Title :
Visualising Communication Network Security Attacks
Author :
Musa, Shahrulniza ; Parish, David J.
Author_Institution :
Loughborough Univ., Loughborough
Abstract :
The task of exploring and analysing large quantities of communication network security data is difficult. Visualisation of the data should help the analyses and make data exploration faster and easier. This paper describes prototype software that visualises the alerts effectively and provides a simple presentation. The needs analysis of this prototype is based on the suggested needs of network security analyst´s tasks as seen in the literature. The prototype software incorporates various projections of the alert data in 3-dimensional displays. Filtering, drill-down and playback of alerts at variable speed are incorporated to strengthen the analysis. We integrate a false alert classifier using classification tree algorithm to classify alerts into false and true alerts. Real-time visual observation is also included. We describe some example analyses to prove the usefulness of our prototype.
Keywords :
data visualisation; filtering theory; pattern classification; telecommunication networks; telecommunication security; trees (mathematics); 3D displays; alert drill-down; alert filtering; alert playback; classification tree algorithm; communication network security attack; data visualization; false alert classifier; Classification algorithms; Classification tree analysis; Communication networks; Data analysis; Data security; Data visualization; Displays; Filtering; Prototypes; Software prototyping;
Conference_Titel :
Information Visualization, 2007. IV '07. 11th International Conference
Conference_Location :
Zurich
Print_ISBN :
0-7695-2900-3
DOI :
10.1109/IV.2007.149
