FloCon 2023 Assets
• Collection
Publisher
Software Engineering Institute
Subjects
Abstract
FloCon 2023 was hosted by the Software Engineering Institute (SEI) and held in Santa Fe, NM on January 9-12, 2023. FloCon centers on improving network security by analyzing a variety of data supported by innovative machine learning, hardware, and network storage.
We now collect enormous amounts of data from our systems. How can we apply the power of scalable analytics to this large-scale data to protect our systems from cyber threats—both internal and external? FloCon 2023’s theme, Situational Awareness: Beyond the Network, focuses on using these analytics to safeguard organizations and networks.
Find presentations and posters from FloCon 2023 below.
Collection Items

DeCypher: Cyber Knowledge Graph Queries Expressed through Natural Language
• Presentation
By Steven Noel (MITRE)
This session focuses on DeCypher, which represents the first known approach to natural language processing for constructing graph database queries for cyber situational understanding.
Learn More
IPFIX and DPI Information in a Big Data Environment
• Presentation
By Katherine Prevost, Timothy J. Shimeall
This presentation describes several tools for processing IPFIX flow data with DPI details.
Learn More
Taranis NG - A New Tool for OSINT Analysis
• Presentation
By Milan Pikula (National Cyber Security Centre)
This presentation describes how to process raw OSINT sources into actionable vulnerability advisories, threat intel, and more, using a recently released open-source tool.
Learn More
DIB-VDP Pilot - Trail Blazers!
• Presentation
By Melissa Vice (DoD Cyber Crime Center)
This talk presents significant outcomes that affect the nation's Defense Industrial Base (DIB).
Learn More
Practical GAN-based Synthetic IP Header Trace Generation using NetShare
• Presentation
By Yucheng Yin (Carnegie Mellon University)
This presentation describes using Generative Adversarial Networks (GANs) to automatically learn generative models to generate synthetic packet- and flow header traces for networking tasks.
Learn More
Knowledge Graphs for Security: Past, Present, and Future
• Presentation
By Scott Mongeau (SAS)
This session describes the core value propositions of knowledge graphs (KGs).
Learn More
Anomaly Detection on Devices DNS Queries Using Deep Learning
• Presentation
By Fatemeh Riahi (Infoblox)
This talk describes a lightweight DNS anomaly detection system that employs a deep learning method on DNS traffic to characterize network devices.
Learn More
Combating Disinformation in DNS and Beyond
• Presentation
By Blake Anderson (Cisco Systems, Inc.)
This presentation describes commonly employed evasion strategies that attempt to erode the value of domain name-based indicators of compromise, including domain fronting, domain faking, and residential proxying.
Learn More
Detecting DNS Tunneling Using Behavioral and Content Metadata Features
• Presentation
By Darin Johnson (Infoblox)
This talk describes new work emphasizing a reduction in false positives when using DNS tunneling to detect and counter.
Learn More
Guppy: A Scalable Security Data Lake
• Presentation
By Faisal Alghamdi (Saudi Aramco), Hafiz Farooq (Saudi Aramco)
This session explains a generic and scalable Security Data Lake framework that is tuned to handle all types of security data.
Learn MoreThis content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.