IEEE Transactions on Visualization and Computer Graphics
NVisionIP: netflow visualizations of system state for security situational awareness
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
IDGraphs: Intrusion Detection and Analysis Using Stream Compositing
IEEE Computer Graphics and Applications
Focusing on Context in Network Traffic Analysis
IEEE Computer Graphics and Applications
Presenting DEViSE: data exchange for visualizing security events
IEEE Computer Graphics and Applications - Special issue on sketching tangible interfaces augmented reality on mobile phones
A unified approach to network traffic and network security visualisation
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Nfsight: netflow-based network awareness tool
LISA'10 Proceedings of the 24th international conference on Large installation system administration
Neural visualization of network traffic data for intrusion detection
Applied Soft Computing
Community-based analysis of netflow for early detection of security incidents
LISA'11 Proceedings of the 25th international conference on Large Installation System Administration
RT-MOVICAB-IDS: Addressing real-time intrusion detection
Future Generation Computer Systems
Hi-index | 0.00 |
Computer network defense (CND) requires analysts to detect both known and novel forms of attacks in massive volumes of network data. Visualization tools can potentially assist in the discovery of suspicious patterns of network activity and relationships between seemingly disparate security events, but few CND analysts are leveraging visualization technologies in their current practice. To address this, we created a new visualization framework, VIAssist, based on a comprehensive cognitive task analysis of CND analysts. We designed VIAssist to fit the work practices and operational environments of those analysts. This article describes the major visual analytic features of VIAssist that address the needs of CND analysts, including its coordinated visualizations and interactive report building capabilities. A scenario illustrates how it can be used to discover the unexpected in network flow data.