Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

John Gerth (Stanford University)
May 2017 - Presentation Using Flow for Realtime Traffic Management in 100G Networks

In this presentation, the authors discuss using flow for realtime traffic and the challenges that can occur.

January 2016 - Presentation Role Model Transformations for Flow Analysis in Cyberdefense

Topics: Network Situational Awareness

In this presentation, the author shows mathematical operations that can be used to transform between and organize flow data for different role models.

January 2015 - Presentation Locality: A Semi-Formal Flow Dimension

Topics: Network Situational Awareness

In this talk, John Gerth discusses "locality," a semi-formal dimension of a flow derived from attributes of the address pairs.

January 2014 - Presentation Stucco: Situation and Threat Understanding by Correlating Contextual Observations

Topics: Network Situational Awareness

This 2014 presentation shows how Stucco puts security events in context and shows how threats relate to a cyber security analyst's environment.

January 2014 - Presentation PCR - A Flow Metric for the Producer/Consumer Relationship

Topics: Network Situational Awareness

In this presentation, Carter Bullard and John Gerth discuss data exfiltration and detection methods.

January 2012 - Presentation Implementing Packet Dynamic Awareness in Argus

Topics: Network Situational Awareness

In this presentation, the authors discuss Argus and how they use packet dynamics in near-real-time cyber-situational awareness systems.

January 2008 - Presentation Incorporating Network Flows in Intrusion Incident Handling and Analysis

Topics: Network Situational Awareness

In this presentation, John Gerth discusses the role network flows play in computer security intrusion investigations.