Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Monday, January 9 • 1:30pm - 5:00pm
Afternoon Training Session, Track I: Network Traffic Analysis - SILK

Sign up or log in to save this to your schedule and see who's attending!

This course introduces you to network flow analysis using the CERT open source SiLK tool suite. Network flow analysis enables retrospective analysis of a network’s traffic to help with forensic analysis, passive network profiling, and threat discovery.

Network flow analysis benefits from the very long retention of flow data due to the extremely small size of flow records, allowing examination of traffic going back much further in time than is possible with analysis of full-packet capture. Network flow analysis also helps you solve many privacy issues inherent in packet analysis. The SiLK tool suite is uniquely suited to analyzing extremely large networks with massive amounts of traffic. 

No prior knowledge of network flow analysis is necessary, but familiarity with IP, TCP, and UDP is required.

As part of participating in hands-on labs, you will be provided with a copy of the Linux based tools and data needed in the training; however, you must bring your own laptop.  An introductory Linux tutorial will be offered prior to the SiLK training for those who want it.


Speakers
avatar for Matthew Heckathorn

Matthew Heckathorn

Network Security Analyst, CERT Division, Software Engineering Institute
Matt is a Network Security Analyst in the CERT Division at Carnegie Mellon University’s Software Engineering Institute. He is a member of the Operational Analysis Transition Team and is tasked with raising awareness of the tools and knowledge the CERT Division can provide. Matt is a graduate of the School of Information Sciences at the University of Pittsburgh. He authored the SEI technical report Network Monitoring for Web-Based Threats... Read More →
avatar for Paul Krystosek

Paul Krystosek

Network Security Analyst, CERT Division, Software Engineering Institute
Paul is a Senior Member of the Technical Staff of the CERT Operational Analysis Team at Carnegie Mellon University’s Software Engineering Institute. Paul joined the SEI in 2008. Prior to that, he was at Lawrence Livermore National Laboratory as a member of CIAC, the Computer Incident Advisory Capability, which was the Department of Energy’s incident response team. He also worked at Argonne National Lab and Fermi National Accelerator... Read More →



Monday January 9, 2017 1:30pm - 5:00pm
Shutters West 7450 Hazard Center Dr.

Attendees (17)