Attacking information visualization system usability overloading and deceiving the human
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
IDS RainStorm: Visualizing IDS Alarms
VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
Countering Security Information Overload through Alert and Packet Visualization
IEEE Computer Graphics and Applications
Alerts visualization and clustering in network-based intrusion detection
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Multistage attack detection system for network administrators using data mining
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Hi-index | 0.00 |
We developed a tool to help network administrators deal with the large amount of alarms generated from network security appliances. It efficiently uses screen space representing a high number of IP addresses along with time sequence so that general alarm activity for a network can be visualized along with details, if desired. The tool was useful but encountered problems when there was a significant increase in the amount of alarms. The issues that resulted are addressed in this paper along with methods to ease them.