FloCon 2015 Collection
These presentations were given at FloCon 2015, an open conference that provides operational network analysts, tool developers, and researchers a forum to discuss the analysis of large volumes of traffic to showcase the next generation of flow-based analysis techniques.
The theme of FloCon 2015 was "Formalizing the Art," and participants discussed the art of network analysis and how to make it more formal, rigorous, reliable, well-grounded, or repeatable. Participants also discussed academic advances in novel analytics and the operationalization and automation of well-known techniques.
Advances in Semantically Augmented Flow Data for Dynamic Impact Assessment, Response Selection, and Alert Prioritization
By Nik Kinkel (The Ames Laboratory), Harris T. Lin (The Ames Laboratory), Chris Strasburg (The Ames Laboratory)
In this talk, the authors discuss strategies for optimizing the addition of semantic information to flow data to enable it to be used in real time.Learn More
Approaching Intelligent Analysis for Attribution and Tracking the Lifecycle of Threats
In this presentation, Timur Snoke proposes combining the threat assessment native to the Cyber Kill Chain and the attribution capability of the Diamond model.Learn More
Creating Preventive Digital Forensics Systems to Proactively Resolve Computer Security Incidents in Organizations
In this presentation, the authors discuss Preventive Digital Forensics, which is a modification to traditional digital forensics methods.Learn More
Discrete Mathematical Approaches to Traffic Graph Analysis
By Cliff Joslyn (Pacific Northwest National Laboratory), Wendy Cowley (Pacific Northwest National Laboratory), Emilie Hogan (Pacific Northwest National Laboratory), Bryan Olsen (Pacific Northwest National Laboratory)
In this presentation, the authors discuss NetFlow multigraphs and graph statistics and provide characterizations of IP interaction during simulated attacks.Learn More
Enterprise Data Storage and Analysis on Apache Spark
In this presentation, Tim explores a formalized architecture utilizing Apache Spark to address data storage challenges.Learn More
Flow Storage Revisited: Is It Time to Re-Architect Flow Storage and Processing Systems?
By John McHugh
In this talk, John presents the results of experiments using a modest data set comprising on the order of a billion flow records.Learn More
This content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.