Mining Flows for Intrusion Data

Tuesday, April 11 | 5:30PM–6:30PM | Denver Ballroom 1
Session Type: Professional Development
Most IP flow collectors are used as evidence lockers, quietly storing records until needed for a forensic investigation, or used for billing and accounting purposes. Much of this data can be mined for problems at regular intervals without extensive computing overhead and can find many technical and security violations.


  • Phillip Deneault

    Principal Information Security Analyst, Boston College

Resources & Downloads