Closing-the-loop: Discovery and search in security visualizations

Kiran Lakkaraju, Ratna Bearavolu, Adam J Slagell, William Yurcik

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The tasks of security engineers include detecting attacks and responding to them. In order to accomplish this, a security engineer must be able to decide what behavior indicates an attack and then search for this behavior. Current security visualization tools provide rich and concise visualizations of network data that allow security engineers to determine the nature of attacks on the network. However, current security visualizations lack the ability for security engineers to search for these behaviors in the network logs. The process of finding interesting patterns in the data is called discovery, and finding instances of these patterns is called searching. Security engineers must do both discovery and search, but current security visualization tools only help in discovery. In this paper, we describe the modifications we have made to our security visualization tool, NVisionIP, that allow security engineers to not only discover patterns in the data, but also to search for those patterns in other data.

Original languageEnglish (US)
Title of host publicationProceedings from the Sixth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC 2005
Pages58-63
Number of pages6
DOIs
StatePublished - Dec 1 2005
Event6th Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC 2005 - West Point, NY, United States
Duration: Jun 15 2005Jun 17 2005

Publication series

NameProceedings from the 6th Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC 2005
Volume2005

Other

Other6th Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC 2005
CountryUnited States
CityWest Point, NY
Period6/15/056/17/05

ASJC Scopus subject areas

  • Engineering(all)

Fingerprint Dive into the research topics of 'Closing-the-loop: Discovery and search in security visualizations'. Together they form a unique fingerprint.

  • Cite this

    Lakkaraju, K., Bearavolu, R., Slagell, A. J., & Yurcik, W. (2005). Closing-the-loop: Discovery and search in security visualizations. In Proceedings from the Sixth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC 2005 (pp. 58-63). [1495934] (Proceedings from the 6th Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC 2005; Vol. 2005). https://doi.org/10.1109/IAW.2005.1495934