FloCon 2019 Presentations
• Collection
Publisher
Software Engineering Institute
Subjects
Abstract
This collection of presentations were given at FloCon 2019, an annual event where attendees discuss the analysis of large volumes of traffic and showcase the next generation of flow-based analysis techniques.
Collection Items
Improved Hunt Seeding with Specific Anomaly Scoring
• Presentation
By Brenden Bishop (Columbus Collaboratory)
In this presentation, the attendees were presented with a flexible, open-source tool for non-parametrically modeling multivariate densities of network logs.
Learn More
Using Triangulation to Evaluate Machine Learning Models
• Presentation
By Andrew Fast, PhD (CounterFlow AI)
In this presentation, Dr. Andrew Fast presents a series of questions and data queries that can be used to determine the parameters of effectiveness for a machine learning model.
Learn More
Cybersecurity Data Science: Best Practices from the Field
• Presentation
By Scott Mongeau (SAS)
In this presentation, the author seeks to take a step back from methodological insights and case studies to ask larger questions concerning the status of cybersecurity data science as an …
Learn More
Four Machine Learning Techniques that Tackle Scale - And Not Just By Increasing Accuracy
• Presentation
By Lindsey Lack (Gigamon Applied Threat Research (ATR)
In this presentation the author presents an overview of the ways in which recent machine learning techniques can provide ancillary value—value beyond accurate predictions—that helps with the problems of scaling …
Learn More
The Power of Cyber Threat Intelligence
• Presentation
By Eboni Thamavong (X8, Full Spectrum Engagement)
In this presentation, the author discusses how to anticipate the right questions and convey the right information to executives through case studies that highlight the power of what cyber threat …
Learn More
The Generation and Use of TLS Fingerprints
• Presentation
By Blake Anderson (Cisco Systems, Inc.), David McGrew (Cisco Systems, Inc.), Keith Schomburg (Cisco Systems, Inc.)
In this presentation, the authors describe a TLS fingerprinting system and discusses the common pitfalls when using this type of information and analyzes techniques that make effective use of our …
Learn More
Monitoring Massive Network Traffic using Bayesian Inference
• Presentation
By David Rodriguez (Cisco Systems, Inc.)
In this presentation, the author discusses methods for performing large scale Bayesian inference on DNS logs aggregated into count data, representing the number of requests from tens of millions of …
Learn More
Using Generative Adversarial Networks to Improve Phishing Domain Classifiers
• Presentation
By Jen Burns (The MITRE Corporation), Emily Heath (Mitre)
In this presentation, the authors discuss the use of generative adversarial networks (GANs) to construct synthetic phishing domains as potential evasion attacks, and test the value of including these domains …
Learn More
Harvesting Logs for Enhanced Investigations
• Presentation
By David Gainey (Defense Information Systems Agency)
In this talk, the author discusses the type of information that should be continuously collected and kept on-hand for investigative value in the case of a network compromise, and he …
Learn More
Network Telescopes Revisited: From Loads of Unwanted Traffic to Threat Intelligence
• Presentation
By Piotr Bazydlo (Research and Academic Computer Network (NASK, Poland)), Adrian Korczak (Research and Academic Computer Network (NASK, Poland), Pawel Pawlinski (Research and Academic Computer Network (NASK, Poland))
This presentation introduces a comprehensive system developed to analyze malicious traffic on a large scale and produce actionable results in close to real time.
Learn More