Speaker
Description
Network and security operators are continually bombarded by strange deviations in network traffic that are sometimes operationally problematic, sometimes a threat to security, and other times just plain odd. These show up as large traffic spikes sometimes, and other times are just low-level plateaus. It's often very hard to quickly figure out exactly what these spikes come from. Wouldn't it be wonderful to have a tool that accurately tells you exactly what has changed in these traffic profiles down to individual protocol fields? This new project is designed to do just that. Though generic by design, it is being most heavily tested by the author to look for anomalies received at DNS authoritative servers, which will be the focus of the presentation for DNS-OARC.
Talk duration |
---|