will be springing up in 2013, its wide range of applications is not limited to detection network attacks, but also can be used in forensic, case investigation and fraud detection, with the platform to build search for fast indexing, and other uses, its outstanding characteristics let us no longer only beaten. Big data technology will bring different circumstances and be worth looking forward to.

(Responsible editor: The good of the Legacy)