CERT
search  


filler graphic
FloCon 2013
January 7–10  |  Charleston, South Carolina
General Information for FloCon 2014FloCon 2014 CommitteeFloCon ProceedingsRegister for FloCon 2014Speaker Information for FloCon 2014Program for FloCon 2014Travel & Venue Information for FloCon 2014Sponsorship Information for FloCon 2014filler button

Program — Wednesday, January 9, 2013

Monday  |  Tuesday  |  Wednesday  |  Thursday

7:30 – 5:00: Registration, Pavilion Landing
7:30 – 8:30: Breakfast, Enchantment Ballroom

Session Name: Scalable Flow Collection
Session Chairperson: Dwight Beaver, CERT Program, Software Engineering Institute
Pavilion 1, 2, 3

8:30 – 9:00

Enhancing Network Situational Awareness Using DPI Enhanced IPFIX

Hari Kosaraju

9:00 – 9:30

Taming Big Flow Data

Sasha Velednitsky, Igor Balabine

9:30 – 10:00

Smart Sensors for Flow Collection at 10G, 40G, 100G, and Beyond...

Tony Waller

10:00 – 10:30

Mongoose Flow Collection Tools

Ron McLeod, Ashraf Abusharekh

Session Name: Mathematical Modeling and Anomaly Detection 
Session Chairperson: Rhiannon Weaver, CERT Program, Software Engineering Institute
Pavilion 6

8:30 – 9:00

Anomaly Detection

Char Sample, George Jones

9:00 – 9:30

Clairvoyant Squirrel: A Scalable Domain Name Classification System

John Munro, Jason Trost

9:30 – 10:00

Analysis of Communication Patterns in Network Flows to Discover Application Intent

William Turkett

10:00 – 10:30

Identifying Network Traffic Activity Via Flow Sizes

Michael Collins

10:30 – 11:00: Break

Session Name: Tools
Session Chairperson: George Jones, CERT Program, Software Engineering Institute
Pavilion 1, 2, 3

11:00 – 11:30

Security Onion: Network Security Monitoring in Minutes

Doug Burks

11:30 – 12:00

Bro for Real-Time Large Scale Understanding

Seth Hall

Session Name: Flow and Human Factors
Session Chairperson: Jonathan Spring, CERT Program, Software Engineering Institute
Pavilion 6

11:00 – 11:30

Situational Awareness Metrics from Flow and Other Data Sources

Soumyo Moitra

11:30 – 12:00

CyberV@R: A Model to Compute Dollar Value at Risk of Loss to Cyber Attack

James Ulrich

12:00 – 1:00: Lunch

Session Name: Tools
Pavilion 1, 2, 3

1:00 – 1:30

Automated Malware Traffic Analysis for IPS Analysts with Scapy and dpkt in Pytho

Geoffrey Serrao

1:30 – 2:00

Scalable Stacked Index Speeds Access to Multi TByte Netflow Data

Bruce Griffin

Session Name: Flow and Human Factors
Breakout 2

1:00 – 1:30

Detecting Insider Threats with Netflow

Tom Cross

1:30 – 2:00

Identifying Network Users Using Flow-Based Behavioral Fingerprinting

Alexander Barsamian, Vince Berk, John Murphy

2:00 – 3:00: Afternoon Break & Demo Session (2)

Session Name: Malicious Behavior
Session Chairperson: Cory Mazzola, General Dynamics
Pavilion 1, 2, 3

3:00 – 3:30

Considerations for Scan Detection Using Flow Data

John McHugh

3:30 – 4:00

Statistical Analysis of Flow Data Using Python and Redis

Kevin Noble

4:00 – 4:30

Identifying Malware P2P Traffic Using Network Flow and DNS Analysis

John Jerrim

4:30 – 5:30: Demo Room Open