CERT



FloCon 2012 Proceedings

This page contains links to many of the presentations from FloCon 2012, which was held in Austin, Texas, on January 9-12, 2012. The presentations are available as PDF files.

Presentations

John Badertscher
Using Flow for Municipal Planning: Political, Economic, Social and Technical Contexts of the City of Pittsburgh

Aaron Bossert & Jerry Derrick
US-CERT: Netflow Visualization

Carter Bullard
Real Time Situational Awareness Using Argus

Carter Bullard & John Gerth
Implementing Packet Dynamic Awareness in Argus

Thayne Coffman
Lessons Learned from 10 Years of Network Traffic Analysis Research for the Defense and Intelligence

Martin Drašar & Jan Vykopal
Bruteforcing in the Shadows Evading Automated Detection

Joel Ebrahimi
Achieving Real Real-Time Context-Based Actionable Intelligence in Cyber Investigations

Josh Goldfarb
The UberData Source: Holy Grail or Final Fantasy?

Michael Jacobs
Indicator Expansion Techniques—Tracking Cyber Threats via DNS and Netflow Analysis

George Jones, Paul Krystosek, & Sid Faber
From Bandwidth to Beacon Detection, Prism, and Touchpoints

Kazunori Kamiya & Hiroshi Kurakami
Visualizing Traffic on Network Topology

Vojtech Krmícek & Jan Vykopal
Automatic Network Protection Scenarios Using NetFlow

John McHugh
Flow Indexing: Making Queries Go Faster

Soumyo D. Moitra
Monitoring Trends in Network Flow for Situational Awareness

Alex Musicante, John Dwyer, & Sid Faber
Teaching Flow Analysis with Live Fow Data

Tim Ray
Augmented Netflow: Using Layer 7 Metadata to Enhance Netflow Analysis

John H. Ricketson
The Use of Search Engines for Massively Scalable Forensic Repositories

Timothy Shimeall
Visual Displays of Network Situations

Brian Trammell
Measurement for Cooperative Network Defense: DEMONS and BlockMon

Sasha Velednitsky
FlowIntegrator™ Integrating Flow Technologies with Mainstream Event Management Systems

Stuart Wilson & Spencer Greene
Designing a 100% Flow Generator for High-Speed Networks from OC3 to 100GbE

Tanja Zseby
Entropy in IP Darkspace Data

Tutorials

George Jones & Austin Whisnant
Network Profiling with SiLK