Use cases driving the BigFoot effort.
BigFoot is driven by the use cases of its industrial partners. Our consortium focuses its research on the problems highlighted by the needs of Symantec in security intelligence and Internet threat analysis, and of GridPocket in Smart Grid monitoring and user logs analysis.
As one of the industrial partners, Symantec Research Labs will contribute to the application layer of BigFoot with the development of complex analytics (such as data TRIAGE and data mining algorithms) that will harness the power of distributed processing built on top of Hadoop, providing security analysts with a big data solution that will level up our cyber intelligence capabilities. This collaborative research effort aims to pave the way towards delivering a new powerful Big Data platform for near real-time intelligence and security visualization, eventually turning the terabytes of security data into real insights into cybercrime activities.
Security analysts are challenged in their daily job of analyzing global Internet threats because of the sheer volumes of data that security companies are collecting around the globe. In cyber security, attack attribution and situational awareness are considered as critical aspects that must be developed to deal with the growing number of threats, but also with their degree of sophistication. However, this requires highly scalable analysis tools to classify, correlate and prioritize security events, depending on their likely impact, threat level and possibly many other criteria.
In BigFoot, Symantec and its partners will work together on the definition of appropriate use-cases and application scenarios in the field of security intelligence, including the specification of big data sets and the associated workloads for large-scale analysis of malware, spam, web threats, and Advanced Persistent Threats (APT's). These scenarios will drive the development of more scalable data mining and data fusion algorithms, such as clustering algorithms based on Multi-Criteria Decision Analysis (MCDA), and novel classification algorithms for the detection and analysis of attack activities organized by cyber criminals and malware developers.
As a specialist in the Smart Grid industry, GridPocket will contribute to this project with innovative industrial use cases focused on development of energy management and influence of consumer‘s behavior. We will use multiple data sources coming from smart metering (electricity, water and gas), weather sensors, location context, building information and other data provided by M2M networks.
For this project, we will retrieve electrical data consumption and external temperature from a large number of households. Our goals are:
We want to deploy this system at the size of a medium country (around ten millions inhabitants, three millions of households with one million with electric heating). Our key algorithm is the way to extract heating consumption from the global user’s consumption. To do this, we use geographical localization, external temperature, current season, neighborhood behavior, historical data and user information.