FloCon 2011 Collection
• Collection
Publisher
Software Engineering Institute
Topic or Tag
Abstract
These presentations and resource documents were provided at FloCon 2011, an open conference that provides operational network analysts, tool developers, and researchers a forum to discuss the analysis of large volumes of traffic to showcase the next generation of flow-based analysis techniques.
At FloCon 2011, participants focused on learning about their networks and confirming what we know about them. Participants explored a wide range of topics and discussed dark space, how many web servers you're actually operating, spam, and DNS servers and their susceptibility to cache poisoning.
Collection Items
Analysis Pipeline
• Presentation
By Daniel Ruef
In this presentation, Dan Ruef discusses moving analysis from retroactive to real time, pipeline capabilities, and streaming analysis coding issues.
Learn More
CERT Virtual Flow Collection and Analysis
• Presentation
By George Warnagiris
In this presentation, George Warnagiris describes the work on the Network Situational Awareness group of the CERT Division.
Learn More
Coordinated Non-Intrusive Capturing of Flow Paths
• Presentation
By Tanja Zseby (Fraunhofer Fokus)
In this presentation, Tanja Zseby discusses flow paths and coordinated traffic observation.
Learn More
Darkspace Construction and Maintenance
• Presentation
By Jeff Janies, M. P. Collins (Redjack)
In this presentation, the authors discuss darkspaces, external routable address blocks to which no legitimate network traffic should be destined.
Learn More
Detecting Botnets with NetFlow
• Presentation
By Vojtech Krmícek (Masaryk University), Tomáš Plesník (Masaryk University)
In this presentation, the authors discuss NetFlow monitoring at Masaryk University and botnet detection methods.
Learn More
Detecting Long Flows
• Presentation
By John McHugh
In this presentation, John McHugh discusses a simple and efficient mechanism for identifying persistent connections in internet data.
Learn More
DLP Detection with Netflow
• Presentation
By Christopher Poetzel (Argonne National Laboratory)
In this presentation, Christopher Poetzel discusses data loss prevention and the use of Netflow-based solutions to look for anomalous data.
Learn More
Entropy-Based Measurement of IP Address Inflation in the Waledac Botnet
• Presentation
By Rhiannon Weaver, Chris Nunnery (University of North Carolina), Gautam Singaraju (University of North Carolina)
In this presentation, the authors discuss a new method for measuring the discrepancy between counting IP addresses and counting individual machines in a botnet.
Learn More
Exploring the Interactions Between Network Data Analysis and Security Information/Event Management
• Presentation
By Timothy J. Shimeall
In this presentation, Timothy Shimeall explores the interaction of data analysis and security event management and new approaches to be explored.
Learn More
Flows as a Topology Chart
• Presentation
By Hiroshi Asakura (NTT Corporation), Kensuke Nakata (NTT Corporation), Shingo Kashima (NTT Corporation), Hiroshi Kurakami (NTT Corporation)
In this presentation, NTT Corporation staff cover the challenges of visualizing both the inside and outside of your network using topology flow charts.
Learn More
From Data Collection to Action: Achieving Rapid Identification of Cyber Threats and Perpetrators
• Presentation
By Joel Ebrahimi (Bivio Networks)
In this presentation, Joel Ebrahimi shows how to use data retention to identify cybersecurity threats and learn what capabilities cyber analysts must have.
Learn More
Garbage Collection: Using Flow to Understand Private Network Data Leakage
• Presentation
By Sid Faber
In this presentation, Sid Faber shows how you can use garbage collection to explore data leakage in your network.
Learn More
Incorporating Dynamic List Structures into YAF
• Presentation
By Daniel Ruef, Emily Sarneso
In this presentation, the authors discuss IPFIX limitations and extensions, list structure, and mediators in YAF.
Learn More
Indexing Full Packet Capture Data With Flow
• Presentation
By Randy Heins (Northrop Grumman)
In this presentation, Randy Heins describes lessons learned in developing a full packet capture system.
Learn More
Leveraging Other Data Sources with Flow to Identify Anomalous Network Behavior
• Presentation
By Peter Mullarkey (CA Technologies), Mike Johns (CA Technologies), Ben Haley (CA Technologies)
In this presentation, the authors discuss how to create high-quality events without sacrificing scalability.
Learn More
MATLAB Commands in Numerical Python (NumPy)
• Presentation
By Software Engineering Institute
These slides show the syntax of many MATLAB commands in numerical Python.
Learn More
Network Analysis with SiLK
• Presentation
By Ron Bandes
In this presentation, Ron Bandes provides an introduction to SiLK, a collection of traffic analysis tools.
Learn More
Network Flow Data Analysis Using Graph Pattern Search
• Presentation
By Josh Goldfarb (US-CERT)
In this presentation, Josh Goldfarb discusses problems, solutions, and tools related to using graph pattern searches to analyze network flow data.
Learn More
Not to Miss Small-Amount but Important Traffic
• Presentation
By Kazunori Kamiya (NTT Corporation)
In this presentation, Kazunori Kamiya discusses using flow data, flow sampling, and flow collectors and analyzers.
Learn More
Privacy Preserving Network Flow Recording
• Presentation
By Bilal Shebaro (University of New Mexico), Jedidiah R. Crandall (University of New Mexico)
In this presentation, the authors describe ways to use netflow data in ways that preserve privacy.
Learn More
Protographs: Graph-Based Approach to NetFlow Analysis
• Presentation
By Jeff Janies
In this presentation Jeff Janies discusses how social networks can complement existing volumetric analysis.
Learn More
Real Time Topology Based Flow Visualization
• Presentation
By John K. Smith
In this presentation, John Smith describes the flow visualization tool his team developed, related issues, and use cases.
Learn More
Security Incident Discovery and Correlation on .Gov Networks
• Presentation
By Cory Mazzola (Department of Homeland Security), Timothy Tragesser (Department of Homeland Security)
In this presentation, the authors discuss their work on correlating security incident discovery to .gov networks.
Learn More
The Rayon Visualization Toolkit
• Presentation
By Phil Groce
In this presentation, Phil Groce describes Rayon, a Python library and toolset for generating basic two-dimensional statistical visualizations.
Learn More
Using Flow For Other Things Than Network Data
• Presentation
By Jeroen Massar (IBM Research Zurich)
In this presentation, Jeroen Massar discusses flow analysis and Anaphera, a high-performance and scalable Flow Analyzer.
Learn MoreThis content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.