Modeling Cybersecurity with Neo4j, Based on Real-Life Data Insights
285 views
43 slides
Mar 22, 2023
Slide 1 of 60
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
About This Presentation
Gal Bello, Sr. Pre-Sales Engineer, Neo4j
Slide Content
Neo4j, Inc. All rights reserved 2023 Neo4j, Inc. All rights reserved 2023 1
Modeling Cybersecurity Cases
with Graph Data Models
Gal Bello
Field Engineering, Israel
Modeling Cybersecurity Cases
with Graph Data Models
Gal Bello
Field Engineering, Israel
Neo4j, Inc. All rights reserved 2023
❖Hello!
❖Cybersecurity
➢The Problem, the Graph Solution
➢Real-life Insights
❖Graph Data Modeling
➢Real-Life Modeling Examples
➢Cybersecurity Graph Modeling
Practice
❖Q&A
❖Goodbye!
Agenda
❖Hello!
❖Cybersecurity
➢The Problem, the Graph Solution
➢Real-life Insights
❖Graph Data Modeling
➢Real-Life Modeling Examples
➢Cybersecurity Graph Modeling
Practice
❖Q&A
❖Goodbye!
Agenda
Neo4j, Inc. All rights reserved 2023
Gal Bello
Field Engineering, Israel
@Gal_Bello
Linkedin.com/in/galbello/
What’s the thing you like most about Neo4j?
“Neo4j is not just only one of the most innovative companies around the globe, it also leads a
positive cultural approach to its employees, customers, partners and community members:
Diversity & inclusion, open minded, acceptance & positiveness assumption.”
Gal Bello
Field Engineering, Israel
@Gal_Bello
Linkedin.com/in/galbello/
What’s the thing you like most about Neo4j?
“Neo4j is not just only one of the most innovative companies around the globe, it also leads a
positive cultural approach to its employees, customers, partners and community members:
Diversity & inclusion, open minded, acceptance & positiveness assumption.”
Neo4j, Inc. All rights reserved 2023 Neo4j, Inc. All rights reserved 2023
CYBERSECURITY
4
CYBERSECURITY
4
Neo4j, Inc. All rights reserved 2023 Neo4j, Inc. All rights reserved 2023 5
“Cybersecurity is the practice of defending
computers, servers, mobile devices, electronic
systems, networks, and Data from malicious
attacks.”
“
(Wikipedia)
Cyber
Security
Cybersecurity
What is Cybersecurity?
“Cybersecurity is the practice of defending
computers, servers, mobile devices, electronic
systems, networks, and Data from malicious
attacks.”
“
(Wikipedia)
Cyber
Security
Cybersecurity
What is Cybersecurity?
Neo4j, Inc. All rights reserved 2023 Neo4j, Inc. All rights reserved 2023 6
“Cybersecurity is the practice of defending
computers, servers, mobile devices, electronic
systems, networks, and Data from malicious
attacks.”
“
(Wikipedia)
Cyber
Security
Cybersecurity
What is Cybersecurity?
“Cybersecurity is the practice of defending
computers, servers, mobile devices, electronic
systems, networks, and Data from malicious
attacks.”
“
(Wikipedia)
Cyber
Security
Cybersecurity
What is Cybersecurity?
Neo4j, Inc. All rights reserved 2023 Neo4j, Inc. All rights reserved 2023
THE PROBLEM
7
THE PROBLEM
7
Neo4j, Inc. All rights reserved 2023
Cybersecurity analysts have to capture, store,
analyze and potentially explore vast amounts of
rapidly evolving information.
The Problem:
Cybersecurity analysts have to capture, store,
analyze and potentially explore vast amounts of
rapidly evolving information.
The Problem:
Neo4j, Inc. All rights reserved 2023
Cybersecurity analysts have to capture, store,
analyze and potentially explore vast amounts of
rapidly evolving information.
The Problem:
Cybersecurity analysts have to capture, store,
analyze and potentially explore vast amounts of
rapidly evolving information.
The Problem:
Neo4j, Inc. All rights reserved 2023
Cybersecurity analysts have to capture, store,
analyze and potentially explore vast amounts of
rapidly evolving information.
The Problem:
Cybersecurity analysts have to capture, store,
analyze and potentially explore vast amounts of
rapidly evolving information.
The Problem:
Neo4j, Inc. All rights reserved 2023
Cybersecurity analysts have to capture, store,
analyze and potentially explore vast amounts of
rapidly evolving information.
The Problem:
Cybersecurity analysts have to capture, store,
analyze and potentially explore vast amounts of
rapidly evolving information.
The Problem:
Neo4j, Inc. All rights reserved 2023
Cybersecurity analysts have to capture, store,
analyze and potentially explore vast amounts of
rapidly evolving information.
The Problem:
Cybersecurity analysts have to capture, store,
analyze and potentially explore vast amounts of
rapidly evolving information.
The Problem:
Neo4j, Inc. All rights reserved 2023 Neo4j, Inc. All rights reserved 2023
GRAPH SOLUTION
13
GRAPH SOLUTION
13
Neo4j, Inc. All rights reserved 2023 Neo4j, Inc. All rights reserved 2023
WHAT IS A GRAPH?
vs
WHAT IS A GRAPH?
vs
Neo4j, Inc. All rights reserved 2023
A Graph Is...
...a set of discrete entities, each of which has some set of relationships with the
other entities
A Graph Is...
...a set of discrete entities, each of which has some set of relationships with the
other entities
Neo4j, Inc. All rights reserved 2023
A Graph Is...
...a set of discrete entities, each of which has some set of relationships with
the other entities
Seven Bridges of Konigsberg problem. Leonhard Euler, 1735
A Graph Is...
...a set of discrete entities, each of which has some set of relationships with
the other entities
Seven Bridges of Konigsberg problem. Leonhard Euler, 1735
Neo4j, Inc. All rights reserved 2023 Neo4j, Inc. All rights reserved 2023
WHEN
17
WHEN
17
Neo4j, Inc. All rights reserved 2023
It’s Not only What You Know
It’s Not only What You Know
Neo4j, Inc. All rights reserved 2023
It’s How is it Connected
It’s How is it Connected
Neo4j, Inc. All rights reserved 2023
It’s How is it Connected and Shines Out
It’s How is it Connected and Shines Out
Neo4j, Inc. All rights reserved 2023
Digitized and Analog
World of Cybersecurity
Constantly Evolving Few and Many Players
“One Step Ahead”
Simple and Complex
Organized in
groups
Synthetic
Identities
Stolen
Identities
Hijacked
Devices
Digitized and Analog
World of Cybersecurity
Constantly Evolving Few and Many Players
“One Step Ahead”
Simple and Complex
Organized in
groups
Synthetic
Identities
Stolen
Identities
Hijacked
Devices
Neo4j, Inc. All rights reserved 2023 Neo4j, Inc. All rights reserved 2023
Pattern 1 Pattern 2
Detect and Respond (React!)
Raw Data Anomalies
Cybersecurity Prevention
is About
Reacting to
Patterns
(and doing it fast!)
Pattern 1 Pattern 2
Detect and Respond (React!)
Raw Data Anomalies
Cybersecurity Prevention
is About
Reacting to
Patterns
(and doing it fast!)
Neo4j, Inc. All rights reserved 2023
INVESTIGATE
Revolving Debt
Number of Accounts
INVESTIGATE
Normal behavior
Cybersecurity – With District Analysis
INVESTIGATE
Revolving Debt
Number of Accounts
INVESTIGATE
Normal behavior
Cybersecurity – With District Analysis
Neo4j, Inc. All rights reserved 2023
Revolving Debt
Number of Accounts
Normal behavior
Cyber Attackers Pattern
Cybersecurity – With District Analysis
Revolving Debt
Number of Accounts
Normal behavior
Cyber Attackers Pattern
Cybersecurity – With District Analysis
Neo4j, Inc. All rights reserved 2023
Neo4j, Inc. All rights reserved 2023
Graph Database could assist companies secure
their data, by leveraging the connections within the
datasets.
The Solution:
Graph Database could assist companies secure
their data, by leveraging the connections within the
datasets.
The Solution:
Neo4j, Inc. All rights reserved 2023
Graph Database could assist companies secure
their data, by leveraging the connections within
the datasets.
The Solution:
Graph Database could assist companies secure
their data, by leveraging the connections within
the datasets.
The Solution:
Neo4j, Inc. All rights reserved 2023 Neo4j, Inc. All rights reserved 2023
REAL-LIFE INSIGHTS
28
REAL-LIFE INSIGHTS
28
Neo4j, Inc. All rights reserved 2023
Around is
expected to be spent
on CS by 2023
$6T
Around is
expected to be spent
on CS by 2023
$6T
Neo4j, Inc. All rights reserved 2023
The Cybersecurity
market worth is:$155B
The Cybersecurity
market worth is:$155B
Neo4j, Inc. All rights reserved 2023
of
Cybersecurity marketshare
is for Financial Services
and Insurances
20%
of
Cybersecurity marketshare
is for Financial Services
and Insurances
20%
Neo4j, Inc. All rights reserved 2023
Every seconds
there is a hacker attack
39
Every seconds
there is a hacker attack
39
Neo4j, Inc. All rights reserved 2023
The average cost of a
data breach is
across SMBs$3.9M
The average cost of a
data breach is
across SMBs$3.9M
Neo4j, Inc. All rights reserved 2023
of malware is
delivered using email
92%
of malware is
delivered using email
92%
Neo4j, Inc. All rights reserved 2023
of Cybersecurity
breaches are due to
Human error
39%
of Cybersecurity
breaches are due to
Human error
39%
Neo4j, Inc. All rights reserved 2023
of
Cyber attacks target
Enterprise companies
57%
of
Cyber attacks target
Enterprise companies
57%
Neo4j, Inc. All rights reserved 2023
experienced
phishing & social
engineering attacks
62%
experienced
phishing & social
engineering attacks
62%
Neo4j, Inc. All rights reserved 2023 Neo4j, Inc. All rights reserved 2023
GRAPH DATA
MODELING
38
GRAPH DATA
MODELING
38
Neo4j, Inc. All rights reserved 2023
Graph Data Modeling is a collaborative effort by different
Stakeholders and Developers.
What is Graph Data Modeling?
The application domain will be analyzed by all stakeholders, developers and participants
to develop a Graph Data Model that will support and answer all “Money” queries.
Graph Data Modeling is a collaborative effort by different
Stakeholders and Developers.
What is Graph Data Modeling?
The application domain will be analyzed by all stakeholders, developers and participants
to develop a Graph Data Model that will support and answer all “Money” queries.
© 2023 Neo4j, Inc. All rights reserved.
High-Level Approach building a Graph Data Model
1. DOMAIN
Understand the domain you
try to model
5. First Data Model
Build your first data model with all
stakeholders involved and load sample data
2. Sample Data
Get accurate sample data
you understand
4.Identify entities & connections
Find entities & connections that
are part of your data model
3. Q & A from Business
Define Questions & Answers
the Business wants to
understand
Graph Data Model
First Phase
Go to next steps
High-Level Approach building a Graph Data Model
1. DOMAIN
Understand the domain you
try to model
5. First Data Model
Build your first data model with all
stakeholders involved and load sample data
2. Sample Data
Get accurate sample data
you understand
4.Identify entities & connections
Find entities & connections that
are part of your data model
3. Q & A from Business
Define Questions & Answers
the Business wants to
understand
Graph Data Model
First Phase
Go to next steps
© 2023 Neo4j, Inc. All rights reserved.
9. Interactive Components
Build dashboards, Bloom
perspectives, Jupyter NBs, or
other interactive components to
demonstrate your graph data.
8. Scalability
If possible, test scalability. If
not make sure your data
model does scale.
7. Refine Data Model
Refine your Data Model
eventually, if it improves
answers
6. Test questions
Test your questions against
your model and data by
writing Cypher queries
Graph Data Model
Second Phase
coming from prev. steps
High-Level Approach building a Graph Data Model
9. Interactive Components
Build dashboards, Bloom
perspectives, Jupyter NBs, or
other interactive components to
demonstrate your graph data.
8. Scalability
If possible, test scalability. If
not make sure your data
model does scale.
7. Refine Data Model
Refine your Data Model
eventually, if it improves
answers
6. Test questions
Test your questions against
your model and data by
writing Cypher queries
Graph Data Model
Second Phase
coming from prev. steps
High-Level Approach building a Graph Data Model
© 2023 Neo4j, Inc. All rights reserved. 42
Recommended Stakeholders: Building a Graph Data Model
●Maintain / Extend graph
●Help to precise data model
objects like Labels,
Relationships, etc.
50%
●Build UIs, Dashboards,
etc.
●Know what is missing today50%
●Build and operate data
loading (ETL process)
●Provide answers and rating
for results to above questions95%
●Build the Graph
●Provide questions they want
to ask95%
●Translate questions into
Cypher queries / scripts
●Add domain knowledge100%
Domain Experts
95%
Consultants / Developers
100%
95%
75%
95%
Recommended Stakeholders: Building a Graph Data Model
●Maintain / Extend graph
●Help to precise data model
objects like Labels,
Relationships, etc.
50%
●Build UIs, Dashboards,
etc.
●Know what is missing today50%
●Build and operate data
loading (ETL process)
●Provide answers and rating
for results to above questions95%
●Build the Graph
●Provide questions they want
to ask95%
●Translate questions into
Cypher queries / scripts
●Add domain knowledge100%
Domain Experts
95%
Consultants / Developers
100%
95%
75%
95%
Neo4j, Inc. All rights reserved 2023 Neo4j, Inc. All rights reserved 2023
MODELING EXAMPLE
43
MODELING EXAMPLE
43
Neo4j, Inc. All rights reserved 2023
Law
Enforcement
Use Case:
Information and Data
Synchronization in
Law Enforcement
Law Enforcement Agencies use
Neo4j to model the information
into graphs to improve efficiency
and make direct and implicit
patterns readily apparent in real
time.
A suspect often appears in several
different databases
Financial recordsConvictions
Adresses
Vehicles
Traffic cameras
Arrests
Police Reports
Agency Records
Appears_in
Has Has
Has
Owns
Registered
SUSPECT
Has
Having graph search
capabilities across this data
opens up for both targeted
searches and advanced
statistics.
Law
Enforcement
Use Case:
Information and Data
Synchronization in
Law Enforcement
Law Enforcement Agencies use
Neo4j to model the information
into graphs to improve efficiency
and make direct and implicit
patterns readily apparent in real
time.
A suspect often appears in several
different databases
Financial recordsConvictions
Adresses
Vehicles
Traffic cameras
Arrests
Police Reports
Agency Records
Appears_in
Has Has
Has
Owns
Registered
SUSPECT
Has
Having graph search
capabilities across this data
opens up for both targeted
searches and advanced
statistics.
Neo4j, Inc. All rights reserved 2023
SSN 2
ACCOUNT
HOLDER 2
ACCOUNT
HOLDER 1
ACCOUNT
HOLDER 3
CREDIT
CARD
BANK
ACCOUNT
BANK
ACCOUNT
BANK
ACCOUNT
ADDRESS
PHONE
NUMBER
PHONE
NUMBER
UNSECURED
LOAN
SSN 2
UNSECURED
LOAN
Banking
Use Case:
Modeling Fraud
Rings as Graphs
Organizing a fraud ring in the real
world is relatively simple. A group of
people share their personal
information to create synthetic
identities. For example with just 2
individuals sharing names and social
security numbers can create 4
different identities. This can be
discovered with connected analysis.
SSN 2
ACCOUNT
HOLDER 2
ACCOUNT
HOLDER 1
ACCOUNT
HOLDER 3
CREDIT
CARD
BANK
ACCOUNT
BANK
ACCOUNT
BANK
ACCOUNT
ADDRESS
PHONE
NUMBER
PHONE
NUMBER
UNSECURED
LOAN
SSN 2
UNSECURED
LOAN
Banking
Use Case:
Modeling Fraud
Rings as Graphs
Organizing a fraud ring in the real
world is relatively simple. A group of
people share their personal
information to create synthetic
identities. For example with just 2
individuals sharing names and social
security numbers can create 4
different identities. This can be
discovered with connected analysis.
Neo4j, Inc. All rights reserved 2023
Government
•Better Services
•More Consistency
•Saves Time
•Coordinates Efforts
MARRIED_TO
LIVES_AT
LIVES_AT
FATHER_OF
ENROLLED_IN
OWNS
OWNS
OWN
ID#
PHONE
EMAIL
HAS
HAS
HAS
MOTHER_OF
ID#
PHONE
EMAIL
HASHASHAS
Government
•Better Services
•More Consistency
•Saves Time
•Coordinates Efforts
MARRIED_TO
LIVES_AT
LIVES_AT
FATHER_OF
ENROLLED_IN
OWNS
OWNS
OWN
ID#
PHONE
HAS
HAS
HAS
MOTHER_OF
ID#
PHONE
HASHASHAS
Neo4j, Inc. All rights reserved 2023 Neo4j, Inc. All rights reserved 2023
BUILDING a
GRAPH DATA MODEL
47
BUILDING a
GRAPH DATA MODEL
47
Neo4j, Inc. All rights reserved 2023 01
Employee A
Employee B
Employee C
Employee D
Employee Z
Employee A
Employee B
Employee C
Employee D
Employee Z
Neo4j, Inc. All rights reserved 2023 01
Employee A
Employee B
Employee C
Employee D
Employee Z
Department 100
Employee A
Employee B
Employee C
Employee D
Employee Z
Department 100
Neo4j, Inc. All rights reserved 2023 01
Employee A
Employee B
Employee C
Employee D
Employee Z
Department 100
Employee A
Employee B
Employee C
Employee D
Employee Z
Department 100
Neo4j, Inc. All rights reserved 2023 01
Employee A
Employee B
Employee C
Employee D
Employee Z
Department 100
BANK
ACCOUNT
ADDRESS
Employee A
Employee B
Employee C
Employee D
Employee Z
Department 100
BANK
ACCOUNT
ADDRESS
Neo4j, Inc. All rights reserved 2023 01
Employee A
Employee B
Employee C
Employee D
Employee Z
Department 100
BANK
ACCOUNT
ADDRESS
PROJECT A
PROJECT B
Project C
Department 200 Department 300
Employee A
Employee B
Employee C
Employee D
Employee Z
Department 100
BANK
ACCOUNT
ADDRESS
PROJECT A
PROJECT B
Project C
Department 200 Department 300
Neo4j, Inc. All rights reserved 2023 01
Employee A
Employee B
Employee C
Employee D
Employee Z
Department 100
Bank
Account
Address
Project C
Documents
Documents
Employee A
Employee B
Employee C
Employee D
Employee Z
Department 100
Bank
Account
Address
Project C
Documents
Documents
Neo4j, Inc. All rights reserved 2023 01
Employee A
Employee B
Employee C
Employee D
Employee Z
Department 100
Bank
Account
Address
Project C
Documents
Documents
PRODUCTION
SERVERS
Employee A
Employee B
Employee C
Employee D
Employee Z
Department 100
Bank
Account
Address
Project C
Documents
Documents
PRODUCTION
SERVERS
Neo4j, Inc. All rights reserved 2023 01
Employee A
Employee B
Employee C
Employee D
Employee Z
Department 100
Bank
Account
Address
Project C
Documents
Documents
PRODUCTION
SERVERS
:PUBLISHED_ON
:SAVED_ON
:WORKS_AT
:MANAGES
Employee A
Employee B
Employee C
Employee D
Employee Z
Department 100
Bank
Account
Address
Project C
Documents
Documents
PRODUCTION
SERVERS
:PUBLISHED_ON
:SAVED_ON
:WORKS_AT
:MANAGES
Neo4j, Inc. All rights reserved 2023
Cybersecurity
01
Employee A
Employee B
Employee C
Employee D
Employee Z
Department 100
Bank
Account
Address
Project C
Documents
Documents
PRODUCTION
SERVERS
:PUBLISHED_ON
:SAVED_ON
:WORKS_AT
:MANAGES
PHISHING
EMAILS
Hacker
Cybersecurity
01
Employee A
Employee B
Employee C
Employee D
Employee Z
Department 100
Bank
Account
Address
Project C
Documents
Documents
PRODUCTION
SERVERS
:PUBLISHED_ON
:SAVED_ON
:WORKS_AT
:MANAGES
PHISHING
EMAILS
Hacker
Neo4j, Inc. All rights reserved 2023 01
Employee ZHACKER
Project A
Department 22
Bank
Account
Address
Documents
PRODUCTION
SERVERS
Cybersecurity
PHISHING
EMAIL
PHISHING
EMAIL
PUBLISHED_ON
Employee A
Employee B
Employee C
Department 4
Project B
Project C
Employee ZHACKER
Project A
Department 22
Bank
Account
Address
Documents
PRODUCTION
SERVERS
Cybersecurity
PHISHING
PHISHING
PUBLISHED_ON
Employee A
Employee B
Employee C
Department 4
Project B
Project C
Neo4j, Inc. All rights reserved 2023
Start Your Graph Journey
neo4j.com/cloud/aura-free/
Learn
neo4j.com/graphacademy/
neo4j.com/developer
udemy.com/course/neo4j-foundations/
Contact Us
[email protected]
[email protected]
Now What
Start Your Graph Journey
neo4j.com/cloud/aura-free/
Learn
neo4j.com/graphacademy/
neo4j.com/developer
udemy.com/course/neo4j-foundations/
Contact Us
[email protected]
[email protected]
Now What
Neo4j, Inc. All rights reserved 2023 Neo4j, Inc. All rights reserved 2023
QUESTIONS
59
QUESTIONS
59
Neo4j, Inc. All rights reserved 2023 Neo4j, Inc. All rights reserved 2023 60
Thank you!
Gal Bello
Thank you!
Gal Bello
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 285
- Slides 43
- Age 987 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
32 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
35 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
32 views
14
Fertility awareness methods for women in the society
Isaiah47
30 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
28 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
30 views