Download - Team MITRE Sentinel Final Presentation
Team MITRESentinel Final Presentation
Mark NowickiMichael Dunn
Kate BrownDave Tittle
12/8/2008 Purdue University - CS 307 1
Overview
• Motivation• Product Features• Design• Results• Challenges• Future Work• Plan for Demo
12/8/2008 Purdue University - CS 307 2
Motivation
• MITRE produces XML files that contain workstation configuration information
• However, XML file checking is:– Tedious– Time consuming– Prone to human error
• Automation will speed the process and decrease error
12/8/2008 Purdue University - CS 307 3
Product Features
• Core functionality:– Retains, compares, and parses XML files– Baseline management (Previous configurations)– Alerts administration of crucial differences
• Overall:– Reduces time needed to monitor a network
12/8/2008 Purdue University - CS 307 4
Design
• Solution: – Python and MySQL implementation– Open Source Solution
12/8/2008 Purdue University - CS 307 5
Design, cont.
12/8/2008 Purdue University - CS 307 6
Design, cont.
12/8/2008 Purdue University - CS 307 7
Design, cont.
12/8/2008 Purdue University - CS 307 8
Experiments
• Inexperience:– Python & MySQL– Software Engineering Practices– Deadlines– Metrics• Code Coverage (PyUnit)
12/8/2008 Purdue University - CS 307 9
Results• No Test Bed– Configurations Files– Performance Testing
• Trouble Out of the Box– Software not perfect as-is– Component functionality
• Performance– Overhead: Database and FTP
12/8/2008 Purdue University - CS 307 10
Challenges
• New Language, New Environment• Freedom, Horrible Freedom• Lessons Learned:– Setting Boundaries– Overhead Time– Time Management– SVN for documentation• Assembla.com
12/8/2008 Purdue University - CS 307 11
Robustness
• Extensive error checking– If one file goes bad:• error message returned• move to next file (continue execution)
12/8/2008 Purdue University - CS 307 12
Future Work
• Requirements not met:– Scheduler System
• Heartbeat– Email message system
• Not configured to specific MITRE system– Logging System
• Additional Features– Graphical User Interface– Streamlined Installation Configuration– Multiple Databases
12/8/2008 Purdue University - CS 307 13
Future Work, cont.
• Pitfalls of Open Source Solutions:– Infancy– Configuration required• No Out of Box functionality
12/8/2008 Purdue University - CS 307 14
Demo Plan
• Show Test Environment (MySQL)• Test individual parts• Execute – Transfer– Rule
• Execute system– Execute All
12/8/2008 Purdue University - CS 307 15
Questions?
Thank you for your time!
12/8/2008 Purdue University - CS 307 16
Special Thanks to Corporate Partner Dan Aiello, MITRE
12/8/2008 Purdue University - CS 307 17
12/8/2008 Purdue University - CS 307 18
12/8/2008 Purdue University - CS 307 19
12/8/2008 Purdue University - CS 307 20
