Accession Number:

AD1090411

Title:

Network Traffic Analysis with SiLK, Analyst's Handbook for SiLK Version 3.12.0 and Later

Descriptive Note:

Technical Report

Corporate Author:

CARNEGIE-MELLON UNIV PITTSBURGH PA PITTSBURGH United States

Report Date:

2018-08-01

Pagination or Media Count:

261.0

Abstract:

This handbook is an introduction to methods of analyzing network traffic, illustrated by commands from the SiLK tool suite. The focus is on learning to identify traffic features important to the security of information on the network. The handbook moves from a basic understanding of network flow and the SiLK tool suite through a series of examples that illustrate how to use SiLK to analyze network behavior. The examples in this handbook are mainly command sequences that illustrate specific analysis concepts. Examples are commonly discussed on a line-by-line basis in the text and presented as command and output listings. In general, examples are also associated with a specific task or tasks, indicated in the section and in the example caption. Case studies take a deeper dive into specific topics for analysis. For readers already familiar with SiLK, the explanations of SiLK commands in the text of this handbook are kept short enough not to be redundant. More complete discussion of the commands and their parameters are provided in the appendices of this guide, the SiLK Reference Guide, and the man pages for the SiLK commands. Readers who are interested in analyzing network flow records with other tools than SiLK are encouraged to read the overall description of the analysis approaches, then use the description of commands to find parallels using the tool suite of their choice.

Subject Categories:

  • Operations Research
  • Computer Systems

Distribution Statement:

APPROVED FOR PUBLIC RELEASE