Designing visualization capabilities for IDS challenges

Author

Erbacher, Robert F. ; Christensen, Kim ; Sundberg, Amanda

Author_Institution

Dept. of CS, Utah State Univ., Logan, UT, USA

fYear

2005

fDate

26 Oct. 2005

Firstpage

121

Lastpage

127

Abstract

This paper describes our work to develop an environment and novel visualization techniques for the visual representation, exploration, and analysis of network traffic data to ease the identification and analysis of sophisticated attacks above and beyond the ability for traditional network firewalls to detect and block. The visualization techniques are geared towards aiding analysts in filtering unwanted or unneeded data in favor of data deemed more critical and more representative of the sophisticated attacks the analysts must focus their attention on. The environment provides the needed capabilities for analyzing traditional network traffic data without additional filtering, i.e., the environment itself provides the needed capabilities.

Keywords

data visualisation; security of data; telecommunication security; graphical user interfaces; intrusion detection systems; network traffic data; visual analysis; visual exploration; visual representation; visualization capability; Access protocols; Chromium; Computer interfaces; Data analysis; Data visualization; Filtering; Intrusion detection; Scalability; Software safety; Telecommunication traffic;

fLanguage

English

Publisher

ieee

Conference_Titel

Visualization for Computer Security, 2005. (VizSEC 05). IEEE Workshop on

Print_ISBN

0-7803-9477-1

Type

conf

DOI

10.1109/VIZSEC.2005.1532074

Filename

1532074