Copyright © 2014 Oracle and/or its affiliates. All rights reserved. Tomasz Przybyszewski

National Security and Cyber Defense with Big Data

Tomasz Przybyszewski Big Data Solutions Lead – ECE Region

Sept| 2015

Copyright © 2014 Oracle and/or its affiliates. All rights reserved.

• Gart er s 3 V’s of big data …

High Volume with an estimated 2.5 quintillion bytes of data created every day.

Comes in a Variety of for ats…te t stri gs, i ages, e logs, do u e ts, u eri data et . a ross a diversity of formats and sources.

This is data in motion, constantly changing high Velocity the relevance of which can decay rapidly

Digital data is diverse… which makes it difficult for most traditional technologies to enable capture,

storage & analysis

• New world requires a different approach:

Un-aggregated, lowest level data

Ad a ed a al ti s to e a le dis o er & enable complex queries

Fast, real time processing capability

What is Big Data and why to use it

2,500 exabytes of new

information in 2012 with digital

content as the primary driver

Digital universe grew by 62%

last year to 800K petabytes and

ill gro to . zetta tes this year

Copyright © 2014 Oracle and/or its affiliates. All rights reserved. Tomasz Przybyszewski

Big Data Analytics Moving to the Next Generation of Analytics to Predictive Analytics

Next Generation

Big Data

Current Intelligence

Generation

Copyright © 2014 Oracle and/or its affiliates. All rights reserved.

Big Data for National Security

• Cyber Intelligence

• Social Media Intelligence

• Miltary Defence

• Video Analytics

• Data fusion eg: External data with own data and stakeholder data

• Appl i g a risk ased i tellige e apa ilities to cope with the massive Volume, Velocity and Variety of data

Better Low Level Data Analytics

=

Deeper, More Actionable Insights

=

More Informed Decisions

Copyright © 2014 Oracle and/or its affiliates. All rights reserved.

Execution

Innovation

#StrataHadoop - Oracle Big Data Architecture

4th Generation Oracle Data Architecture for Big Data

Warehouse Data Factory Reservoir

Data Streaming

Data Platform

Discovery Lab

Analytics

APIs

Enterprise Data

Other Data Sources

Data Streams

Business

Data

Social/Log Data

Model First Analytics

• Reporting-oriented • Often enterprise wide

in scope, cross LoB • you know the

questions to ask

Reports &

Dashboards

Data First Analytics

• Data Exploration • Highly visual and/or

interactive • you don’t know the

questions to ask

Discovery

• Telematics • Industry Services • Internet of Things • Sentiment

Data

Services

Copyright © 2014 Oracle and/or its affiliates. All rights reserved.

Execution

Innovation

#StrataHadoop - Oracle Big Data Architecture

Integrated Oracle Systems for Big Data

Data Streaming

Data Platform

Discovery Lab

Analytics

APIs

Enterprise Data

Other Data Sources

Data Streams

Business

Data

Social/Log Data

Model First Analytics

• Reporting-oriented • Often enterprise wide

in scope, cross LoB • you know the

questions to ask

Reports &

Dashboards

Data First Analytics

• Data Exploration • Highly visual and/or

interactive • you don’t know the

questions to ask

Discovery

• Telematics • Industry Services • Internet of Things • Sentiment

Data

Services APIs

Analytics

Search

Transformation Script

Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |

1st area of Big Data References Cyber Defence Solution

Big Data Cyber Intelligence – Israel Government

The Israel Government with Ministry of Defence and National Cyber Bureau

have national responsibility for all aspects of cyber security for meeting current

cyber threats and to develop capabilities to combat the next and future

generation of cyber threats

Business Drivers

• Cyber platform and tools for monitoring, organising and investigating current and next generation cyber threats

• Open platform for monitoring and forensics

• Real time decision making and situational awareness for security and operational professionals

• Investigate network behaviour and automate detection of threats using sophisticated algorithms and predictive engines

Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Restricted 9

Search

Transformation Script

Big Data Discovery

Cyber Solution Overview

Internal Network

All incoming

and outgoing

data packets

Port Mirror

Configurations, logs & ex.

resources

Oracle Big Data

Platform

Security Officer

Collection

Aggregation & Analysis

Discovery

Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |

2nd area of Big Data References National Security incl: - Social Media Intelligence - Miltary Defence - Video Analytics

*

* Currently Implementing

Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Restricted 11

US Customs & Border Protection

Automated Targeting System (ATS)

Rules based decision support system

Data sources: government and public

Historical data and trends analysis

Deployed for air, land and sea travel

Massive volume of data

Identify high risk targets

Faster clearance for low risk traveler/cargo

1

National Targeting Center

Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Restricted 12

Allied Nation Intelligence Service

Oracle Spatial and Graph: Social Analysis

Objectives

Profile suspects through telephone, email

and social network communications

Produce “data products” for analysts

Solution

RDF Graph modeling of the social network:

people, groups and places of interest

Inferencing & graph analytics discover relationships among individuals & meaning

of pseudonyms, aliases, codes, terminology

Standards-based tools: W3C RDF & SPARQL

Semantic tagging for 600 TB / 10b triples graph

Top-secret , compartmented security for data

New discovery on ~100 million triples / month

Find & label “same-as” relationships

Benefits

Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Restricted 13

Department of Public Security

Highlight those areas with

the highest crime risk.

Decision taking support.

Predictive Analysis solution

for location based Crime

Forecasting

Italian Ministry of Interior Predictive Analytics for Police

Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Restricted 14

Location Intelligence

South Yorkshire Police, England

Visibility

Deployment Analysis Deployment Planning

Crime Search POI Dangerous area prediction

Deployment vs Crime Analysis

• Database

• Data Mining

• Spatial

• MapViewer

• OBIEE

Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Restricted 15

Guardia Civil – Spain

Customer Background • Ministry of Interior and Defence Agency • National Security management, coordination and supervision for the different security bodies

Challenges/Opportunities

• National security threats are one of the biggest concerns of

the ministry.

• Look for behavior patterns to anticipate and detect potential

threats

• Matching structured and non-structured information

• Flight details, passenger data, car plates,

• Internal notes & Social network information

1

Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Restricted 16

Background

– NATO Summit in Chicago, May 2012

– 7,000 Visiting Dignitaries

– 2,200 Journalists

– 10’s of thousands of protestor – Thousands of Officers

Solution

– Monitor Social Media to identify hot-spots

– Correlate with police deployment

– Initiate operational orders

– Retrospectively identify potential witnesses

Discovering Protest Activities

Protecting Citizens

Intelligent Real Time Systems

Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Restricted 17

New York State Police

• New York State Police (NYSP) is the primary law enforcement agency in New York State. The force is comprise of 4,600 offices patrolling 54,500 square miles

Before

As part of the New York State Police Network system, NYSP

has many intelligence repositories including missing persons,

stolen vehicles, stolen plates, wanted persons, lost and

stolen property

For compliance reason audit records are created each time

the system is queried.

Beyond ensuring compliance the audit repository contains a

wealth of information for investigators.

Due to the volume of data and complexity of requests the

normal turn around time for a request was 6-12+ hours and

manually intensive.

After

Using Big Data the NYSP built a search application which provides access to more then 8 years of audit history – 1.5B records.

Analysts can now fulfill requests using a familiar search and navigation paradigm that is as easy to use as their favorite website.

Request turnaround in minutes not hours. Manual effort reduced from multiple complex steps to a single simple process

Estimated annual cost reduction of several hundred thousand dollars in support

Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Restricted 18

Big Data Case Study – Abu Dhabi Police

The General Directorate of Abu Dhabi Police operates with other agencies to achieve a safer society. It seeks to preserve the stability, the reduction of crime and the removal of a sense of

fear, as well as contributing to the achievement of justice among the general public.

Business Drivers

• Highest quality, prompt and accurately responsive services to citizens; Technology response was to leverage Social Media sources for data to create high value analytics

• Improve UAE-wide security “Zero deaths on roads, Zero crime in streets”; Technology response was to utilize camera feeds and other such sources and process them using high performance, innovative Data Center environment

• Improve operational efficiency and control costs; Technology response was to Transform Data Center and optimize performance

Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Restricted 19

Other Police cases

Turkey Police:

Improve performance and variety of their current security analysis

Enhance performence and flexibility of Hadoop systems to analyze all data from varied social media sources

Create and drive timely intelligent actions

...

Dubai Police

Correlate data from a DWH and silos in multiple systems

Monitor social media channels, crawl online sources including dark web

Create police data dictionary to store, track and search indications of crime and other threats in multiple languages

Provide a unified discovery interface suitable for police analysts

A foundation platform to store unstructured data that is scalable and easily connect to new data sources.

Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |

Summary

*

* Currently Implementing

Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Restricted 21

Oracle Big Data – National Security and Cyber Defence

Key Features

Based on Big Data

Open architecture and scalable platform

Low cost enable flexible deployment and expansion

Central distributed data management system

Innovative analytical tools

Open API for external systems and 3rd algorithms

Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Confidential – Oracle Restricted 22

We Look Forward To Working With You

2

Live Demo

Meet with key stakeholders

to present the Live Demo

RECOMMENDATIONS / ROADMAP

Prepare defined set of

Oracle Big Data solution

recommendations to

address priorities

EXECUTIVE PROOF OF CONCEPT

Select 1,2 use cases and

perform the tests

NEXT STEPS

EXECUTIVE READ-

OUT

Present findings and

recommendations to

key stakeholders

Oracle Confidential – Internal