Network Traffic Analysis with SiLK: Analyst's Handbook for SiLK Version 3.15.0 and Later

Abstract

This course introduces you to network flow analysis using the CERT open source SiLK tool suite. Network flow analysis enables retrospective analysis of a network's traffic to help with forensic analysis, passive network profiling, and threat discovery. Network flow analysis benefits from the very long retention of flow data due to the extremely small size of flow records, allowing examination of traffic going back much further in time than is possible with analysis of full-packet capture. Network flow analysis also helps you solve many privacy issues inherent in packet analysis. The SiLK tool suite is uniquely suited to analyzing extremely large networks with massive amounts of traffic.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 01, 2019
Accession Number
AD1089824

Entities

People

  • Geoffrey Sanders
  • Nancy Ott
  • Paul Krystosek
  • Timothy Shimeall

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • C4I
  • Energy and Power Technologies
  • Engineered Resilient Systems

DTIC Thesaurus Topics

  • Application Protocols
  • Computer Network Security
  • Computer Networks
  • Computer Programming
  • Computer Science
  • Computers
  • Data Analysis
  • Electronic Mail
  • Information Science
  • Network Protocols
  • Network Science
  • Operating Systems
  • Port Scanners
  • Shell Scripts
  • Social Media
  • Spreadsheet Software
  • Transport Protocols

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Distributed Systems and Data Platform Development
  • Energy Conservation and Renewable Energy Engineering.