Title :
Intrusion behavior detection through visualization
Author :
Erbacher, Robert F.
Author_Institution :
Dept. of Comput. Sci., Albany Univ., NY, USA
Abstract :
As computer and network intrusions become more and more of a concern, the need for better capabilities to assist in the detection and analysis of intrusions also increases. We propose a methodology for analyzing network and computer log information visually based on the analysis of user behavior. Each user´s behavior is the key to determining their intent and overriding goals, whether they attempt to hide their actions or not. Proficient hackers will attempt to hide their ultimate goal, which hinders the reliability of log file analysis. Visually analyzing the user´s behavior, however, is much more adaptable and difficult to counteract. This paper will discuss how user behavior can be exhibited within the visualization techniques, the capabilities provided by the environment, typical characteristics users should look out for (i.e., how unusual behavior exhibits itself), and exploration paradigms effective for identifying the meaning behind the user´s behavior.
Keywords :
computer crime; data visualisation; reliability; user interfaces; computer intrusions; computer log information; hackers; intrusion behavior detection; log file analysis; network intrusions; network log information; reliability; user behavior analysis; visualization techniques; Computer hacking; Computer network reliability; Computer networks; Computer science; Computer security; Forensics; Information analysis; Intrusion detection; Pattern matching; Visualization;
Conference_Titel :
Systems, Man and Cybernetics, 2003. IEEE International Conference on
Print_ISBN :
0-7803-7952-7
DOI :
10.1109/ICSMC.2003.1244260
