ATACK PR project

Academics and Training for the Advancement of Cybersecurity Knowledge in Puerto Rico (ATACK-PR)

News

Jan 18, 2015

Professor José Ortiz-Ubarri presented Toa: A Web-Based NetFlow Data Network Monitoring System at the FloCon2015 conference

Professor José Ortiz-Ubarri presented Toa: A Web-Based NetFlow Data Network Monitoring System at the FloCon2015 conference
Category: General
Posted by: admin


 

Dr. José R. Ortiz-Ubarri presented the work Toa: A Web-Based NetFlow Data Network Monitoring System at the FloCon2015 conference that took place from Monday, January 12 through Thursday, January 15, 2015  in Portland Oregon at the at the Hilton Portland & Executive Tower.  The Toa system was developed by the undergraduate research students Albert Maldonado, Eric Santos, and Jhensen Grullón, and the also supervisors Dr. José Ortiz-Ubarri and Dr. Humberto Ortiz-Zuazaga at the Computer Security Lab of the Computer Science department of the University of Puerto Rico.

flocon2015

3 images

flocon2015.jpg
flocon2015a.jpg
floconb.jpg
 


Toa consists of a collection of scripts that automatically parse NetFlow data, store this information in a database system, and generate interactive line charts for network visualization analytics. The system is pseudo real time, meaning that it continuously updates the interactive charts from NetFlow data that is generated every five minutes. Toa also provides an interface to generate customized charts from the data stored in the database, and plugins that connect the visualization charts with the NetFlow data file for more in depth visualizations and analysis. The Toa web GUI presents users with the following network traffic visualization options: (1) per network label (interface, Autonomous System [AS], or network block) traffic, (2) per-port traffic for each network label, (3) network label to network label traffic, (4) customized charts from the database data, and (5) plugins for in-depth analysis of the NetFlow data file. (https://github.com/cslab-uprrp/toa)


The presentation room was packed with around 200 attendees from the academia, industry and government.  The feedback of the audience during and after the presentation was very encouraging for José Ortiz-Ubarri as well as for the senior student Eric Santos, who also attended the conference.


Besides presenting Toa, José Ortiz-Ubarri and Eric Santos participated of the workshops Network Traffic Analysis--Basic SiLK by Ron Bandes and Matt Heckathorn, and Visualization for Network Flow by Paul Krystosek all from the CERT Division, Software Engineering Institute, Carnegie Mellon University.  



References:

FloCon2015, http://www.cert.org/flocon/2015/

Toa presentation schedule, http://sched.co/25PZ

Toa repository: https://github.com/cslab-uprrp/toa