Software Engineering Institute

A Proposed Translation Data Model for Flow Format Interoperability

September 20, 2005 • White Paper

By

Brian Trammell

In this paper, Brian Trammell presents a proposed solution to the problem of mutual unintelligibility of raw flow and intermediate analysis data.

Publisher

Software Engineering Institute

Subjects

Flocon Situational Awareness

Abstract

A significant technical barrier to the growth of the security-oriented network flow data analysis community is the mutual unintelligibility of raw flow and intermediate analysis data used by the proliferation of flow data analysis tools. As a solution to this problem, this paper presents a common event data model and a translator built around it to adapt each tool's native format to this common model.

Download PDF

Part of a Collection

FloCon 2005 Collection

Ask a question about this White Paper

This content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.

Software Engineering Institute

A Proposed Translation Data Model for Flow Format Interoperability

September 20, 2005 • White Paper

By Brian Trammell

Publisher

Subjects

Abstract

SHARE

Part of a Collection

By

Brian Trammell