FloCon 2016 Presentations
• Collection
Publisher
Software Engineering Institute
Topic or Tag
Abstract
These presentations were given at FloCon 2016, a network security conference that provides a forum to discuss large-scale network flow analytics. Showcasing next-generation analytic techniques, FloCon is geared toward operational analysts, tool developers, researchers, and others interested in applying the latest analytics against large volumes of traffic.
Browse the collection of presentations and
contact us if you have questions.
Collection Items
Keynote: Achieving a Secure and Resilient Cyber Ecosystem: A Way Ahead
• Presentation
By Dr. Peter M. Fonash (Department of Homeland Security, CS&C)
This keynote presentation was given in January 2016 at FloCon, a network security conference that provides a forum for large-scale network flow analytics.
Learn More
A Meaningful Metric for IPv4 Addresses
• Presentation
By Leigh B. Metcalf
This presentation was given in January 2016 at FloCon, a network security conference that provides a forum for large-scale network flow analytics.
Learn More
Better Reporting Guidelines for Better Data
• Presentation
By Christopher Washington (Department of Homeland Security), Brian Allen (US-CERT)
This presentation was given in January 2016 at FloCon, a network security conference that provides a forum for large-scale network flow analytics.
Learn More
Capturing and Processing One Million Network Flows Per Second with SiLK: Challenges and Strategies
• Presentation
By Robert Techentin (Mayo Clinic), David R. Holmes (Mayo Clinic), James C. Nelms (Mayo Clinic), Barry K. Gilbert (Mayo Clinic)
This presentation describes flow data collection at the Mayo Clinic.
Learn More
Classifying Encrypted Traffic with TLS-Aware Telemetry
• Presentation
By Blake Anderson (Cisco Systems, Inc.), David McGrew (Cisco Systems, Inc.), Alison Kendler (Cisco Systems, Inc.)
In this presentation, the authors propose augmenting the typical 5-tuple with TLS-aware telemetry elements.
Learn More
Command and Control Mechanism Trends in Exploit Kits, RATs, APTs, and Other Malware
• Presentation
By Mark Mager
In this FloCon 2016 presentation, the author provides a brief summary of common C2 TTPs observed during 2015.
Learn More
Data Fusion: Enhancing NetFlow Graph Analytics
• Presentation
By Emilie Purvine, Bryan Olsen (Pacific Northwest National Laboratory), Cliff Joslyn (Pacific Northwest National Laboratory)
In this FloCon 2016 presentation, the authors explain RDP logins and why they are important to analyze in the context of NetFlow.
Learn More
Detecting Traffic to Recently Unparked Domains with Analysis Pipeline
• Presentation
By Daniel Ruef
In this presentation, the authors discuss using an Analysis Pipeline to detect (1) changes in the control plane and (2) data going to recently unparked IP addresses.
Learn More
Distributed Sensor Data Contextualization at Scale for Threat Intelligence Analysis
• Presentation
By Jason Trost (ThreatStream, Inc.)
In this FloCon 2016 presentation, the author discusses his experiences with analyzing data collected from distributed honeypot sensors, p0f, snort/suricata, and botnet sinkholes.
Learn More
Gosh Wow, Volusia Networks!
• Presentation
By Brian Whiting
This FloCon 2016 presentation describes network operations at Volusia County, Florida.
Learn More