FloCon 2006 Collection
• Collection
Publisher
Software Engineering Institute
Topic or Tag
Abstract
This FloCon conference included 12 papers and 13 presentations given by experts in the field of flow analysis. Discussions covered topics such as flow processing, flow measurement, network traffic, and analysis methods.
Collection Items

A Case for Packet Sampling
• Presentation
By Tanja Zseby (Fraunhofer Fokus)
In this presentation, Tanja Zseby advises how and when to use sampling.
Learn More
A System Architecture for Processing Flows
• Presentation
By Raj Srinivasan (Bivio Networks)
In this presentation, Raj Srinivasan proposes a clustering architecture and demonstrates its implementation for commercial applications.
Learn More
A Traffic Analysis of a Small Private Network Compromised by an Online Gaming Host (White Paper)
• White Paper
By Ron McLeod (Corporate Development Telecom Applications Research Alliance)
In this paper, Ron McLeod describes a network traffic capture and analysis used to investigate network performance issues of a small private network.
Read
A Traffic Analysis of a Small Private Network Compromised by an Online Gaming Host (Presentation)
• Presentation
By Ron McLeod (Corporate Development Telecom Applications Research Alliance)
In this presentation, Ron McLeod describes the results of an analysis to investigate performance issues on a small private network.
Learn More
Analysis Methods Discussion
• Presentation
By Software Engineering Institute
In this presentation, conference attendees discuss high-level issues addressed at FloCon 2006.
Learn More
Anomaly Detection Through Blind Flow Analysis Inside a Local Network (White Paper)
• White Paper
By Ron McLeod (Corporate Development Telecom Applications Research Alliance), Vagishwari Nagaonkar (Wipro Technologies)
In this paper, the authors describe how hosts may be clustered into user workstations, servers, printers, and hosts compromised by worms.
Read
Anomaly Detection Through Blind Flow Analysis Inside a Local Network (Presentation)
• Presentation
By Ron McLeod (Corporate Development Telecom Applications Research Alliance), Vagishwari Nagaonkar (Wipro Technologies)
In this presentation, the authors describe how hosts may be clustered into user workstations, servers, printers, and hosts compromised by worms.
Learn More
Anomaly Sampling (Bringing Diversity to Network Security)
• Presentation
By David Moore (Cooperative Association for Internet Data Analysis (CAIDA))
This presentation was given at FloCon 2006, an annual event where attendees discuss the analysis of large volumes of traffic and showcase the next generation of flow-based analysis techniques.
Learn More
Anomaly-Based BotServer (and more!) Detection
• Presentation
By James R. Binkley (Portland State University)
In this presentation, Jim Binkley discusses experimental flow tuples, and botnet server and client mesh detection.
Learn More
Attribution and Aggregation of Network Flows for Security Analysis (White Paper)
• White Paper
By Annarita Giani (UC Berkeley), IanGregorioDe Souza (Dartmouth College), Vincent Berk (Dartmouth College), George Cybenko (Dartmouth College)
In this paper, the authors describe a network flow analyzer capable of attribution and aggregation of different flows to identify suspicious behaviors.
Read
Attribution and Aggregation of Network Flows for Security Analysis (Presentation)
• Presentation
By Annarita Giani (UC Berkeley), IanGregorioDe Souza (Dartmouth College), Vincent Berk (Dartmouth College), George Cybenko (Dartmouth College)
In this paper, the authors describe a network flow analyzer capable of attribution and aggregation of different flows to identify suspicious behaviors.
Learn More
Bidirectional Flow Measurement, IPFIX, and Security Analysis
• Presentation
By Elisa Boschi (Hitachi), Brian Trammell
In this presentation, the authors describe the importance of bi-flow information and explain how IPFIX can be used most effectively.
Learn More
Identifying Anomalous Network Traffic Through the Use of Client Port Distribution
• White Paper
By Josh Goldfarb (US-CERT)
In this paper, Josh Goldfarb introduces an approach to IP flow analysis that examines server ports and client ports that exchange flows with them.
Read
Impact of Packet Sampling on Anomaly Detection Metrics
• Presentation
By Daniela Brauckhoff (Swiss Federal Institute of Technology (ETH)), Bernhard Tellenbach (Swiss Federal Institute of Technology (ETH)), Arno Wagner (Communication Systems Laboratory Swiss Federal Institute of Technology Zurich (ETH Zurich)), Anukool Lakhina (Boston University), Martin May (Swiss Federal Institute of Technology (ETH))
In this presentation, the authors discuss their evaluation of the impact of sampling on anomaly detection metrics.
Learn More
IPFIX/PSAMP: What Future Standards Can Offer to Network Security (White Paper)
• White Paper
By Tanja Zseby (Fraunhofer Fokus), Elisa Boschi (Hitachi), Thomas Hirsch (Fraunhofer Fokus), Mark Lutz (Fraunhofer Fokus)
In this paper, the authors show how IPFIX and PSAMP can be used to support network security.
Read
IPFIX/PSAMP: What Future Standards Can Offer to Network Security (Presentation)
• Presentation
By Tanja Zseby (Fraunhofer Fokus), Elisa Boschi (Hitachi), Thomas Hirsch (Fraunhofer Fokus), Mark Lutz (Fraunhofer Fokus)
In this presentation, the authors describe exporting packet information with IPFIX.
Learn More
RAVE: The Retrospective Analysis and Visualization Engine
• White Paper
By Phil Groce, John Prevost
In this paper, the authors present RAVE as an analysis service provider.
Read
Scalable Flow Analysis (White Paper)
• White Paper
By Abhishek Kumar (University of Maryland), Sapan Bhatia (Princeton)
In this paper, the authors present a new approach for summarization and analysis of flow records.
Read
Scalable Flow Analysis (Presentation)
• Presentation
By Abhishek Kumar (University of Maryland), Sapan Bhatia (Princeton)
In this presentation, the authors describe a comprehensive architecture and taxonomy for flow collection and analysis.
Learn More
System Requirements for Flow Processing
• White Paper
By Raj Srinivasan (Bivio Networks)
In this paper, Raj Srinivasan proposes an architecture that meets security requirements and is flexible enough to support future application needs.
Read
The Effect of Packet Sampling on Anomaly Detection
• White Paper
By Daniela Brauckhoff (Swiss Federal Institute of Technology (ETH)), Bernhard Tellenbach (Swiss Federal Institute of Technology (ETH)), Arno Wagner (Communication Systems Laboratory Swiss Federal Institute of Technology Zurich (ETH Zurich)), Anukool Lakhina (Boston University), Martin May (Swiss Federal Institute of Technology (ETH))
In this paper, the authors empirically evaluate the impact of sampling on anomaly detection.
Read
The Past and Future of Flow Analysis
• Presentation
By John McHugh
This keynote presentation was delivered by John McHugh at FloCon 2006.
Learn MoreThis content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.