FloCon 2015 Collection
• Collection
Publisher
Software Engineering Institute
Topic or Tag
Abstract
These presentations were given at FloCon 2015, an open conference that provides operational network analysts, tool developers, and researchers a forum to discuss the analysis of large volumes of traffic to showcase the next generation of flow-based analysis techniques.
The theme of FloCon 2015 was "Formalizing the Art," and participants discussed the art of network analysis and how to make it more formal, rigorous, reliable, well-grounded, or repeatable. Participants also discussed academic advances in novel analytics and the operationalization and automation of well-known techniques.
Collection Items
Flocon 2015 Welcome Talk
• Video
By Jonathan Spring
In this video, Jonathan Spring introduces FloCon 2015, which took place in Portland, Oregon in January 2015.
Watch
Advances in Semantically Augmented Flow Data for Dynamic Impact Assessment, Response Selection, and Alert Prioritization
• Presentation
By Nik Kinkel (The Ames Laboratory), Harris T. Lin (The Ames Laboratory), Chris Strasburg (The Ames Laboratory)
In this talk, the authors discuss strategies for optimizing the addition of semantic information to flow data to enable it to be used in real time.
Learn More
Approaching Intelligent Analysis for Attribution and Tracking the Lifecycle of Threats
• Presentation
By Timur D. Snoke
In this presentation, Timur Snoke proposes combining the threat assessment native to the Cyber Kill Chain and the attribution capability of the Diamond model.
Learn More
Creating Preventive Digital Forensics Systems to Proactively Resolve Computer Security Incidents in Organizations
• Presentation
By Jesus Ramirez Pichardo (Banco de Mexico), Jesus Vazquez Gomez (Banco de Mexico)
In this presentation, the authors discuss Preventive Digital Forensics, which is a modification to traditional digital forensics methods.
Learn More
Discrete Mathematical Approaches to Traffic Graph Analysis
• Presentation
By Cliff Joslyn (Pacific Northwest National Laboratory), Wendy Cowley (Pacific Northwest National Laboratory), Emilie Hogan (Pacific Northwest National Laboratory), Bryan Olsen (Pacific Northwest National Laboratory)
In this presentation, the authors discuss NetFlow multigraphs and graph statistics and provide characterizations of IP interaction during simulated attacks.
Learn More
Elasticsearch, Logstash, and Kibana (ELK)
• Presentation
By Dwight S. Beaver, Sean Hutchison
In this presentation, the authors describe how they deployed ELK, the system architecture overview, and the operational analytics that ELK can create.
Learn More
Encounter Complexes For Clustering Network Flow
• Presentation
By Leigh B. Metcalf
In this presentation, Leigh defines and demonstrates an encounter complex for analyzing network flow.
Learn More
Enterprise Data Storage and Analysis on Apache Spark
• Presentation
By Tim Barr (Cray, Inc.)
In this presentation, Tim explores a formalized architecture utilizing Apache Spark to address data storage challenges.
Learn More
Finding a Needle in a PCAP
• Presentation
By Emily Sarneso
In this presentation, Emily describes the available features in Yet Another Flowmeter (YAF) for indexing large PCAP files with flow.
Learn More
Flow Storage Revisited: Is It Time to Re-Architect Flow Storage and Processing Systems?
• Presentation
By John McHugh
In this talk, John presents the results of experiments using a modest data set comprising on the order of a billion flow records.
Learn MoreThis content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.