Projects & Associations
The Shmoo Group
The Shmoo Group is a non-profit think-tank comprised of security professionals from around the world who donate their free time and energy to information security research and development.
Psyche – Network Flow Analysis for the Masses
There was a time when our anti-virus, IDS, and anti-spyware software could protect us from the majority of threats against our networks and systems. Unfortunately, the threats have changed, and our systems are getting compromised at an alarming rate. New tools are needed to help find attackers and malware on the network.
Psyche is a tool designed to utilize information already available in your network. Most modern routers and some switches can export network flow data that includes information on source and destination IP addresses and ports, as well as size of the flows and number of packets sent. By performing analysis of this data, you can find out what is normal for your network and what is potentially dangerous traffic.