Flocon 2016 Jan. 11, 2016 to Jan. 14, 2016, san diego,usa

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Keynote: Achieving a Secure and Resilient Cyber Ecosystem: A Way Ahead Peter M. Fonash This keynote presentation was given in January 2016 at FloCon, a network security conference that ...
A Meaningful Metric for IPv4 Addresses Leigh B. Metcalf This presentation was given in January 2016 at FloCon, a network security conference that provides ...
Better Reporting Guidelines for Better Data Brian Allen , Christopher Washington This presentation was given in January 2016 at FloCon, a network security conference that provides ...
Capturing and Processing One Million Network Flows Per Second with SiLK: Challenges and Strategies Robert Techentin , David R. Holmes , James C. Nelms , Barry K. Gilbert This presentation describes flow data collection at the Mayo Clinic.
Classifying Encrypted Traffic with TLS-Aware Telemetry David Mcgrew , Alison Kendler , Blake Anderson In this presentation, the authors propose augmenting the typical 5-tuple with TLS-aware telemetry elements.
Command and Control Mechanism Trends in Exploit Kits, RATs, APTs, and Other Malware Mark Mager In this FloCon 2016 presentation, the author provides a brief summary of common C2 TTPs ...
Data Fusion: Enhancing NetFlow Graph Analytics Emilie Purvine , Bryan Olsen , Cliff Joslyn In this FloCon 2016 presentation, the authors explain RDP logins and why they are important ...
Detecting Traffic to Recently Unparked Domains with Analysis Pipeline Daniel Ruef In this presentation, the authors discuss using Analysis Pipeline to detect (1) changes in the ...
Distributed Sensor Data Contextualization at Scale for Threat Intelligence Analysis Jason Trost In this FloCon 2016 presentation, the author discusses his experiences with analyzing data collected from ...
Gosh Wow, Volusia Networks! Brian Whiting This FloCon 2016 presentation describes network operations at Volusia County, Florida.
Graph Analysis Techniques for Network Flow Records Using Open Cyber Ontology Group (OCOG) Format Robert Techentin , David R. Holmes , James C. Nelms , Barry K. Gilbert In this FloCon 2016 presentation, the author describes integrating network flow data in the OCOG ...
Intelligence Driven Malware Analysis (IDMA) Malicious Profiling Casey Kahsen This presentation discusses using behavioral markers of malware can be used as a focal point ...
Making the Most of a Lot [of Data]: Netflow in US-CERT Operations Chad Hein In this FloCon 2016 presentation, the author reviews uses of netflow in US-CERT's daily monitoring, ...
Merging Network Configuration and Network Traffic Data in ISP-Level Analyses Timothy J. Shimeall This presentation was given in January 2016 at FloCon, a network security conference that provides ...
Minimizing the Gaps with Bro, GRR, and Elk (Brogrrelk) David Zito The presentation describes a solution that allows incident responders to conduct multiple data collection tasks ...
Monitoring and Classification of Active IPv6 Addresses David Plonka In this presentation, the author introduces IP address classification methods and how IPv6 addresses are ...
Netflow Analysis - Intrusion Detection, Protection, and Usage Reporting Jonzy Jones This presentation covers detecting problematic traffic via NetFlow and the use of traffic alerts and ...
Netflow in Daily Information Security Operations Mike Pochan In this FloCon 2016 presentation, the author describes how the SEI utilizes free netflow collection ...
Network Monitoring and Deceptive Defenses Michael Collins , Brian Satira In this FloCon 2016 presentation, the authors discuss the use of network monitoring to support ...
Network Security Analytics, HPC Platforms, Hadoop, and Graphs.. Oh, My Aaron Bossert This presentation describes the techniques and approach that Cray, Inc. uses to discover malicious activity.
New DNS Traffic Analysis Techniques to Identify Global Internet Threats Dhia Mahjoub , Thomas Mathew In this presentation, the authors describe how they extracted domains associated with Exploit kit, DGA, ...
Planning Curricula for the Network Traffic Analyst of 2018-2020 Timothy J. Shimeall This FloCon 2016 presentation describes the likely skills, abilities, and challenges for network traffic analysts ...
Role Model Transformations for Flow Analysis in Cyberdefense John Gerth In this presentation, the author shows mathematical operations that can be used to transform between ...
The Security Wolf of Wall Street: Fighting Crime with High-Frequency Classification and Natural Language Processing Thibault Reuille , Jeremiah O'connor This presentation focuses on how to build a scalable machine learning infrastructure in real-time.
Situational Awareness Threat Report (SATR) Casey Kahsen , Stacie Green This FloCon 2016 presentation describes US-CERT’s Cyber Hygiene Project project and its results.
Sources and Applications of Performance and Security-Augmented Flow Data Avi Freedman This FloCon 2016 presentation includes a survey of traditional and non-traditional sources of augmented flow ...
Suricata Tutorial Eric Leblond , Victor Julien This presentation demonstrates the dynamic capabilities of Suricata, the world's leading IDS/IPS engine.
Towards 100 Gbit Flow-Based Network Monitoring N/a In this presentation, the authors describe nProbe "cento," a software probe that tackles monitoring challenges ...
Understanding Network Traffic Through Intraflow Data David Mcgrew , Blake Anderson In this presentation, the authors describe experiments to collect intraflow data from network taps, endpoints, ...