FloCon 2005 Collection
• Collection
Publisher
Software Engineering Institute
Topic or Tag
Abstract
Collection Items
A Proposed Translation Data Model for Flow Format Interoperability
• White Paper
By Brian Trammell
In this paper, Brian Trammell presents a proposed solution to the problem of mutual unintelligibility of raw flow and intermediate analysis data.
Read
Behavior Based Approach to Network Traffic Analysis
• Presentation
By Rob Nelson (Pacific Northwest National Laboratory)
In this presentation, the authors discuss the challenges, methods, and future efforts associated with network traffic analysis.
Learn More
CANINE: A NetFlows Conversion/Anonymization Tool for Format Interoperability and Secure Sharing (Presentation)
• Presentation
By Katherine Luo (National Center for Supercomputing Applications (NCSA) University of Illinois at Urbana-Champaign), Adam Slagell (National Center for Supercomputing Applications (NCSA) at University of Illinois at Urbana-Champaign), William Yurcik (National Center for Supercomputing Applications (NCSA) at University of Illinois at Urbana-Champaign), Yifan Li (National Center for Supercomputing Applications (NCSA) University of Illinois at Urbana-Champaign)
In this presentation, the authors describe CANINE, a converter and anonymizer for investigating netflow events.
Learn More
CANINE: A NetFlows Converter/Anonymizer Tool for Format Interoperability and Secure Sharing (White Paper)
• White Paper
By Katherine Luo (National Center for Supercomputing Applications (NCSA) University of Illinois at Urbana-Champaign), Adam Slagell (National Center for Supercomputing Applications (NCSA) at University of Illinois at Urbana-Champaign), William Yurcik (National Center for Supercomputing Applications (NCSA) at University of Illinois at Urbana-Champaign), Yifan Li (National Center for Supercomputing Applications (NCSA) University of Illinois at Urbana-Champaign)
In this paper, the authors introduce a tool to address two problems with using Net-Flow logs for security analysis.
Read
Correlations Between Quiescent Ports in Network Flows (White Paper)
• White Paper
By Josh McNutt, Markus Deshon
In this paper, the authors introduce a method for detecting the onset of anomalous port-specific activity by recognizing deviation from correlated activity.
Read
Correlations Between Quiescent Ports in Network Flows (Presentation)
• Presentation
By Josh McNutt, Markus Deshon
In this presentation, the authors discuss using FloVis to perform network data analysis.
Learn More
Covert Channel Detection Using Process Query Systems (White Paper)
• White Paper
By Vincent Berk (Dartmouth College)
In this FloCon 2005 presentation, the author uses traffic analysis to investigate a stealthy form of data exfiltration.
Read
Covert Channel Detection Using Process Query Systems (Presentation)
• Presentation
By Annarita Giani (UC Berkeley), Vincent Berk (Dartmouth College), George Cybenko (Dartmouth College)
In this presentation, the authors discuss detecting covert channels, a subtle way of moving data, using a process query system.
Learn More
Data Mining NetFlow So What’s Next?
• Presentation
By Mark Kane (DDK Tech Group)
In this presentation, Mark Kane provides an overview of data mining, and discusses related frequency patterns, discoveries, and results.
Learn More
Detecting Distributed Attacks Using Network-Wide Flow Data
• Presentation
By Anukool Lakhina (Boston University), Mark Crovella (Boston University), Chrisophe Diot (Intel)
In this presentation, the authors discuss methods and applications, such as scans, worms, and flash events, for detecting distributed attacks.
Learn MoreThis content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.