A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Self-healing mechanisms for kernel system compromises
WOSS '04 Proceedings of the 1st ACM SIGSOFT workshop on Self-managed systems
IDS RainStorm: Visualizing IDS Alarms
VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
On a \mu-Kernel Based System Architecture Enabling Recovery from Rootkits
IWCIP '05 Proceedings of the First IEEE International Workshop on Critical Infrastructure Protection
Visual exploration of function call graphs for feature location in complex software systems
SoftVis '06 Proceedings of the 2006 ACM symposium on Software visualization
A program behavior matching architecture for probabilistic file system forensics
ACM SIGOPS Operating Systems Review
Software landscapes: visualizing the structure of large software systems
VISSYM'04 Proceedings of the Sixth Joint Eurographics - IEEE TCVG conference on Visualization
Automated tracing and visualization of software security structure and properties
Proceedings of the Ninth International Symposium on Visualization for Cyber Security
Hi-index | 0.00 |
Host based program monitoring tools are an essential part of maintaining proper system integrity due to growing malicious network activity. As systems become more complicated, the quantity of data collected by these tools often grows beyond the ability of analysts to easily comprehend in a short amount of time. In this paper, we present a method for visual exploration of a system program flow over time to aid in the detection and identification of significant events. This allows automatic accentuation of programs with irregular file access and child process propagation, which results in more efficient forensic analysis and system recovery times.