FloCon 2017 has ended
Back To Schedule
Tuesday, January 10 • 10:00am - 10:30am
SilkWeb - Analyzing Silk Data through API and Javascript Frameworks

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

SilkWeb demo will showcase the SilkWeb tool built with API's and some modern Javascript frameworks to analyze SiLK network flow data. SilkWeb creates simple webservices data interfaces which can be used to replace some of the command line queries with webservice request. This opens up a number of opportunities for visualization, integration and automation. A simple setup of jQuery based interfaces will be showcased that will demo the use of Javascript frameworks to visualize Silk data and onboard a junior analyst to understand Netflow. There is also an open opportunity for integration of Silk data to other tools like SIEM using a simple webservices requests over the network. The webserver can
produce this data to number through an interface like REST interface to automate routine tasks.

The demo will showcase the use of this software in ISP to do routine tasks and provide a quick way for network and security personnel to query and navigate netflow data. Some of the use cases that ISP today use this for will be covered in the demo 1. DDOS detection using a number of simple steps to walk through and find offending customers. 2. Abuse misuse detection using a set of criteria to find customers who violate policy and increase risk to the ISP environment 3. Detection of malicious probes into the server networks using anomalous network traffic.

These will be demonstrated from an ISP who uses SiLK and SilkWeb to meet these needs.

avatar for Vijay Sarvepali

Vijay Sarvepali

Senior Member of the Technical Staff, CERT Division - Software Engineering Institute
Vijay Sarvepalli is a senior member of the technical staff for the CERT® Coordination Center in the CERT Program at the Software Engineering Institute (SEI). As a member of the Monitoring and Response directorate, he supports sponsors in multiple areas from enterprise architecture... Read More →

Tuesday January 10, 2017 10:00am - 10:30am PST
Great Room V-VIII 7450 Hazard Center Dr.