Name: Methods for Testing and Qualifying Analytics
Start: 2020-01-08T14:30:00-0500
End: 2020-01-08T15:00:00-0500

Back To Schedule

Methods for Testing and Qualifying Analytics

Feedback form is now closed.

This session will describe a process for testing analytics and qualifying them for usage to inform ongoing network defense. The talk starts with a brief discussion of what analytics are and describes some ways in which they fail. A sample analytic is introduced as a running example. Based on this foundation, the talk covers principles for testing analytics in general and the sample analytic in particular. As the principles are introduced, sample testing and results from that testing are provided. The talk concludes with a discussion of what it means to qualify an analytic for use and why such qualification is useful to network defenders.

Attendees Will Learn:
Network analytics have typically been developed and have often been deployed in an on-demand, ad-hoc manner. This has the advantage of timeliness but may lead to reliability and performance issues. This talk discusses how to identify such issues and make informed decisions as to the limitations of a given analytic.

Speakers

Timothy Shimeall

Senior Member of the Technical Staff, CERT Division - SEI/CMU

The only person to make 15 consecutive appearances at FloCon, Tim Shimeall is a Senior Situational Awareness Analyst of the CERT Program at the Software Engineering Institute (SEI). Shimeall is responsible for the development of methods to support decision making in security at and... Read More →

Shimeall AnalyticTestQual pdf

Wednesday January 8, 2020 2:30pm - 3:00pm EST
Regency Ballroom Hyatt Regency Savannah 2 W. Bay Street Savannah GA 31401

General Session

FloCon 2020

Timothy Shimeall

Attendees (17)

FloCon 2020

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Timothy Shimeall

Attendees (17)