search menu icon-carat-right cmu-wordmark

A Proposed Translation Data Model for Flow Format Interoperability

September 2005 White Paper
Brian Trammell

In this paper, Brian Trammell presents a proposed solution to the problem of mutual unintelligibility of raw flow and intermediate analysis data.

Publisher:

Software Engineering Institute

Abstract

A significant technical barrier to the growth of the security-oriented network flow data analysis community is the mutual unintelligibility of raw flow and intermediate analysis data used by the proliferation of flow data analysis tools. As a solution to this problem, this paper presents a common event data model and a translator built around it to adapt each tool's native format to this common model.