HAPTICS '02 Proceedings of the 10th Symposium on Haptic Interfaces for Virtual Environment and Teleoperator Systems
VisFlowConnect: netflow visualizations of link relationships for security situational awareness
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
SnortView: visualization system of snort logs
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
IDS RainStorm: Visualizing IDS Alarms
VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
Visual Correlation of Network Alerts
IEEE Computer Graphics and Applications
Applied Security Visualization
Applied Security Visualization
Using Time Series 3D AlertGraph and False Alert Classification to Analyse Snort Alerts
VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
Internet traffic behavior profiling for network security monitoring
IEEE/ACM Transactions on Networking (TON)
VAST '07 Proceedings of the 2007 IEEE Symposium on Visual Analytics Science and Technology
A Survey of Radial Methods for Information Visualization
IEEE Transactions on Visualization and Computer Graphics
IDS alert visualization and monitoring through heuristic host selection
ICICS'10 Proceedings of the 12th international conference on Information and communications security
A Survey of Visualization Systems for Network Security
IEEE Transactions on Visualization and Computer Graphics
Visualizing PHPIDS log files for better understanding of web server attacks
Proceedings of the Tenth Workshop on Visualization for Cyber Security
Hi-index | 0.00 |
Network security depends heavily on automated Intrusion Detection Systems (IDS) to sense malicious activities. Unfortunately, IDS often generates both too much raw information and a large number of false positive alerts. Information visualization research has been performed to help users discover and analyze information through visual exploration efficiently. Even with the aid of visualization, identifying the attack patterns and recognizing the false positives from a great number of alerts are still challenges. In this paper, we present a novel visualization framework for IDS alerts that can monitor the network and perceive the overall view of the security situation using radial graph in real-time. The framework utilizes five categories of entropy functions to quantitatively analyze the irregular behavioral patterns, and synthesizes interactions, filtering and drill-down to detect the potential intrusions. In conclusion, we describe how this framework was used to analyze the mini-challenges of the 2011 and 2012 VAST challenge.