The goal of this project was to build a framework to process and analyse network data at the network flow level. The framework should allow to implement new research ideas and algroithms quickly and efficiently.
To achieve this, the framework offers a set of often-used modules, for example a module to filter out flows related to network scanning. By chaining existing and, if required, new modules, one can form a processing chain implementing the desired functionality. As a showcase, modules for two research ideas have been implemented: (1) Modules that allow to analyse the activity of networked devices to identify devices that are always-on and online. (2) Automated detection of service endpoints to create a map of the services offered in a network.