Showing 1 - 10 of 13 results for the flocon Publish Year - 2005 , Type - White Paper
In this paper, the authors introduce a method for detecting the onset of anomalous port-specific activity by recognizing deviation from correlated activity.
In this paper, Josh McNutt discusses the R statistical language as an analysis and visualization interface to SiLK flow analysis tools.
In this paper, the authors describe NVisionIP, a NetFlow visualization tool.
In this paper, the authors introduce a tool to address two problems with using Net-Flow logs for security analysis.
In this FloCon 2005 presentation, the author uses traffic analysis to investigate a stealthy form of data exfiltration.
In this paper, Brian Trammell presents a proposed solution to the problem of mutual unintelligibility of raw flow and intermediate analysis data.
In this paper, the authors present their methods for detecting distributed attacks in backbone networks using sampled flow traffic data.
In this paper, Arno Wagner presents measurements and analysis done on a Swiss internet backbone during the Blaster and Witty internet worm outbreak.
In this paper, the authors present the IPFIX protocol and discuss its applicability with a special focus on network security.
In this paper, the authors describe the CENTAUR system, which was developed to help DoD security analysts better understand and defend the NIPRNet.