Phillip Deneault
Principal Information Security Analyst,
Boston College
Mining Flows for Intrusion Data
Tuesday, April 11 | 5:30PM–6:30PM | Denver Ballroom 1
Session Type:
Professional Development
Most IP flow collectors are used as evidence lockers, quietly storing records until needed for a forensic investigation, or used for billing and accounting purposes. Much of this data can be mined for problems at regular intervals without extensive computing overhead and can find many technical and security violations.