Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Webinar

Four Valuable Data Sources for Network Security Analytics

  • December 2017
  • By Timothy J. Shimeall
  • This webinar focused on the development and application of combined data analytics and offered several examples of analytics that combine domain resolution data, network device inventory and configuration data, and intrusion detection.
  • Network Situational Awareness
  • Publisher: Software Engineering Institute
  • Watch

  • Abstract

    This webinar focused on the development and application of combined data analytics, with several examples of analytics that combine domain resolution data, network device inventory and configuration data, network flow records, and intrusion detection system alerts. An overall approach to analytic development, first covered in a previous webinar, will be further applied to the variety of data. Interaction with webinar participants will be used to both guide the discussion and to facilitate the selection of examples. The webinar covered:

    • Specific characteristics of each of these sources of data, along with how they can inform security operations

    • Applying analysis at scale that combines multiple data sources, along with exploring the analytic model

    • Using the results of these analytics to further understand and improve network security

    • Open questions and answers with the participants

  • Slides
  • Audio
  • Transcript

About the Speaker

  • Timothy J. Shimeall

    Dr. Timothy Shimeall is a senior member of the technical staff with the CERT Network Situational Awareness Group of the Software Engineering Institute, where he is responsible for overseeing and participating in the development of analysis methods in the area of network systems security and survivability. This work includes development of methods to identify trends in security incidents and in the development of software used by computer and network intruders. Of particular interest are incidents affecting defended systems and malicious software that are effective despite common defenses. Tim is also an Adjunct Professor at Carnegie Mellon University, with teaching and research interests focused on information survivability. Before joining Carnegie Mellon University, Tim was an Associate Professor at the Naval Postgraduate School in Monterey, California. He taught a variety of topics in software engineering, systems and security and supervised numerous masters and Ph.D. theses. He has taught courses for a variety of educational institutions and private corporations, in both local and distance learning formats.