SEARCH KEYWORD -- POINTER


  SIEM Big Data Visualization [04] : Data Transmission Latency SIEM Log Analysis Dashboard

This article will introduce the Data Transmission Latency Log Analysis Dashboard developed for SIEM big data analytics. This is part of the SIEM big data visualization project, if you are interested about other dashboard plug in, you can check below links: SIEM Big Data Visualization [01] : Dashboard for Monitoring Scam Events in Critical Infrastructure SIEM Big Data Visualization [02] : Dashboard for Summarizing SG National Cyber Threats in Critical Infrastructure SIEM Big Data Visualization [...

       2024-11-03 20:49:18

  IoT System Cyber Attack Case Study 02: Python Deserialization Attack and Library Hijacking Attack

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop that demonstrates how a red team attacker can permanently compromise a people detection radar IoT device. The attack path is achieved through a series of attacks, including traffic eavesdropping, data deserialization attacks, web shell attacks, remote command/code execution, and Python library hijacking attacks. This case study is intended for IoT and data security professional training, aiming to ill...

       2024-07-14 01:40:09

  Power Grid Simulation System 02 : FDI Power Outage Attack Case Study

We are excited to share that the Power Grid Simulation System we developed was used as part of one red team's targeted critical infrastructure system the international cyber exercise Crossed Swords 2024 which conducted in December 2024. In this article, we will introduce one power outage attack case study which use the Power Grid Simulation System as the demo platform for OT cyber security workshop. Project Design Purpose: This case study demonstrates using the Power Grid Simulation System as a...

       2025-01-11 07:35:45

  Why TCP needs 3 handshakes

Prerequisite Knowledge First, let's look at the control bits and state machine of TCP, which form the basis for understanding the three-way handshake of TCP. TCP Packet Control Bits The control bits in the TCP packet header are used to control the status of the TCP connection and can indicate various control information such as connection establishment, termination, reset, etc. There are six common control bits: SYN (Synchronize Sequence Numbers): Requests to establish a connection (part of the...

   REASON,NETWORK,TCP,EXPLANATION,HANDSHAKE     2024-09-28 08:57:52

  Power Grid OT Simulation System

Mini OT-Energy-System Cyber Security Digital Twin Figure-00: Power_Grid_OT_Simulation_System Environment Diagram, version v0.1.2 (2024) Project Design Purpose: The primary objective of this project is to develop a scaled-down Operational Technology (OT) digital twin/equivalent — an advanced software simulation system capable of emulating the functionality of an small-sized 18KW (560+MkWh/year) hybrid power grid. This system will meet the requirements for cybersecurity training, exercises...

       2024-10-13 09:00:12

  How to make select in WinSock exceed the 64-socket limit

When doing cross-platform network programming, the only API available on Windows that corresponds to the epoll/kevent style reactor event model is select. However, it has a limitation: the number of sockets passed into select cannot exceed FD_SETSIZE, which is set to 64. Therefore, select in Java’s NIO on Windows also has the same limit. Many services ported to Windows that use the reactor model face this constraint, which often gives the impression that server programs on Windows hav...

   EXCEED,SELECT,JAVA,WINDOWS     2024-10-31 23:47:50

  Python PLC Honeypot: Env Deployment And Attack Detection

In the previous article, we introduced the design of Python PLC Honeypot Project, this article will provide detailed step-by-step instructions on how to deploy and use the honeypot system in your environment for detecting potential attacks on OT (Operational Technology) networks. The article includes three main section:   Design of Attack Alert and Notification Function Honeypot deployment: an example deployment of a mixed OT protocol honeypot, consisting of a simple setup with...

       2024-12-01 00:27:33

  Popular Golang JSON libraries evaluation

JSON (Javascript Object Notation), a prevailing data exchange format, is widely used in various platforms and languages. Golang, of course, will never miss the support for JSON. And with its own standard library, such as those interfaces like the REST API from the API Service in Kubernetes, it can easily process JSON. Although Go’s library works great, we can still seek those open-source JSON libs in Github to maximize our efficiency. Then the features, performance, applicability of these ...

   FASTJSON,JSON LIB,JSON LIB COMPARISON,GO-JSON     2021-12-11 23:13:23

  Understand GoLang WaitGroup internals and how it works

Background Before getting into the main content, let me give a brief introduction to WaitGroup and its related background knowledge. Here, the focus is on the basic usage of WaitGroup and the fundamental knowledge of system semaphores. For those who are familiar with these, you can skip this section directly. WaitGroup WaitGroup is one of the most common concurrency control techniques in Golang, and its function can be roughly compared to the join() in concurrency control of other languages' mul...

   GOLANG,WAITGROUP,SOURCE CODE     2023-04-26 08:02:01

  SIEM Big Data Visualization [03]:Graph-Based SIEM Log Analysis Dashboard

Program Design Purpose: The purpose of this program is to develop a Graph-Based SIEM (System Information and Event Management) dashboard that visualizes network communication patterns by processing and analyzing logs from IDS, firewalls, host computers, and other security devices. This dashboard will help security analysts quickly identify and investigate potential threats by using a Cytoscape-style Node-Edge graph for intuitive data representation. The program is an angular plug in which can i...

       2024-10-26 04:31:11

RECENT