Visual Discovery in Computer Network Defense

Authors:
Anita D. D'Amico;John R. Goodall;Daniel R. Tesone;Jason K. Kopylec
Affiliations:
Applied Visions;Applied Visions;Applied Visions;Applied Visions
Venue:
IEEE Computer Graphics and Applications
Year:
2007

Citing 5
Cited 8

Visualizing Network Data

IEEE Transactions on Visualization and Computer Graphics
NVisionIP: netflow visualizations of system state for security situational awareness

Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Visual Exploration of Malicious Network Objects Using Semantic Zoom, Interactive Encoding and Dynamic Queries

VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
IDGraphs: Intrusion Detection and Analysis Using Stream Compositing

IEEE Computer Graphics and Applications
Focusing on Context in Network Traffic Analysis

IEEE Computer Graphics and Applications

Neural projection techniques for the visual inspection of network traffic

Neurocomputing
Presenting DEViSE: data exchange for visualizing security events

IEEE Computer Graphics and Applications - Special issue on sketching tangible interfaces augmented reality on mobile phones
A unified approach to network traffic and network security visualisation

ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Nfsight: netflow-based network awareness tool

LISA'10 Proceedings of the 24th international conference on Large installation system administration
Neural visualization of network traffic data for intrusion detection

Applied Soft Computing
Community-based analysis of netflow for early detection of security incidents

LISA'11 Proceedings of the 25th international conference on Large Installation System Administration
RT-MOVICAB-IDS: Addressing real-time intrusion detection

Future Generation Computer Systems
Visualizing big network traffic data using frequent pattern mining and hypergraphs

Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

Computer network defense (CND) requires analysts to detect both known and novel forms of attacks in massive volumes of network data. Visualization tools can potentially assist in the discovery of suspicious patterns of network activity and relationships between seemingly disparate security events, but few CND analysts are leveraging visualization technologies in their current practice. To address this, we created a new visualization framework, VIAssist, based on a comprehensive cognitive task analysis of CND analysts. We designed VIAssist to fit the work practices and operational environments of those analysts. This article describes the major visual analytic features of VIAssist that address the needs of CND analysts, including its coordinated visualizations and interactive report building capabilities. A scenario illustrates how it can be used to discover the unexpected in network flow data.