Malicious_domains: "https://emperor1.dimabusiness.com/download/bad_domains.txt"
Malicious_ips: "https://emperor1.dimabusiness.com/download/bad_ips.txt"
Malicious_md5_hashes: "https://emperor1.dimabusiness.com/download/bad_md5.txt"
Malicious_urls: "https://emperor1.dimabusiness.com/download/bad_urls.txt"
For Tamil: https://youtu.be/CF1Om_FOQvw
For English: https://youtu.be/JO4WHdh0Aaw
In the raising Digital World Network Security plays a very important role. A good Network Security helps the business perform at its best without letting you fall victim to threats. DIMA Emperor is a Network Security product that is the first threat intelligent product in India. DIMA Emperor is a Security Prediction’s Product or Security Intelligence or an Application Programmable Interface (API). An API is a multi-purpose socket, this can be best compared to, in a house we use many electronic gadgets like television, washing machine, mixer, and table fan, etc., in a single socket this is how our API also works. This API is mainly made for network security that is why we call it a security prediction API, how we correlate this with multipurpose is, it’s used to feed in the multi-layered network security products.
Multi-layered network security components mean, the different components in network security like:
- DNS security Powered by,
- Manual Whitelist Zone File
- Manual Blacklist Zone File
- AI-ML Powered Genius/Category Zone File - Updates every 60 Mins
- Auto Open Source Intelligence Zone File - Updates every 60 Mins
- Auto Open Source Category Zone File - Updates every 60 Mins
- Connected to Pro-Active Cloud based Security Intelligence API
Auto DNS Builder (Takes less than 15 mins) using Intelligent Threat Vector
- Firewall
- VPN
- Proxy server Powered by,
- Explicit Proxy
- LDAP Authentication
- Web-based reporting
- SSL Inspection
- Keyword Analysis
- Domain Analysis
- URL Analysis
- File extension Analysis
Auto DNS Builder (Takes less than 15 mins) using Intelligent Threat Vector
- Antivirus, Layer 3 core switches Powered by,
- Full Scan
- Custom Scan
- Auto USB Eject on Threat Detection
- Zero System Performance Impact
- Customizable
- Quick access to Logs
Pro-Active Cloud based Security Intelligence API,
- Browser level security Powered by,
- URL Prediction
- Domain Prediction
- IP Address Spam Analyzer
- Auto Redirection on Threat Detection
Pro-Active Cloud based Security Intelligence API,
For all these, there will be one common API to feed all the known and unknown threats in the network-related stuff from a corporate company that is threat intelligence information.
So in simple words, DIMA is an API that has threat intelligence information programmed into it. This product is made to fight against cyber threats and cyber-attacks and basically a cyber-security product.
Known threat: Known threats mean which have already attacked and is known for which we already know the information and for that, a firewall or a network security deployments has been made or through an open-source intelligence database, the information has been fed to our firewall which will block the threat.
Unknown threat: Unknown threats mean we would be the first victim to be affected by the respective cyber-attack, and when we face the first unknown threat it becomes a known threat for others.
When we face an unknown threat what will we do? What system should we use? That is when we use prediction technology. Only when we use prediction technology, we can block unknown threats, there is no other way to block the unknown threats. So for this prediction technology, the backbone technology is Artificial Intelligence (AI) and Machine Learning (ML). How it works is, when we face a threat URL that can be found by various patterns by training the machine and that will predict if this URL has a threat in it or not, only when such a prediction technology is there we can handle such unknown threats. So good security deployed system should handle both known and unknown threats at the same time and make a decision at that instinct itself. So the process of checking will be to check if the URL is good or bad, then the associated Domain check if that is good or bad, then the associated IP address as good or bad, then if a file is getting downloaded to check if its hash value is good or bad. That is why we need a system that can handle both known and unknown. And that kind of system is only DIMA Emperor. DIMA Emperor is a proactive system which can handle both known and unknown threat. To predict if a URL or Domain and in addition to this, in information categorizing AI-ML is used in a great role. There are various techniques to predict a URL or Domain but at the same time there is lots of information on the internet today, and to which category that information belongs shall be predicted and to do multi-level predictions, for which DIMA Emperor is built.
Vulnerable Internet Parameters mean, we use different systems like computers, laptops, mobile phones, etc. for which we use the internet, where we use URL, domain, IP address, and file or the data which gets downloaded through the internet. For all the files that get downloaded into our system we have a hash value, not only for files there are hash values, even for malware there are hash values. So to predict the good hash value and the bad hash value we need a system. Basically behind these parameters only, bad threats are hidden. To identify the good and the bad DIMA Emperor is used.
As said above DIMA Emperor is an API that responds, predicts, and identifies good and bad, An URL, Domain, IP address, and file data (hash value). DIMA Emperor is hosted on the cloud in the center and it is reachable for everyone (publicly hosted cloud and a secured API). DIMA Emperor is a BIG DATA and we can share the bad data to a community that is stored in the DIMA Emperor Cloud and helps them to be protective because sharing is caring.
DNS FIREWALL
DIMA Emperor Security predictions API gives out the good and bad results which, if we have hosted DNS firewall we can create zone files automatically. So now if we have a DNS firewall and we need to give security intelligence we have to connect the DIMA Emperor to the DNS firewall. DNS doesn’t know the entire URL thing completely, but it knows to capture the domain name and IP addresses. And we can store that log for every 60 minutes and send that to the DIMA Emperor through HTTPS in a secured way and we can get which all are good and bad data from DIMA Emperor. Now we can collect all the bad responses and keep them in a blacklist BIND zone file and pass through the good responses.
FIREWALL
We generally in DIMA prefer pfSense and VyOS as they are open-source firewalls why because we can easily integrate our API. A firewall can predict everything -URL, Domain, IP address, file hash values. We can feed the logs from the DIMA Emperor to the firewall and we can automatically create a policy for blacklist using python script.
PROXY SERVER
This has a unique advantage; if we have given the proxy server the SSL inspection ability, then this has the ability to read the end-to-end data loading in our browser, only the proxy server can do this. In this proxy server, we can do keyword, file, URL, Domain, and IP address analysis. When we send the logs collected in the proxy server to the DIMA Emperor, the Emperor will predict the keyword, file, URL, Domain, and IP address responses and send it to the proxy server and we can create a blacklist.
IP ADDRESSES
If we have to stop a threat immediately, it can be done through Layer 3 Switch. Layer 3 Switch can read IP address with that only it performs routing. This can also collect the logs and ask the Emperor, which is good and which is bad and with which we can write the static route, i.e. null zero static routes and can give the command to not accept the bad responses instantly.
The vulnerable gateway for our laptops and PCs is our browser and the next is through USBs. And now how Emperor works there, we have been given an extension to chrome browser and Firefox AddOn which is free and is there in our website. And the work of the extension is predicting the URL by sending them to the Emperor as and when they are being browsed in our system and gets backs the responses from Emperor whether good or bad. If there is a bad response to a site which you are browsing, it instantly directs your page to an access denied page. This is available in both chrome and Firefox. BACK-END TECHNOLOGY – ONLINE ANTIVIRUS
Our backend technology comes under the online antivirus category. Why online antivirus because when we use offline antivirus there are lots of unwanted signature files that get stored in our system which reduces the efficiency of the system. There is a program in the backend of the antivirus which is sometimes customizable according to the client’s requirement which is not done by any other company. Our antivirus does a full scan and a custom scan. Full scan is that which is done on the local drives in our system, custom scan can do scanning on a specific directory or file. Suppose there is any threat in the USB our AV automatically kicks off the USB. Our AV will communicate with the Emperor and ask if the hash value is good or bad and if the response is bad the AV will remove such file.
The DIMA Emperor is a one-point solution, it has the tag of AI-ML, using this only we feed the DNS firewall (open-source BIND), firewall (pfSense or VyOS), the proxy server (SQUID), IP address - Layer 3 Switch, browser (Chrome, Firefox). There are 6 layers of checks before your system gets infected. Let’s see about VPN, the best way to use VPN is through open VPN, by deploying it in the cloud, and in that open VPN server, we have to configure DNS firewall separately. By doing this we get both security and privacy. So it is better to have your own VPN server. Seeing about Cloud Storage, the one which we suggest is Own Cloud – community edition. How we work is, by taking the community edition and deploy it with the DIMA Emperor, and inside this cloud server itself Antivirus is running and the end-to-end encryption is also working. The GDPR says that we have to encrypt the data which is being in rest or in transit, to match with this idea only we have built our cloud storage. Our pricing is also based on this service only which is also customizable.
In addition to this, we are going to discuss BIGDATA and Collaboration, our product DIMA Emperor is used for BIGDATA and Collaboration, like the basic idea behind this, is (our server for open source is emperor1.dimabusiness.com) we have different features like the customized blacklist, customized whitelist and each one is a separate API which can be changed by the user at their own risk. After checking these only, the API will go for further predictions. We will collect all the bad data and give it back to the open-source community and by which you (public) can use it for your own company to protect the network. Lastly, seeing about the Open Source Platform-Licensing-Community and Enterprise terms and conditions of DIMA. We have built our product with a Linux operating system and all the predictions are written in Python programming and we are proud that we have built our product on an open-source platform. We like other open-source, have community editions and enterprise editions., now how do we revert back to the community is we will build the product and give it back to them free of cost which is available on our website. If you are a technical person you can make use of the community edition and get fruitful results out of it, but when you contact DIMA Business Solutions for any kind of technical support then the licensing will apply and that is called enterprise edition for which the customer has to pay. The community edition is for the public with no limitations and restrictions. When it comes to the product quality there is no compromise, we give the same quality product for both community and enterprise edition because we have also built our product on an open-source platform. Any kind of new update in the product will be first available on the community edition then only on the enterprise edition. Check on our website (Github) for documentation, and we have hosted the YouTube videos on our website for your reference and guidance. And you are most welcomed for partnership deals and grow together and take it as a win-win situation. We have technology transparency, let’s share our knowledge and stop the cyber threats and attacks together. Students who have knowledge in python and open source software can join DIMA Business Solutions Pvt Ltd; we are there for you to develop your skills in the most needed field for the upcoming Digital World.