An open graph visualization system and its applications to software engineering
Software—Practice & Experience - Special issue on discrete algorithm engineering
ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
CMV '03 Proceedings of the conference on Coordinated and Multiple Views In Exploratory Visualization
Passive visual fingerprinting of network attack tools
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
CyberSeer: 3D audio-visual immersion for network security and management
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
A Comprehensive Approach to Intrusion Detection Alert Correlation
IEEE Transactions on Dependable and Secure Computing
Peep (The Network Auralizer): Monitoring Your Network with Sound
LISA '00 Proceedings of the 14th USENIX conference on System administration
VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
Visual Firewall: Real-time Network Security Monito
VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
IDS RainStorm: Visualizing IDS Alarms
VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
Visual Correlation of Network Alerts
IEEE Computer Graphics and Applications
Focusing on Context in Network Traffic Analysis
IEEE Computer Graphics and Applications
Visualizing NetFlows for security at line speed: the SIFT tool suite
LISA '05 Proceedings of the 19th conference on Large Installation System Administration Conference - Volume 19
Mesh: secure, lightweight grid middleware using existing SSH infrastructure
Proceedings of the 12th ACM symposium on Access control models and technologies
Maintaining high performance communication under least privilege using dynamic perimeter control
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
SPTrack: visual analysis of information flows within SELinux policies and attack logs
AMT'12 Proceedings of the 8th international conference on Active Media Technology
| Hi-index | 0.00 |
Intrusion detection systems gather large quantities of host and network information in an attempt to detect and respond to attacks against an organization. The widely varying nature of attacks makes humans essential for analysis, but the sheer volume of data can quickly overwhelm even experienced analysts. Existing approaches utilize visualization to provide rapidly comprehensible representations of the data, but fail to scale to real-world environments due to unrealistic data handling and lack of response facilities. This paper introduces a new tool for security event monitoring, analysis, and response called Savors. Savors provides suitable scalability by utilizing three additional areas of computing. High-end computing brings large amounts of on-demand processing to bear on the problem. Auralization allows both monitoring and analysis to be performed in parallel. Finally, grid computing provides the basis for remote data access and response capabilities with seamless and secure access to organization resources.