FloCon 2008 Collection
• Collection
Publisher
Software Engineering Institute
Subjects
Abstract
At FloCon this year, attendees described useful experiences in flow analysis and presented innovative solutions in security analysis.
Collection Items

A Flexible DDoS Detection System Using IPFIX
• Presentation
By Thomas Hirsch (Fraunhofer Fokus), Tanja Zseby (Fraunhofer Fokus)
In this presentation, Tanja Zseby describes how IPFIX supports the integration of new methods.
Learn More
AMP-Based Flow Collection
• Presentation
By Greg Virgin (Redjack)
In this presentation, given at FloCon 2008, Greg Virgin describes AMP, an analytic flow metadata producer.
Learn More
Anonymizing Network Flow Data
• Presentation
By Timothy J. Shimeall
In this presentation, Tim Shimeall discusses network flow data anonymization, subnet preserving and collapsing, host preserving and collapsing, and ports.
Learn More
Assessing Disclosure Risk in Anonymized Datasets
• White Paper
By Alexi Kounine (EPFL), Michele Bezzi (ATL)
In this paper, the authors propose a framework for estimating disclosure risk using conditional entropy between the original and the anonymized datasets.
Read
Attack Reduction and Anomaly Modeling in Popularly Targeted Protocols
• Presentation
By Michael Collins
In this presentation, Michael Collins discusses noise in traffic flows and its effect on anomaly detection, two-stage filtering, and methods to reduce attacks.
Learn More
Automatic Anomaly Detection Using NfSen
• Presentation
By Wim Biemolt (SURFnet)
In this presentation, Wim Biemolt discusses using NfSen, a graphical web based front end for the nfdump netflow tools, to perform automatic anomaly detection.
Learn More
Design for Large-Scale Collection System Using Flow Mediators
• Presentation
By Atsushi Kobayashi (NTT Corporation), Tsuyoshi Kondoh (NTT Corporation), Keisuke Ishibashi (NTT Corporation)
In this presentation, the authors discuss the use of flow mediators in designing large-scale collection systems.
Learn More
Dynamic Adaptation of Flow Information Granularity for Incident Analysis
• Presentation
By Marc P. Stoecklin (Zurich Research Laboratory), Andreas Kind (Zurich Research Laboratory), Jean-Yves Le Boudec (Zurich Research Laboratory)
In this presentation, the authors describe how they extended a collector system to provide more accurate incident analysis.
Learn More
Flow Analysis in a Wireless Environment with Short DHCP Leases
• Presentation
By Sanket Parikh (Dalhousie University), John McHugh
The authors describe the analysis of wireless network data, the use of MAC layer information in netflow tools, and how the tools return converted flow data.
Learn More
Flow Visualization Using MS-Excel
• Presentation
By Lee Rock (US-CERT), Jay Brown (US-CERT)
In this presentation, US-CERT analysts describe the pros and cons of using MS-Excel to visualize netflow data.
Learn MoreThis content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.