Information Technology Reference
In-Depth Information
similar to the works of Erbacher et al. [3] and Livnat et al [4]. However, the works of
Erbacher et al. and Livnat et al. are more about the current security status and do not
provide the capability to view a whole attacking process as ours. The second way to
extend this work is to integrate other information, such as alert type, severity, HTTP
response code, etc. directly into the visualization space (currently they are displayed
on demand via user interactions, i.e. mouse clicking). Doing so can save some analy-
sis time of administrators and may offer more perspectives to them. The third way to
extend this work is to use animation to replay attack scenarios (with appropriate time
scaling methods to reduce/increase watching time). We believe using animation in
this tool can provide more detailed information about attack scenarios. And last but
not least, in our opinion, animation is more fun for administrators to work with.
Acknowledgement.
This research is funded by Vietnam National University HoChiMinh City
(VNU-HCM) under grant number C2013-20-08.
References
1.
Roesch, M.: Snort-Lightweight Intrusion Detection For Networks. In: 13th USENIX
Conference on System Administration, pp. 229-238. USENIX Association (1999)
2.
Paxson, V.: Bro: a System for Detecting Network Intruders in Real-time. Computer
Networks
31
, 2435-2463 (1999)
3.
Erbacher, R.F., Walker, K.L., Frincke, D.A.: Intrusion and Misuse Detection in Large-
Scale Systems. IEEE Computer Graphics and Applications
22
(1), 38-47 (2002)
4.
Livnat, Y., Agutter, J., Moon, S., Erbacher, R.F., Foresti, S.: A Visualization Paradigm
for Network Intrusion Detection. In: 6th Annual IEEE SMC Information Assurance Work-
shop, pp. 92-99. IEEE, West Point (2005)
5.
Dang, T.T., Dang, T.K.: Visualization of Web Form Submissions for Security Analysis.
International Journal of Web Information Systems Information
9
(2), 165-180 (2013)
6.
Dang, T.T., Dang, T.K.: A Visual Model for Web Applications Security Monitoring.
In: 2011 IEEE International Conference on Information Security and Intelligence Control,
pp. 158-162. IEEE (2011)
7.
Debar, H., Wespi, A.: Aggregation and Correlation of Intrusion-Detection Alerts. In:
Lee, W., Mé, L., Wespi, A. (eds.) RAID 2001. LNCS, vol. 2212, pp. 85-103. Springer,
Heidelberg (2001)
8.
Ning, P., Cui, Y., Reeves, D.S.: Constructing Attack Scenarios Through Correlation of
Intrusion Alerts. In: 9th ACM Conference on Computer and Communications Security,
pp. 245-254. ACM, New York (2002)
9.
Lee, J., Podlaseck, M., Schonberg, E., Hoch, R.: Visualization and Analysis of Clickstream
Data of Online Stores for Understanding Web Merchandising. Data Mining and
Knowledge Discovery
5
, 59-84 (2001)
10.
Kawamoto, M., Itoh, T.: A Visualization Technique for Access Patterns and Link
Structures of Web Sites. In: 14th International Conference Information Visualization,
pp. 11-16. IEEE Computer Society, Washington (2010)
11.
Google Analytics. http://www.google.com/analytics/
12.
Webtrends. http://webtrends.com/
Search WWH ::
Custom Search