Guest Editor's Introduction: Visualization for Cybersecurity
IEEE Computer Graphics and Applications
Cyber security through visualization
APVis '06 Proceedings of the 2006 Asia-Pacific Symposium on Information Visualisation - Volume 60
Interactive Exploration of Data Traffic with Hierarchical Network Maps
IEEE Transactions on Visualization and Computer Graphics
An intelligent, interactive tool for exploration and visualization of time-oriented security data
Proceedings of the 3rd international workshop on Visualization for computer security
Visualization assisted detection of sybil attacks in wireless networks
Proceedings of the 3rd international workshop on Visualization for computer security
CluVis: dual-domain visual exploration of cluster/network metadata
ACM-SE 45 Proceedings of the 45th annual southeast regional conference
Machine Learning to Boost the Next Generation of Visualization Technology
IEEE Computer Graphics and Applications
Interactive wormhole detection and evaluation
Information Visualization
Graph Drawing for Security Visualization
Graph Drawing
Journal of Visual Languages and Computing
Characterizing Intelligence Gathering and Control on an Edge Network
ACM Transactions on Internet Technology (TOIT)
Envisioning grid vulnerabilities: multi-dimensional visualization for electrical grid planning
Proceedings of the International Working Conference on Advanced Visual Interfaces
A survey of security visualization for computer network logs
Security and Communication Networks
Visualizing graph features for fast port scan detection
Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop
| Hi-index | 0.00 |
Many methods have been developed for monitoring network traffic, both using visualization and statistics. Most of these methods focus on the detection of suspicious or malicious activities. But what they often fail to do refine and exercise measures that contribute to the characterization of such activities and their sources, once they are detected. In particular, many tools exist that detect network scans or visualize them at a high level, but not very many tools exist that are capable of categorizing and analyzing network scans. This paper presents a means of facilitating the process of characterization by using visualization and statistics techniques to analyze the patterns found in the timing of network scans through a method of continuous improvement in measures that serve to separate the components of interest in the characterization so the user can control separately for the effects of attack tool employed, performance characteristics of the attack platform, and the effects of network routing in the arrival patterns of hostile probes. The end result is a system that allows large numbers of network scans to be rapidly compared and subsequently identified.