FloCon 2020 Presentations
• Collection
Publisher
Software Engineering Institute
Topic or Tag
Abstract
These presentations were given at FloCon 2020, an annual conference that focuses on data-driven network security. Speakers from industry, government, and academia presented talks on how to apply "big data" analysis techniques to solve difficult security problems.
Collection Items
AI is Not Magic: Machine Learning for Network Security
• Presentation
By Lena Pons, Eliezer Kanal
This presentation introduces foundational data science concepts and prepares attendees to scope new Artificial Intelligence and Machine Learning projects.
Learn MoreSysFlow: Scalable System Telemetry for Improved Security Analytics
• Presentation
By Federico Araujo (IBM Research), Teryl Taylor (IBM Research)
This presentation introduces SysFlow as a new data representation for system behavior introspection for scalable security, compliance, and performance analytics.
Learn MoreData Driven Security Challenges
• Presentation
By Timothy J. Shimeall
This presentation discusses data driven security challenges in network security.
Learn MoreBayes at 10+ Gbps: Identifying Malicious and Vulnerable Processes from Passive Traffic Fingerprinting
• Presentation
By David McGrew (Cisco Systems, Inc.)
This presentation describes an inferencing system and its implementation, results in applying it to real-world traffic, and open issues in this technology area.
Learn MoreLess is More with Intelligent Packet Capture
• Presentation
By Randy Caldejon (CounterFlow AI)
Attendees learned to build and deploy a cost-effective network forensics solution with open source tools like Argus and Dragonfly Machine Learning Engine.
Learn MoreAlchemy: Stochastic Data Augmentation for Malicious Network Traffic Detection
• Presentation
By Bo Hu (NTT Group)
This presentation introduces a stochastic method called Alchemy that regenerates a set of feature vectors by randomly resampling the raw traffic data of each bag into several subsets.
Learn MoreComcast Security Analytics Platform
• Presentation
By Gary Gabriel (Comcast), Mason Cheng (Comcast)
This presentation showed practical ways to process large-scale security-related data and analyze it using cloud based infrastructure.
Learn MoreThe Long & Winding Road to Production-Worthy
• Presentation
By Emily Heath (Mitre)
In this presentation, attendees learned valuable skills for how to test their analytics from different perspectives. From an operational perspective, the presenter discussed how to evaluate analytics for coverage of …
Learn MoreA Structural Approach to Modeling Encrypted Connections
• Presentation
By Anthony Kasza (Corelight)
This presentation discusses how the concept of SOL can be applied to model encrypted protocols, including the SSH, SSL, and RDP protocols.
Learn MoreAutomating Reasoning with ATT&CK?
• Presentation
By Jonathan Spring
This presentation discusses limitations in MITRE's ATT&CK framework and proposes ways to restructure it to be more useful.
Learn MoreMobile Users’ Susceptibility to Phishing Attacks
• Presentation
By Ley Sylvester (Blackbaud)
This presentation shows how user behavior impacts the phishing landscape and how their perception of threats affects their motivation to avoid phishing attack threats.
Learn MoreHow to Use Machine Learning for a Phishing Incident Response
• Presentation
By Erez Harush (Palo Alto Networks)
In this presentation, attendees learned how to build their own phishing email classifier based on their email datasets, observed a model in action, and saw how the model numbers related …
Learn MoreMethods for Testing and Qualifying Analytics
• Presentation
By Timothy J. Shimeall
This presentation describes a process for testing analytics and qualifying them to be used to inform ongoing network defense.
Learn MoreLook Ma, No Malware!
• Presentation
By Renee Burton (Infoblox)
This presentation uses a specific instance of this problem, DNS-based DDoS attacks, as a case study to highlight how the application of unsupervised learning, and some particular methodologies, can help …
Learn MoreMalware's Abuse of Privacy Enhancing Technologies
• Presentation
By Cisco Systems, Inc.
This presentation discusses the prevalence of malware using recently approved standards and the visibility losses associated with these standards. It also describes how malware is using censorship circumvention programs.
Learn MoreCode Similarity Detection Using Syntax-Agnostic Locality Sensitive Hashing
• Presentation
By Novetta
This presentation describes how to maintain the security of large codebases by using Syntax-Agnostic Locality Sensitive Hashing (LSH) to detect and search for code similarity.
Learn MoreUsing Deep Neural Networks to Detect Compromised Hosts in Large Scale Networks
• Presentation
By Angel Kodituwakku (The University of Tennessee Knoxville), Eboni Thamavong (X8, Full Spectrum Engagement)
In this presentation, the authors discuss the generation of a new dataset based on recent, real network data from global research and education that is fused with actual threat lists …
Learn MoreRequired Elements for Constructing a Highly Adoptable and Adaptive Digital Forensic Model
• Presentation
By Ken Rodgers (K-Rod Technology)
The study consisted of elemental theme generation using a United States sample population of 20 experts in the field of digital forensics from private and public sectors.
Learn MoreUncovering Priority Anomalies using Pattern Discovery as a Roadmap for Contextual Analysis
• Presentation
By Thomas S. Henretty, PhD (Reservoir Labs)
In this talk, attendees will be exposed to a unique approach to network anomaly detection and prioritization that combines tensor decompositions with deeper, query-based analysis.
Learn MoreCybersecurity Data Science 2020: Practitioner Perspectives and Guidance
• Presentation
By Scott Mongeau (SAS)
This talk addresses fundamental questions concerning the status of cybersecurity data science (CSDS) as an emerging profession.
Learn MoreCountermeasures to Security Threats in Networked Medical Devices
• Presentation
By Melinda Lyles (Florida Southwestern State College)
This presentation discussed ways to make IT support and healthcare organizations aware of the growing need for countermeasures to risks associated with networked medical devices.
Learn MoreThis content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.