FloCon 2010 Collection
• Collection
Publisher
Software Engineering Institute
Topic or Tag
Abstract
FloCon 2010 focused on flow data analysis within the context of other data sources. Presentations emphasized techniques for analyzing flow data, integrating flow data with network data sets, and engineering support for flow analysis and integration.
Collection Items
A Case Study - Using Flow to Identify Specific Malware Characteristics
• Presentation
By Jonathan Taimanglo (Department of Homeland Security), Michael Jacobs
In this presentation, US-CERT staff explain how they narrowed a large dataset to a few suspicious IP addresses using SiLK and PERL.
Learn More
A Temporal Logic For Network Flow Analysis
• Presentation
By Timothy J. Shimeall
In this presentation, Tim Shimeall discusses temporal logic adaptations of flow analysis and how formalization of time relationships can help improve flow analysis methods.
Learn More
Abstracting and Visualizing Host Behaviour through Graphs
• Presentation
By Eduard Glatz (Computer Engineering and Networks Laboratory)
In this presentation, Eduard Glatz describes how graphs can be used to represent host traffic while filtering unwanted traffic.
Learn More
Beyond the Top Talkers: Empirical Correlation of Conficker-C Infected IP Space
• Presentation
By Rhiannon Weaver
In this presentation, Rhiannon Weaver discusses Conficker, a computer worm that targets the Microsoft Windows operating system.
Learn More
DMnet: Detection Mitigation Network: A Behavioral Analysis System Supporting Trust Measurements
• Presentation
By Owen McCusker (Sonalysts), Scott Brunza (Sonalysts), Carrie Gates, Joel Glanfield (CA Labs), Dana Paterson (FloVis)
In this presentation, given at FloCon 2010, the authors describe DMnet, a distributed botnet detection and mitigation system.
Learn More
DNS and Flow: Bulk DNS Analysis
• Presentation
By Ed Stoner
In this presentation, Ed Stoner explores techniques to analyze DNS traffic and combine that analysis with flow analysis.
Learn More
First Experiences with Cuckoo Bags
• Presentation
By John McHugh, Jeff Janies, Teryl Taylor (IBM Research)
In this presentation, Redjack staff describe cuckoo bags, data structure and tools for maintaining sets index by IPv4 and IPv6 addresses in the same structure.
Learn More
Flow Analysis for Network Situational Awareness
• Presentation
By Timothy J. Shimeall
In this presentation, given at FloCon in January 2010, Tim Shimeall discusses networks, external events and trends, and network dependencies and analysis.
Learn More
Flow Data at 10 GigE and Beyond: What Can (or Should) We Do?
• Presentation
By Scott Pinkerton (Argonne National Laboratory)
In this presentation, given at FloCon 2010, Scott Pinkerton discusses approaches to using flow data in large environments.
Learn More
FloCon 2010 Keynote: Flow Data for Billing and Routing
• Presentation
By Bill Woodcock (Packet Clearing House)
In this presentation, Bill Woodcock describes how flow data can be used for smarter billing, routing optimization, and as a target for analyzing user behavior.
Learn More
Flow Traffic Analysis Narratives
• Presentation
By Michael Collins
In this presentation, Michael Collins describes the importance of developing narratives that abstractly describe activity between hosts.
Learn More
Flow Valuations Based on Network-Service Cooperation
• Presentation
By Tanja Zseby (Fraunhofer Fokus), Thomas Hirsch (Fraunhofer Fokus)
In this FloCon 2010 presentation, Fraunhofer staff describe autonomic networking and using network-service cooperation to determine which flows to block.
Learn More
Geography of Internet2 Netflow
• Presentation
By David A. Ripley (Indiana University Advanced Network Management Laboratory), Tony H. Grubesic (Indiana University), Timothy C. Matisziw (University of Missouri)
In this presentation, the authors describe a methodology for determining the geographical movement of information on the Internet2 Network.
Learn More
High-Throughput Real-Time Network Flow Visualization
• Presentation
By Daniel Best (Pacific Northwest National Laboratory)
In this presentation, Daniel Best explains how a high-throughput pipeline and tools, such as Traffic Circle, CLIQUE, and MeDiCi, help analysts spot problems.
Learn More
Introduction to Argus
• Presentation
By Carter Bullard (QuSient LLC)
In this presentation, Carter Bullard introduces and describes Argus, a network utilization audit system.
Learn More
Introduction to SIE
• Presentation
By Eric Ziegast (Internet Systems Consortium)
In this presentation, Eric Ziegast describes the Security Information Exchange, a set of organizations dedicated to the globally trusted exchange of information.
Learn More
IPTV Traffic “Qcast”: IP Multicast Traffic Monitoring System with IPFIX/PSAMP
• Presentation
By Shingo Kashima (NTT Corporation), Atsushi Kobayashi (NTT Corporation)
In this presentation, the authors discuss issues related to multicast monitoring and introduce their system called Qcast.
Learn More
Know Your Network
• Presentation
By Josh Goldfarb (US-CERT)
In this presentation, Josh Goldfarb explains an iterative approach to knowing what belongs in your network and what does not.
Learn More
Lessons Learned While Providing SiLK Training
• Presentation
By Jim Downey (Defense Information Systems Agency)
In this presentation, Jim Downey describes the lessons he has learned from training customers in SiLK.
Learn More
Network Flow Data Fusion GeoSpatial and NetSpatial Data Enhancement
• Presentation
By Carter Bullard (QuSient LLC)
In this presentation, Carter Bullard discusses flow data fusion, and how data need to have some requirements to be useful.
Learn More
Network Host Classification Using Statistical Analysis of Flow Data
• Presentation
By Alex Kent (Los Alamos National Laboratory), Mike Fisk (Los Alamos National Laboratory), Eugene Gavrilov (Los Alamos National Laboratory)
In this presentation, given at FloCon 2010, the authors describe how host/IP address profiling based on flow data over time can provide valuable outcomes.
Learn More
Parallel Processing in Netflow Data Fusion
• Presentation
By George Saylor (G2, Inc.), Michael Rash (G2, Inc.)
In this presentation, the authors discuss parallel processing to facilitate processing data in very large environments.
Learn More
Project Bloom: Empowering the Security Research Community Through Data Products and Computing
• Presentation
By Minaxi Gupta (Indiana University, Bloomington), Gregory Travis (Indiana University, Bloomington), Doug D. Pearson (Indiana University, Bloomington)
In this presentation, the authors describe Project Bloom, a project that provides quality data and data products to researchers.
Learn More
Realtime Change Detection & Automatic Network Response
• Presentation
By Alex Brugh (Los Alamos National Laboratory), Mike Fisk (Los Alamos National Laboratory), Josh Neil (Los Alamos National Laboratory), Paul Ferrell (Los Alamos National Laboratory), Scott Miller (Los Alamos National Laboratory), Danny Quist (Los Alamos National Laboratory)
In this presentation, the authors describe the use of flow data in change detection and response, including current methods and areas of research.
Learn More
"SASUKE" Traffic Monitoring Tool Traffic Shift Monitoring Based on Correlation Between BGP Messages and Flow Data
• Presentation
By Atsushi Kobayashi (NTT Corporation), Yutaka Hirokawa (NTT Information Sharing Laboratories), Hiroshi Kurakami (NTT Corporation)
In this presentation, the authors describe SASUKE, a tool that detects traffic change and identifies the BGP route announcements involved.
Learn More
SiLK and the Virtual Training Environment
• Presentation
By George Warnagiris
In this presentation, CERT staff members describe SiLK, a collection of traffic analysis tools developed by CERT, and the Virtual Training Environment.
Learn More
Simply Top Talkers
• Presentation
By Jeroen Massar (IBM Research Zurich), Andreas Kind (Zurich Research Laboratory), Marc P. Stoecklin (Zurich Research Laboratory)
In this presentation, the authors discuss techniques to compute top-k listings for single and composed traffic aspects.
Learn More
Stager – A Generic Tool for Presenting Network Statistics
• Presentation
By Arne Oslebo (Uninett)
In this presentation, Arne Oslebo describes Stager, a web-based tool for presenting and aggregating most types of network statistics.
Learn More
Strip Plots: A Simple Automated Time-Series Visualization
• Presentation
By Sid Faber
In this presentation, Sid Faber describes an approach to a self-maintaining network profile using batch processing, email, quick triage, and intuitive design.
Learn More
Towards Reliable Traffic Classification Using Visual Motifs
• Presentation
By Wilson Lian (University of North Carolina, Chapel Hill), John McHugh, Fabian Monrose (University of North Carolina, Chapel Hill)
In this presentation, the authors provide an overview of traffic classification, and discuss and evaluate visual motifs.
Learn More
Traffic Analysis Using Streaming Queries
• Presentation
By Mike Fisk (Los Alamos National Laboratory)
In this presentation, Mike Fisk shows how continuous queries provide a common query syntax, infrastructure, and framework for traffic analysis.
Learn MoreThis content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.