Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Collection -

FloCon 2004 Collection

  • These presentations were given at FloCon 2004, an annual event where attendees discuss the analysis of large volumes of traffic and showcase the next generation of flow-based analysis techniques.
  • Network Situational Awareness
  • Publisher: CERT
  • At the first FloCon in 2004, attendees gave talks on analysis, infrastructure, and data sharing. Topics covered included scanning very large networks, standardization efforts to support data exchange, security at line speed with netflows, and AirCERT.

  • AirCERT: Building a Framework for Cross- Administrative Domain Data Sharing July 2004 Author(s): Roman Danyliw In this presentation, Roman Danyliw describes AirCERT, a scalable distributed system for sharing security event data among administrative domains.
  • Analysis of the US-CERT DAC July 2004 Author(s): Josh McNutt In this presentation, Josh McNutt provides an overview of the data, graphical displays, trends, and anomaly detection of the US-CERT DAC.
  • Data Sharing: Lessons Learned by the CERT/CC and the CERT/NetSA Groups July 2004 Author(s): Roman Danyliw In this presentation, Roman Danyliw provides an overview of data sharing, and discusses related concerns and observations.
  • Empirically Based Analysis: The DDoS Case July 2004 Author(s): Michael Collins In this keynote presentation, John McHugh explores four themes in thinking about flow analysis.
  • Detection and Analysis of Scans on Very Large Networks July 2004 Author(s): Marc I. Kellner, Carrie Gates In this presentation, the authors discuss scan detection, scan database, and the analysis of scans.
  • Flow Data Analysis in SWITCH / ETH Zurich Project DDoSVax July 2004 Author(s): Arno Wagner (Communication Systems Laboratory Swiss Federal Institute of Technology Zurich (ETH Zurich)) In this presentation, Arno Wagner discusses flow data usage by SWITCH, offline analysis examples, traffic amount vs. unique addresses, and analysis tools.
  • Locality Based Analysis of Network Flows July 2004 Author(s): John McHugh, Carrie Gates, Damon Becknel In this presentation, the authors discuss analyzing network data flows using locality, which involves using past observations to predict future behavior.
  • NetFlow Data Capturing and Processing at SWITCH and ETH Zurich July 2004 Author(s): Arno Wagner (Communication Systems Laboratory Swiss Federal Institute of Technology Zurich (ETH Zurich)) In this presentation, Arno Wagner describes how SWITCH and ETH Zurich capture and process netflow data.
  • Network Telescopes: The FloCon Files July 2004 Author(s): David Moore (Cooperative Association for Internet Data Analysis (CAIDA)), Colleen Shannon (Cooperative Association for Internet Data Analysis (CAIDA)) In this presentation, the authors describe CAIDA, a collaboration aimed at promoting cooperation in the engineering and maintenance of internet infrastructure.
  • Security at Line Speed with NetFlows July 2004 Author(s): William Yurcik (National Center for Supercomputing Applications (NCSA) at University of Illinois at Urbana-Champaign) In this presentation, William Yurcik discusses netflows, instrumentation issues, the data management problem, and NCSA's netflows architecture.
  • Sharing Intelligence Is Our Best Defense: Incentives That Work versus Disincentives That Can Be Solved July 2004 Author(s): William Yurcik (National Center for Supercomputing Applications (NCSA) at University of Illinois at Urbana-Champaign), Adam Slagell (National Center for Supercomputing Applications (NCSA) at University of Illinois at Urbana-Champaign), Jun Wang (National Center for Supercomputing Applications (NCSA) University of Illinois at Urbana-Champaign) In this presentation, the authors describe the use of ISACs to gather, analyze, and share data to combat cybersecurity problems.
  • Statistical Methods for Flow Data July 2004 Author(s): Joseph B. Kadane (Department of Statistics, Carnegie Mellon University) In this presentation, Joseph B. Kadane discusses how Bayesian methods help make the logistic regression approach to scan data stable and operationally feasible.
  • The State of Standardization Efforts to Support Data Exchange in the Security Domain July 2004 Author(s): Roman Danyliw In this presentation, Roman Danyliw provides an overview of flow and packet formats, alert and event forms, and context-relevant formats.
  • Wish List July 2004 Author(s): Thomas A. Longstaff In this article, Soumyo D. Moitra describes the data needed to plan network security, particularly related to acquiring and deploying network sensors systems.