FloCon 2014, a network security conference, takes place at the Francis Marion Hotel in
Charleston, South Carolina, on January 13–16, 2014. This
open conference provides a forum for operational network analysts,
tool developers, researchers, and other parties interested in the
analysis of large volumes of traffic to showcase the next generation
of flow-based analysis techniques.
Registration for FloCon 2014 is now open. Visit our registration page for full details and
information about discounted rates.
Dr. Paul Vixie is the CEO of Farsight Security. He previously served as President, Chairman, and Founder of Internet Systems Consortium (ISC), as President of MAPS, PAIX and MIBH, as CTO of Abovenet/MFN, and on the board of several for-profit and non-profit companies. He has served on the ARIN Board of Trustees since 2005, where he served as Chairman in 2008 and 2009, and he is a founding member of ICANN Root Server System Advisory Committee (RSSAC) and ICANN Security and Stability Advisory Committee (SSAC).
Vixie has been contributing to Internet protocols and UNIX systems
as a protocol designer and software architect since 1980. He is
considered the primary author and technical architect of BIND 8, and
he hired many of the people who wrote BIND 9 and the people now
working on BIND 10. He has authored or co-authored a dozen or so RFCs,
mostly on DNS and related topics, and of Sendmail: Theory and Practice
(Digital Press, 1994). He earned his PhD from Keio University for work
related to the Internet Domain Name System (DNS and DNSSEC).
Call for Participation
This year's conference will focus on
perspectives. We are accepting abstracts for presentations,
posters, and demonstrations. What have we learned in 10 years of flow
analysis? What has worked? Where can we do better? We invite
submissions that look at flow analysis in
perspective. Perspectives can be in relation to past work in
flow analysis, changes in the threat landscape and operational
environment, changes in technologies, or changes in the relative value
of flow vs. other data sources. Submissions that broaden our
perspectives in the following areas are also welcome:
- Measurement and metrics
- Discovering and evaluating indicators of malicious behavior
- Automated analysis
- Flow collection technology
- Augmenting and annotating flow data
- Network flow monitoring used in conjunction with other data sources
- Integrating data sources
- Data fusion
- Optimizing analyst workflow
- Scalable statistical techniques
- Data visualization for operational environments and reporting
- Visual perspectives for displaying large amounts of quantitative information
- Case studies in threat detection and mitigation
- New techniques from new data sources
Finally, we welcome reasoned prognostications from those gazing
into their crystal ball. Presentations that put network flow in
perspective in an uncertain future of mobile devices, cloud computing,
BYOD (bring your own device), IPv6, Carrier Grade NAT, and everything
as encrypted "web" traffic are also welcome.
Presentations should be prepared for a technical audience;
presenters are allotted 30 minutes, including questions. The workshop
is intended to be interactive. Presenters should expect to address
technical questions from the audience.
There will be a dedicated session and room for posters and
demonstrations. The demonstrations take place throughout the sessions,
with no fixed time. Posters will remain displayed throughout, however
there will be a dedicated session for poster authors to exhibit and
answer any related questions from the audience.
Posters should highlight flow-based analytics or incipient research
topics. Posters are an opportunity to share work that requires less
explanation than a full talk. Posters should contain sufficient detail
that the analysis is conceptually reproducible; however, tool-specific
details are not required. Posters will be collected and published on
the FloCon website, along with presentations, as part of the
The demonstration session provides an opportunity for informal
interaction with the community and a forum to display new technology
and new platforms.
Entries will be selected by the program committee against
established selection criteria. Demonstration slots will be assigned
first to FloCon 2014 sponsors; remaining slots will be filled on a
first-come, first-served basis. A limited number of registration fee
discounts are available to student presenters whose work is accepted.