Security/Automation/Winter Of Security 2015/MozDef Virtual Reality Interface

From MozillaWiki
Jump to: navigation, search
WinterOfSecurity logo light horizontal.png

Team

Introduction

We are students of JIIT,Noida in India. All three of us are open-source fanatics with experience in different fields.

We all are members of the Open source society of our college. This society has been running for many years and we all share our adventures, learning and passion for Open Source Development.

About us:

  • Yash Mehrotra
    • Skills: Backend Web development, Python junkie, Algorithms, Automating Development and Build Process.
    • Interests: I love building RESTful APIs for others to use, have a knack for building tools that ease the work of developers like me and love to listen to developer talks in my free time.
  • Avijit Gupta
    • Skills: Frontend Web development, Data Mining and JavaScript Ninja.
    • Interests: Developing and keeping in touch with the latest Javascript Frameworks. Learning design specifications and UI development patterns.
  • Sanchit Kapoor
    • Skills: Web Development(Full Stack), Game Development, and Algorithms.
    • Interests: I have a keen interest in Web Development, Web Services, Distributed Systems and of course contributing to Open Source.

Members

  • Yash Mehrotra
  • Avijit Gupta
  • Sanchit Kapoor
  • Professor: Dr. Sanjay Goel
  • Mozilla Advisor: Jeff Bryner

Project

Description

The Mozilla Defense Platform is an open Security Information Event Management (SIEM) system with a unique 3D representation of threat actors that allows incident responders to perform interactive real-time defensive actions. This project creates a VR interface for the platform to create an immersive experience for security analysts using MozDef.

Success Criteria

This project is successful if the team:

  • creates new visualizations per attack (example DDOS for globe)
  • learns data visualization
  • Show what the project was before they started, and what it is after their work
  • Completes a presentation of their work
  • Fixes the bugs currently open in the Github Issue Tracker
  • Improves MozDef platform by adding addtional features

Timeframe: December/January.

Updates

Week Ending 2015-MM-DD Progress

2015-09-15

  • Discussed Potential Outcomes
    • New visualizations per attack
    • Visualizations need to be realtime and organized correctly for security team
    • Learn data visualization
  • Work Completed
    • Setup Docker Environment
    • Understand the workflow of the Platform

2015-09-22

  • Updated MozDef installation documentation
  • Fixed deprecation warnings on MozDef's globe visualization
  • Discussed project's roadmap

2015-09-29

  • Fixed meteor's deprecation warnings.
  • Brainstormed about Virtual Reality Scene Implementation
  • Discussed future milestones
  • Discussed security analyst workflow
  • Added IP Address filter for Attacker Visualization

2015-10-06

  • Finalized the idea of using a giant landmass to visualize the different types of threats on various Mozilla services.
  • Discussed about the integration of several Mozilla Services into the VR Interface.

2015-10-13

  • Developed a mini-prototype of the VR Interface.
  • Discussed how to move further with the VR Interface.

2015-10-20

  • University Examinations

2015-11-04

  • Built further upon the VR Interface.
  • Fixed some pending bugs of the MozDef platform.

2015-11-10

  • Added compatibility with three.js.
  • Decided which attacks are to be displayed.

2015-11-17

  • Discussed workflow of the new interface.
  • Developed a bigger VR Landmass to display more attacks and handle multiple services.

2015-11-24

  • Discussed how to process the data and categorize it.
  • Added a REST Endpoint for incident creation in the MozDef Platform.

2015-12-01

  • Integrated different animations into the VR Interface to visualize various attacks.
  • Analyzed elasticsearch aggregations to refine threat categorizing.

2015-12-15

  • Increased the Size of the VR Interface.
  • Optimized the code to improve the loading times.
  • Discussed the UX of Attack Analysis in VR Interface.

2015-12-22

  • Finalized which attacks are to be shown in the VR Interface.
  • Built a working prototype of the VR Interface.

2015-12-29

  • Developed the UI for handling(taking action) on the attacks shown.