Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Sid Faber
March 2016 - Webinar Using Network Flow to Gain Cyber Situational Awareness

Topics: Network Situational Awareness

Authors: Sid Faber

During this webinar we discussed the foundations of cyber situational awareness and how to apply situational awareness concepts to the cyber domain.

October 2012 - Podcast Using Network Flow Data to Profile Your Network and Reduce Vulnerabilities

In this podcast, participants discuss how a network profile can help identify unintended points of entry, misconfigurations, and other weaknesses.

August 2012 - Technical Report Network Profiling Using Flow

Topics: Network Situational Awareness

In this report, the authors provide a step-by-step guide for profiling and discovering public-facing assets on a network using netflow data.

May 2012 - Presentation Adding Network Flow Analysis to Your Security Architecture

Topics: Network Situational Awareness

Authors: Sid Faber

In this 2011 presentation, Sid Faber discusses network flow analysis and typical network security plans, and describes related tools and analyses.

January 2012 - Presentation Teaching Flow Analysis with Live Flow Data

Topics: Network Situational Awareness

In this presentation, the authors describe a partnership with the City of Pittsburgh and Carnegie Mellon to use live flow data to teach flow analysis.

January 2012 - Presentation From Bandwidth to Beacon Detection, Prism and Touchpoints

Topics: Network Situational Awareness

In this presentation, given at FloCon 2012, the authors provide an overview of beacon detection.

January 2011 - Presentation Garbage Collection: Using Flow to Understand Private Network Data Leakage

Topics: Network Situational Awareness

Authors: Sid Faber

In this presentation, Sid Faber shows how you can use garbage collection to explore data leakage in your network.

January 2010 - Presentation Strip Plots: A Simple Automated Time-Series Visualization

Topics: Network Situational Awareness

Authors: Sid Faber

In this presentation, Sid Faber describes an approach to a self-maintaining network profile using batch processing, email, quick triage, and intuitive design.

January 2009 - Presentation Is There Any Value In Bulk Network Traces?

Topics: Network Situational Awareness

Authors: Sid Faber

In this presentation, Sid Faber describes the value of bulk network traces if data sources are tuned to the needed research.

September 2008 - Presentation Responsible Disclosure: A Case Study of CERT VU#800133, “DNS Cache Poisoning Issue”

Topics: Network Situational Awareness

Authors: Sid Faber

In this presentation, Sid Faber describes details of the vulnerability “DNS Cache Poisening Issue.”

January 2008 - Presentation Using the Google Maps API for Flow Visualization

Topics: Network Situational Awareness

Authors: Sid Faber

In this presentation, Sid Faber discusses a process for visualizing flow data using data extraction, geolocation, XML, Google Maps API, and HTML.

June 2007 - Presentation Analysis of AS112 Traffic

Topics: Network Situational Awareness

Authors: Sid Faber

In this 2007 presentation, Sid Faber discusses the internal network topology data that's exposed to the public internet.

May 2007 - Conference Paper Predicting Future Botnet Addresses With Uncleanliness

Topics: Network Situational Awareness

In this paper, the authors discuss whether we can effectively predict future bot locations.