Network flows are a summary of activity on a computer network. Flow records describe connections between computers in terms of source and destination addresses and ports, communications protocols, and the quantity of information transferred.
Anomaly detection is a method that searches for unusual and out of the ordinary activity in traffic flow records. We collect flow data using SiLK from the UPRRP Science DMZ, a high-performance network for data science, and analize the data with different tools, algorithms, and visualizations.
The project is as a collaboration between Jose Ortiz-Ubarri's lab, the High Performance Computing facility, and MegaProbe.