Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Vincent Berk (Dartmouth College)
January 2014 - Presentation NetFlow Epidemiology: Tracking Negative Trust

Topics: Network Situational Awareness

In this presentation, the authors propose a set of NetFlow rules to minimize false positives and a heuristic by which to apply the rules in real time.

January 2013 - Presentation Identifying Network Users Using Flow-Based Behavioral Fingerprinting

Topics: Network Situational Awareness

In this FloCon 2013 presentation, the authors discuss how to identify network users using flow-based behavioral fingerprinting.

October 2006 - Presentation Attribution and Aggregation of Network Flows for Security Analysis (Presentation)

Topics: Network Situational Awareness

In this paper, the authors describe a network flow analyzer capable of attribution and aggregation of different flows to identify suspicious behaviors.

October 2006 - White Paper Attribution and Aggregation of Network Flows for Security Analysis (White Paper)

Topics: Network Situational Awareness

In this paper, the authors describe a network flow analyzer capable of attribution and aggregation of different flows to identify suspicious behaviors.

September 2005 - Presentation Covert Channel Detection Using Process Query Systems (Presentation)

Topics: Network Situational Awareness

In this presentation, the authors discuss detecting covert channels, a subtle way of moving data, using a process query system.

September 2005 - White Paper Covert Channel Detection Using Process Query Systems (White Paper)

Topics: Network Situational Awareness

In this FloCon 2005 presentation, the author uses traffic analysis to investigate a stealthy form of data exfiltration.