Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Jan 26, 2015
In this OpenNSM meeting Chris Sanders and Jason Smith harness the power of statistics to demonstrate how flow data can be used for detecting both structured and unstructured threats using techniques that go beyond simple signature matching. Next, we will discuss the concept of friendly intelligence and how flow data can be used to profile devices on your network so you can understand what normal communication looks like. Finally, we will describe how flow data can be used to augment the analysis of network security events that are detected by other mechanisms. During this presentation, we will also introduce and demonstrate FlowPlotter, an open source tool we have developed to aide in visualizing flow data for detection and analysis, and FlowBAT, a web-based tool for performing flow data analysis.