Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Michael Collins (RedJack)
January 2016 - Presentation Network Monitoring and Deceptive Defenses

Topics: Network Situational Awareness

In this FloCon 2016 presentation, the authors discuss the use of network monitoring to support deceptive defenses.

January 2015 - Presentation Using Vantage to Manage Complex Sensor Networks

Topics: Network Situational Awareness

In this talk, Michael Collins introduces a systematic methodology for analyzing the vantage of sensor systems.

January 2013 - Presentation Identifying Network Traffic Activity Via Flow Sizes

Topics: Network Situational Awareness

Authors: Michael Collins

In this presentation, given at FloCon 2013, Michael Collins discusses how to measure NetFlow and DNS traffic captures.

January 2010 - Presentation Flow Traffic Analysis Narratives

Topics: Network Situational Awareness

Authors: Michael Collins

In this presentation, Michael Collins describes the importance of developing narratives that abstractly describe activity between hosts.

January 2009 - Presentation Integrating Human and Synthetic Reasoning Via Model-Based Analysis

Topics: Network Situational Awareness

Authors: Michael Collins

In this presentation, Michael Collins describes a model that combines AI and user interface through fault trees to capture knowledge and improve efficiency.

January 2008 - Presentation Attack Reduction and Anomaly Modeling in Popularly Targeted Protocols

Topics: Network Situational Awareness

Authors: Michael Collins

In this presentation, Michael Collins discusses noise in traffic flows and its effect on anomaly detection, two-stage filtering, and methods to reduce attacks.

May 2007 - Conference Paper Predicting Future Botnet Addresses With Uncleanliness

Topics: Network Situational Awareness

In this paper, the authors discuss whether we can effectively predict future bot locations.

September 2006 - White Paper Finding Peer-To-Peer File-Sharing Using Coarse Network Behaviors?

Topics: Insider Threat

In this paper, the authors propose a set of tests for identifying masqueraded peer-to-peer file-sharing based on traffic summaries (flows).

July 2006 - White Paper A Model for Opportunistic Network Exploits: The Case of P2P Worms

Topics: Network Situational Awareness

In this paper, the authors present VisFlowConnect-IP, a network flow visualization tool that detects and investigates anomalous network traffic.

September 2005 - Presentation Time, Pollution and Maps

Topics: Network Situational Awareness

Authors: Michael Collins

In these proceedings, the presentations given at Flocon 2012 are collected.

June 2005 - White Paper Advanced Security Reporting Systems for Large Network Situational Awareness

Topics: Network Situational Awareness

In this paper, the authors describe the technologies that support an asset inventory system and enable a flexible, ad-hoc intrusion detection capability.

July 2004 - Presentation Empirically Based Analysis: The DDoS Case

Topics: Network Situational Awareness

Authors: Michael Collins

In this keynote presentation, John McHugh explores four themes in thinking about flow analysis.

May 2004 - White Paper An Empirical Analysis of Target-Resident DoS Filters

Topics: Network Situational Awareness

In this paper, the authors provide an empirical analysis of proposed techniques for filtering network traffic.

November 2003 - Conference Paper More Netflow Tools: For Performance and Security

Topics: Network Situational Awareness

In this paper, the authors present a suite of tools for network traffic collection and analysis based on Cisco NetFlow.