Page 12 - Cyber Warnings
P. 12





































There’s no obvious traffic spike from this view, but then again the network we’re looking at is
running at an average of 60 Gbps, so that doesn’t mean there aren’t worrying things going on at
deeper levels of the network.


Analyzing Source Geography


One of the things that big data is good at is fusing many data sources together. By combining
NetFlow data with GeoIP, we can look at traffic by source geography. In this case, the network
doesn’t get a lot of traffic from China, so what happens when we filter total traffic by China as
source.





























12 Cyber Warnings E-Magazine – August 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide

   7   8   9   10   11   12   13   14   15   16   17