VizSEC 2007 (eBook)
XV, 273 Seiten
Springer Berlin (Verlag)
978-3-540-78243-8 (ISBN)
Networked computers are ubiquitous, and are subject to attack, misuse, and abuse. One method to counteracting this cyber threat is to provide security analysts with better tools to discover patterns, detect anomalies, identify correlations, and communicate their findings. Visualization for computer security (VizSec) researchers and developers are doing just that. VizSec is about putting robust information visualization tools into the hands of human analysts to take advantage of the power of the human perceptual and cognitive processes in solving computer security problems. This volume collects the papers presented at the 4th International Workshop on Computer Security - VizSec 2007.
Preface 5
Acknowledgements 7
Contents 9
Introduction to Visualization for Computer Security 16
1 Computer Security 16
2 Information Visualization 18
3 Visualization for Computer Network Defense 20
4 Papers in This Volume 26
5 Conclusion 30
References 31
The Real Work of Computer Network Defense Analysts 34
1 Introduction 34
2 Related Work 35
3 Methods 37
4 Findings 38
5 Implications for Visualization 48
References 51
Adapting Personas for Use in Security Visualization Design 54
1 Introduction 54
2 Overview of the Personas Method and Related Work 55
3 Case Study: First Look 58
4 Application to Security Visualizations 64
5 Conclusion 66
References 66
Measuring the Complexity of Computer Security Visualization Designs 68
1 Introduction 68
2 Related Work 69
3 Technical Approach 70
4 Future Work 80
5 Conclusion 80
References 81
Integrated Environment Management for Information Operations Testbeds 82
1 Introduction 82
2 Related Work 83
3 Technical Approach 85
4 Future Work 95
5 Conclusions 96
References 97
Visual Analysis of Network Flow Data with Timelines and Event Plots 100
1 Introduction 100
2 Network Flow Data 101
3 The Investigation Process 102
4 FlowMaps 103
5 Progressive Multiples of Timelines and Event Plots 104
6 A Case of Mysterious IRC Traf.c 105
7 Related Work 111
8 Future Work and Conclusions 113
References 113
NetBytes Viewer: An Entity-Based NetFlow Visualization Utility for Identifying Intrusive Behavior 116
1 Introduction 116
2 Related Work 117
3 Technical Approach 120
4 Future Work 128
5 Conclusions 129
References 129
Visual Analysis of Corporate Network Intelligence: Abstracting and Reasoning on Yesterdays for Acting Today 130
1 Introduction 130
2 Background 132
3 On the Need to Support Visual Analysis 133
4 User and Application Centric Views of the Corporate Network 137
5 Alarm/Event Centric Views 141
6 Limitations and Challenges 143
7 Conclusion 144
References 144
Visualizing Network Security Events Using Compound Glyphs from a Service- Oriented Perspective 146
1 Introduction 146
2 Related Work 148
3 Technical Approach 149
4 Future Work 159
5 Conclusions 160
References 160
High Level Internet Scale Trafic Visualization Using Hilbert Curve Mapping 162
1 Introduction 162
2 Related Work 163
3 Technical Approach 165
4 Results 166
5 Future Work 171
6 Conclusions 172
References 173
VisAlert: From Idea to Product 174
1 Introduction 174
2 Related Work 176
3 Technical Approach 178
4 Future Work 186
5 Conclusions 187
References 189
Visually Understanding Jam Resistant Communication 190
1 Introduction 190
2 Related Work 191
3 Technical Approach 194
4 Future Work 199
5 Conclusions 200
References 201
Visualization of Host Behavior for Network Security 202
1 Introduction 202
2 Related Work 204
3 Technical Approach 206
4 Future Work 215
5 Conclusions 215
References 216
Putting Security in Context: Visual Correlation of Network Activity with Real- World Information 218
1 Introduction 218
2 Related Work 219
3 Technical Approach 221
4 Future Work 232
5 Conclusions 233
References 234
An Interactive Attack Graph Cascade and Reachability Display 236
1 Introduction 236
2 Related Work 237
3 Technical Approach 239
4 Future Work 247
5 Conclusions 249
References 250
Intelligent Classification and Visualization of Network Scans 252
1 Introduction 252
2 Related Work 254
3 Technical Approach 255
4 Future Work 265
5 Conclusions 266
References 267
Using InetVis to Evaluate Snort and Bro Scan Detection on a Network Telescope 270
1 Introduction 270
2 Related Work 272
3 InetVis Network Trafic Visualisation 274
4 Investigative Methodology 276
5 Results and Analysis 279
6 Future Work 285
7 Conclusion 286
References 286
| Erscheint lt. Verlag | 27.5.2008 |
|---|---|
| Reihe/Serie | Mathematics and Visualization | Mathematics and Visualization |
| Zusatzinfo | XV, 273 p. |
| Verlagsort | Berlin |
| Sprache | englisch |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| Mathematik / Informatik ► Mathematik | |
| Recht / Steuern ► Allgemeines / Lexika | |
| Technik | |
| Schlagworte | classification • Communication • Complexity • Computer Networks • cyber security • Information • Information and Communication, Circuits • Information Security • Information Visualization • Internet • Visualization • vizsec |
| ISBN-10 | 3-540-78243-5 / 3540782435 |
| ISBN-13 | 978-3-540-78243-8 / 9783540782438 |
| Haben Sie eine Frage zum Produkt? |
PDF (Wasserzeichen)Größe: 6,9 MB
DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasserzeichen und ist damit für Sie personalisiert. Bei einer missbräuchlichen Weitergabe des eBooks an Dritte ist eine Rückverfolgung an die Quelle möglich.
Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.
Zusätzliches Feature: Online Lesen
Dieses eBook können Sie zusätzlich zum Download auch online im Webbrowser lesen.
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
