Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Josh McNutt
April 2006 - Technical Report Detecting Scans at the ISP Level

Topics: Network Situational Awareness

In this 2006 report, the authors present an approach to detecting scans against, or passing through, very large networks.

September 2005 - White Paper R: A Proposed Analysis and Visualization Environment for Network Security Data (White Paper)

Topics: Network Situational Awareness

Authors: Josh McNutt

In this paper, Josh McNutt discusses the R statistical language as an analysis and visualization interface to SiLK flow analysis tools.

September 2005 - White Paper Correlations Between Quiescent Ports in Network Flows (White Paper)

Topics: Network Situational Awareness

In this paper, the authors introduce a method for detecting the onset of anomalous port-specific activity by recognizing deviation from correlated activity.

September 2005 - Presentation R: A Proposed Analysis and Visualization Environment for Network Security Data (Presentation)

Topics: Network Situational Awareness

Authors: Josh McNutt

In this presentation, Josh McNutt discusses SiLK tools, introduces R and the R-Silk library, demonstrates a prototype, and discusses analyst benefits.

September 2005 - Presentation Correlations Between Quiescent Ports in Network Flows (Presentation)

Topics: Network Situational Awareness

In this presentation, the authors discuss using FloVis to perform network data analysis.

July 2004 - Presentation Analysis of the US-CERT DAC

Topics: Network Situational Awareness

Authors: Josh McNutt

In this presentation, Josh McNutt provides an overview of the data, graphical displays, trends, and anomaly detection of the US-CERT DAC.