KOPS - Das Institutionelle Repositorium der Universität Konstanz

Visual support for analyzing network traffic and intrusion detection events using TreeMap and Graph representations

Visual support for analyzing network traffic and intrusion detection events using TreeMap and Graph representations

Zitieren

Dateien zu dieser Ressource

Prüfsumme: MD5:e0673659848c6afd9a40d9d315a813c9

MANSMANN, Florian, Fabian FISCHER, Daniel KEIM, Stephen C. NORTH, 2009. Visual support for analyzing network traffic and intrusion detection events using TreeMap and Graph representations. the Symposium. Baltimore, Maryland, 7. Nov 2009 - 8. Nov 2009. In: Proceedings of the Symposium on Computer Human Interaction for the Management of Information Technology - CHiMiT '09. the Symposium. Baltimore, Maryland, 7. Nov 2009 - 8. Nov 2009. New York, New York, USA:ACM Press, pp. 19-28. ISBN 978-1-60558-572-7. Available under: doi: 10.1145/1641587.1641590

@inproceedings{Mansmann2009Visua-14805, title={Visual support for analyzing network traffic and intrusion detection events using TreeMap and Graph representations}, year={2009}, doi={10.1145/1641587.1641590}, isbn={978-1-60558-572-7}, address={New York, New York, USA}, publisher={ACM Press}, booktitle={Proceedings of the Symposium on Computer Human Interaction for the Management of Information Technology - CHiMiT '09}, pages={19--28}, author={Mansmann, Florian and Fischer, Fabian and Keim, Daniel and North, Stephen C.} }

<rdf:RDF xmlns:dcterms="http://purl.org/dc/terms/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:bibo="http://purl.org/ontology/bibo/" xmlns:dspace="http://digital-repositories.org/ontologies/dspace/0.1.0#" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:void="http://rdfs.org/ns/void#" xmlns:xsd="http://www.w3.org/2001/XMLSchema#" > <rdf:Description rdf:about="https://kops.uni-konstanz.de/rdf/resource/123456789/14805"> <dc:creator>Fischer, Fabian</dc:creator> <dcterms:rights rdf:resource="http://nbn-resolving.org/urn:nbn:de:bsz:352-20140905103605204-4002607-1"/> <dcterms:abstract xml:lang="eng">Network security depends heavily on automated Intrusion Detection Systems (IDS) to sense malicious activity. Unfortunately, IDS often deliver both too much raw information, and an incomplete local picture, impeding accurate assessment of emerging threats. We propose a system to support analysis of IDS logs, that visually pivots large sets of Net-Flows. In particular, two visual representations of the flow data are compared: a TreeMap visualization of local network hosts, which are linked through hierarchical edge bundles with the external hosts, and a graph representation using a force-directed layout to visualize the structure of the host communication patterns. Three case studies demonstrate the capabilities of our tool to 1) analyze service usage in a managed network, 2) detect a distributed attack, and 3) investigate hosts in our network that communicate with suspect external IPs.</dcterms:abstract> <dc:creator>North, Stephen C.</dc:creator> <dcterms:issued>2009</dcterms:issued> <dcterms:hasPart rdf:resource="https://kops.uni-konstanz.de/bitstream/123456789/14805/1/mansmann_visual_support.pdf"/> <dc:language>eng</dc:language> <bibo:uri rdf:resource="http://kops.uni-konstanz.de/handle/123456789/14805"/> <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/rdf/resource/123456789/36"/> <dc:contributor>Mansmann, Florian</dc:contributor> <dc:contributor>Fischer, Fabian</dc:contributor> <dc:creator>Keim, Daniel</dc:creator> <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/rdf/resource/123456789/36"/> <dc:rights>deposit-license</dc:rights> <dcterms:title>Visual support for analyzing network traffic and intrusion detection events using TreeMap and Graph representations</dcterms:title> <dcterms:available rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2011-12-07T08:12:30Z</dcterms:available> <dc:contributor>Keim, Daniel</dc:contributor> <void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/> <dc:creator>Mansmann, Florian</dc:creator> <dspace:hasBitstream rdf:resource="https://kops.uni-konstanz.de/bitstream/123456789/14805/1/mansmann_visual_support.pdf"/> <dc:date rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2011-12-07T08:12:30Z</dc:date> <dcterms:bibliographicCitation>First publ. in: ACM Symposium on Computer-Human Interaction for Management of Information Technology 2009, (CHIMIT 09) : Baltimore, Maryland, USA, 7 - 8 November 2009 / [by the Association for Computing Machinery, ACM. Conference chairs: Eben Haber (...). - Red Hook, NY : Curran, 2010. - pp. 19-28. - ISBN 978-1-617-38128-7</dcterms:bibliographicCitation> <foaf:homepage rdf:resource="http://localhost:8080/jspui"/> <dc:contributor>North, Stephen C.</dc:contributor> </rdf:Description> </rdf:RDF>

Dateiabrufe seit 01.10.2014 (Informationen über die Zugriffsstatistik)

mansmann_visual_support.pdf 361

Das Dokument erscheint in:

KOPS Suche


Stöbern

Mein Benutzerkonto