FloCon 2009 Collection
• Collection
Publisher
Software Engineering Institute
Topic or Tag
Abstract
At FloCon 2009, presenters discussed topics dealing with flow for network forensics, network inventory, and incident response.
Collection Items
A Primer on Network Flow Visualization
• Presentation
By Gregory Travis (Indiana University, Bloomington)
In this presentation, Gregory Travis provides the basics of network flow visualization and the techniques that have evolved over time.
Learn More
Activity Plot
• Presentation
By Dana Paterson (FloVis)
In this presentation, given at FloCon 2009, Diana Paterson describes Activity Plot, a new visualization for Netflow data.
Learn More
An Analysis of Sampling Effects on Graph Structures Derived from Network Flow Data
• Presentation
By Mark Meiss (Advanced Network Management Laboratory)
In this presentation, Mark Meiss describes a study of the effects of sampling on flows and asks how graph structures built from flow data are affected.
Learn More
Analyzing the Effectiveness of Phishing at Network Level
• Presentation
By Sagar Mehta (Georgia Institute of Technology), Nitya Sundareswaran (Georgia Institute of Technology), Kevin D. Fairbanks (Georgia Institute of Technology), Nick Feamster (Georgia Institute of Technology)
In this presentation, the authors discuss the challenges of analyzing phishing at the network level.
Learn More
CAMNEP: Multistage Collective Network Behavior Analysis System with Hardware Accelerated NetFlow Probes
• Presentation
By Martin Rehak (CESNET), Pavel Celeda (Liberouter), Michal Pechoucek (Czech Technical University), Jiri Novotny (Masaryk University)
In this presentation, the authors discuss network intrusion detection systems, anomaly detection models, and trust-based anomaly integration.
Learn More
Data Structures for IPv6 Network Traffic Analysis Using Sets and Bags
• Presentation
By John McHugh, Ulfar Erlingsson (FloVis)
In this presentation, the authors discuss network traffic analysis, tree and hash-based representations, and column-oriented databases.
Learn More
Detecting Anomalies in Interhosts Communication Graph
• Presentation
By Keisuke Ishibashi (NTT Corporation), Tsuyoshi Kondoh (NTT Corporation), Shigeaki Harada (NTT Service Integration Laboratories), Tatsuya Mori (NTT Service Integration Laboratories), Ryoichi Kawahara (NTT Service Integration Laboratories), Shoichiro Asano (National Information Institute)
In this presentation, the authors discuss anomalous traffic detection, communication graphs, and a method for detecting graphic anomalies.
Learn More
Detecting Spam and Spam Responses
• Presentation
By Timothy J. Shimeall
In this presentation, Tim Shimeall discusses email, spam, and using flow-based analysis to investigate email-based behaviors.
Learn More
Education in Flow Analysis
• Presentation
By Timothy J. Shimeall
In this presentation, Tim Shimeall discusses ways to address education in flow analysis at the undergraduate, graduate, and professional levels.
Learn More
FloVis Summary
• Presentation
By Stephen Brooks (CA Labs), Carrie Gates, John McHugh
In this presentation, the authors describe their current and planned work on FloVis, an extendable framework for network security visualizations.
Learn More
Flow Based Control Plane Situational Awareness
• Presentation
By Carter Bullard (QuSient LLC)
In this presentation, Carter Bullard discusses the importance of control plane situational awareness and related research now being conducted.
Learn More
FlowBundle
• Presentation
By Teryl Taylor (IBM Research)
In this presentation, Teryl Taylor discusses how FlowBundle visualizes interactions between network entities and uses its features to minimize occlusion.
Learn More
Hardware-Accelerated Flexible Flow Measurement
• Presentation
By Pavel Celeda (Liberouter), Martin Zadnik (Liberouter), Lukas Solanka (Liberouter)
In this presentation, the authors describe their work developing hardware and software solutions to accelerate IP flow measurement and network monitoring.
Learn More
Integrating Human and Synthetic Reasoning Via Model-Based Analysis
• Presentation
By Michael Collins
In this presentation, Michael Collins describes a model that combines AI and user interface through fault trees to capture knowledge and improve efficiency.
Learn More
IP Dossier
• Presentation
By Paul Krystosek
In this presentation, Paul Krystosek discusses using netflow data to learn about the activity of a host given an IP address and a time range.
Learn More
Is There Any Value In Bulk Network Traces?
• Presentation
By Sid Faber
In this presentation, Sid Faber describes the value of bulk network traces if data sources are tuned to the needed research.
Learn More
Labeled Full Packet/Flow Level Data Capture: Towards a Framework for Instrumenting Cyber Warfare Exercises
• Presentation
By Tom Cook (ITOC)
In this presentation, Tom Cook describes a proposed framework for capturing datasets from cyber defense exercises and producing valuable security information.
Learn More
Managing and Monitoring a Root DNS Service
• Presentation
By John L. Crain (ICANN)
In this presentation, John Crain explains the importance of domain names, root servers, and live-view monitoring.
Learn More
NetBytes Viewer: A Entity-Based Visualization Tool
• Presentation
By Joel Glanfield (CA Labs)
In this presentation, Joel Glanfield explains how FloVis visualizes netflow traffic using an entity-based approach.
Learn More
Security Visualization with FloVis
• Presentation
By Teryl Taylor (IBM Research), Joel Glanfield (CA Labs), Carrie Gates, John McHugh
In this presentation, the authors discuss using FloVis to perform network data analysis.
Learn More
Shared Darknet Development
• Presentation
By David A. Ripley (Indiana University Advanced Network Management Laboratory)
In this presentation, David Ripley describes a darknet reporting, querying, and analysis system, how it works, and the challenges it faces.
Learn More
Traffic Analysis of UDP-Based Flows in ourmon
• Presentation
By James R. Binkley (Portland State University)
In this presentation, James Binkley discusses the use of ourmon, an opensource product, for use in traffic analysis of UDP-based data flows.
Learn More
Traffic Clusters in Networks of Convenience
• Presentation
By Ron McLeod (Corporate Development Telecom Applications Research Alliance)
In this presentation, the authors describe the Mission Diagnostic, applying it, and lessons learn in applying it.
Learn More
VIAssist: Visual Analytics for NetFlow Data
• Presentation
By John Goodall (Secure Decisions)
In this presentation, the authors provide an overview of the vulnerability discovery field and discuss its use in improving security engineering.
Learn More
FloCon 2009: Call for Presentations
• Brochure
By Software Engineering Institute
This call for presentations for FloCon 2009 describes the conference, presentation topics, and submission information.
Learn MoreThis content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.