NVisionIP: netflow visualizations of system state for security situational awareness
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
An Information Visualization Framework for Intrusion Detection
CHI '04 Extended Abstracts on Human Factors in Computing Systems
Closing-the-Loop in NVisionIP: Integrating Discovery and Search in Security Visualizations
VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
Countering Security Information Overload through Alert and Packet Visualization
IEEE Computer Graphics and Applications
Countering network-level denial of information attacks using information visualization
Countering network-level denial of information attacks using information visualization
Tool update: NVisionIP improvements (difference view, sparklines, and shapes)
Proceedings of the 3rd international workshop on Visualization for computer security
Security Data Visualization
Risk management --- visual IDS countermeasures
BT Technology Journal
Interactive traffic analysis and visualization with Wisconsin Netpy
LISA '05 Proceedings of the 19th conference on Large Installation System Administration Conference - Volume 19
Visual Discovery in Computer Network Defense
IEEE Computer Graphics and Applications
Hi-index | 0.00 |
In this paper we present an architecture which enables data-sharing between computer security and network traffic visualisation tools. At its core is a middleware which manages all interactions. This enables one application to determine the acceptable input for another, and send compatible data. The middleware sits atop a unified database which provides data in a generic form to the applications. Interesting traffic patterns or attack trends seen in one tool can be sent directly to another for further examination and analysis. All communication in the middleware is performed using XML as a data transport mechanism.