8–9 Feb 2024 Workshop
Embassy Suites Charlotte Uptown
US/Eastern timezone

Traffic Analysis of Fluctuating Flows (TAFFy)

9 Feb 2024, 14:50
25m
Salon A/B (Embassy Suites Charlotte Uptown)

Salon A/B

Embassy Suites Charlotte Uptown

401 East Martin Luther King Jr Blvd Charlotte NC 28202 United States
In-Person Standard Presentation Main Session OARC 42 Day 2

Speaker

Wes Hardaker (USC/ISI)

Description

Network and security operators are continually bombarded by strange deviations in network traffic that are sometimes operationally problematic, sometimes a threat to security, and other times just plain odd. These show up as large traffic spikes sometimes, and other times are just low-level plateaus. It's often very hard to quickly figure out exactly what these spikes come from. Wouldn't it be wonderful to have a tool that accurately tells you exactly what has changed in these traffic profiles down to individual protocol fields? This new project is designed to do just that. Though generic by design, it is being most heavily tested by the author to look for anomalies received at DNS authoritative servers, which will be the focus of the presentation for DNS-OARC.

Talk duration

Primary author

Wes Hardaker (USC/ISI)

Presentation materials