These presentations were given at FloCon 2018, an annual event where attendees discuss the analysis of large volumes of traffic and showcase the next generation of flow-based analysis techniques.
Big Data PlatformJanuary 2018
In this presentation, the author discusses the evolution of the Big Data Platform, examples of how it is being used today, and key lessons learned in its development.
Creating & Sharing Value with Network Activity &Threat CorrelationJanuary 2018
Author(s): Dr. Jamison Day (Looking Glass)
In this presentation, the author examines the key impediments to effective information sharing and explore how network activity and threat correlation can alter cyber economics to diminish threat actor return on investment.
Optimal Machine Learning AlgorithmsJanuary 2018
Author(s): Hafiz Farooq (Saudi Aramco)
This research paper allows SOC individuals to understand how to use machine learning algorithms optimally in order to complement existing conventional threat hunting capabilities.
Analysis of DNS Traffic on the Network EDGE, and In MotionJanuary 2018
Author(s): Fred Stringer (AT&T Chief Security Organization)
In this presentation, the author describes cyber analysis of DNS traffic at the Internet peering points using a streaming data analysis platform and algorithms to create actionable reports in minutes.
Threat Hunting for Lateral MovementJanuary 2018
Author(s): Adam Fuchs (Sqrrl), Ryan Nolette (Sqrrl)
In this presentation, the authors review the various techniques attackers use to spread through a network, which data sets you can use to reliably find them, and how data science techniques can be used to help automate the detection of lateral movement.
Anomaly Detection in Bipartite NetworksJanuary 2018
Author(s): Mohammed Eslami (Netrias, LLC)
In this presentation, the author discusses automated methods to identify anomalies in cyber networks with data collected at the edge of a network (or other bipartite network).