Loading…
FloCon 2017 has ended
Monday, January 9 • 1:30pm - 5:00pm
Afternoon Training Session, Track I: Network Traffic Analysis - SILK

Sign up or log in to save this to your schedule and see who's attending!

This course introduces you to network flow analysis using the CERT open source SiLK tool suite. Network flow analysis enables retrospective analysis of a network’s traffic to help with forensic analysis, passive network profiling, and threat discovery.

Network flow analysis benefits from the very long retention of flow data due to the extremely small size of flow records, allowing examination of traffic going back much further in time than is possible with analysis of full-packet capture. Network flow analysis also helps you solve many privacy issues inherent in packet analysis. The SiLK tool suite is uniquely suited to analyzing extremely large networks with massive amounts of traffic. 

No prior knowledge of network flow analysis is necessary, but familiarity with IP, TCP, and UDP is required.

As part of participating in hands-on labs, you will be provided with a copy of the Linux based tools and data needed in the training; however, you must bring your own laptop.  An introductory Linux tutorial will be offered prior to the SiLK training for those who want it.


Speakers
avatar for Matthew Heckathorn

Matthew Heckathorn

Network Security Analyst, CERT Division, Software Engineering Institute
Matt is a Network Security Analyst in the CERT Division at Carnegie Mellon University’s Software Engineering Institute. He is a member of the Operational Analysis Transition Team and is tasked with raising awareness of the tools and knowledge the CERT Division can provide. Matt... Read More →
avatar for Paul Krystosek

Paul Krystosek

Network Security Analyst, CERT Division, Software Engineering Institute
Paul is a Senior Member of the Technical Staff of the CERT Operational Analysis Team at Carnegie Mellon University’s Software Engineering Institute. Paul joined the SEI in 2008. Prior to that, he was at Lawrence Livermore National Laboratory as a member of CIAC, the Computer Incident... Read More →



Monday January 9, 2017 1:30pm - 5:00pm
Shutters West 7450 Hazard Center Dr.

Attendees (17)