FloCon 2014 Collection
These presentations, training slides, and posters were provided at FloCon 2014, an open conference that provides operational network analysts, tool developers, and researchers a forum to discuss the analysis of large volumes of traffic to showcase the next generation of flow-based analysis techniques.
FloCon 2014 took place at the Francis Marion Hotel in Charleston, South Carolina, on January 13-16, 2014. This open conference provided a forum for operational network analysts, tool developers, researchers, and other parties interested in the analysis of large volumes of traffic to showcase the next generation of flow-based analysis techniques.
Passive DNS Collection and Analysis - The "dnstap" Approach
By Paul Vixie
In this 2014 keynote presentation from FloCon 2014, Dr. Paul Vixie discusses passive DNS monitoring and DNS tap, and demonstrates SIE and DNSDB.Learn More
Quilt: A System for Distributed Temporal Queries of Security Relevant Heterogeneous Data
In this presentation, Tim Shimeall and George Jones describe Quilt, a distributed data query engine that allows for a broach range of data and that supports temporal relationships.Learn More
Security Onion: Peel Back the Layers of Your Network in Minutes
By Software Engineering Institute
In this presentation, Doug Burks discusses Security Onion, a free Linux distro for intrusion detection, network securing monitoring, and log management.Learn More
Semantic Flow Augmentation for the Automated Discovery of Organizational Relationships
In this presentation, the authors describe semantic flow augmentation, discuss its use and features, and present ideas for future work.Learn More
Streaming Analysis: An Alternate Analysis Paradigm
By John McHugh
In this presentation, John McHugh discusses how streaming analytics relieves the volume of stored data and decreases threat reaction time.Learn More
Stucco: Situation and Threat Understanding by Correlating Contextual Observations
This 2014 presentation shows how Stucco puts security events in context and shows how threats relate to a cyber security analyst's environment.Learn More
The Rayon Tools: Visualization at the Command Line
By Phil Groce
This poster, presented at FloCon 2014, shows how a Rayon visualization works well with the workflow model of UNIX and the shell.Download
This content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.