The visual display of quantitative information
The visual display of quantitative information
Envisioning information
Seesoft-A Tool for Visualizing Line Oriented Software Statistics
IEEE Transactions on Software Engineering - Special issue on software measurement principles, techniques, and environments
Visual explanations: images and quantities, evidence and narrative
Visual explanations: images and quantities, evidence and narrative
Computer Intrusion Detection and Network Monitoring: A Statistical Viewpoint
Computer Intrusion Detection and Network Monitoring: A Statistical Viewpoint
Case study: interactive visualization for internet security
Proceedings of the conference on Visualization '02
HAPTICS '02 Proceedings of the 10th Symposium on Haptic Interfaces for Virtual Environment and Teleoperator Systems
INFOVIS '97 Proceedings of the 1997 IEEE Symposium on Information Visualization (InfoVis '97)
Parallel Coordinates: Visual Multidimensional Geometry and Its Applications
Parallel Coordinates: Visual Multidimensional Geometry and Its Applications
A Visual Exploration Process for the Analysis of Internet Routing Data
Proceedings of the 14th IEEE Visualization 2003 (VIS'03)
Attacking information visualization system usability overloading and deceiving the human
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Proceedings of the 3rd international workshop on Visualization for computer security
Flowtag: a collaborative attack-analysis, reporting, and sharing tool for security researchers
Proceedings of the 3rd international workshop on Visualization for computer security
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
A scalable aural-visual environment for security event monitoring, analysis, and response
ISVC'07 Proceedings of the 3rd international conference on Advances in visual computing - Volume Part I
A visualization framework for traffic data exploration and scan detection
NTMS'09 Proceedings of the 3rd international conference on New technologies, mobility and security
Journal of Visual Languages and Computing
Picviz: finding a needle in a haystack
WASL'08 Proceedings of the First USENIX conference on Analysis of system logs
A survey of security visualization for computer network logs
Security and Communication Networks
idMAS-SQL: Intrusion Detection Based on MAS to Detect and Block SQL injection through data mining
Information Sciences: an International Journal
A systematic approach for detecting and clustering distributed cyber scanning
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
This paper examines the dramatic visual fingerprints left by a wide variety of popular network attack tools in order to better understand the specific methodologies used by attackers as well as the identifiable characteristics of the tools themselves. The techniques used are entirely passive in nature and virtually undetectable by the attackers. While much work has been done on active and passive operating systems detection, little has been done on fingerprinting the specific tools used by attackers. This research explores the application of several visualization techniques and their usefulness toward identification of attack tools, without the typical automated intrusion detection system's signatures and statistical anomalies. These visualizations were tested using a wide range of popular network security tools and the results show that in many cases, the specific tool can be identified and provides intuition that many classes of zero-day attacks can be rapidly detected and analyzed using similar techniques.