Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library


Using Network Flow to Gain Cyber Situational Awareness

  • Watch

  • Abstract

    Cyber situational awareness is an emerging topic in network operations and defense, yet the overarching concept of situational awareness has been widely used and studied extensively for decades. During this webinar we discussed

    • the foundations of cyber situational awareness
    • how to apply situational awareness concepts to the cyber domain
    • how network flow plays a critical part in gaining situational awareness over today’s complex networks
    • tools that can be used to collect and analyze network flow data
    • examples that show the successful use of network flow to solve operational and security problems 
  • Audio
  • Transcript
  • Slides

About the Speaker

  • Sid Faber

    Sid Faber is a member of the technical staff within the CERT® Program at the Software Engineering Institute (SEI), a unit of Carnegie Mellon University in Pittsburgh, PA. As a member of the Network Situational Awareness (NetSA) analysis team, Faber supports sponsors by providing detailed reports of current and historical network activities. His current areas of interest include fusing massive network data sets, enabling analysts with tools and methods necessary to defend large networks, using large-scale DNS monitoring to detect malicious behavior, and designing closed networks for improved security. Faber also serves as an adjunct faculty member at the Carnegie Mellon University Heinz College of Information Systems & Management and at the University of Pittsburgh, School of Information Sciences. Prior to joining the SEI, Faber worked as a security architect with Federated Investors, one of the largest investment managers in the United States. His experience includes more than fifteen years in software application security, development, and evaluation, and five years in the U.S. Navy Nuclear Power Officer program.