Conti et al., 2006 - Google Patents
Countering security information overload through alert and packet visualizationConti et al., 2006
View PDF- Document ID
- 6060576061777514404
- Author
- Conti G
- Abdullah K
- Grizzard J
- Stasko J
- Copeland J
- Ahamad M
- Owen H
- Lee C
- Publication year
- Publication venue
- IEEE Computer Graphics and Applications
External Links
Snippet
This article presents a framework for designing network security visualization systems as well as results from the end-to-end design and implementation of two highly interactive systems. In this article, we provide multiple contributions: we present the results of our …
- 238000000034 method 0 abstract description 16
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30943—Information retrieval; Database structures therefor; File system structures therefor details of database functions independent of the retrieved data type
- G06F17/30994—Browsing or visualization
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30861—Retrieval from the Internet, e.g. browsers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
- H04L41/22—Arrangements for maintenance or administration or management of packet switching networks using GUI [Graphical User Interface]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management, e.g. organising, planning, scheduling or allocating time, human or machine resources; Enterprise planning; Organisational models
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Conti et al. | Countering security information overload through alert and packet visualization | |
| Shiravi et al. | A survey of visualization systems for network security | |
| Abdullah et al. | IDS RainStorm: Visualizing IDS Alarms. | |
| Shi et al. | Visual analytics of anomalous user behaviors: A survey | |
| Mansmann et al. | Visual support for analyzing network traffic and intrusion detection events using TreeMap and graph representations | |
| Komlodi et al. | A user-centered look at glyph-based security visualization | |
| Ji et al. | Evaluating visualization approaches to detect abnormal activities in network traffic data | |
| Best et al. | Real-time visualization of network behaviors for situational awareness | |
| Majeed et al. | Near-miss situation based visual analysis of SIEM rules for real time network security monitoring | |
| Goodall | Introduction to visualization for computer security | |
| Liao et al. | Visualizing graph dynamics and similarity for enterprise network security and management | |
| Conti et al. | Visual exploration of malicious network objects using semantic zoom, interactive encoding and dynamic queries | |
| Brisse et al. | KRAKEN: a knowledge-based recommender system for analysts, to kick exploration up a notch | |
| Giacobe | Measuring the effectiveness of visual analytics and data fusion techniques on situation awareness in cyber-security | |
| Erbacher | Intrusion behavior detection through visualization | |
| Cermak et al. | Using relational graphs for exploratory analysis of network traffic data | |
| Etoty et al. | A survey of visualization tools assessed for anomaly-based intrusion detection analysis | |
| Lin | MATE: Summarizing alerts to interpretable outcomes with MITRE ATT&CK | |
| Walton et al. | A visual analytics loop for supporting model development | |
| Kasemsri | A survey, taxonomy, and analysis of network security visualization techniques | |
| Ulmer et al. | Towards Visual Cyber Security Analytics for the Masses. | |
| Social | Network Analysis | |
| Zhao et al. | Analysis of visualization systems for cyber security | |
| Zhao et al. | A real-time visualization framework for IDS alerts | |
| Hertzog | Visualizations to improve reactivity towards security incidents inside corporate networks |