FloCon 2004 Collection
• Collection
Publisher
Software Engineering Institute
Topic or Tag
Abstract
At the first FloCon in 2004, attendees gave talks on analysis, infrastructure, and data sharing. Topics covered included scanning very large networks, standardization efforts to support data exchange, security at line speed with netflows, and AirCERT.
Collection Items
AirCERT: Building a Framework for Cross- Administrative Domain Data Sharing
• Presentation
By Roman Danyliw
In this presentation, Roman Danyliw describes AirCERT, a scalable distributed system for sharing security event data among administrative domains.
Learn More
Analysis of the US-CERT DAC
• Presentation
By Josh McNutt
In this presentation, Josh McNutt provides an overview of the data, graphical displays, trends, and anomaly detection of the US-CERT DAC.
Learn More
Data Sharing: Lessons Learned by the CERT/CC and the CERT/NetSA Groups
• Presentation
By Roman Danyliw
In this presentation, Roman Danyliw provides an overview of data sharing, and discusses related concerns and observations.
Learn More
Empirically Based Analysis: The DDoS Case
• Presentation
By Michael Collins
In this keynote presentation, John McHugh explores four themes in thinking about flow analysis.
Learn More
Detection and Analysis of Scans on Very Large Networks
• Presentation
By Marc I. Kellner, Carrie Gates
In this presentation, the authors discuss scan detection, scan database, and the analysis of scans.
Learn More
Flow Data Analysis in SWITCH / ETH Zurich Project DDoSVax
• Presentation
By Arno Wagner (Communication Systems Laboratory Swiss Federal Institute of Technology Zurich (ETH Zurich))
In this presentation, Arno Wagner discusses flow data usage by SWITCH, offline analysis examples, traffic amount vs. unique addresses, and analysis tools.
Learn More
Locality Based Analysis of Network Flows
• Presentation
By John McHugh, Carrie Gates, Damon Becknel
In this presentation, the authors discuss analyzing network data flows using locality, which involves using past observations to predict future behavior.
Learn More
NetFlow Data Capturing and Processing at SWITCH and ETH Zurich
• Presentation
By Arno Wagner (Communication Systems Laboratory Swiss Federal Institute of Technology Zurich (ETH Zurich))
In this presentation, Arno Wagner describes how SWITCH and ETH Zurich capture and process netflow data.
Learn More
Network Telescopes: The FloCon Files
• Presentation
By David Moore (Cooperative Association for Internet Data Analysis (CAIDA)), Colleen Shannon (Cooperative Association for Internet Data Analysis (CAIDA))
In this presentation, the authors describe CAIDA, a collaboration aimed at promoting cooperation in the engineering and maintenance of internet infrastructure.
Learn More
Security at Line Speed with NetFlows
• Presentation
By William Yurcik (National Center for Supercomputing Applications (NCSA) at University of Illinois at Urbana-Champaign)
In this presentation, William Yurcik discusses netflows, instrumentation issues, the data management problem, and NCSA's netflows architecture.
Learn More
Sharing Intelligence Is Our Best Defense: Incentives That Work versus Disincentives That Can Be Solved
• Presentation
By William Yurcik (National Center for Supercomputing Applications (NCSA) at University of Illinois at Urbana-Champaign), Adam Slagell (National Center for Supercomputing Applications (NCSA) at University of Illinois at Urbana-Champaign), Jun Wang (National Center for Supercomputing Applications (NCSA) University of Illinois at Urbana-Champaign)
In this presentation, the authors describe the use of ISACs to gather, analyze, and share data to combat cybersecurity problems.
Learn More
Statistical Methods for Flow Data
• White Paper
By Joseph B. Kadane
In this presentation, Joseph B. Kadane discusses how Bayesian methods help make the logistic regression approach to scan data stable and operationally feasible.
Read
The State of Standardization Efforts to Support Data Exchange in the Security Domain
• Presentation
By Roman Danyliw
In this presentation, Roman Danyliw provides an overview of flow and packet formats, alert and event forms, and context-relevant formats.
Learn More
Wish List
• Presentation
By Thomas A. Longstaff
In this presentation given at FloCon 2004, Tom Longstaff discusses tools and data related to NetFlow analysis.
Learn MoreThis content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.