U.S. Department of Energy

Pacific Northwest National Laboratory

Cyber Analytics - US CERT GFIRST Conference

From DIC

Jump to: navigation, search

Bill Pike, a visualization and cyber analytics researcher at the Pacific Northwest National Laboratory, served as an invited speaker and panelist at the 6th Annual US-CERT Government Forum of Incident Response and Security Team (GFIRST) Conference , held August 15-20, in San Antonio, Texas. Serving on the panel on Network Flow Visualization, Pike discussed the development of PNNL tools that focus on interactive and scalable approaches to identifying and understanding network and host behavior through visual analysis and automated modeling. One of the tools, CLIQUE, provides high-level overviews of network traffic, comparing current activities on each host to a predicted model. Anomalies discovered in CLIQUE can be explored in more detail in Traffic Circle, which takes the visualization a step further and allows analysts to look into their data more closely to pinpoint possible threats in near real-time.

The United States Computer Emergency Readiness Team (US-CERT) is a partnership between the Department of Homeland Security and the public and private sectors. US-CERT leads and coordinates efforts to improve the Nation's cyber security posture, promote cyber information sharing, and manage cyber risks to the nation. GFIRST is a group of technical and tactical practitioners from incident response and security response teams responsible for securing government information technology systems. The conference attracts nearly 1,500 attendees annually, spanning government, industry and the research community, and is focused on advancing the nation s capabilities for response and defense against cyber attacks.

Article Title: Cyber Analytics - US CERT GFIRST Conference

Article Added: 2010/08/21

Category(s): Cyber Security

Last Update: 13 July 2011 | Pacific Northwest National Laboratory