FloCon 2014 Collection
• Collection
Publisher
Software Engineering Institute
Subjects
Abstract
These presentations, training slides, and posters were provided at FloCon 2014, an open conference that provides operational network analysts, tool developers, and researchers a forum to discuss the analysis of large volumes of traffic to showcase the next generation of flow-based analysis techniques.
FloCon 2014 took place at the Francis Marion Hotel in Charleston, South Carolina, on January 13-16, 2014. This open conference provided a forum for operational network analysts, tool developers, researchers, and other parties interested in the analysis of large volumes of traffic to showcase the next generation of flow-based analysis techniques.
Collection Items
Passive Detection of Misbehaving Name Servers
• Presentation
By Jonathan Spring, Leigh B. Metcalf
In this presentation, the authors discuss name servers that exhibit IP address flux, a behavior that falls outside the prescribed parameters.
Learn More
Passive DNS Collection and Analysis - The "dnstap" Approach
• Presentation
By Paul Vixie
In this 2014 keynote presentation from FloCon 2014, Dr. Paul Vixie discusses passive DNS monitoring and DNS tap, and demonstrates SIE and DNSDB.
Learn More
PM WIN-T TMD Fight the Network (FTN) / FAVA
• Presentation
By Kevin Jacobs (U.S. Army)
In this presentation, Kevin Jacobs discusses FTN goals and its operational view, task details, and data fusion.
Learn More
Quilt: A System for Distributed Temporal Queries of Security Relevant Heterogeneous Data
• Presentation
By George Jones, Timothy J. Shimeall
In this presentation, Tim Shimeall and George Jones describe Quilt, a distributed data query engine that allows for a broach range of data and that supports temporal relationships.
Learn More
Security Onion: Peel Back the Layers of Your Network in Minutes
• Presentation
By Software Engineering Institute
In this presentation, Doug Burks discusses Security Onion, a free Linux distro for intrusion detection, network securing monitoring, and log management.
Learn More
Semantic Flow Augmentation for the Automated Discovery of Organizational Relationships
• Presentation
By Chris Strasburg (The Ames Laboratory)
In this presentation, the authors describe semantic flow augmentation, discuss its use and features, and present ideas for future work.
Learn More
Setting up a Network Flow Sensor for $100
• Presentation
By Ron Bandes, John Badertscher, Dwight S. Beaver
This 2014 presentation describes how to build a network flow sensor using a PogoPlug server and ethernet adapter, a switch as a network tap, and a 16 GB flash drive.
Learn More
Streaming Analysis: An Alternate Analysis Paradigm
• Presentation
By John McHugh
In this presentation, John McHugh discusses how streaming analytics relieves the volume of stored data and decreases threat reaction time.
Learn More
Stucco: Situation and Threat Understanding by Correlating Contextual Observations
• Presentation
By John Gerth (Stanford University), John Goodall (Secure Decisions)
This 2014 presentation shows how Stucco puts security events in context and shows how threats relate to a cyber security analyst's environment.
Learn More
The Rayon Tools: Visualization at the Command Line
• Poster
By Phil Groce
This poster, presented at FloCon 2014, shows how a Rayon visualization works well with the workflow model of UNIX and the shell.
DownloadThis content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.