search menu icon-carat-right cmu-wordmark

Subject: Network Traffic Analysis

Network Traffic Analysis with SiLK: Profiling and Investigating Cyber Threats

Network Traffic Analysis with SiLK: Profiling and Investigating Cyber Threats

• SEI Blog
Paul Krystosek

Tim Shimeall and Nancy Ott co-authored this post. Cyber threats are on the rise, making it vitally important to understand what's happening on our computer networks. But the massive amount of network traffic makes this job hard. How can we find evidence of unusual, potentially hostile activity in this deluge of network data? One way is to use SiLK (System for Internet Level Knowledge), a highly-scalable tool suite for capturing and analyzing network flow data....

Read More
An Analyst-Focused Approach to Network Traffic Analysis

An Analyst-Focused Approach to Network Traffic Analysis

• SEI Blog
Geoff Sanders

Earlier this year, a team of researchers from the SEI CERT Division's Network Situational Awareness Team (CERT NetSA) released an update (3.17.0) to the System for Internet-Level Knowledge (SiLK) traffic analysis suite, which supports the efficient collection, storage, and analysis of network flow data, enabling network security analysts to query large historical traffic data sets rapidly and in a scalable way. As this post describes, our team also recently updated the Network Traffic Analysis with...

Read More