Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

George Jones
April 2014 - White Paper ALTernatives to Signatures (ALTS)

Topics: Network Situational Awareness

This paper presents the results of a study of non-signature-based approaches to detecting malicious activity in computer network traffic.

January 2014 - Presentation Quilt: A System for Distributed Temporal Queries of Security Relevant Heterogeneous Data

Topics: Network Situational Awareness

In this presentation, Tim Shimeall and George Jones describe Quilt, a distributed data query engine that allows for a broach range of data and that supports temporal relationships.

May 2013 - Poster 2013 IEEE Symposium Quilt Poster

Topics: Network Situational Awareness

This poster describes Quilt, a system for distributed queries of security-relevant data.

May 2013 - Presentation Quilt: A System for Distributed Queries of Security-Relevant Data

Topics: Network Situational Awareness

In this presentation, the authors describe Quilt, a system for distributed queries of security-relevant data.

January 2013 - Presentation Introduction to Anomaly Detection

Topics: Network Situational Awareness

In this presentation, George Jones describes anomaly detection, discusses collections and classifications, and provides candidates for operational profiles.

January 2013 - Poster Behavioral Whitelists of High Volume Web Traffic to Specific Domains

Topics: Network Situational Awareness

This poster shows how to facilitate incident analysis by creating whitelists of external domains that receive large volumes of traffic.

August 2012 - Presentation "Capture the Flag" Data Capture Experiences

Topics: Network Situational Awareness

In this presentation, the authors discuss the need for common, accessible data sets for use in security testing, training, tuning of systems, and experimentation.

January 2012 - Presentation Network Profiling with SiLK

Topics: Network Situational Awareness

This presentation describes how to use SiLK to create an inventory of assets on a network and their characteristics and associated purposes.

January 2012 - Presentation From Bandwidth to Beacon Detection, Prism and Touchpoints

Topics: Network Situational Awareness

In this presentation, given at FloCon 2012, the authors provide an overview of beacon detection.