STARMINE: a visualization system for cyber attacks

Authors:
Yusuke Hideshima;Hideki Koike
Affiliations:
Graduate School of Information System, The University of Electro-Communications, Chofu, Tokyo, Japan;Graduate School of Information System, The University of Electro-Communications, Chofu, Tokyo, Japan
Venue:
APVis '06 Proceedings of the 2006 Asia-Pacific Symposium on Information Visualisation - Volume 60
Year:
2006

Citing 5
Cited 4

The STARLIGHT information visualization system

IV '97 Proceedings of the IEEE Conference on Information Visualisation
SnortView: visualization system of snort logs

Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Snort - Lightweight Intrusion Detection for Networks

LISA '99 Proceedings of the 13th USENIX conference on System administration
3D Information Visualization for Time Dependent Data on Maps

IV '05 Proceedings of the Ninth International Conference on Information Visualisation
IPMatrix: An Effective Visualization Framework for Cyber Threat Monitoring

IV '05 Proceedings of the Ninth International Conference on Information Visualisation

Visualizations to improve reactivity towards security incidents inside corporate networks

Proceedings of the 3rd international workshop on Visualization for computer security
Domain Specific Intended Use Evaluation Method: Intrusion Detection Specific Intended Use Evaluation Method

ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
EMBER: a global perspective on extreme malicious behavior

Proceedings of the Seventh International Symposium on Visualization for Cyber Security
SPTrack: visual analysis of information flows within SELinux policies and attack logs

AMT'12 Proceedings of the 8th international conference on Active Media Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

In cyber attack monitoring systems, various types of visualizations, such as geographical visualization, temporal visualization, logical visualization, are being used. Each visualization has its own advantages and disadvantages. Since it is important to analyze the information from different viewpoints and to make a right decision in practical cyber attack monitoring, these visualization should be highly integrated.This paper describes a visualization system for cyber threat monitoring named STARMINE, which integrates three different views, that is geographical, temporal, and logical views, of the cyber threat in 3-D space. Since three views are seen simultaneously and are synchronized, it is helpful for administrators to analyze the threats much more easily. As an example, the propagation of Sasser.D worm were shown.