ALTernatives to Signatures (ALTS)
This paper presents the results of a study of non-signature-based approaches to detecting malicious activity in computer network traffic.
10 Years of FloCon
In this blog post, George Jones, chair of the 10th FloCon Conference, discusses the conference's general topics and themes, which have included community building, flow as a study, beaconing and distributed threats, the practical use of flow, flow in the context of other data, learning about your network, progression of analytics from ideas to prototypes to tools, and analysis at scale and perspectives.
Download the presentations from FloCon 2014, where attendees discussed flow analysis in terms of perspectives and FloCon 2013, where organizers and participants focused on the challenges of "Analysis at Scale." Visit the FloCon website to download the presentations from the keynote guest and event speakers, tutorials, and posters.
Practical Math for Your Security Operations - Part 3 of 3
In this blog post, Vijay Sarvepalli introduces a way to use entropy to detect anomalies in network communications patterns.