View The Document

Accession Number:

AD1089824

Title:

Network Traffic Analysis with SiLK: Analyst's Handbook for SiLK Version 3.15.0 and Later

Personal Author(s):

Krystosek,Paul

Ott,Nancy

Sanders,Geoffrey

Shimeall,Timothy

Corporate Author:

CARNEGIE-MELLON UNIV PITTSBURGH PA PITTSBURGH United States

Report Date:

2019-06-01

Abstract:

This course introduces you to network flow analysis using the CERT open source SiLK tool suite. Network flow analysis enables retrospective analysis of a networks traffic to help with forensic analysis, passive network profiling, and threat discovery. Network flow analysis benefits from the very long retention of flow data due to the extremely small size of flow records, allowing examination of traffic going back much further in time than is possible with analysis of full-packet capture. Network flow analysis also helps you solve many privacy issues inherent in packet analysis. The SiLK tool suite is uniquely suited to analyzing extremely large networks with massive amounts of traffic.

Descriptive Note:

Technical Report

Pages:

0334

Descriptors:

network protocols

computer programming

internet

computer network security

programming languages

shell scripts

application protocols

software development

malware

digital data

data analysis

electronic mail

operating systems

spreadsheet software

computer networks

transport protocols

Identifiers:

Network Situational Awareness

Subject Categories:

Cybernetics

Communities Of Interest:

Engineered Resilient Systems

Modernization Areas:

Fully Networked C3

Cyber

Distribution Statement:

Approved For Public Release;

File Size:

7.03MB

View The Document