Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Carrie Gates
January 2010 - Presentation DMnet: Detection Mitigation Network: A Behavioral Analysis System Supporting Trust Measurements

Topics: Network Situational Awareness

In this presentation, given at FloCon 2010, the authors describe DMnet, a distributed botnet detection and mitigation system.

January 2009 - Presentation FloVis Summary

Topics: Network Situational Awareness

In this presentation, the authors describe their current and planned work on FloVis, an extendable framework for network security visualizations.

January 2009 - Presentation Security Visualization with FloVis

Topics: Network Situational Awareness

In this presentation, the authors discuss using FloVis to perform network data analysis.

July 2006 - White Paper A Model for Opportunistic Network Exploits: The Case of P2P Worms

Topics: Network Situational Awareness

In this paper, the authors present VisFlowConnect-IP, a network flow visualization tool that detects and investigates anomalous network traffic.

April 2006 - Technical Report Detecting Scans at the ISP Level

Topics: Network Situational Awareness

In this 2006 report, the authors present an approach to detecting scans against, or passing through, very large networks.

July 2004 - Presentation Locality Based Analysis of Network Flows

Topics: Network Situational Awareness

In this presentation, the authors discuss analyzing network data flows using locality, which involves using past observations to predict future behavior.

July 2004 - Presentation Detection and Analysis of Scans on Very Large Networks

Topics: Network Situational Awareness

In this presentation, the authors discuss scan detection, scan database, and the analysis of scans.

November 2003 - Conference Paper More Netflow Tools: For Performance and Security

Topics: Network Situational Awareness

In this paper, the authors present a suite of tools for network traffic collection and analysis based on Cisco NetFlow.

August 2003 - White Paper Locality: A New Paradigm for Thinking About Normal Behavior and Outsider Threat

Topics: Network Situational Awareness

In this paper, the authors describe how locality appears in many dimensions and applies to diverse mechanisms.