Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Presentation

Network Flow Analysis in Information Security Strategy

  • Watch

  • Abstract

    Information security strategies may be classified by a functional series of impacts on attempts to violate assurance policies: deception, frustration, resistance, recognition-and-recovery. A recent book-length treatment of these strategies identified network flow analysis with recognition-and-recovery, but use of network flow data supports the other strategies as well.

    This presentation lays out a series of analytics keyed to the strategies they support: traffic baselining to support deception, attack surface estimation to support frustration, anomaly analysis to support resistance, attack profiling to support recognition-and-recovery. The presentation concludes with discussions of combinations of these analytics in an integrated security approach.

  • Download

Part of a Collection

FloCon 2015 Collection