Visualization of Host Behavior for Network Security
- Startseite
- →
- Informatik und Informationswissenschaft
- →
- Informatik und Informationswissenschaft
- →
- Dokumentanzeige
| Publikationstyp: | Beitrag zu einer Konferenz |
| URI (zitierfähiger Link): | http://nbn-resolving.de/urn:nbn:de:bsz:352-opus-68478 |
| Autor/innen: | Mansmann, Florian; Meier, Lorenz; Keim, Daniel A. |
| Erscheinungsjahr: | 2008 |
| Erschienen in: | VizSEC 2007 / Goodall, John R.; Conti, Gregory; Ma, Kwan-Liu (Hrsg.). - Berlin, Heidelberg : Springer Berlin Heidelberg, 2008. - (Mathematics and Visualization). - S. 187-202. - ISBN 978-3-540-78242-1 |
| DOI (zitierfähiger Link): | https://dx.doi.org/10.1007/978-3-540-78243-8_13 |
| Zusammenfassung: |
Monitoring host behavior in a network is one of the most essential tasks in the fields of network monitoring and security since more and more malicious code in the wild internet constantly threatens the network infrastructure. In this paper, we present a visual analytics tool that visualizes network host behavior through positional changes in a two dimensional space using a force-directed graph layout algorithm. The tool s interaction capabilities allow for visual exploration of network traffic over time and are demonstrated using netflow data as well as IDS alerts. Automatic accentuation of hosts with highly variable traffic results in fast hypothesis generation and confirmation of suspicious host behavior. By triggering the behavior graph from the HNMap tool, we were able to monitor more abstract network entities.
|
| Fachgebiet (DDC): | 004 Informatik |
| Link zur Lizenz: | Nutzungsbedingungen |
| Universitätsbibliographie: | Ja |
Zitieren
Dateien zu dieser Ressource
![[PDF]](/themes/Kops/images/mimes/pdf.png "PDF file"){kind=small}
MANSMANN, Florian, Lorenz MEIER, Daniel A. KEIM, 2008. Visualization of Host Behavior for Network Security. In: GOODALL, John R., ed., Gregory CONTI, ed., Kwan-Liu MA, ed.. VizSEC 2007. Berlin, Heidelberg:Springer Berlin Heidelberg, pp. 187-202. ISBN 978-3-540-78242-1. Available under: doi: 10.1007/978-3-540-78243-8_13
@inproceedings{Mansmann2008Visua-5632, title={Visualization of Host Behavior for Network Security}, year={2008}, doi={10.1007/978-3-540-78243-8_13}, isbn={978-3-540-78242-1}, address={Berlin, Heidelberg}, publisher={Springer Berlin Heidelberg}, series={Mathematics and Visualization}, booktitle={VizSEC 2007}, pages={187--202}, editor={Goodall, John R. and Conti, Gregory and Ma, Kwan-Liu}, author={Mansmann, Florian and Meier, Lorenz and Keim, Daniel A.} }
<rdf:RDF xmlns:dcterms="http://purl.org/dc/terms/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:bibo="http://purl.org/ontology/bibo/" xmlns:dspace="http://digital-repositories.org/ontologies/dspace/0.1.0#" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:void="http://rdfs.org/ns/void#" xmlns:xsd="http://www.w3.org/2001/XMLSchema#" > <rdf:Description rdf:about="https://kops.uni-konstanz.de/rdf/resource/123456789/5632"> <dspace:hasBitstream rdf:resource="https://kops.uni-konstanz.de/bitstream/123456789/5632/1/Visualization_of_Host_Behavior_for_Network_Security.pdf"/> <dcterms:hasPart rdf:resource="https://kops.uni-konstanz.de/bitstream/123456789/5632/1/Visualization_of_Host_Behavior_for_Network_Security.pdf"/> <dcterms:abstract xml:lang="eng">Monitoring host behavior in a network is one of the most essential tasks in the fields of network monitoring and security since more and more malicious code in the wild internet constantly threatens the network infrastructure. In this paper, we present a visual analytics tool that visualizes network host behavior through positional changes in a two dimensional space using a force-directed graph layout algorithm. The tool s interaction capabilities allow for visual exploration of network traffic over time and are demonstrated using netflow data as well as IDS alerts. Automatic accentuation of hosts with highly variable traffic results in fast hypothesis generation and confirmation of suspicious host behavior. By triggering the behavior graph from the HNMap tool, we were able to monitor more abstract network entities.</dcterms:abstract> <dc:contributor>Keim, Daniel A.</dc:contributor> <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/rdf/resource/123456789/36"/> <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/rdf/resource/123456789/36"/> <dc:creator>Meier, Lorenz</dc:creator> <dc:creator>Mansmann, Florian</dc:creator> <void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/> <foaf:homepage rdf:resource="http://localhost:8080/jspui"/> <dc:contributor>Meier, Lorenz</dc:contributor> <dc:format>application/pdf</dc:format> <bibo:uri rdf:resource="http://kops.uni-konstanz.de/handle/123456789/5632"/> <dc:contributor>Mansmann, Florian</dc:contributor> <dcterms:issued>2008</dcterms:issued> <dcterms:bibliographicCitation>First publ. in: VizSEC 2007: proceedings of the Workshop on Visualization for Computer Security / John R. Goodall... (eds.). Berlin : Springer, 2008, pp. 187-202</dcterms:bibliographicCitation> <dcterms:rights rdf:resource="https://creativecommons.org/licenses/by-nc-nd/2.0/legalcode"/> <dcterms:title>Visualization of Host Behavior for Network Security</dcterms:title> <dc:language>eng</dc:language> <dc:date rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2011-03-24T15:57:20Z</dc:date> <dcterms:available rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2011-03-24T15:57:20Z</dcterms:available> <dc:rights>terms-of-use</dc:rights> <dc:creator>Keim, Daniel A.</dc:creator> </rdf:Description> </rdf:RDF>
Dateiabrufe seit 01.10.2014 (Informationen über die Zugriffsstatistik)
| Visualization_of_Host_Behavior_for_Network_Security.pdf | 504 |
Das Dokument erscheint in:
Solange nicht anders angezeigt, wird die Lizenz wie folgt beschrieben: terms-of-use
KOPS Suche
Stöbern
Mein Benutzerkonto
