Tim Shimeall and Timur Snoke, both researchers in the SEI’s CERT Division, highlight some best practices (and application of these practices) that they have observed in network traffic analysis.
Tim Shimeall and Timur Snoke, researchers in the SEI’s CERT Division, examine the role of the network traffic analyst in capturing and evaluating ever-increasing volumes of network data.
Topics: Cyber-Physical Systems
In this podcast, Timur Snoke explores the challenges of NTP and prescribes some best practices for securing accurate time with this protocol.
In this presentation, Timur Snoke proposes combining the threat assessment native to the Cyber Kill Chain and the attribution capability of the Diamond model.
Topics: Network Situational Awareness
This poster describes the Routing Table Tool Suite (RT-Tool), which displays AS network traffic based on the path analysis of aggregate routing tables.