Applied Security Visualization
Applied Security Visualization
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
An incident analysis system NICTER and its analysis engines based on data mining techniques
ICONIP'08 Proceedings of the 15th international conference on Advances in neuro-information processing - Volume Part I
Beyond Bertin: Seeing the Forest despite the Trees
IEEE Computer Graphics and Applications
EMBER: a global perspective on extreme malicious behavior
Proceedings of the Seventh International Symposium on Visualization for Cyber Security
Interactive detection of network anomalies via coordinated multiple views
Proceedings of the Seventh International Symposium on Visualization for Cyber Security
IV '10 Proceedings of the 2010 14th International Conference Information Visualisation
Hi-index | 0.00 |
Manual analysis of security-related events is still a necessity to investigate non-trivial cyber attacks. This task is particularly hard when the events involve slow, stealthy and large-scale activities typical of the modern cybercriminals' strategy. In this regard, visualization tools can effectively help analysts in their investigations. In this paper, we present BURN, an interactive visualization tool for displaying autonomous systems exhibiting rogue activity that helps at finding misbehaving networks through visual and interactive exploration. Up to seven values are displayed in a single visual element, while avoiding cumbersome and confusing maps. To this end, animations and alpha channels are leveraged to create simple views that highlight relevant activity patterns. In addition, BURN incorporates a simple algorithm to identify migrations of nefarious services across autonomous systems, which can support, for instance, root-cause analysis and law enforcement investigations.