Software Engineering Institute

These presentations were given FloCon 2013, a network security conference, took place in Albuquerque, New Mexico, on January 7–10, 2013. At FloCon 2013, organizers and participants focused on the challenges of "Analysis at Scale." In large network environments, flow data helps to provide a scalable way of seeing the big picture, as well as a streamlined platform for highlighting patterns of malicious behavior over time. More and more commercial tools and platforms are available for collecting and storing not only flow data, but large volumes of other data such as DNS information, packet capture, security logs, and incident reports. This year, participants discussed how to refine "big data" into knowledge, design methods for aggregated analyses at the network edge, and build systems for monitoring thousands or millions of assets at once.