FloCon 2020 Presentations
• Collection
Publisher
Software Engineering Institute
Topic or Tag
Abstract
These presentations were given at FloCon 2020, an annual conference that focuses on data-driven network security. Speakers from industry, government, and academia presented talks on how to apply "big data" analysis techniques to solve difficult security problems.
Collection Items
AI is Not Magic: Machine Learning for Network Security
• Presentation
By Lena Pons, Eliezer Kanal
This presentation introduces foundational data science concepts and prepares attendees to scope new Artificial Intelligence and Machine Learning projects.
Learn More
SysFlow: Scalable System Telemetry for Improved Security Analytics
• Presentation
By Federico Araujo (IBM Research), Teryl Taylor (IBM Research)
This presentation introduces SysFlow as a new data representation for system behavior introspection for scalable security, compliance, and performance analytics.
Learn More
Data Driven Security Challenges
• Presentation
By Timothy J. Shimeall
This presentation discusses data driven security challenges in network security.
Learn More
Bayes at 10+ Gbps: Identifying Malicious and Vulnerable Processes from Passive Traffic Fingerprinting
• Presentation
By David McGrew (Cisco Systems, Inc.)
This presentation describes an inferencing system and its implementation, results in applying it to real-world traffic, and open issues in this technology area.
Learn More
Less is More with Intelligent Packet Capture
• Presentation
By Randy Caldejon (CounterFlow AI)
Attendees learned to build and deploy a cost-effective network forensics solution with open source tools like Argus and Dragonfly Machine Learning Engine.
Learn More
Alchemy: Stochastic Data Augmentation for Malicious Network Traffic Detection
• Presentation
By Bo Hu (NTT Group)
This presentation introduces a stochastic method called Alchemy that regenerates a set of feature vectors by randomly resampling the raw traffic data of each bag into several subsets.
Learn More
Comcast Security Analytics Platform
• Presentation
By Gary Gabriel (Comcast), Mason Cheng (Comcast)
This presentation showed practical ways to process large-scale security-related data and analyze it using cloud based infrastructure.
Learn More
The Long & Winding Road to Production-Worthy
• Presentation
By Emily Heath (Mitre)
In this presentation, attendees learned valuable skills for how to test their analytics from different perspectives. From an operational perspective, the presenter discussed how to evaluate analytics for coverage of …
Learn More
A Structural Approach to Modeling Encrypted Connections
• Presentation
By Anthony Kasza (Corelight)
This presentation discusses how the concept of SOL can be applied to model encrypted protocols, including the SSH, SSL, and RDP protocols.
Learn More
Automating Reasoning with ATT&CK?
• Presentation
By Jonathan Spring
This presentation discusses limitations in MITRE's ATT&CK framework and proposes ways to restructure it to be more useful.
Learn More
Mobile Users’ Susceptibility to Phishing Attacks
• Presentation
By Ley Sylvester (Blackbaud)
This presentation shows how user behavior impacts the phishing landscape and how their perception of threats affects their motivation to avoid phishing attack threats.
Learn More
How to Use Machine Learning for a Phishing Incident Response
• Presentation
By Erez Harush (Palo Alto Networks)
In this presentation, attendees learned how to build their own phishing email classifier based on their email datasets, observed a model in action, and saw how the model numbers related …
Learn More
Methods for Testing and Qualifying Analytics
• Presentation
By Timothy J. Shimeall
This presentation describes a process for testing analytics and qualifying them to be used to inform ongoing network defense.
Learn More
Look Ma, No Malware!
• Presentation
By Renee Burton (Infoblox)
This presentation uses a specific instance of this problem, DNS-based DDoS attacks, as a case study to highlight how the application of unsupervised learning, and some particular methodologies, can help …
Learn More
Malware's Abuse of Privacy Enhancing Technologies
• Presentation
By Cisco Systems, Inc.
This presentation discusses the prevalence of malware using recently approved standards and the visibility losses associated with these standards. It also describes how malware is using censorship circumvention programs.
Learn More
Code Similarity Detection Using Syntax-Agnostic Locality Sensitive Hashing
• Presentation
By Novetta
This presentation describes how to maintain the security of large codebases by using Syntax-Agnostic Locality Sensitive Hashing (LSH) to detect and search for code similarity.
Learn More
Using Deep Neural Networks to Detect Compromised Hosts in Large Scale Networks
• Presentation
By Angel Kodituwakku (The University of Tennessee Knoxville), Eboni Thamavong (X8, Full Spectrum Engagement)
In this presentation, the authors discuss the generation of a new dataset based on recent, real network data from global research and education that is fused with actual threat lists …
Learn More
Required Elements for Constructing a Highly Adoptable and Adaptive Digital Forensic Model
• Presentation
By Ken Rodgers (K-Rod Technology)
The study consisted of elemental theme generation using a United States sample population of 20 experts in the field of digital forensics from private and public sectors.
Learn More
Uncovering Priority Anomalies using Pattern Discovery as a Roadmap for Contextual Analysis
• Presentation
By Thomas S. Henretty, PhD (Reservoir Labs)
In this talk, attendees will be exposed to a unique approach to network anomaly detection and prioritization that combines tensor decompositions with deeper, query-based analysis.
Learn More
Cybersecurity Data Science 2020: Practitioner Perspectives and Guidance
• Presentation
By Scott Mongeau (SAS)
This talk addresses fundamental questions concerning the status of cybersecurity data science (CSDS) as an emerging profession.
Learn More
Countermeasures to Security Threats in Networked Medical Devices
• Presentation
By Melinda Lyles (Florida Southwestern State College)
This presentation discussed ways to make IT support and healthcare organizations aware of the growing need for countermeasures to risks associated with networked medical devices.
Learn MoreThis content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.